Manu34

Bonjour à tous, J'ai essayé de "nettoyer" mon PC: j'ai passé CCleaner, MBAM (pas de pb). toutefois, cela ne change pas grand chose. alors en regardant sur les forums, j'ai lancé un scan Hijack This dont voici le log : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:41:37, on 30/10/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe C:\Program Files\WinRAR\WinRAR.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D08O0KG0\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111011222617.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: Google O15 - Trusted Zone: *.google.fr O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe -- End of file - 8783 bytes Vous remerciant par avance de vos réponses,

Bonjour, 1. Est-ce que tu sais pourquoiles pages mettent du temps à se charger (eset scanner on line) 2. Desinstaller combofix : je n'ai pas une version de windows avc démarrer puis executer. je n'ai pas réussi à faire cette manipulation. Je n'ai pas trouvé COmbofix sur la liste des programmes dans le panneau de configuration, meme si le programme est sur le bureau avec le fichier exe associé. je ne sais pas quoi faire 3. pour la correction OTl, voici le fichier texte : All processes killed ========== OTL ========== Service NwlnkFwd stopped successfully! Service NwlnkFwd deleted successfully! File C:\Windows\System32\DRIVERS\nwlnkfwd.sys not found. Service NwlnkFlt stopped successfully! Service NwlnkFlt deleted successfully! File C:\Windows\System32\DRIVERS\nwlnkflt.sys not found. Service MEMSWEEP2 stopped successfully! Service MEMSWEEP2 deleted successfully! File C:\Windows\System32\40AD.tmp not found. Service IpInIp stopped successfully! Service IpInIp deleted successfully! File C:\Windows\System32\DRIVERS\ipinip.sys not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\Users\Funky\AppData\Local\Temp\catchme.sys not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully. ========== SERVICES/DRIVERS ========== Error: No service named NwlnkFwd was found to stop! Service\Driver key NwlnkFwd not found. Error: No service named NwlnkFlt was found to stop! Service\Driver key NwlnkFlt not found. Error: No service named MEMSWEEP2 was found to stop! Service\Driver key MEMSWEEP2 not found. Error: No service named IpInIp was found to stop! Service\Driver key IpInIp not found. Error: No service named catchme was found to stop! Service\Driver key catchme not found. ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Funky ->Temp folder emptied: 480822 bytes ->Temporary Internet Files folder emptied: 13086994 bytes ->Java cache emptied: 71312559 bytes ->Google Chrome cache emptied: 6099312 bytes ->Flash cache emptied: 1924038 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 171817 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 64316 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 89,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Funky ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12112010_115933 Files\Folders moved on Reboot... C:\Users\Funky\AppData\Local\Temp\Low\~DF3538.tmp moved successfully. C:\Users\Funky\AppData\Local\Temp\Low\~DF5454.tmp moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Funky\AppData\Local\Microsoft\Windows Media\11.0\WMSDKNS.DTD moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Funky\AppData\Local\Microsoft\Windows Media\11.0\WMSDKNSD.XML moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GTVRUASE\promo1_V2[1].htm moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D4KV2RXQ\ban_home_728x90[1].htm moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6WJA19BN\afr[1].htm moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6WJA19BN\player_V2[1].htm moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6WJA19BN\promo2_V2[1].htm moved successfully. C:\Users\Funky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6WJA19BN\trojan-exploit-byteverify-detecte-t181460[1].html moved successfully. C:\Windows\temp\sqlite_8m5RhMhU8qLPQ7m moved successfully. C:\Windows\temp\sqlite_fWg6mhnrQogzc1E moved successfully. C:\Windows\temp\sqlite_uzEpZk6siczZA6E moved successfully. Registry entries deleted on Reboot... merci pour les nouvelles instructions. J'ai oublié : 1. Est-ce que tu sais pourquoi les pages mettent du temps à se charger (eset scanner on line)? réponse : Non

bonsoir, rapport otl : OTL logfile created on: 09/12/2010 19:53:03 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Funky\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,45 Gb Total Space | 313,75 Gb Free Space | 68,89% Space Free | Partition Type: NTFS Computer Name: PC-DE-FUNKY | User Name: Funky | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/12/09 19:51:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Funky\Desktop\OTL.exe PRC - [2010/10/28 17:54:56 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe PRC - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe PRC - [2010/09/30 13:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2010/09/22 12:03:38 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe PRC - [2010/09/22 12:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe PRC - [2010/08/21 22:01:59 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe PRC - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe PRC - [2009/07/18 22:17:35 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/06/08 16:54:58 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009/02/03 03:07:18 | 000,240,544 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe PRC - [2008/07/25 14:55:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2008/07/23 17:52:06 | 000,206,112 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2008/07/19 01:06:36 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe PRC - [2008/07/15 17:04:08 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe PRC - [2008/07/15 17:04:08 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2008/07/11 12:45:49 | 000,098,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE PRC - [2008/07/01 07:56:38 | 000,768,552 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008/06/27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\NSUService.exe PRC - [2008/06/27 20:01:34 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\LANUtil.exe PRC - [2008/06/20 07:56:44 | 000,415,744 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe PRC - [2008/06/19 07:55:48 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe PRC - [2008/06/11 18:46:10 | 000,866,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe PRC - [2008/05/22 13:23:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () -- c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe PRC - [2007/01/04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe PRC - [2006/12/12 18:16:26 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe PRC - [2006/12/12 17:48:24 | 000,057,344 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2006/12/12 17:44:56 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe PRC - [2006/10/22 22:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe ========== Modules (SafeList) ========== MOD - [2010/12/09 19:51:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Funky\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2008/07/23 17:52:10 | 000,012,576 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\saHook.dll ========== Win32 Services (SafeList) ========== SRV - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire) SRV - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp) SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2010/09/23 00:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010/09/22 12:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2010/08/21 22:01:59 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/07/25 14:55:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/07/23 17:52:06 | 000,206,112 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2008/07/15 17:04:08 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2008/07/11 12:45:49 | 000,098,304 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService) SRV - [2008/06/27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService) SRV - [2008/06/20 17:28:34 | 000,436,096 | ---- | M] (Canal+ Distribution) [On_Demand | Stopped] -- C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- (Service CANALPLAY) SRV - [2008/06/20 07:56:44 | 000,415,744 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2008/06/19 07:55:48 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw) SRV - [2008/06/11 22:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2008/06/11 22:10:48 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper) SRV - [2008/05/22 13:23:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2008/05/22 13:21:44 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2008/05/20 18:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms) SRV - [2008/05/20 18:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp) SRV - [2008/05/20 18:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs) SRV - [2008/05/20 00:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2008/05/20 00:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2008/05/20 00:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0) SRV - [2007/01/04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) SRV - [2006/12/12 17:48:24 | 000,057,344 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\40AD.tmp -- (MEMSWEEP2) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Funky\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek) DRV - [2010/10/13 22:28:54 | 000,164,840 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk) DRV - [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet) DRV - [2010/10/13 22:28:54 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk) DRV - [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids) DRV - [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2010/09/23 00:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2008/07/19 01:06:31 | 002,377,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008/07/15 01:01:08 | 000,018,088 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2008/07/15 01:01:07 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2008/07/15 01:01:07 | 000,084,008 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008/07/15 01:00:43 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap) DRV - [2008/07/11 15:42:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall) DRV - [2008/07/11 12:45:40 | 002,147,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/06/28 01:33:45 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008/06/21 01:03:04 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk) DRV - [2008/06/20 01:37:17 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel® DRV - [2008/06/10 01:04:47 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/06/07 01:59:35 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel® DRV - [2008/06/07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2008/03/10 12:01:26 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/04/17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) DRV - [2006/11/28 20:46:22 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50) DRV - [2006/11/28 20:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll () IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/02 10:35:19 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010/12/07 21:38:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll () O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105113226.dll (McAfee, Inc.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll () O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll () O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [systrayORAHSS] C:\Program Files\OrangeHSS\Systray\SystrayApp.exe (France Telecom SA) O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: canalplay.com ([]* in Trusted sites) O15 - HKLM\..Trusted Domains: canalplusactive.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: canalplay.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: canalplusactive.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\Funky\Pictures\GoogleDesktopPhotosPluginWallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Funky\Pictures\GoogleDesktopPhotosPluginWallpaper.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2010/12/09 19:51:09 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Funky\Desktop\OTL.exe [2010/12/08 18:42:46 | 000,000,000 | ---D | C] -- C:\Windows\fr [2010/12/08 18:42:14 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010/12/08 18:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010/12/08 18:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar [2010/12/08 18:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer [2010/12/08 18:37:04 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010/12/08 18:37:04 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010/12/08 18:37:04 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010/12/08 18:36:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010/12/08 18:35:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010/12/08 16:31:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010/12/08 16:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/12/08 16:28:11 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010/12/08 16:28:11 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/12/08 16:28:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/12/08 16:28:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/12/08 16:09:54 | 000,000,000 | ---D | C] -- C:\Users\Funky\AppData\Local\Windows Live [2010/12/08 16:08:41 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll [2010/12/07 21:41:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010/12/07 21:21:26 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010/12/07 21:21:26 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010/12/07 21:21:26 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010/12/07 21:21:04 | 000,000,000 | ---D | C] -- C:\ComboFix [2010/12/07 21:20:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010/11/24 18:00:06 | 000,000,000 | ---D | C] -- C:\Users\Funky\Desktop\St laurent dossier EF transmis à Toulouse [2010/11/17 20:33:38 | 000,000,000 | ---D | C] -- C:\Users\Funky\AppData\Local\Microsoft Help [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/12/09 19:51:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Funky\Desktop\OTL.exe [2010/12/09 19:48:43 | 000,000,162 | -H-- | M] () -- C:\Users\Funky\Desktop\~$uveau Document Microsoft Office Word.docx [2010/12/09 19:48:23 | 000,000,000 | ---- | M] () -- C:\Users\Funky\Desktop\Nouveau Document Microsoft Office Word.docx [2010/12/09 19:45:29 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job [2010/12/09 19:45:12 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/12/09 19:45:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/09 18:20:50 | 000,673,700 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/12/09 18:20:49 | 000,591,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/12/09 18:20:49 | 000,125,430 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/12/09 18:20:49 | 000,102,996 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/12/09 18:13:45 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk [2010/12/09 18:13:36 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/12/09 18:13:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/09 18:13:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/09 18:13:07 | 3065,184,256 | -HS- | M] () -- C:\hiberfil.sys [2010/12/09 03:30:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/12/09 02:54:53 | 000,331,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/08 17:57:14 | 001,335,595 | ---- | M] () -- C:\Users\Funky\Desktop\Etat phtovoltaique - ser.pdf [2010/12/07 22:03:52 | 000,001,735 | ---- | M] () -- C:\Users\Funky\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Internet Security.lnk [2010/12/07 21:38:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/12/07 21:06:30 | 003,985,903 | R--- | M] () -- C:\Users\Funky\Desktop\ComboFix.exe [2010/12/07 20:17:23 | 000,080,896 | ---- | M] () -- C:\Users\Funky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/06 19:56:41 | 000,000,795 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2010/12/06 19:56:27 | 000,000,783 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2010/12/06 19:56:02 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/11/12 09:32:30 | 000,000,574 | ---- | M] () -- C:\cleanup.bat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/12/09 19:48:43 | 000,000,162 | -H-- | C] () -- C:\Users\Funky\Desktop\~$uveau Document Microsoft Office Word.docx [2010/12/09 19:48:23 | 000,000,000 | ---- | C] () -- C:\Users\Funky\Desktop\Nouveau Document Microsoft Office Word.docx [2010/12/08 17:57:14 | 001,335,595 | ---- | C] () -- C:\Users\Funky\Desktop\Etat phtovoltaique - ser.pdf [2010/12/07 22:03:52 | 000,001,735 | ---- | C] () -- C:\Users\Funky\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Internet Security.lnk [2010/12/07 21:21:26 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010/12/07 21:21:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010/12/07 21:21:26 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2010/12/07 21:21:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010/12/07 21:21:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/12/07 21:06:02 | 003,985,903 | R--- | C] () -- C:\Users\Funky\Desktop\ComboFix.exe [2010/12/06 19:56:41 | 000,000,795 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2010/12/06 19:56:27 | 000,000,783 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2010/12/06 