Aller au contenu

harib034

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    8

  • Inscription

  • Dernière visite

harib034's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. harib034
    Le seul problème maintenant c'est que je n'arrive plus à me connecter au wifi de mon école qui fonctionne avec un système d'authentification, apparemment il y a un problème au niveau des DNS, ce que me faisait le virus chez moi aussi avant... Mais bon je suis déjà content de pouvoir me connecter chez moi hein Voilà le rapport : Logfile of random's system information tool 1.05 (written by random/random) Run by jean at 2009-03-20 10:35:02 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 92 GB (63%) free of 145 GB Total RAM: 2038 MB (49% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:35, on 2009-03-20 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Tall Emu\Online Armor\oasrv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Sony\Network Utility\NSUService.exe C:\Program Files\Tall Emu\Online Armor\oacat.exe C:\Windows\system32\svchost.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\PCCloneEX\PCCloneEX.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Tall Emu\Online Armor\oaui.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Tall Emu\Online Armor\oahlp.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\taskeng.exe C:\Windows\system32\conime.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\jean\Desktop\Downloads\RSIT.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Trend Micro\HijackThis\jean.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PCCloneEX] C:\Program Files\PCCloneEX\PCCloneEX.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O13 - Gopher Prefix: O15 - Trusted Zone: euromed.cyberlibris.com O15 - Trusted Zone: site.ebrary.com O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/lib/cla10/support/p...s/ebraryRdr.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.8522 (GoogleDesktopManager-090808-172447) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11546 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-10 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-10 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-10 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0BF43445-2F28-4351-9252-17FE6E806AA0} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-10 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvSvc"=C:\Windows\system32\nvsvc.dll [2008-02-12 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-02-12 8497696] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-02-12 81920] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-05 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-05 154136] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-05 137752] "Apoint"=C:\Program Files\Apoint\Apoint.exe [2008-02-23 122880] "ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-11-21 311296] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-29 30192] "SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-09-27 1783808] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "PCCloneEX"=C:\Program Files\PCCloneEX\PCCloneEX.EXE [2008-12-12 5259776] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600] "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "MarketingTools"=C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2008-04-19 36864] "@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2008-12-13 6223048] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-07-16 262144] "ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-03-29 222128] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-10 39408] C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-02-05 200704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon] C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2008-12-13 886984] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "EnableShellExecuteHooks"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de561a-953e-11dd-8cf6-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de5631-953e-11dd-8cf6-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620bc-955e-11dd-84db-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620be-955e-11dd-84db-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6d8a0c2-832c-11dd-8e3a-001a80f97ce0}] shell\AutoRun\command - H:\LaunchU3.exe ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2009-03-18 08:59:12 ----D---- C:\Windows\Minidump 2009-03-18 07:38:47 ----A---- C:\Windows\PSEXESVC.EXE 2009-03-18 07:38:43 ----D---- C:\Windows\temp 2009-03-18 07:32:40 ----D---- C:\ComboFix 2009-03-18 07:32:39 ----A---- C:\Windows\system32\CF2846.exe 2009-03-18 07:32:38 ----A---- C:\Windows\system32\swsc.exe 2009-03-17 21:38:45 ----D---- C:\Users\jean\AppData\Roaming\OnlineArmor 2009-03-17 21:38:45 ----D---- C:\ProgramData\OnlineArmor 2009-03-17 21:36:03 ----D---- C:\Program Files\Tall Emu 2009-03-17 20:06:54 ----D---- C:\rsit 2009-03-17 19:41:28 ----D---- C:\Program Files\Trend Micro 2009-03-17 19:34:18 ----A---- C:\fixnavi.txt 2009-03-17 19:33:13 ----D---- C:\Program Files\Navilog1 2009-03-17 17:28:07 ----D---- C:\Users\jean\AppData\Roaming\Malwarebytes 2009-03-17 17:27:58 ----D---- C:\ProgramData\Malwarebytes 2009-03-17 17:27:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-03-17 17:13:26 ----A---- C:\Windows\zip.exe 2009-03-17 17:13:26 ----A---- C:\Windows\VFIND.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWXCACLS.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWSC.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWREG.exe 2009-03-17 17:13:26 ----A---- C:\Windows\sed.exe 2009-03-17 17:13:26 ----A---- C:\Windows\NIRCMD.exe 2009-03-17 17:13:26 ----A---- C:\Windows\grep.exe 2009-03-17 17:13:26 ----A---- C:\Windows\fdsv.exe 2009-03-17 17:13:13 ----D---- C:\Windows\ERDNT 2009-03-17 17:12:35 ----AD---- C:\Qoobox 2009-03-17 09:39:32 ----D---- C:\ProgramData\Avira 2009-03-17 09:39:32 ----D---- C:\Program Files\Avira 2009-03-16 22:21:13 ----A---- C:\Users\jean\AppData\Roaming\SetValue.bat 2009-03-16 22:21:13 ----A---- C:\Users\jean\AppData\Roaming\GetValue.vbs 2009-03-16 21:55:20 ----A---- C:\Windows\system32\tmp.txt 2009-03-16 21:55:10 ----A---- C:\rapport.txt 2009-03-16 20:17:45 ----D---- C:\RECYCLER 2009-03-16 15:10:54 ----D---- C:\Users\jean\AppData\Roaming\OpenOffice.org 2009-03-16 12:51:10 ----D---- C:\Program Files\JRE 2009-03-16 12:51:01 ----D---- C:\Program Files\OpenOffice.org 3 2009-03-12 12:55:38 ----HD---- C:\Program Files\Temp 2009-03-12 12:52:55 ----D---- C:\ProgramData\FLEXnet 2009-03-12 12:38:39 ----D---- C:\Program Files\Common Files\Adobe AIR 2009-03-12 12:36:23 ----D---- C:\Program Files\Common Files\Macrovision Shared 2009-03-12 12:21:10 ----D---- C:\ProgramData\ma-config.com 2009-03-12 12:21:10 ----D---- C:\Program Files\ma-config.com 2009-03-12 11:03:33 ----D---- C:\Users\jean\AppData\Roaming\Download Manager 2009-03-12 10:33:34 ----D---- C:\Users\jean\AppData\Roaming\FileZilla 2009-03-12 10:33:16 ----D---- C:\Program Files\FileZilla FTP Client 2009-03-11 19:35:43 ----A---- C:\Windows\system32\wmp.dll 2009-03-11 19:35:41 ----A---- C:\Windows\system32\spwmp.dll 2009-03-11 19:35:40 ----A---- C:\Windows\system32\wmploc.DLL 2009-03-11 19:35:40 ----A---- C:\Windows\system32\dxmasf.dll 2009-03-11 19:35:00 ----A---- C:\Windows\system32\schannel.dll 2009-03-05 12:04:13 ----D---- C:\ProgramData\Downloaded Installations 2009-03-04 11:07:49 ----HD---- C:\ProgramData\CanonBJ 2009-03-01 11:03:59 ----A---- C:\Windows\system32\javaws.exe 2009-03-01 11:03:59 ----A---- C:\Windows\system32\javaw.exe 2009-03-01 11:03:59 ----A---- C:\Windows\system32\java.exe ======List of files/folders modified in the last 1 months====== 2009-03-20 09:54:01 ----D---- C:\Program Files\Mozilla Firefox 2009-03-19 22:31:29 ----D---- C:\Windows\System32 2009-03-19 22:31:29 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-03-19 22:31:28 ----D---- C:\Windows\inf 2009-03-19 16:59:35 ----SHD---- C:\Windows\Installer 2009-03-19 16:59:13 ----D---- C:\Windows\registration 2009-03-19 16:59:00 ----RSD---- C:\Windows\assembly 2009-03-19 16:56:54 ----SHD---- C:\System Volume Information 2009-03-18 12:27:26 ----D---- C:\Windows\Prefetch 2009-03-18 12:02:50 ----D---- C:\Windows 2009-03-18 07:37:47 ----D---- C:\Windows\system32\drivers 2009-03-18 07:37:47 ----D---- C:\Windows\AppPatch 2009-03-18 07:37:45 ----D---- C:\Program Files\Common Files 2009-03-18 07:32:38 ----D---- C:\Windows\system32\fr-FR 2009-03-17 23:51:25 ----A---- C:\Windows\system.ini 2009-03-17 21:38:45 ----HD---- C:\ProgramData 2009-03-17 21:36:03 ----RD---- C:\Program Files 2009-03-17 21:19:04 ----D---- C:\Program Files\Star Downloader 2009-03-17 17:18:39 ----D---- C:\Windows\system32\WDI 2009-03-17 13:50:20 ----D---- C:\Windows\system32\catroot2 2009-03-17 13:50:20 ----D---- C:\ProgramData\Spyware Terminator 2009-03-17 13:49:28 ----D---- C:\Program Files\Spyware Terminator 2009-03-17 13:03:59 ----D---- C:\Users\jean\AppData\Roaming\Spyware Terminator 2009-03-17 08:32:30 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-17 00:31:56 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-03-16 22:58:59 ----D---- C:\Users\jean\AppData\Roaming\uTorrent 2009-03-16 21:18:04 ----D---- C:\Program Files\Lecteur CANALPLAY 2009-03-16 20:46:26 ----D---- C:\Program Files\Many Faces of Go 11.0 2009-03-16 20:41:07 ----RSD---- C:\Windows\Fonts 2009-03-16 20:19:46 ----D---- C:\Download 2009-03-16 12:53:26 ----D---- C:\Windows\winsxs 2009-03-12 13:18:50 ----D---- C:\Users\jean\AppData\Roaming\Adobe 2009-03-12 12:58:29 ----D---- C:\ProgramData\Adobe 2009-03-12 12:56:16 ----HD---- C:\Program Files\InstallShield Installation Information 2009-03-12 12:56:12 ----D---- C:\Windows\system32\catroot 2009-03-12 12:55:54 ----A---- C:\Windows\DIFxAPI.dll 2009-03-12 12:46:33 ----D---- C:\Program Files\Adobe 2009-03-12 12:45:34 ----D---- C:\Program Files\Common Files\Adobe 2009-03-12 10:11:36 ----D---- C:\Program Files\Windows Media Player 2009-03-12 10:11:36 ----D---- C:\Program Files\Windows Mail 2009-03-12 10:09:42 ----D---- C:\ProgramData\Microsoft Help 2009-03-11 10:37:04 ----SD---- C:\Users\jean\AppData\Roaming\Microsoft 2009-03-10 17:19:37 ----D---- C:\Program Files\Google 2009-03-10 17:19:08 ----D---- C:\ProgramData\Google 2009-03-07 16:01:37 ----D---- C:\AHD4withThesaurus 2009-03-05 10:24:44 ----D---- C:\Program Files\Common Files\microsoft shared 2009-03-01 11:03:57 ----D---- C:\Program Files\Java ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-17 75072] R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-12-13 10216] R1 FNETDEVI;FNETDEVI; \??