19:56:02 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2010/09/26 13:59:44 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ConfigDiag.ini [2010/07/09 06:43:54 | 000,000,000 | ---- | C] () -- C:\Users\Funky\AppData\Roaming\wklnhst.dat [2010/07/03 18:40:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009/09/11 09:04:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/07/27 08:50:52 | 000,001,561 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009/07/18 21:41:56 | 000,080,896 | ---- | C] () -- C:\Users\Funky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/07/18 21:35:55 | 000,000,680 | ---- | C] () -- C:\Users\Funky\AppData\Local\d3d9caps.dat [2009/06/08 17:01:15 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2009/06/08 16:56:08 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll [2009/06/08 16:39:23 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2008/07/25 23:14:17 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll [2007/09/12 00:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010/11/12 10:05:23 | 000,000,892 | ---- | M] () -- C:\avenger.txt [2010/09/26 14:15:44 | 000,000,000 | ---- | M] () -- C:\backup.reg [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/07/25 23:12:16 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010/11/12 09:32:30 | 000,000,574 | ---- | M] () -- C:\cleanup.bat [2010/09/26 20:02:08 | 000,019,293 | ---- | M] () -- C:\combofix 26-9 21h.txt [2010/12/07 21:41:33 | 000,014,137 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2009/10/11 14:29:54 | 000,280,773 | ---- | M] () -- C:\ExtractLog.txt [2010/12/09 18:13:07 | 3065,184,256 | -HS- | M] () -- C:\hiberfil.sys [2009/06/08 16:45:56 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log [2010/12/09 18:13:05 | 3381,075,968 | -HS- | M] () -- C:\pagefile.sys [2010/01/16 14:57:58 | 000,000,159 | ---- | M] () -- C:\Setup.log [2010/10/10 15:58:18 | 000,061,478 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_10.10.2010_16.57.58_log.txt [2010/11/12 09:33:17 | 000,061,710 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_12.11.2010_09.32.53_log.txt [2010/09/26 21:00:22 | 000,063,074 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_26.09.2010_21.58.42_log.txt [2010/09/27 17:07:52 | 000,061,478 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_27.09.2010_18.07.19_log.txt [2010/09/27 17:35:19 | 000,061,478 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_27.09.2010_18.34.58_log.txt [2010/09/28 16:33:52 | 000,061,478 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_28.09.2010_17.33.24_log.txt [2009/06/08 17:01:41 | 000,386,654 | ---- | M] () -- C:\vcredist_x86.log [2010/09/26 14:28:13 | 000,004,658 | ---- | M] () -- C:\ZHPExportRegistry-26-09-2010-15-28-13.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/03/08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009/03/08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2010/09/08 06:56:52 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys [2010/09/23 00:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys [2010/10/13 22:28:54 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys [2010/10/13 22:28:54 | 000,064,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys [2010/10/13 22:28:54 | 000,164,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys < > < End of report > Bonsoir à nouveau, Voici le rapport extra.txt : OTL Extras logfile created on: 09/12/2010 19:53:03 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Funky\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,45 Gb Total Space | 313,75 Gb Free Space | 68,89% Space Free | Partition Type: NTFS Computer Name: PC-DE-FUNKY | User Name: Funky | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) https [open] -- Reg Error: Value error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{25F595D3-721A-4C05-A486-BE9929101579}" = rport=139 | protocol=6 | dir=out | app=system | "{336FFD87-B8FE-47C0-A5B3-390AB0A6605C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{3A2DFAED-ACAB-42BD-9B28-BD5B620B9C48}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{4BAE1B5D-4878-4357-84D6-1081FE3B4A30}" = rport=445 | protocol=6 | dir=out | app=system | "{4E189DC8-CC65-408B-AD39-916BDA49BAD1}" = lport=139 | protocol=6 | dir=in | app=system | "{7A9E0FB9-18B4-45D8-BC32-51911438A4EC}" = lport=445 | protocol=6 | dir=in | app=system | "{7BE4B6AE-A107-4EBF-BEE3-5F9A040705AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{8EA0E509-A511-4B12-85DC-7A71894E9F30}" = rport=138 | protocol=17 | dir=out | app=system | "{AD9533EE-58D0-44BF-B2D2-C47EF25BFB3D}" = lport=138 | protocol=17 | dir=in | app=system | "{CA2B69E5-41BD-44B1-8EFD-6BF761023121}" = lport=2869 | protocol=6 | dir=in | app=system | "{D6ADABF6-70AB-402D-A3B4-F03501D9F0E5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E7643D95-E366-47BB-9AC6-8DCDFCD4F62E}" = rport=137 | protocol=17 | dir=out | app=system | "{F85903DA-6809-4928-892A-7977EECAE9F9}" = lport=137 | protocol=17 | dir=in | app=system | "{FE116FBD-C747-4821-BFCA-022538DBC5B8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{132402D0-BC7B-4C87-9F1B-BB4227ECDED9}" = protocol=17 | dir=in | app=c:\program files\lecteur canalplay\canalplayer.exe | "{4C262058-9F57-413C-8F6A-B4BEA6A17A09}" = protocol=6 | dir=in | app=c:\program files\lecteur canalplay\canalplayer.exe | "{5A224E66-05CE-4020-8B75-7E4625E10AF9}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{76BE933C-34D2-4E2D-B3D5-CAD307C7658E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{8ABE7FED-4CC6-4F28-AC0B-1506A9D12568}" = protocol=1 | dir=out | [email protected],-28544 | "{8C7E3A5D-E519-4C36-9387-759F252940C7}" = protocol=1 | dir=in | [email protected],-28543 | "{8E050BCE-DE43-49D4-8C15-AAA49AE5E78C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{8EBA0903-41D3-4925-B631-869A7A07CBEA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{94C456E0-656E-4A78-916B-C47D39675601}" = protocol=58 | dir=in | [email protected],-28545 | "{9B1AB043-981A-4980-8D13-FDB276A8A51C}" = protocol=58 | dir=out | [email protected],-28546 | "{AF54FD4E-6E64-4DB1-9DE4-214A47F661FF}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | "{BDB69C77-D161-495E-9A3B-FFB8AB6C9A84}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{C3EAF8A1-DF8F-4F90-86F3-91665976348E}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{D4FE4D79-3D05-4A23-8837-971C12DBB936}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DA8E0442-2C9E-4345-966D-5F162FDFD333}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{F6EE3280-08E0-46E4-BDFD-7BB568B7DE0F}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "TCP Query User{9C970E9F-B2AD-4DA3-927E-C4F3340E7F34}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{272E567F-D908-4D52-90F1-C9E91B21A78F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Barre d'outils Bing "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan "{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 22 "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6 "{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{363611D9-1106-41F2-B74E-BD8481C41219}" = Click to Disc "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0 "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox "{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic "{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5F5867F0-2D23-4338-A206-01A76C823924}" = Gestion de l’alimentation de VAIO "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{6F215D53-6560-4E65-B268-3358508C6D6D}" = 2600Trb "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax "{7E823DA5-43A2-46E8-A75E-5A2A0FDE81A1}" = VAIO Content Metadata Manager Setting "{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct "{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4 "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A4B0C5D-035C-4643-B80F-AFF81534D117}" = 2600_Help "{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story "{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer "{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status "{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music "{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2 "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations "{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}" = VAIO Entertainment Platform "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting "{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA959050-9500-4508-98E5-74E6A18BF062}" = 2700 "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources "{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story "{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4 "{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm "{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00 "{C716522C-3731-4667-8579-40B098294500}" = Toolbox "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B "{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter "{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport "{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.4100 "{E6A3770D-C87A-4505-B8C6-A4CF96AC395C}" = SonicStage Mastering Studio "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{E9E37358-E3E1-47BA-9E21-375EF3616BC9}" = Lecteur CANALPLAY 2.4 "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply "{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Préréglage personnalisé de SonicStage Mastering Studio Audio Filter "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0 "{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = "{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates "{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety "{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp "{ORAHSS}.Bas_Debit_CustoUpdate" = "{ORAHSS}.Browser" = Navigateur Orange "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet "Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8 Standard - English, Français, Deutsch "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0 "BFG-Big Fish Games Suite de jeu" = Big Fish Games Suite de jeu "CCleaner" = CCleaner "dt icon module" = "Google Desktop" = Google Desktop "gtfirstboot Setting Request" = "HDMI" = Intel® Graphics Media Accelerator Driver "HECI" = Intel® Management Engine Interface "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 8.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0 "HPExtendedCapabilities" = HP Customer Participation Program 8.0 "HPOCR" = HP OCR Software 8.0 "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MarketingTools" = VAIO Marketing Tools "MFU Module" = "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "MSC" = McAfee Internet Security "Picasa2" = Picasa 2 "PremElem40" = Adobe Premiere Elements 4.0 "PremElem40Templates" = Adobe Premiere Elements 4.0 Templates "VAIO Help and Support" = "VLC media player" = VLC media player 1.1.4 "WinLiveSuite" = Windows Live "Winmail Opener" = Winmail Opener 1.4 "WinRAR archiver" = Logiciel d'archivage WinRAR "Yahoo! Companion" = Yahoo! Toolbar "ZHPDiag_is1" = ZHPDiag 1.27 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 30/11/2010 13:03:19 | Computer Name = PC-de-Funky | Source = VzCdbSvc | ID = 7 Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019) Error - 30/11/2010 13:04:28 | Computer Name = PC-de-Funky | Source = WinMgmt | ID = 10 Description = Error - 01/12/2010 12:45:53 | Computer Name = PC-de-Funky | Source = VzCdbSvc | ID = 7 Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019) Error - 01/12/2010 12:47:10 | Computer Name = PC-de-Funky | Source = WinMgmt | ID = 10 Description = Error - 02/12/2010 03:55:33 | Computer Name = PC-de-Funky | Source = VzCdbSvc | ID = 7 Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019) Error - 02/12/2010 03:56:49 | Computer Name = PC-de-Funky | Source = WinMgmt | ID = 10 Description = Error - 03/12/2010 02:21:26 | Computer Name = PC-de-Funky | Source = VzCdbSvc | ID = 7 Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019) Error - 03/12/2010 02:22:41 | Computer Name = PC-de-Funky | Source = WinMgmt | ID = 10 Description = Error - 03/12/2010 10:53:29 | Computer Name = PC-de-Funky | Source = VzCdbSvc | ID = 7 Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019) Error - 03/12/2010 10:54:45 | Computer Name = PC-de-Funky | Source = WinMgmt | ID = 10 Description = [ OSession Events ] Error - 13/07/2010 13:23:11 | Computer Name = PC-de-Funky | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 176 seconds with 120 seconds of active time. This session ended with a crash. [ System Events ] Error - 07/12/2010 16:24:13 | Computer Name = PC-de-Funky | Source = Service Control Manager | ID = 7030 Description = Error - 07/12/2010 16:38:13 | Computer Name = PC-de-Funky | Source = Service Control Manager | ID = 7030 Description = Error - 08/12/2010 02:16:53 | Computer Name = PC-de-Funky | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 08/12/2010 11:01:53 | Computer Name = PC-de-Funky | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 08/12/2010 13:34:41 | Computer Name = PC-de-Funky | Source = DCOM | ID = 10005 Description = Error - 08/12/2010 13:34:41 | Computer Name = PC-de-Funky | Source = Service Control Manager | ID = 7009 Description = Error - 08/12/2010 13:34:41 | Computer Name = PC-de-Funky | Source = Service Control Manager | ID = 7000 Description = Error - 08/12/2010 21:55:01 | Computer Name = PC-de-Funky | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 08/12/2010 21:55:09 | Computer Name = PC-de-Funky | Source = Print | ID = 19 Description = Échec du spouleur d’impression pour partager l’imprimante HP Photosmart 2700 series fax avec le nom de la ressource partagée HP Photosmart 2700 series fax. Erreur 2114. L’imprimante n’est pas utilisable par d’autres personnes sur le réseau. Error - 09/12/2010 13:13:24 | Computer Name = PC-de-Funky | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = < End of report >

Bonsoir, J'ai mis à jour Java ce que je n'avais jamais fait puis passé CCCleaner comme demandé. Par contre, je n'ai pas réussi à passer le scanner on line, les pages mettant énormément de temps à se charger. J'ai préféré abandonner. Par contre, j'ai refait un passage de Mc Afee qui n'a rien donné. Que puis-je faire d'autre ? merci Manu34

re bonsoir, Vous trouverez le rapport de combofix : ComboFix 10-12-06.04 - Funky 07/12/2010 21:24:24.2.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2924.1566 [GMT 1:00] Lancé depuis: c:\users\Funky\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\zip.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-11-07 au 2010-12-07 )))))))))))))))))))))))))))))))))))) . 2010-12-07 20:38 . 2010-12-07 20:38 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2010-12-07 20:38 . 2010-12-07 20:38 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-12-07 20:38 . 2010-12-07 20:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-07 15:01 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F389505-398C-4D37-A731-F52C0BD302D7}\mpengine.dll 2010-11-24 13:20 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2010-11-17 19:33 . 2010-11-17 19:33 -------- d-----w- c:\users\Funky\AppData\Local\Microsoft Help 2010-11-10 15:48 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-29 16:42 . 2010-09-24 17:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-29 16:42 . 2010-09-24 17:29 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-12 08:32 . 2010-09-26 12:11 574 ----a-w- C:\cleanup.bat 2010-10-19 09:41 . 2009-10-03 12:59 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-13 21:28 . 2010-09-23 17:54 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-10-13 21:28 . 2010-09-23 17:54 141792 ----a-w- c:\windows\system32\mfevtps.exe 2010-10-13 21:28 . 2010-09-23 17:54 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-10-13 21:28 . 2010-09-23 17:54 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-10-13 21:28 . 2010-09-23 17:54 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys 2010-10-13 21:28 . 2010-09-23 17:54 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-10-13 21:28 . 2010-09-23 17:54 164840 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2010-10-13 21:28 . 2010-09-23 17:54 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-10-13 21:28 . 2009-09-17 21:22 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-10-13 21:28 . 2009-09-17 21:22 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-10-13 21:28 . 2009-07-08 11:44 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-09-26 13:15 . 2010-09-26 12:11 0 ----a-w- C:\backup.reg 2010-09-24 13:40 . 2010-09-24 13:40 49152 ----a-r- c:\users\Funky\AppData\Roaming\Microsoft\Installer\{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}\Icon49FA793C.exe 2010-09-13 13:56 . 2010-10-14 16:26 8147456 ----a-w- c:\windows\system32\wmploc.DLL . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-27 262144] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-18 39408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-08-26 1779512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-11 6244896] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-26 148888] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-21 30192] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-06-08 24576] "SystrayORAHSS"="c:\program files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "Skytel"="Skytel.exe" [2008-07-11 1826816] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1193848] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976] c:\users\Funky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-22 734872] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-1 768552] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] Lancement rapide d'Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-7-25 295606] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-07-15 16:04 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2008-07-19 00:06 170520 ----a-w- c:\windows\System32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2008-07-19 00:06 150040 ----a-w- c:\windows\System32\igfxtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] 2008-07-19 00:06 145944 ----a-w- c:\windows\System32\igfxpers.