\C:\Windows\system32\drivers\FNETDEVI.SYS [2008-12-12 19572] R1 OADevice;OADriver; \??\C:\Windows\system32\drivers\OADriver.sys [2008-12-13 178376] R1 OAmon;OAmon; \??\C:\Windows\system32\drivers\OAmon.sys [2008-12-13 30920] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-09-27 141312] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-02-06 12672] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-02-06 8192] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-23 164400] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-14 758784] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-02-06 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-02-06 207360] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-05 1776128] R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2008-12-11 29384] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-02-06 659968] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-06 246784] S1 gaopdxserv.sys;gaopdxserv.sys; C:\Windows\system32\drivers\gaopdxwhwvpircipymssdrmpuvqtcxboxdqpxp.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-11-05 101504] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Pilote de carte Intel® PRO/sans fil 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-02-12 7626400] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-26 128104] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 NSUService;NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [2008-07-17 233472] R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\oacat.exe [2008-12-13 1402568] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-09-27 570880] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2008-12-13 3321032] R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392] R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2008-02-15 184320] R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2008-02-15 147456] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-02-06 386560] R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2008-02-15 274432] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-12 655624] S3 GoogleDesktopManager-090808-172447;Google Desktop Manager 5.8.809.8522; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-29 30192] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-10 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2007-11-28 53248] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-12-18 29181272] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2007-11-28 53248] S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-04 104288] S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [2008-03-04 350048] S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [2008-03-04 63328] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2007-11-28 77824] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2008-02-15 73728] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] -----------------EOF-----------------
  2. harib034
    Il n'y a pas eu de message d'erreur mais il me semble que je l'avais déjà effacé avant celui-ci... Merci en tous cas pour ta rapidité
  3. harib034
    Logfile of random's system information tool 1.05 (written by random/random) Run by jean at 2009-03-18 19:05:47 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 89 GB (61%) free of 145 GB Total RAM: 2038 MB (53% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:06, on 2009-03-18 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Tall Emu\Online Armor\oasrv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Windows\system32\svchost.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Sony\Network Utility\NSUService.exe C:\Program Files\Tall Emu\Online Armor\oacat.exe C:\Windows\system32\svchost.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\PCCloneEX\PCCloneEX.EXE C:\Windows\system32\igfxsrvc.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Tall Emu\Online Armor\oaui.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Tall Emu\Online Armor\oahlp.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Apoint\ApMsgFwd.exe C:\Windows\system32\taskeng.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\jean\Desktop\Downloads\RSIT.exe C:\Windows\system32\wbem\wmiprvse.exe \?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Program Files\Trend Micro\HijackThis\jean.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PCCloneEX] C:\Program Files\PCCloneEX\PCCloneEX.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O13 - Gopher Prefix: O15 - Trusted Zone: euromed.cyberlibris.com O15 - Trusted Zone: site.ebrary.com O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/lib/cla10/support/p...s/ebraryRdr.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.8522 (GoogleDesktopManager-090808-172447) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11544 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-10 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-10 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-10 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0BF43445-2F28-4351-9252-17FE6E806AA0} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-10 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvSvc"=C:\Windows\system32\nvsvc.dll [2008-02-12 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-02-12 8497696] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-02-12 81920] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-05 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-05 154136] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-05 137752] "Apoint"=C:\Program Files\Apoint\Apoint.exe [2008-02-23 122880] "ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-11-21 311296] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-29 30192] "SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-09-27 1783808] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "PCCloneEX"=C:\Program Files\PCCloneEX\PCCloneEX.EXE [2008-12-12 5259776] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600] "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "MarketingTools"=C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2008-04-19 36864] "@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2008-12-13 6223048] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-07-16 262144] "ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-03-29 222128] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-10 39408] C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-02-05 200704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon] C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2008-12-13 886984] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "EnableShellExecuteHooks"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de561a-953e-11dd-8cf6-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de5631-953e-11dd-8cf6-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620bc-955e-11dd-84db-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620be-955e-11dd-84db-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6d8a0c2-832c-11dd-8e3a-001a80f97ce0}] shell\AutoRun\command - H:\LaunchU3.exe ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2009-03-18 08:59:12 ----D---- C:\Windows\Minidump 2009-03-18 07:38:47 ----A---- C:\Windows\PSEXESVC.EXE 2009-03-18 07:38:43 ----D---- C:\Windows\temp 2009-03-18 07:32:40 ----D---- C:\ComboFix 2009-03-18 07:32:39 ----A---- C:\Windows\system32\CF2846.exe 2009-03-18 07:32:38 ----A---- C:\Windows\system32\swsc.exe 2009-03-17 21:38:45 ----D---- C:\Users\jean\AppData\Roaming\OnlineArmor 2009-03-17 21:38:45 ----D---- C:\ProgramData\OnlineArmor 2009-03-17 21:36:03 ----D---- C:\Program Files\Tall Emu 2009-03-17 20:06:54 ----D---- C:\rsit 2009-03-17 19:41:28 ----D---- C:\Program Files\Trend Micro 2009-03-17 19:34:18 ----A---- C:\fixnavi.txt 2009-03-17 19:33:13 ----D---- C:\Program Files\Navilog1 2009-03-17 17:28:07 ----D---- C:\Users\jean\AppData\Roaming\Malwarebytes 2009-03-17 17:27:58 ----D---- C:\ProgramData\Malwarebytes 2009-03-17 17:27:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-03-17 17:13:26 ----A---- C:\Windows\zip.exe 2009-03-17 17:13:26 ----A---- C:\Windows\VFIND.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWXCACLS.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWSC.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWREG.exe 2009-03-17 17:13:26 ----A---- C:\Windows\sed.exe 2009-03-17 17:13:26 ----A---- C:\Windows\NIRCMD.exe 2009-03-17 17:13:26 ----A---- C:\Windows\grep.exe 2009-03-17 17:13:26 ----A---- C:\Windows\fdsv.exe 2009-03-17 17:13:13 ----D---- C:\Windows\ERDNT 2009-03-17 17:12:35 ----AD---- C:\Qoobox 2009-03-17 09:39:32 ----D---- C:\ProgramData\Avira 2009-03-17 09:39:32 ----D---- C:\Program Files\Avira 2009-03-16 22:21:13 ----A---- C:\Users\jean\AppData\Roaming\SetValue.bat 2009-03-16 22:21:13 ----A---- C:\Users\jean\AppData\Roaming\GetValue.vbs 2009-03-16 21:55:20 ----A---- C:\Windows\system32\tmp.txt 2009-03-16 21:55:10 ----A---- C:\rapport.txt 2009-03-16 20:17:45 ----D---- C:\RECYCLER 2009-03-16 15:10:54 ----D---- C:\Users\jean\AppData\Roaming\OpenOffice.org 2009-03-16 12:51:10 ----D---- C:\Program Files\JRE 2009-03-16 12:51:01 ----D---- C:\Program Files\OpenOffice.org 3 2009-03-12 12:55:38 ----HD---- C:\Program Files\Temp 2009-03-12 12:52:55 ----D---- C:\ProgramData\FLEXnet 2009-03-12 12:38:39 ----D---- C:\Program Files\Common Files\Adobe AIR 2009-03-12 12:36:23 ----D---- C:\Program Files\Common Files\Macrovision Shared 2009-03-12 12:21:10 ----D---- C:\ProgramData\ma-config.com 2009-03-12 12:21:10 ----D---- C:\Program Files\ma-config.com 2009-03-12 11:03:33 ----D---- C:\Users\jean\AppData\Roaming\Download Manager 2009-03-12 10:33:34 ----D---- C:\Users\jean\AppData\Roaming\FileZilla 2009-03-12 10:33:16 ----D---- C:\Program Files\FileZilla FTP Client 2009-03-11 19:35:43 ----A---- C:\Windows\system32\wmp.dll 2009-03-11 19:35:41 ----A---- C:\Windows\system32\spwmp.dll 2009-03-11 19:35:40 ----A---- C:\Windows\system32\wmploc.DLL 2009-03-11 19:35:40 ----A---- C:\Windows\system32\dxmasf.dll 2009-03-11 19:35:00 ----A---- C:\Windows\system32\schannel.dll 2009-03-05 12:04:13 ----D---- C:\ProgramData\Downloaded Installations 2009-03-04 11:07:49 ----HD---- C:\ProgramData\CanonBJ 2009-03-01 11:03:59 ----A---- C:\Windows\system32\javaws.exe 2009-03-01 11:03:59 ----A---- C:\Windows\system32\javaw.exe 2009-03-01 11:03:59 ----A---- C:\Windows\system32\java.exe ======List of files/folders modified in the last 1 months====== 2009-03-18 19:03:50 ----D---- C:\Program Files\Mozilla Firefox 2009-03-18 15:00:02 ----D---- C:\Windows\System32 2009-03-18 15:00:02 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-03-18 15:00:01 ----D---- C:\Windows\inf 2009-03-18 12:27:26 ----D---- C:\Windows\Prefetch 2009-03-18 12:02:50 ----D---- C:\Windows 2009-03-18 07:37:47 ----D---- C:\Windows\system32\drivers 2009-03-18 07:37:47 ----D---- C:\Windows\AppPatch 2009-03-18 07:37:45 ----D---- C:\Program Files\Common Files 2009-03-18 07:35:12 ----SHD---- C:\System Volume Information 2009-03-18 07:32:38 ----D---- C:\Windows\system32\fr-FR 2009-03-17 23:51:25 ----A---- C:\Windows\system.ini 2009-03-17 21:38:45 ----HD---- C:\ProgramData 2009-03-17 21:36:03 ----RD---- C:\Program Files 2009-03-17 21:19:38 ----SHD---- C:\Windows\Installer 2009-03-17 21:19:04 ----D---- C:\Program Files\Star Downloader 2009-03-17 17:18:39 ----D---- C:\Windows\system32\WDI 2009-03-17 13:50:20 ----D---- C:\Windows\system32\catroot2 2009-03-17 13:50:20 ----D---- C:\ProgramData\Spyware Terminator 2009-03-17 13:49:28 ----D---- C:\Program Files\Spyware Terminator 2009-03-17 13:03:59 ----D---- C:\Users\jean\AppData\Roaming\Spyware Terminator 2009-03-17 08:32:30 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-17 00:31:56 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-03-16 22:58:59 ----D---- C:\Users\jean\AppData\Roaming\uTorrent 2009-03-16 21:18:04 ----D---- C:\Program Files\Lecteur CANALPLAY 2009-03-16 20:46:26 ----D---- C:\Program Files\Many Faces of Go 11.0 2009-03-16 20:41:07 ----RSD---- C:\Windows\Fonts 2009-03-16 20:19:46 ----D---- C:\Download 2009-03-16 12:53:26 ----D---- C:\Windows\winsxs 2009-03-16 12:53:18 ----RSD---- C:\Windows\assembly 2009-03-12 13:18:50 ----D---- C:\Users\jean\AppData\Roaming\Adobe 2009-03-12 12:58:29 ----D---- C:\ProgramData\Adobe 2009-03-12 12:56:16 ----HD---- C:\Program Files\InstallShield Installation Information 2009-03-12 12:56:12 ----D---- C:\Windows\system32\catroot 2009-03-12 12:55:54 ----A---- C:\Windows\DIFxAPI.dll 2009-03-12 12:46:33 ----D---- C:\Program Files\Adobe 2009-03-12 12:45:34 ----D---- C:\Program Files\Common Files\Adobe 2009-03-12 10:11:36 ----D---- C:\Program Files\Windows Media Player 2009-03-12 10:11:36 ----D---- C:\Program Files\Windows Mail 2009-03-12 10:09:42 ----D---- C:\ProgramData\Microsoft Help 2009-03-11 10:37:04 ----SD---- C:\Users\jean\AppData\Roaming\Microsoft 2009-03-10 17:19:37 ----D---- C:\Program Files\Google 2009-03-10 17:19:08 ----D---- C:\ProgramData\Google 2009-03-07 16:01:37 ----D---- C:\AHD4withThesaurus 2009-03-05 10:24:44 ----D---- C:\Program Files\Common Files\microsoft shared 2009-03-01 11:03:57 ----D---- C:\Program Files\Java ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-17 75072] R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-12-13 10216] R1 FNETDEVI;FNETDEVI; \??\C:\Windows\system32\drivers\FNETDEVI.SYS [2008-12-12 19572] R1 OADevice;OADriver; \??\C:\Windows\system32\drivers\OADriver.sys [2008-12-13 178376] R1 OAmon;OAmon; \??\C:\Windows\system32\drivers\OAmon.sys [2008-12-13 30920] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-09-27 141312] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-02-06 12672] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-02-06 8192] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-23 164400] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-14 758784] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-02-06 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-02-06 207360] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-05 1776128] R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2008-12-11 29384] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-02-06 659968] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-06 246784] S1 gaopdxserv.sys;gaopdxserv.sys; C:\Windows\system32\drivers\gaopdxwhwvpircipymssdrmpuvqtcxboxdqpxp.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-11-05 101504] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Pilote de carte Intel® PRO/sans fil 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-02-12 7626400] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-26 128104] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 NSUService;NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [2008-07-17 233472] R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\oacat.exe [2008-12-13 1402568] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-09-27 570880] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2008-12-13 3321032] R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392] R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2008-02-15 184320] R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2008-02-15 147456] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-02-06 386560] R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2008-02-15 274432] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-12 655624] S3 GoogleDesktopManager-090808-172447;Google Desktop Manager 5.8.809.8522; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-29 30192] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-10 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2007-11-28 53248] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-12-18 29181272] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2007-11-28 53248] S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-04 104288] S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [2008-03-04 350048] S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [2008-03-04 63328] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2007-11-28 77824] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2008-02-15 73728] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] -----------------EOF----------------- sorry
  4. harib034
    Euh ça a fait reboot ma machine et le rapport ne contient que : ComboFix 09-03-15.01 - jean 2009-03-18 7:36:14.4 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2038.816 [GMT 1:00] Lancé depuis: C:\Users\jean\Desktop\ComboFix.exe Commutateurs utilisés :: C:\Users\jean\Desktop\CFscript.txt * Un nouveau point de restauration a été créé FILE :: D:\6fnlpetp.exe D:\cqdis.cmd G:\6fnlpetp.exe G:\cqdis.cmd H:\6fnlpetp.exe H:\cqdis.cmd . Hijack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:45, on 2009-03-18 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Sony\Network Utility\NSUService.exe C:\Program Files\Tall Emu\Online Armor\oacat.exe C:\Windows\system32\svchost.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\PCCloneEX\PCCloneEX.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\servicing\TrustedInstaller.exe \?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PCCloneEX] C:\Program Files\PCCloneEX\PCCloneEX.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O13 - Gopher Prefix: O15 - Trusted Zone: euromed.cyberlibris.com O15 - Trusted Zone: site.ebrary.com O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/lib/cla10/support/p...s/ebraryRdr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EBD3F9BC-6136-46D7-A914-A20655EDD148}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.8522 (GoogleDesktopManager-090808-172447) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11688 bytes Pour combofix comme je te l'ai dit je l'ai utilisé deux fois d'affilée car j'avais oublié de brancher les périphériques mais c'est vrai que je l'avais utilisé avant il me semble, j'ai fait plein de truc pour virer win32 fasec en meme temps ;o