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 135664] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-15 29736] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-21 30192] R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\40AD.tmp [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-13 84264] R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224] R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 436096] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-05-20 103712] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-05-20 353568] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-05-20 62752] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-11 337184] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-06-11 83232] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 64304] S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 164840] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-07-23 206112] S2 McMPFSvc;Service McAfee Personal Firewall;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 188136] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-10-13 141792] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-06-27 299008] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032] S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-07-11 98304] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-06-19 411488] S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-06-20 415744] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 55840] S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2008-06-07 224384] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-13 313288] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-10 9344] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mfeavfk01 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' 2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 06:22] 2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 06:22] 2010-12-07 c:\windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job - c:\windows\system32\msfeedssync.exe [2010-10-14 04:25] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = *.local IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com Trusted Zone: internet Trusted Zone: mcafee.com Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB . - - - - ORPHELINS SUPPRIMES - - - - SafeBoot-klmdb.sys ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-12-07 21:38 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\40AD.tmp" . Heure de fin: 2010-12-07 21:41:32 ComboFix-quarantined-files.txt 2010-12-07 20:41 ComboFix2.txt 2010-09-26 18:59 Avant-CF: 338 322 649 088 octets libres Après-CF: 338 267 877 376 octets libres - - End Of File - - 353E1A924003C2DFB57CD6AE7F27BABD Dans l'attente de vos remarques et conseils, Manu34

Re bonsoir, Et maintenant le rapport de MBAM : Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Version de la base de données: 5263 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 07/12/2010 20:31:48 mbam-log-2010-12-07 (20-31-48).txt Type d'examen: Examen rapide Elément(s) analysé(s): 154122 Temps écoulé: 4 minute(s), 19 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) A tout à l'heure

Bonsoir et merci de m'aider, Ci-joint le rapport de SECURITY CHECK (le reste arrive dans d'autres réponses) : Results of screen317's Security Check version 0.99.6 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: McAfee Internet Security McAfee Virtual Technician WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 13 Java 6 Update 6 Out of date Java installed! Adobe Flash Player ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSASCui.exe Windows Defender MSASCui.exe ```````````````````````````````` DNS Vulnerability Check: Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?) ``````````End of Log```````````` A tout à l'heure pour le reste

Bonjour, Exploit-byteverify a été détecté par Mc Afee lors d'une analyse. (Résultat : 1 virus + 9 chevaux de troie !) En anticipation des solutions que vous pourriez me donner, j'ai fait une analyse sur ZHPdiag dont les résultats sont sur le lien suivant : Cijoint.fr - Service gratuit de dépôt de fichiers Je ne sais pas trop quoi faire alors toute aide sera la bienvenue. Vous en remerciant d'avance, Mes configs sont je pense : Configuration: Windows Vista / Internet Explorer 8.0 RESOLU

Bonjour Nardino, J'ai pu finalement faire tdsskiller en passant par une autre voie. Il a détecté le fichier windows\system32\drivers\qnrnwo.sys,que j'ai détruit hier soir. Voici le rapport du nouveau scan que je viens de faire :* 2010/09/27 18:07:19.0990 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44 2010/09/27 18:07:19.0990 ================================================================================ 2010/09/27 18:07:19.0990 SystemInfo: 2010/09/27 18:07:19.0990 2010/09/27 18:07:19.0990 OS Version: 6.0.6002 ServicePack: 2.0 2010/09/27 18:07:19.0990 Product type: Workstation 2010/09/27 18:07:19.0990 ComputerName: PC-DE-FUNKY 2010/09/27 18:07:19.0990 UserName: Funky 2010/09/27 18:07:19.0990 Windows directory: C:\Windows 2010/09/27 18:07:19.0991 System windows directory: C:\Windows 2010/09/27 18:07:19.0991 Processor architecture: Intel x86 2010/09/27 18:07:19.0991 Number of processors: 2 2010/09/27 18:07:19.0991 Page size: 0x1000 2010/09/27 18:07:19.0991 Boot type: Normal boot 2010/09/27 18:07:19.0991 ================================================================================ 2010/09/27 18:07:20.0344 Initialize success 2010/09/27 18:07:22.0717 ================================================================================ 2010/09/27 18:07:22.0717 Scan started 2010/09/27 18:07:22.0717 Mode: Manual; 2010/09/27 18:07:22.0717 ================================================================================ 2010/09/27 18:07:24.0088 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2010/09/27 18:07:24.0188 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2010/09/27 18:07:24.0234 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2010/09/27 18:07:24.0268 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2010/09/27 18:07:24.0314 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2010/09/27 18:07:24.0394 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2010/09/27 18:07:24.0468 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2010/09/27 18:07:24.0527 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2010/09/27 18:07:24.0571 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2010/09/27 18:07:24.0598 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2010/09/27 18:07:24.0625 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2010/09/27 18:07:24.0655 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2010/09/27 18:07:24.0681 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2010/09/27 18:07:24.0904 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2010/09/27 18:07:24.0957 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2010/09/27 18:07:25.0009 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/09/27 18:07:25.0043 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2010/09/27 18:07:25.0126 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys 2010/09/27 18:07:25.0313 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2010/09/27 18:07:25.0395 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2010/09/27 18:07:25.0429 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2010/09/27 18:07:25.0496 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2010/09/27 18:07:25.0536 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2010/09/27 18:07:25.0625 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2010/09/27 18:07:25.0653 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2010/09/27 18:07:25.0682 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2010/09/27 18:07:25.0712 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2010/09/27 18:07:25.0804 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2010/09/27 18:07:25.0935 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2010/09/27 18:07:25.0969 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2010/09/27 18:07:26.0028 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 2010/09/27 18:07:26.0098 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 2010/09/27 18:07:26.0159 btwaudio (ed97cd06ef748004b8aac56c2d0aa5db) C:\Windows\system32\drivers\btwaudio.sys 2010/09/27 18:07:26.0253 btwavdt (4871b5ed4757197135ff65be61da44b3) C:\Windows\system32\drivers\btwavdt.sys 2010/09/27 18:07:26.0394 btwl2cap (6af9fd2aeebdc16a98d3e30e68440c5c) C:\Windows\system32\DRIVERS\btwl2cap.sys 2010/09/27 18:07:26.0482 btwrchid (f5da7df99cf11fcb68e2bea12002f63a) C:\Windows\system32\DRIVERS\btwrchid.sys 2010/09/27 18:07:26.0638 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/09/27 18:07:26.0705 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2010/09/27 18:07:26.0747 cfwids (426ee59b25988bb3382fc0a3655deaa2) C:\Windows\system32\drivers\cfwids.sys 2010/09/27 18:07:26.0806 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2010/09/27 18:07:26.0907 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2010/09/27 18:07:26.0948 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2010/09/27 18:07:26.0972 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys 2010/09/27 18:07:27.0004 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2010/09/27 18:07:27.0030 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2010/09/27 18:07:27.0099 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2010/09/27 18:07:27.0195 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2010/09/27 18:07:27.0223 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys 2010/09/27 18:07:27.0345 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2010/09/27 18:07:27.0406 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2010/09/27 18:07:27.0442 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2010/09/27 18:07:27.0525 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2010/09/27 18:07:27.0581 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2010/09/27 18:07:27.0644 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2010/09/27 18:07:27.0708 e1yexpress (039c592148ffe479f26c418971fb8022) C:\Windows\system32\DRIVERS\e1y6032.sys 2010/09/27 18:07:27.0931 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2010/09/27 18:07:27.0989 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2010/09/27 18:07:28.0060 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2010/09/27 18:07:28.0156 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2010/09/27 18:07:28.0221 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2010/09/27 18:07:28.0259 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2010/09/27 18:07:28.0335 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2010/09/27 18:07:28.0365 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2010/09/27 18:07:28.0432 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/09/27 18:07:28.0473 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2010/09/27 18:07:28.0531 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2010/09/27 18:07:28.0607 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2010/09/27 18:07:28.0690 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2010/09/27 18:07:28.0899 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2010/09/27 18:07:28.0950 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/09/27 18:07:28.0992 HECI (e4a123ad734a3731d29ebd3a01b3e535) C:\Windows\system32\DRIVERS\HECI.sys 2010/09/27 18:07:29.0158 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2010/09/27 18:07:29.0212 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2010/09/27 18:07:29.0286 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2010/09/27 18:07:29.0322 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2010/09/27 18:07:29.0448 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2010/09/27 18:07:29.0492 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2010/09/27 18:07:29.0554 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/09/27 18:07:29.0641 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2010/09/27 18:07:29.0763 igfx (ce5ff5d5e3f4ca974e36dc24c15474d0) C:\Windows\system32\DRIVERS\igdkmd32.sys 2010/09/27 18:07:29.0955 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2010/09/27 18:07:30.0078 IntcAzAudAddService (cf2219a2fed4f8f2e0817a2bf1658799) C:\Windows\system32\drivers\RTKVHDA.sys 2010/09/27 18:07:30.0262 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2010/09/27 18:07:30.0301 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2010/09/27 18:07:30.0367 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/09/27 18:07:30.0432 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2010/09/27 18:07:30.0475 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2010/09/27 18:07:30.0528 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2010/09/27 18:07:30.0562 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2010/09/27 18:07:30.0606 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/09/27 18:07:30.0631 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2010/09/27 18:07:30.0660 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2010/09/27 18:07:30.0727 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/09/27 18:07:30.0793 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/09/27 18:07:30.0906 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2010/09/27 18:07:30.0980 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2010/09/27 18:07:31.0035 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2010/09/27 18:07:31.0081 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2010/09/27 18:07:31.0144 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2010/09/27 18:07:31.0192 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2010/09/27 18:07:31.0318 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2010/09/27 18:07:31.0380 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2010/09/27 18:07:31.0470 mfeapfk (5bd0c401a8ee4a54f6176c0a10d595ae) C:\Windows\system32\drivers\mfeapfk.sys 2010/09/27 18:07:31.0543 mfeavfk (f3bb4dc61b4dc662bdc778cf1634fae1) C:\Windows\system32\drivers\mfeavfk.sys 2010/09/27 18:07:31.0661 mfebopk (b1498db38d129ed31650422fc8bab9c5) C:\Windows\system32\drivers\mfebopk.sys 2010/09/27 18:07:31.0716 mfefirek (51e9ccea45c78858a229afb6e682cf41) C:\Windows\system32\drivers\mfefirek.sys 2010/09/27 18:07:31.0950 mfehidk (32f7298664874715ce469a79078853c4) C:\Windows\system32\drivers\mfehidk.sys 2010/09/27 18:07:32.0073 mfenlfk (e920bfd5837aed4aef903cf1c7d3949e) C:\Windows\system32\DRIVERS\mfenlfk.sys 2010/09/27 18:07:32.0161 mferkdet (858337b64484cd80eee7d2eba5ac61bc) C:\Windows\system32\drivers\mferkdet.sys 2010/09/27 18:07:32.0296 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys 2010/09/27 18:07:32.0406 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys 2010/09/27 18:07:32.0496 mfewfpk (dcfbf068951fb4086c6aef99c6330516) C:\Windows\system32\drivers\mfewfpk.sys 2010/09/27 18:07:32.0582 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2010/09/27 18:07:32.0608 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2010/09/27 18:07:32.0629 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2010/09/27 18:07:32.0646 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2010/09/27 18:07:32.0672 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2010/09/27 18:07:32.0700 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2010/09/27 18:07:32.0727 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2010/09/27 18:07:32.0759 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2010/09/27 18:07:32.0798 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2010/09/27 18:07:32.0888 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/09/27 18:07:32.0924 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/09/27 18:07:32.0954 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/09/27 18:07:32.0980 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2010/09/27 18:07:33.0022 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2010/09/27 18:07:33.0068 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2010/09/27 18:07:33.0113 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2010/09/27 18:07:33.0167 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2010/09/27 18:07:33.0239 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/09/27 18:07:33.0264 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2010/09/27 18:07:33.0297 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2010/09/27 18:07:33.0324 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/09/27 18:07:33.0350 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2010/09/27 18:07:33.0377 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2010/09/27 18:07:33.0452 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2010/09/27 18:07:33.0527 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2010/09/27 18:07:33.0566 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/09/27 18:07:33.0641 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/09/27 18:07:33.0676 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/09/27 18:07:33.0699 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2010/09/27 