  5. harib034
    Merci Bon je l'ai fait en deux fois parce que la 1ere fois j'avais oublié de mettre mes périphériques La 1ere fois il a supprimé un fichier "C:\windows\system32\gaopdxepcbbrdprpbxnjmiaxemxrpctlqitrdl.dll", je crois, que j'ai déjà supprimé plusieurs fois.. La 2e fois : ComboFix 09-03-15.01 - jean 2009-03-17 23:48:18.3 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2038.892 [GMT 1:00] Lancé depuis: c:\users\jean\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . D:\autorun.inf H:\Autorun.inf H:\cretae.dll.vbs . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-17 au 2009-03-17 )))))))))))))))))))))))))))))))))))) . 2009-03-17 21:38 . 2009-03-17 23:30 <REP> d-------- c:\users\jean\AppData\Roaming\OnlineArmor 2009-03-17 21:38 . 2009-03-17 21:38 <REP> d-------- c:\users\All Users\OnlineArmor 2009-03-17 21:38 . 2009-03-17 21:38 <REP> d-------- c:\programdata\OnlineArmor 2009-03-17 21:36 . 2009-03-17 21:36 <REP> d-------- c:\program files\Tall Emu 2009-03-17 21:36 . 2008-12-13 02:26 178,376 --a------ c:\windows\System32\drivers\OADriver.sys 2009-03-17 21:36 . 2008-12-13 02:26 30,920 --a------ c:\windows\System32\drivers\OAmon.sys 2009-03-17 21:36 . 2008-12-11 12:43 29,384 --a------ c:\windows\System32\drivers\OAnet.sys 2009-03-17 20:06 . 2009-03-17 20:07 <REP> d-------- C:\rsit 2009-03-17 19:41 . 2009-03-17 19:41 <REP> d-------- c:\program files\Trend Micro 2009-03-17 19:33 . 2009-03-17 21:17 <REP> d-------- c:\program files\Navilog1 2009-03-17 17:28 . 2009-03-17 17:28 <REP> d-------- c:\users\jean\AppData\Roaming\Malwarebytes 2009-03-17 17:28 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-03-17 17:28 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-03-17 17:27 . 2009-03-17 17:27 <REP> d-------- c:\users\All Users\Malwarebytes 2009-03-17 17:27 . 2009-03-17 17:27 <REP> d-------- c:\programdata\Malwarebytes 2009-03-17 17:27 . 2009-03-17 17:28 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-17 09:39 . 2009-03-17 09:39 <REP> d-------- c:\users\All Users\Avira 2009-03-17 09:39 . 2009-03-17 09:39 <REP> d-------- c:\programdata\Avira 2009-03-17 09:39 . 2009-03-17 09:39 <REP> d-------- c:\program files\Avira 2009-03-16 22:21 . 2009-03-16 22:21 691 --a------ c:\users\jean\AppData\Roaming\GetValue.vbs 2009-03-16 22:21 . 2009-03-16 22:21 35 --a------ c:\users\jean\AppData\Roaming\SetValue.bat 2009-03-16 15:10 . 2009-03-16 15:10 <REP> d-------- c:\users\jean\AppData\Roaming\OpenOffice.org 2009-03-16 12:51 . 2009-03-16 12:51 <REP> d-------- c:\program files\OpenOffice.org 3 2009-03-16 12:51 . 2009-03-16 12:51 <REP> d-------- c:\program files\JRE 2009-03-12 12:55 . 2009-03-12 12:56 <REP> d--h----- c:\program files\Temp 2009-03-12 12:52 . 2009-03-12 12:52 <REP> d-------- c:\users\All Users\FLEXnet 2009-03-12 12:52 . 2009-03-12 12:52 <REP> d-------- c:\programdata\FLEXnet 2009-03-12 12:38 . 2009-03-12 12:38 <REP> d-------- c:\program files\Common Files\Adobe AIR 2009-03-12 12:36 . 2009-03-12 12:36 <REP> d-------- c:\program files\Common Files\Macrovision Shared 2009-03-12 12:21 . 2009-03-17 21:18 <REP> d-------- c:\users\All Users\ma-config.com 2009-03-12 12:21 . 2009-03-17 21:18 <REP> d-------- c:\programdata\ma-config.com 2009-03-12 12:21 . 2009-03-17 21:18 <REP> d-------- c:\program files\ma-config.com 2009-03-12 11:03 . 2009-03-12 12:18 <REP> d-------- c:\users\jean\AppData\Roaming\Download Manager 2009-03-12 10:33 . 2009-03-16 16:39 <REP> d-------- c:\users\jean\AppData\Roaming\FileZilla 2009-03-12 10:33 . 2009-03-12 10:33 <REP> d-------- c:\program files\FileZilla FTP Client 2009-03-11 19:35 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL 2009-03-11 19:35 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll 2009-03-11 19:35 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll 2009-03-11 19:35 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx 2009-03-11 19:35 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll 2009-03-11 19:34 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys 2009-03-05 12:04 . 2009-03-05 12:04 <REP> d-------- c:\users\All Users\Downloaded Installations 2009-03-05 12:04 . 2009-03-05 12:04 <REP> d-------- c:\programdata\Downloaded Installations 2009-03-04 11:07 . 2009-03-04 11:07 <REP> d--h----- c:\users\All Users\CanonBJ 2009-03-04 11:07 . 2009-03-04 11:07 <REP> d--h----- c:\programdata\CanonBJ . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-17 20:19 --------- d-----w c:\program files\Star Downloader 2009-03-17 12:50 --------- d-----w c:\programdata\Spyware Terminator 2009-03-17 12:49 --------- d-----w c:\program files\Spyware Terminator 2009-03-17 12:03 --------- d-----w c:\users\jean\AppData\Roaming\Spyware Terminator 2009-03-17 07:32 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-16 23:31 --------- d-----w c:\programdata\Spybot - Search & Destroy 2009-03-16 21:58 --------- d-----w c:\users\jean\AppData\Roaming\uTorrent 2009-03-16 20:18 --------- d-----w c:\program files\Lecteur CANALPLAY 2009-03-16 19:46 --------- d-----w c:\program files\Many Faces of Go 11.0 2009-03-12 11:56 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-12 11:55 319,456 ----a-w c:\windows\DIFxAPI.dll 2009-03-12 11:45 --------- d-----w c:\program files\Common Files\Adobe 2009-03-12 09:11 --------- d-----w c:\program files\Windows Mail 2009-03-12 09:09 --------- d-----w c:\programdata\Microsoft Help 2009-03-10 16:19 --------- d-----w c:\program files\Google 2009-03-01 10:03 --------- d-----w c:\program files\Java 2009-02-12 22:06 --------- d-----w c:\program files\Microsoft SQL Server 2009-02-12 12:11 --------- d-----w c:\program files\EasyPHP 3.0 2009-01-30 13:04 --------- d-----w c:\program files\Proxifier 2009-01-28 09:30 --------- d-----w c:\program files\CCleaner 2009-01-21 13:11 61,440 ----a-w c:\windows\System32\PrxerNsp.dll 2009-01-19 20:36 --------- d-----w c:\users\jean\AppData\Roaming\Skype 2009-01-15 06:11 827,392 ----a-w c:\windows\System32\wininet.dll 2008-03-17 12:26 28,190 ----a-w c:\users\jean\AppData\Roaming\nvModes.dat 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini 2008-09-29 18:36 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2008-09-30 11:20 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2008-09-30 11:20 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2008-09-30 11:20 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((( SnapShot_2009-03-17_23.35.46,48 ))))))))))))))))))))))))))))))))))))))))) . - 2009-03-17 21:11:04 119,616 ----a-w c:\windows\System32\perfc009.dat + 2009-03-17 22:50:36 119,616 ----a-w c:\windows\System32\perfc009.dat - 2009-03-17 21:11:04 147,276 ----a-w c:\windows\System32\perfc00C.dat + 2009-03-17 22:50:36 147,276 ----a-w c:\windows\System32\perfc00C.dat - 2009-03-17 21:11:04 636,790 ----a-w c:\windows\System32\perfh009.dat + 2009-03-17 22:50:36 636,790 ----a-w c:\windows\System32\perfh009.dat - 2009-03-17 21:11:04 726,808 ----a-w c:\windows\System32\perfh00C.dat + 2009-03-17 22:50:36 726,808 ----a-w c:\windows\System32\perfh00C.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-07-16 262144] "ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-10 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-02-12 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-12 8497696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-12 81920] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752] "Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-29 30192] "SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-27 1783808] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "PCCloneEX"="c:\program files\PCCloneEX\PCCloneEX.EXE" [2008-12-12 5259776] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-04-19 36864] "@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2008-12-13 6223048] c:\users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2007-08-14 20:05 98304 c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"="0x00000000" "UpdatesDisableNotify"="0x00000000" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2772861288-3863856250-2725877609-1003] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{3ADE6E75-3A86-4068-B7BB-FF055E3A2E20}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{4D8ECFED-48C3-4723-87FE-ABF5BC66CA8A}c:\\windows\\temp\\navbrowser.exe"= UDP:c:\windows\temp\navbrowser.exe:navbrowser.exe "UDP Query User{55C6FA09-7F62-4285-AF30-16E5490E7722}c:\\windows\\temp\\navbrowser.exe"= TCP:c:\windows\temp\navbrowser.exe:navbrowser.exe "TCP Query User{09ECFF90-2256-460E-B582-CB2F3EC60A25}c:\\program files\\your freedom\\freedom.exe"= UDP:c:\program files\your freedom\freedom.exe:freedom "UDP Query User{E252353B-E157-4FF1-AAB7-A1FB5FFCA4D7}c:\\program files\\your freedom\\freedom.exe"= TCP:c:\program files\your freedom\freedom.exe:freedom "{236C2EB0-8963-408D-938B-A0A0D8B5195D}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{3919CA16-ECA8-42DE-A0C3-B2B0ED909AB4}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "TCP Query User{30250C6F-0F88-434D-9DD3-02C231798A88}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent "UDP Query User{E0B3B91E-EF1F-4C76-BD0F-A60229F92261}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent "TCP Query User{727CDB35-F2BB-48A6-9828-C0ABB1381AB7}c:\\users\\jean\\desktop\\warshoune\\war3.exe"= UDP:c:\users\jean\desktop\warshoune\war3.exe:war3.exe "UDP Query User{6AE265DB-6BB4-4642-8292-56B271B7D6A0}c:\\users\\jean\\desktop\\warshoune\\war3.exe"= TCP:c:\users\jean\desktop\warshoune\war3.exe:war3.exe "TCP Query User{3FDF6DDC-0811-4120-AB1F-2E84E0659DCD}c:\\program files\\easyphp 3.0\\mysql\\bin\\mysqld.exe"= UDP:c:\program files\easyphp 3.0\mysql\bin\mysqld.exe:mysqld "UDP Query User{2AB4E573-67C7-4434-B74D-14BD0DB55CB3}c:\\program files\\easyphp 3.0\\mysql\\bin\\mysqld.exe"= TCP:c:\program files\easyphp 3.0\mysql\bin\mysqld.exe:mysqld "{C4C18F8A-B388-4122-A2DA-B734FE13AF69}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{1E866F6D-D629-481B-A59B-F1434FF527E5}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{78257614-1AFD-44F7-93F8-A9F10E1043D9}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{2E0F26EB-1145-4B3D-A229-0456E17AC245}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{BE6242B2-868B-42C6-8C11-F1A280242076}"= UDP:5353:Adobe CSI CS4 "{D450EAAA-8E43-43D1-AFF1-EA1F4E3337F1}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{6ACAF16A-5D66-4965-BD8C-489E2A3E4B85}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 R1 FNETDEVI;FNETDEVI;c:\windows\System32\drivers\FNETDEVI.SYS [2008-12-12 19572] R1 OADevice;OADriver;c:\windows\System32\drivers\OADriver.sys [2009-03-17 178376] R1 OAmon;OAmon;c:\windows\System32\drivers\OAmon.sys [2009-03-17 30920] R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [2008-09-27 141312] R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-04-19 233472] R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [2009-03-17 1402568] R2 regi;regi;c:\windows\System32\drivers\regi.sys [2007-04-17 11032] R3 OAnet;OnlineArmor Service;c:\windows\System32\drivers\OAnet.sys [2009-03-17 29384] R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [2007-12-17 9344] R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2007-08-17 812544] S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [2009-03-17 3321032] S3 GoogleDesktopManager-090808-172447;Google Desktop Manager 5.8.809.8522;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-19 30192] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-12-18 29181272] S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-04-19 104288] S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-04-19 350048] S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-04-19 63328] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-04-19 333088] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-04-19 87328] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2796b4bb-92b3-11dd-a4cb-001a80f97ce0}] \shell\AutoRun\command - 6fnlpetp.exe \shell\explore\Command - 6fnlpetp.exe \shell\open\Command - 6fnlpetp.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de561a-953e-11dd-8cf6-001a80f97ce0}] \shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de5631-953e-11dd-8cf6-001a80f97ce0}] \shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620bc-955e-11dd-84db-001a80f97ce0}] \shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620be-955e-11dd-84db-001a80f97ce0}] \shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae995b8c-9510-11dd-a743-001a80f97ce0}] \shell\AutoRun\command - G:\cqdis.cmd \shell\explore\Command - G:\cqdis.cmd \shell\open\Command - G:\cqdis.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6d8a0c2-832c-11dd-8e3a-001a80f97ce0}] \shell\AutoRun\command - H:\LaunchU3.exe . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: %SystemRoot%\system32\PrxerDrv.dll Trusted Zone: cyberlibris.com\euromed Trusted Zone: ebrary.com\site TCP: {EBD3F9BC-6136-46D7-A914-A20655EDD148} = 212.27.53.252,212.27.54.252 DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab FF - ProfilePath - c:\users\jean\AppData\Roaming\Mozilla\Firefox\Profiles\oc8afqz1.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPInfotl.dll FF - plugin: c:\users\jean\AppData\Roaming\Mozilla\Firefox\Profiles\oc8afqz1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-17 23:51:20 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2009-03-17 23:55:20 ComboFix-quarantined-files.txt 2009-03-17 22:55:16 ComboFix2.txt 2009-03-17 22:39:02 ComboFix3.txt 2009-03-17 16:25:15 Avant-CF: 95 764 877 312 octets libres Après-CF: 95,733,776,384 octets libres 240 --- E O F --- 2009-03-16 09:49:08
  6. harib034
    Quand j'enregistre le fichier ça ne le laisse en fichier texte et je n'ai pas compris le "sans ligne blanche au début" mais merci d'avoir répondu aussi rapidement!
  7. harib034
    Bonjour, J'ai été infecté par win32 fasec et je pensais l'avoir éradiquer grâce à avira mais j'ai des pop-up incessant et l'impossibilité de mettre Malwarebytes' à jour "vous n'etes pas connecté à internet ou le par-feu blabla" Voila deux rapport complet avec RSIT: log.doc: Logfile of random's system information tool 1.05 (written by random/random) Run by jean at 2009-03-17 20:06:54 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 93 GB (64%) free of 145 GB Total RAM: 2038 MB (48% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:07:13, on 17/03/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Windows\system32\conime.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\Explorer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\explorer.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\jean\Desktop\Downloads\RSIT.exe C:\Program Files\Trend Micro\HijackThis\jean.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PCCloneEX] C:\Program Files\PCCloneEX\PCCloneEX.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Download with Star Downloader - C:\PROGRA~1\STARDO~1\sdie.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Lookup on CD - c:\AHD4withThesaurus\ahd.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Lookup on CD - {CB9CDC2D-0AB4-4031-A1F7-E9B4070CE521} - c:\AHD4withThesaurus\ahd.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O13 - Gopher Prefix: O15 - Trusted Zone: euromed.cyberlibris.com O15 - Trusted Zone: site.ebrary.com O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/lib/cla10/support/p...s/ebraryRdr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EBD3F9BC-6136-46D7-A914-A20655EDD148}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.8522 (GoogleDesktopManager-090808-172447) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Desktop Manager 5.8.809.8522 (GoogleDesktopManager-090808-172447) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe End of file - 9602 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-10 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-10 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-10 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\PROGRA~1\GOOGLE~1\BAE.dll [2006-06-23 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFEF0-5B30-21D4-945D-000000000000}] C:\PROGRA~1\STARDO~1\SDIEInt.dll [2006-02-26 135680] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0BF43445-2F28-4351-9252-17FE6E806AA0} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-10 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvSvc"=C:\Windows\system32\nvsvc.dll [2008-02-12 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-02-12 8497696] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-02-12 81920] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-05 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-05 154136] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-05 137752] "Apoint"=C:\Program Files\Apoint\Apoint.exe [2008-02-23 122880] "ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-11-21 311296] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-29 30192] "MarketingTools"=C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2008-04-19 36864] "SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-09-27 1783808] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "PCCloneEX"=C:\Program Files\PCCloneEX\PCCloneEX.EXE [2008-12-12 5259776] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600] "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-07-16 262144] "ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-03-29 222128] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-10 39408] C:\Users\jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-02-05 200704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon] C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bebccf4-c5ea-11dd-9e23-001a80f97ce0}] shell\AutoRun\command - G:\m9ma.exe shell\explore\command - G:\m9ma.exe shell\open\command - G:\m9ma.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2796b4bb-92b3-11dd-a4cb-001a80f97ce0}] shell\AutoRun\command - G:\6fnlpetp.exe shell\explore\command - G:\6fnlpetp.exe shell\open\command - G:\6fnlpetp.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c340304-c052-11dd-b2f0-001a80f97ce0}] shell\AutoRun\command - G:\i.bat shell\explore\command - G:\i.bat shell\open\command - G:\i.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d7be0cb-c847-11dd-8e03-001a80f97ce0}] shell\AutoRun\command - G:\m9ma.exe shell\explore\command - G:\m9ma.exe shell\open\command - G:\m9ma.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de561a-953e-11dd-8cf6-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55de5631-953e-11dd-8cf6-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620bc-955e-11dd-84db-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f620be-955e-11dd-84db-001a80f97ce0}] shell\AutoRun\command - G:\StartVMCLite.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae995b8c-9510-11dd-a743-001a80f97ce0}] shell\AutoRun\command - G:\cqdis.cmd shell\explore\command - G:\cqdis.cmd shell\open\command - G:\cqdis.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6d8a0c2-832c-11dd-8e3a-001a80f97ce0}] shell\AutoRun\command - H:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec4c79cd-9057-11dd-93bd-001a80f97ce0}] shell\AutoRun\command - G:\iqosrtk.bat shell\explore\command - G:\iqosrtk.bat shell\open\command - G:\iqosrtk.bat ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2009-03-17 20:06:54 ----D---- C:\rsit 2009-03-17 19:41:28 ----D---- C:\Program Files\Trend Micro 2009-03-17 19:34:18 ----A---- C:\fixnavi.txt 2009-03-17 19:33:13 ----D---- C:\Program Files\Navilog1 2009-03-17 17:28:07 ----D---- C:\Users\jean\AppData\Roaming\Malwarebytes 2009-03-17 17:27:58 ----D---- C:\ProgramData\Malwarebytes 2009-03-17 17:27:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-03-17 17:25:25 ----D---- C:\Windows\temp 2009-03-17 17:25:15 ----A---- C:\ComboFix.txt 2009-03-17 17:13:26 ----A---- C:\Windows\zip.exe 2009-03-17 17:13:26 ----A---- C:\Windows\VFIND.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWXCACLS.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWSC.exe 2009-03-17 17:13:26 ----A---- C:\Windows\SWREG.exe 2009-03-17 17:13:26 ----A---- C:\Windows\sed.exe 2009-03-17 17:13:26 ----A---- C:\Windows\NIRCMD.exe 2009-03-17 17:13:26 ----A---- C:\Windows\grep.exe 2009-03-17 17:13:26 ----A---- C:\Windows\fdsv.exe 2009-03-17 17:13:13 ----D---- C:\Windows\ERDNT 2009-03-17 17:13:12 ----D---- C:\ComboFix 2009-03-17 17:12:35 ----D---- C:\Qoobox 2009-03-17 09:39:32 ----D---- C:\ProgramData\Avira 2009-03-17 09:39:32 ----D---- C:\Program Files\Avira 2009-03-16 22:21:13 ----A---- C:\Users\jean\AppData\Roaming\SetValue.bat 2009-03-16 22:21:13 ----A---- C:\Users\jean\AppData\Roaming\GetValue.vbs 2009-03-16 21:55:20 ----A---- C:\Windows\system32\tmp.txt 2009-03-16 21:55:10 ----A---- C:\rapport.txt 2009-03-16 20:17:45 ----D---- C:\RECYCLER 2009-03-16 15:10:54 ----D---- C:\Users\jean\AppData\Roaming\OpenOffice.org 2009-03-16 12:51:10 ----D---- C:\Program Files\JRE 2009-03-16 12:51:01 ----D---- C:\Program Files\OpenOffice.org 3 2009-03-12 12:55:38 ----HD---- C:\Program Files\Temp 2009-03-12 12:52:55 ----D---- C:\ProgramData\FLEXnet 2009-03-12 12:38:39 ----D---- C:\Program Files\Common Files\Adobe AIR 2009-03-12 12:36:23 ----D---- C:\Program Files\Common Files\Macrovision Shared 2009-03-12 12:21:10 ----D---- C:\ProgramData\ma-config.com 2009-03-12 12:21:10 ----D---- C:\Program Files\ma-config.com 2009-03-12 11:03:33 ----D---- C:\Users\jean\AppData\Roaming\Download Manager 2009-03-12 10:33:34 ----D---- C:\Users\jean\AppData\Roaming\FileZilla 2009-03-12 10:33:16 ----D---- C:\Program Files\FileZilla FTP Client 2009-03-11 19:35:43 ----A---- C:\Windows\system32\wmp.dll 2009-03-11 19:35:41 ----A---- C:\Windows\system32\spwmp.dll 2009-03-11 19:35:40 ----A---- C:\Windows\system32\wmploc.DLL 2009-03-11 19:35:40 ----A---- C:\Windows\system32\dxmasf.dll 2009-03-11 19:35:00 ----A---- C:\Windows\system32\schannel.dll 2009-03-05 12:05:29 ----D---- C:\Program Files\VirginMega 2009-03-05 12:04:13 ----D---- C:\ProgramData\Downloaded Installations 2009-03-04 11:07:49 ----HD---- C:\ProgramData\CanonBJ 2009-03-01 11:03:59 ----A---- C:\Windows\system32\javaws.exe 2009-03-01 11:03:59 ----A---- C:\Windows\system32\javaw.exe 2009-03-01 11:03:59 ----A---- C:\Windows\system32\java.exe ======List of files/folders modified in the last 1 months====== 2009-03-17 19:41:28 ----RD---- C:\Program Files 2009-03-17 19:36:43 ----D---- C:\Windows\System32 2009-03-17 19:01:00 ----D---- C:\Program Files\Mozilla Firefox 2009-03-17 17:49:28 ----D---- C:\Windows 2009-03-17 17:28:04 ----D---- C:\Windows\system32\drivers 2009-03-17 17:27:58 ----HD---- C:\ProgramData 2009-03-17 17:27:57 ----D---- C:\Windows\Prefetch 2009-03-17 17:25:27 ----D---- C:\Windows\system32\fr-FR 2009-03-17 17:23:31 ----D---- C:\Windows\inf 2009-03-17 17:23:31 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-03-17 17:22:08 ----A---- C:\Windows\system.ini 2009-03-17 17:20:56 ----D---- C:\Windows\AppPatch 2009-03-17 17:20:54 ----D---- C:\Program Files\Common Files 2009-03-17 17:18:39 ----D---- C:\Windows\system32\WDI 2009-03-17 17:13:44 ----SHD---- C:\System Volume Information 2009-03-17 13:50:20 ----D---- C:\Windows\system32\catroot2 2009-03-17 13:50:20 ----D---- C:\ProgramData\Spyware Terminator 2009-03-17 13:49:28 ----D---- C:\Program Files\Spyware Terminator 2009-03-17 13:03:59 ----D---- C:\Users\jean\AppData\Roaming\Spyware Terminator 2009-03-17 08:32:30 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-17 00:31:56 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-03-16 22:58:59 ----D---- C:\Users\jean\AppData\Roaming\uTorrent 2009-03-16 21:18:04 ----D---- C:\Program Files\Lecteur CANALPLAY 2009-03-16 20:46:26 ----D---- C:\Program Files\Many Faces of Go 11.0 2009-03-16 20:41:07 ----RSD---- C:\Windows\Fonts 2009-03-16 20:19:46 ----D---- C:\Download 2009-03-16 12:56:00 ----SHD---- C:\Windows\Installer 2009-03-16 12:53:26 ----D---- C:\Windows\winsxs 2009-03-16 12:53:18 ----RSD---- C:\Windows\assembly 2009-03-12 13:18:50 ----D---- C:\Users\jean\AppData\Roaming\Adobe 2009-03-12 12:58:29 ----D---- C:\ProgramData\Adobe 2009-03-12 12:56:16 ----HD---- C:\Program Files\InstallShield Installation Information 2009-03-12 12:56:12 ----D---- C:\Windows\system32\catroot 2009-03-12 12:55:54 ----A---- C:\Windows\DIFxAPI.dll 2009-03-12 12:46:33 ----D---- C:\Program Files\Adobe 2009-03-12 12:45:34 ----D---- C:\Program Files\Common Files\Adobe 2009-03-12 10:11:36 ----D---- C:\Program Files\Windows Media Player 2009-03-12 10:11:36 ----D---- C:\Program Files\Windows Mail 2009-03-12 10:09:42 ----D---- C:\ProgramData\Microsoft Help 2009-03-11 10:37:04 ----SD---- C:\Users\jean\AppData\Roaming\Microsoft 2009-03-10 17:19:37 ----D---- C:\Program Files\Google 2009-03-10 17:19:08 ----D---- C:\ProgramData\Google 2009-03-07 16:01:37 ----D---- C:\AHD4withThesaurus 2009-03-05 10:24:44 ----D---- C:\Program Files\Common Files\microsoft shared 2009-03-01 11:03:57 ----D---- C:\Program Files\Java 2009-02-18 09:16:48 ----D---- C:\Windows\Debug ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-12-13 10216] R1 FNETDEVI;FNETDEVI; \??\C:\Windows\system32\drivers\FNETDEVI.SYS [2008-12-12 19572] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-09-27 141312] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-02-06 12672] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-02-06 8192] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-23 164400] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-14 758784] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-02-06 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-02-06 207360] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-05 1776128] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-02-06 659968] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-06 246784] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-01-24 14336] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-11-05 101504] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Pilote de carte Intel® PRO/sans fil 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-02-12 7626400] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-26 128104] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 NSUService;NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [2008-07-17 233472] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-09-27 570880] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392] R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2008-02-15 184320] R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2008-02-15 147456] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-02-06 386560] R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2008-02-15 274432] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-12 655624] S3 GoogleDesktopManager-090808-172447;Google Desktop Manager 5.8.809.8522; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-29 30192] S3 GoogleDesktopManager-090808-172447;Google Desktop Manager 5.8.809.8522; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-29 30192] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-10 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2007-11-28 53248] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-12-18 29181272] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2007-11-28 53248] S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-04 104288] S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [2008-03-04 350048] S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [2008-03-04 63328] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2007-11-28 77824] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2008-02-15 73728] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] -----------------EOF----------------- info.doc : Info.txt logfile of random's system information tool 1.05 2009-03-17 20:07:18 ======Uninstall list====== -->"C:\Program