18:07:33.0769 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2010/09/27 18:07:33.0878 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2010/09/27 18:07:33.0930 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2010/09/27 18:07:33.0975 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2010/09/27 18:07:33.0996 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2010/09/27 18:07:34.0056 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2010/09/27 18:07:34.0130 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2010/09/27 18:07:34.0153 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2010/09/27 18:07:34.0191 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2010/09/27 18:07:34.0291 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2010/09/27 18:07:34.0354 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2010/09/27 18:07:34.0459 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/09/27 18:07:34.0501 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2010/09/27 18:07:34.0540 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2010/09/27 18:07:34.0568 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2010/09/27 18:07:34.0635 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys 2010/09/27 18:07:35.0009 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys 2010/09/27 18:07:35.0110 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2010/09/27 18:07:35.0186 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 2010/09/27 18:07:35.0224 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2010/09/27 18:07:35.0299 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2010/09/27 18:07:35.0431 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2010/09/27 18:07:35.0464 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2010/09/27 18:07:35.0516 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2010/09/27 18:07:35.0560 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 2010/09/27 18:07:35.0692 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2010/09/27 18:07:35.0751 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2010/09/27 18:07:35.0793 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2010/09/27 18:07:35.0880 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2010/09/27 18:07:35.0913 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/09/27 18:07:35.0954 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/09/27 18:07:35.0997 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2010/09/27 18:07:36.0034 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2010/09/27 18:07:36.0067 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/09/27 18:07:36.0099 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2010/09/27 18:07:36.0121 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2010/09/27 18:07:36.0162 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2010/09/27 18:07:36.0199 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys 2010/09/27 18:07:36.0321 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2010/09/27 18:07:36.0393 rimsptsk (d0c2a0ce1091e08efb7ccba6cea4c3f9) C:\Windows\system32\DRIVERS\rimsptsk.sys 2010/09/27 18:07:36.0523 risdptsk (c22e4e27ccdf9aa5fe8143104f28cde3) C:\Windows\system32\DRIVERS\risdptsk.sys 2010/09/27 18:07:36.0625 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2010/09/27 18:07:36.0705 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2010/09/27 18:07:36.0750 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys 2010/09/27 18:07:36.0781 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2010/09/27 18:07:36.0884 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2010/09/27 18:07:36.0926 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2010/09/27 18:07:36.0964 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2010/09/27 18:07:37.0071 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys 2010/09/27 18:07:37.0151 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2010/09/27 18:07:37.0180 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2010/09/27 18:07:37.0207 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2010/09/27 18:07:37.0232 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2010/09/27 18:07:37.0274 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2010/09/27 18:07:37.0304 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2010/09/27 18:07:37.0333 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2010/09/27 18:07:37.0380 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2010/09/27 18:07:37.0466 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2010/09/27 18:07:37.0516 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys 2010/09/27 18:07:37.0631 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys 2010/09/27 18:07:37.0745 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys 2010/09/27 18:07:37.0901 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2010/09/27 18:07:37.0930 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2010/09/27 18:07:37.0957 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2010/09/27 18:07:37.0983 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2010/09/27 18:07:38.0052 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2010/09/27 18:07:38.0145 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2010/09/27 18:07:38.0192 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2010/09/27 18:07:38.0228 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2010/09/27 18:07:38.0259 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2010/09/27 18:07:38.0299 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2010/09/27 18:07:38.0342 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2010/09/27 18:07:38.0405 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/09/27 18:07:38.0439 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2010/09/27 18:07:38.0469 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2010/09/27 18:07:38.0497 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2010/09/27 18:07:38.0539 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2010/09/27 18:07:38.0587 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2010/09/27 18:07:38.0629 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2010/09/27 18:07:38.0682 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2010/09/27 18:07:38.0715 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2010/09/27 18:07:38.0747 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2010/09/27 18:07:38.0794 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/09/27 18:07:38.0893 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2010/09/27 18:07:38.0956 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2010/09/27 18:07:39.0000 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2010/09/27 18:07:39.0082 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2010/09/27 18:07:39.0125 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2010/09/27 18:07:39.0199 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2010/09/27 18:07:39.0236 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/09/27 18:07:39.0260 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/09/27 18:07:39.0345 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2010/09/27 18:07:39.0452 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/09/27 18:07:39.0470 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2010/09/27 18:07:39.0508 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2010/09/27 18:07:39.0548 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2010/09/27 18:07:39.0574 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2010/09/27 18:07:39.0600 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2010/09/27 18:07:39.0651 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2010/09/27 18:07:39.0681 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2010/09/27 18:07:39.0722 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2010/09/27 18:07:39.0774 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2010/09/27 18:07:39.0806 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/09/27 18:07:39.0904 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/09/27 18:07:39.0955 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2010/09/27 18:07:39.0993 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2010/09/27 18:07:40.0078 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys 2010/09/27 18:07:40.0230 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2010/09/27 18:07:40.0287 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2010/09/27 18:07:40.0381 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/09/27 18:07:40.0468 ================================================================================ 2010/09/27 18:07:40.0468 Scan finished 2010/09/27 18:07:40.0468 ================================================================================ 2010/09/27 18:07:52.0601 Deinitialize success Ca a l'air bon, faut-il quand même que je fasse la procédure sur combofix que tu m'as donné ? Te remerciant par avance,