Files\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x040c -removeonly -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->C:\Program Files\InstallShield Installation Information\{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}\setup.exe -runfromtemp -l0x040c -removeonly 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8} Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0} Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191} Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF} Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683} Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A} Adobe Dreamweaver CS4-->C:\Program Files\Common Files\Adobe\Installers\acce07fd2c8fe7f9e3f26243e626578\Setup.exe --uninstall=1 Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678} Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972} Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A} Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353} Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003} Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA} Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} Adobe Setup-->MsiExec.exe /I{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171} Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755} Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} Alps Pointing-device for VAIO-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE American Heritage® Dictionary, 4th Ed.-->"c:\AHD4withThesaurus\KaUnInsta1.exe" C:\Windows\uninst.exe -fc:\AHD4withThesaurus\DeIsL1.isu -y Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft PhotoImpression-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\setup.exe" -l0x40c -uninst Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Browser Address Error Redirector-->regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Ciel Compta Evolution 8.0 Enseignants-->MsiExec.exe /I{AEB75FCD-59A7-4B71-89D5-293CA630A6C0} Click to Disc Editor-->C:\Program Files\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe -runfromtemp -l0x040c Click to Disc-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D} DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62} FileZilla Client 3.2.2.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe GDR 3077 for SQL Server Database Services 2005 ENU (KB960089)-->C:\Windows\SQL9_KB960089_ENU\Hotfix.exe /Uninstall Gestionnaire de contacts professionnels pour Outlook 2007 SP1-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {69ca8988-1c6c-4285-b8af-db780a6e42af} Gestionnaire de contacts professionnels pour Outlook 2007 SP1-->MsiExec.exe /X{69CA8988-1C6C-4285-B8AF-DB780A6E42AF} Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243} Le Sphinx-->C:\SPHINX~1\licence\UNWISE.EXE C:\SPHINX~1\licence\install.log Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9} Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791} Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E0835BF20778} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Navilog1 3.7.6-->"C:\Program Files\Navilog1\unins000.exe" NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI OpenMG Secure Module 5.0.00-->C:\Program Files\InstallShield Installation Information\{8ED3A392-28F1-4375-97AC-BF275B5855F9}\IS_Setup.exe -runfromtemp -l0x0409 /z"UNINSTALL" OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242} Outil de restauration de données VAIO-->C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x040c -removeonly PCCloneEX-->C:\Program Files\PCCloneEX\Uninstall.EXE Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8} Proxifier version 2.8-->"C:\Program Files\Proxifier\unins000.exe" Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} Roxio Central Core-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB} Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693} Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} Roxio Easy Media Creator 10 LJ-->C:\ProgramData\Uninstall\{A33E457B-5369-481F-8B53-71108AE2EB5B}\setup.exe /x {A33E457B-5369-481F-8B53-71108AE2EB5B} Roxio Easy Media Creator Home-->MsiExec.exe /I{FE51662F-D8F6-43B5-99D9-D4894AF00F83} ScanToWeb-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Setting Utility Series-->"C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x040c -removeonly Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Sony Video Shared Library-->C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x040c -removeonly Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe" Star Downloader Free-->C:\PROGRA~1\STARDO~1\UNWISE.EXE C:\PROGRA~1\STARDO~1\INSTALL.LOG Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434} Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498} Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C} VAIO Content Folder Setting-->"C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Content Metadata Intelligent Analyzing Manager-->C:\Program Files\InstallShield Installation Information\{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Content Metadata Manager Setting-->C:\Program Files\InstallShield Installation Information\{CC56A2CB-EC09-4175-B8BD-93E2440D410B}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Content Metadata XML Interface Library-->C:\Program Files\InstallShield Installation Information\{FACD3674-FC12-4B6C-A923-E1D687704E9B}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Control Center-->"C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO DVD Menu Data Basic-->C:\Program Files\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Entertainment Platform-->C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Event Service-->"C:\Program Files\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Guide-->"C:\Program Files\InstallShield Installation Information\{326DC400-1FC4-4D7D-946D-06D1EAB93200}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Launcher-->"C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -runfromtemp -l0x040c -removeonly Vaio Marketing Tools-->C:\Program Files\Sony\Marketing Tools\Uninstaller.exe /bootstrap VAIO Media plus-->"C:\Program Files\InstallShield Installation Information\{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Movie Story Template Data-->C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Movie Story-->C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x040c -removeonly VAIO MusicBox Sample Music-->"C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO MusicBox-->"C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Original Function Setting-->"C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Power Management-->"C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Smart Network-->"C:\Program Files\InstallShield Installation Information\{3B659FAD-E772-44A3-B7E7-560FF084669F}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Update 3-->"C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -runfromtemp -l0x040c -removeonly VAIO Wallpaper Contents-->"C:\Program Files\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x040c -removeonly VirginMega.Fr Premium-->MsiExec.exe /I{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5} VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe Vodafone Mobile Connect Lite-->MsiExec.exe /X{B5761811-28F3-4257-B537-815C5EEF472C} Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} WinDVD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c Your Freedom 20080822-01-->C:\Program Files\Your Freedom\Uninstall.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AS: Windows Defender System event log Computer Name: Man Event Code: 4201 Message: Le système a détecté que la carte réseau Connexion réseau sans fil était connectée au réseau, et a lancé une opération normale. Record Number: 64654 Source Name: Tcpip Time Written: 20090317174839.533616-000 Event Type: Information User: Computer Name: Man Event Code: 7036 Message: Le service Avira AntiVir Personal - Free Antivirus Guard est entré dans l'état : arrêté. Record Number: 64655 Source Name: Service Control Manager Time Written: 20090317180009.000000-000 Event Type: Information User: Computer Name: Man Event Code: 7036 Message: Le service Avira AntiVir Personal - Free Antivirus Guard est entré dans l'état : en cours d'exécution. Record Number: 64656 Source Name: Service Control Manager Time Written: 20090317180032.000000-000 Event Type: Information User: Computer Name: Man Event Code: 7036 Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution. Record Number: 64657 Source Name: Service Control Manager Time Written: 20090317182922.000000-000 Event Type: Information User: Computer Name: Man Event Code: 7036 Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté. Record Number: 64658 Source Name: Service Control Manager Time Written: 20090317184552.000000-000 Event Type: Information User: Application event log Computer Name: Man Event Code: 4113 Message: AntiVir a détecté dans le fichier C:\Users\jean\Desktop\Downloads\Flash_Disinfector.exe un code suspect avec la désignation 'WORM/Generic.4084'! Record Number: 18281 Source Name: Avira AntiVir Time Written: 20090317183120.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: Man Event Code: 1000 Message: Application défaillante findstr.exe, version 6.0.6001.18000, horodatage 0x47918ac0, module défaillant findstr.exe, version 6.0.6001.18000, horodatage 0x47918ac0, code d’exception 0xc0000005, décalage d’erreur 0x0000465d, ID du processus 0x6bc, heure de début de l’application 0x01c9a72f524a53f2. Record Number: 18282 Source Name: Application Error Time Written: 20090317184357.000000-000 Event Type: Erreur User: Computer Name: Man Event Code: 1001 Message: Récipient d’erreurs 638739996, type 1 Événement : APPCRASH Réponse : Aucun ID de CAB : 0 Signature du problème : P1 : findstr.exe P2 : 6.0.6001.18000 P3 : 47918ac0 P4 : findstr.exe P5 : 6.0.6001.18000 P6 : 47918ac0 P7 : c0000005 P8 : 0000465d P9 : P10 : Fichiers joints : C:\Users\jean\AppData\Local\Temp\WER625D.tmp.version.txt Ces fichiers sont peut-être disponibles ici : C:\Users\jean\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0c46054f Record Number: 18283 Source Name: Windows Error Reporting Time Written: 20090317184650.000000-000 Event Type: Information User: Computer Name: Man Event Code: 1000 Message: Application défaillante findstr.exe, version 6.0.6001.18000, horodatage 0x47918ac0, module défaillant findstr.exe, version 6.0.6001.18000, horodatage 0x47918ac0, code d’exception 0xc0000005, décalage d’erreur 0x0000465d, ID du processus 0x224, heure de début de l’application 0x01c9a730bb91481a. Record Number: 18284 Source Name: Application Error Time Written: 20090317185400.000000-000 Event Type: Erreur User: Computer Name: Man Event Code: 1001 Message: Récipient d’erreurs 638739996, type 1 Événement : APPCRASH Réponse : Aucun ID de CAB : 0 Signature du problème : P1 : findstr.exe P2 : 6.0.6001.18000 P3 : 47918ac0 P4 : findstr.exe P5 : 6.0.6001.18000 P6 : 47918ac0 P7 : c0000005 P8 : 0000465d P9 : P10 : Fichiers joints : C:\Users\jean\AppData\Local\Temp\WER960A.tmp.version.txt Ces fichiers sont peut-être disponibles ici : C:\Users\jean\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report03d8b2dd Record Number: 18285 Source Name: Windows Error Reporting Time Written: 20090317185408.000000-000 Event Type: Information User: Security event log Computer Name: Man Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 21016 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090317190711.339616-000 Event Type: Échec de l'audit User: Computer Name: Man Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 21017 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090317190711.399616-000 Event Type: Échec de l'audit User: Computer Name: Man Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 21018 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090317190711.454616-000 Event Type: Échec de l'audit User: Computer Name: Man Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 21019 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090317190711.514616-000 Event Type: Échec de l'audit User: Computer Name: Man Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 21020 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090317190711.574616-000 Event Type: Échec de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared;C:\Program Files\Common Files\Roxio Shared\DLLShared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "configsetroot"=%SystemRoot%\ConfigSetRoot "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\ "EMC_AUTOPLAY"=C:\Program Files\Common Files\Roxio Shared\ -----------------EOF----------------- Merci d'avance. harib0
  8. harib034
    Bonjour, Comme dit dans le titre j\'ai une boîte de dialogue \"microsoft internet explorer\" qui s\'ouvre et qui me dit \"your preferences have been saved\" et je ne peux faire que \"ok\". Cela apparait de façon répétée :/ voici mon rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:34 , on 17/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\\WINDOWS\\System32\\smss.exe C:\\WINDOWS\\system32\\winlogon.exe C:\\WINDOWS\\system32\\services.exe C:\\WINDOWS\\system32\\lsass.exe C:\\WINDOWS\\system32\\Ati2evxx.exe C:\\WINDOWS\\system32\\svchost.exe C:\\WINDOWS\\System32\\svchost.exe C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe C:\\WINDOWS\\system32\\spoolsv.exe C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe C:\\Program Files\\Bonjour\\mDNSResponder.exe C:\\WINDOWS\\system32\\CTsvcCDA.EXE C:\\Program Files\\Spyware Terminator\\sp_rsser.exe C:\\WINDOWS\\system32\\svchost.exe C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe C:\\WINDOWS\\system32\\Ati2evxx.exe C:\\WINDOWS\\Explorer.EXE C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe C:\\Program Files\\Spyware Terminator\\SpywareTerminatorShield.exe C:\\WINDOWS\\RTHDCPL.EXE C:\\Program Files\\iTunes\\iTunesHelper.exe C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe C:\\WINDOWS\\system32\\ctfmon.exe C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe C:\\Program Files\\iPod\\bin\\iPodService.exe C:\\Program Files\\uTorrent\\uTorrent.exe c:\\svchost.exe C:\\Program Files\\Alwil Software\\Avast4\\ashSimpl.exe C:\\Program Files\\Mozilla Firefox\\firefox.exe c:\\svchost.exe c:\\svchost.exe C:\\Documents and Settings\\THE INDIANS\\Bureau\\HiJackThis.exe c:\\svchost.exe c:\\svchost.exe R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.google.fr/ R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://www.Indians-Corporation.com R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://www.Indians-Corporation.com R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://www.Indians-Corporation.com R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.Indians-Corporation.com R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant = http://www.Indians-Corporation.com/ie R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Window Title = Indians orkas Ultimate One R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\ActiveX\\AcroIEHelper.ocx O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\\PROGRA~1\\SPYBOT~1\\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_07\\bin\\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\\PROGRA~1\\STARDO~1\\SDIEInt.dll O4 - HKLM\\..\\Run: [avast!] C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe O4 - HKLM\\..\\Run: [spywareTerminator] \"C:\\Program Files\\Spyware Terminator\\SpywareTerminatorShield.exe\" O4 - HKLM\\..\\Run: [AppleSyncNotifier] C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleSyncNotifier.exe O4 - HKLM\\..\\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\\..\\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime O4 - HKLM\\..\\Run: [iTunesHelper] \"C:\\Program Files\\iTunes\\iTunesHelper.exe\" O4 - HKCU\\..\\Run: [MsnMsgr] \"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background O4 - HKCU\\..\\Run: [Creative Detector] C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe /R O4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe O4 - HKCU\\..\\Run: [spybotSD TeaTimer] C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe O4 - HKCU\\..\\Policies\\Explorer\\Run: [test] mshta.exe http://cd9dxm1qn2yq5n5jnzuj.cn/s_t.php O4 - HKCU\\..\\Policies\\Explorer\\Run: [Msn] c:\\svchost.exe O4 - HKCU\\..\\Policies\\Explorer\\Run: [MsnHost] c:\\svchost.exe O4 - HKCU\\..\\Policies\\Explorer\\Run: [MsnLoad] c:\\svchost.exe O4 - HKCU\\..\\Policies\\Explorer\\Run: [MsnConvert] c:\\svchost.exe O4 - HKCU\\..\\Policies\\Explorer\\Run: [MsnMessendger] c:\\svchost.exe O4 - HKUS\\S-1-5-19\\..\\RunOnce: [nlsf] cmd.exe /C move /Y \"%SystemRoot%\\System32\\syssetub.dll\" \"%SystemRoot%\\System32\\syssetup.dll\" (User \'SERVICE LOCAL\') O4 - HKUS\\S-1-5-19\\..\\RunOnce: [tscuninstall] %systemroot%\\system32\\tscupgrd.exe (User \'SERVICE LOCAL\') O4 - HKUS\\S-1-5-20\\..\\RunOnce: [nlsf] cmd.exe /C move /Y \"%SystemRoot%\\System32\\syssetub.dll\" \"%SystemRoot%\\System32\\syssetup.dll\" (User \'SERVICE RÉSEAU\') O4 - HKUS\\S-1-5-18\\..\\RunOnce: [nlsf] cmd.exe /C move /Y \"%SystemRoot%\\System32\\syssetub.dll\" \"%SystemRoot%\\System32\\syssetup.dll\" (User \'SYSTEM\') O4 - HKUS\\.DEFAULT\\..\\RunOnce: [nlsf] cmd.exe /C move /Y \"%SystemRoot%\\System32\\syssetub.dll\" \"%SystemRoot%\\System32\\syssetup.dll\" (User \'Default user\') O8 - Extra context menu item: Download with Star Downloader - C:\\Program Files\\Star Downloader\\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_07\\bin\\ssv.dll O9 - Extra \'Tools\' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_07\\bin\\ssv.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\\Program Files\\WinHTTrack\\WinHTTrackIEBar.dll O9 - Extra \'Tools\' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\\Program Files\\WinHTTrack\\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~3\\Office12\\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\PROGRA~1\\SPYBOT~1\\SDHelper.dll O9 - Extra \'Tools\' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\\PROGRA~1\\SPYBOT~1\\SDHelper.dll O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{2E7FBE9F-C552-4EC2-8714-362C000DBAAE}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Apple Mobile Device - Apple Inc. - C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\\WINDOWS\\system32\\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\\WINDOWS\\system32\\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Fichiers communs\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\\Program Files\\ma-config.com\\maconfservice.exe O23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\PC Connectivity Solution\\ServiceLayer.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\\Program Files\\Spyware Terminator\\sp_rsser.exe -- End of file - 7764 bytes Merci d\'avance.
×
×
  • Créer...