Bonsoir, Je n'arrive pas à télécharger ce programme. Bloqué par "la connexion serveur a été réinitialisée" ??? Y a t-il un autre moyen ? Pour info, je vous donne ci-dessous le rapport du passage de Combofix : ComboFix 10-09-25.07 - Funky 26/09/2010 20:36:09.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2924.1419 [GMT 2:00] Lancé depuis: c:\users\Funky\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Drivers\hgvtwnrb.sys c:\windows\system32\drivers\kmdxfq.sys C:\zip.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_cubkvdkc -------\Service_knylpl ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-26 au 2010-09-26 )))))))))))))))))))))))))))))))))))) . 2010-09-26 18:49 . 2010-09-26 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-09-26 12:11 . 2010-09-26 13:15 0 ----a-w- C:\backup.reg 2010-09-26 12:11 . 2010-09-26 13:15 574 ----a-w- C:\cleanup.bat 2010-09-26 11:48 . 2010-09-26 13:28 -------- d-----w- c:\program files\ZHPDiag 2010-09-25 20:57 . 2010-09-26 13:10 -------- d-----w- c:\program files\Panda Security 2010-09-25 19:31 . 2010-09-25 19:31 -------- d-----w- c:\users\Funky\Pavark 2010-09-25 16:45 . 2010-09-25 19:41 -------- d-----w- c:\program files\Sophos 2010-09-25 09:55 . 2010-09-25 10:17 -------- d-----w- c:\programdata\Alwil Software 2010-09-25 09:55 . 2010-09-25 09:55 -------- d-----w- c:\program files\Alwil Software 2010-09-24 22:46 . 2010-09-24 22:46 -------- d-sh--w- c:\windows\system32\%APPDATA% 2010-09-24 19:56 . 2010-09-24 20:00 -------- d-----w- c:\programdata\Yahoo! Companion 2010-09-24 19:56 . 2010-09-24 19:56 -------- d-----w- c:\users\Funky\AppData\Roaming\Yahoo! 2010-09-24 19:56 . 2010-09-24 19:56 -------- d-----w- c:\program files\Yahoo! 2010-09-24 19:56 . 2010-09-24 19:56 -------- d-----w- c:\program files\CCleaner 2010-09-24 17:48 . 2010-09-25 15:35 -------- d-----w- c:\users\Funky\AppData\Local\Adobe 2010-09-24 17:29 . 2010-09-24 17:29 -------- d-----w- c:\users\Funky\AppData\Roaming\Malwarebytes 2010-09-24 17:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-24 17:29 . 2010-09-24 17:29 -------- d-----w- c:\programdata\Malwarebytes 2010-09-24 17:29 . 2010-09-24 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-24 17:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-24 13:39 . 2010-09-24 13:39 -------- d-----w- c:\windows\8F1A20DC251D47B091B7DCA2523EE6C9.TMP 2010-09-24 13:17 . 2010-09-26 12:15 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-09-24 13:17 . 2010-09-26 10:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-09-23 17:54 . 2010-08-24 12:57 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-09-23 17:54 . 2010-08-24 12:57 141792 ----a-w- c:\windows\system32\mfevtps.exe 2010-09-23 17:54 . 2010-08-24 12:57 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-09-23 17:54 . 2010-08-24 12:57 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-09-23 17:54 . 2010-08-24 12:57 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys 2010-09-23 17:54 . 2010-08-24 12:57 312904 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-09-23 17:54 . 2010-08-24 12:57 164808 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2010-09-23 17:54 . 2010-08-24 12:57 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-09-21 21:22 . 2010-09-21 21:22 -------- d-----w- c:\program files\AxBx 2010-09-15 10:00 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll 2010-09-15 10:00 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe 2010-09-15 10:00 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL 2010-09-15 09:59 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll 2010-09-05 17:05 . 2010-09-05 17:05 -------- d-----w- c:\users\Funky\AppData\Roaming\vlc . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-26 18:50 . 2008-07-25 12:20 12 ----a-w- c:\windows\bthservsdp.dat 2010-09-25 15:29 . 2009-07-20 15:14 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\SACore 2010-09-25 10:10 . 2008-07-25 12:33 -------- d-----w- c:\program files\Google 2010-09-24 17:43 . 2009-08-14 15:04 -------- d-----w- c:\users\Funky\AppData\Roaming\Skype 2010-09-24 16:46 . 2010-07-03 17:40 -------- d-----w- c:\users\Funky\AppData\Roaming\skypePM 2010-09-24 16:34 . 2008-01-21 08:40 673700 ----a-w- c:\windows\system32\perfh00C.dat 2010-09-24 16:34 . 2008-01-21 08:40 125430 ----a-w- c:\windows\system32\perfc00C.dat 2010-09-24 14:00 . 2010-09-24 14:00 300384 ----a-w- c:\programdata\McAfee\Supportability\Content\MVT\XMLFiles\detect.dll 2010-09-24 14:00 . 2009-09-17 20:08 300384 ----a-w- c:\users\Funky\AppData\Roaming\McAfee\Supportability\MVTLogs\Results\detect.dll 2010-09-24 13:40 . 2010-09-24 13:40 49152 ----a-r- c:\users\Funky\AppData\Roaming\Microsoft\Installer\{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}\Icon49FA793C.exe 2010-09-24 13:39 . 2009-06-08 15:50 -------- d-----w- c:\program files\McAfee 2010-09-24 11:58 . 2009-09-17 21:22 -------- d-----w- c:\program files\McAfee.com 2010-09-23 18:02 . 2009-06-08 15:50 -------- d-----w- c:\programdata\McAfee 2010-09-23 18:02 . 2009-09-17 21:22 -------- d-----w- c:\program files\Common Files\McAfee 2010-09-15 10:51 . 2009-06-08 15:36 -------- d-----w- c:\programdata\Microsoft Help 2010-09-15 10:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-08-24 12:57 . 2009-09-17 21:22 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-08-24 12:57 . 2009-09-17 21:22 152992 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-08-24 12:57 . 2009-07-08 11:44 386712 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-08-15 19:47 . 2009-06-08 15:38 -------- d-----w- c:\program files\Microsoft Works 2010-07-09 05:43 . 2010-07-09 05:43 0 ----a-w- c:\users\Funky\AppData\Roaming\wklnhst.dat 2010-07-03 17:40 . 2010-07-03 17:40 56 ---ha-w- c:\programdata\ezsidmv.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-27 262144] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-18 39408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-08-26 1779512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-11 6244896] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-26 148888] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-21 30192] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-06-08 24576] "SystrayORAHSS"="c:\program files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "Skytel"="Skytel.exe" [2008-07-11 1826816] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-30 1193848] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] c:\users\Funky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-1 768552] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] Lancement rapide d'Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-7-25 295606] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-07-15 16:04 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2008-07-19 00:06 170520 ----a-w- c:\windows\System32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2008-07-19 00:06 150040 ----a-w- c:\windows\System32\igfxtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] 2008-07-19 00:06 145944 ----a-w- c:\windows\System32\igfxpers.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R2 0068661285333463mcinstcleanup;McAfee Application Installer Cleanup (0068661285333463);c:\windows\TEMP\006866~1.EXE [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 135664] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-15 29736] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-21 30192] R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\40AD.tmp [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-08-24 84264] R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224] R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 436096] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-05-20 103712] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-05-20 353568] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-05-20 62752] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-11 337184] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-06-11 83232] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-08-24 64304] S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-08-24 164808] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-07-23 206112] S2 McMPFSvc;Service McAfee Personal Firewall;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-08-24 188136] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-08-24 141792] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-06-27 299008] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032] S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-07-11 98304] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-06-19 411488] S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-06-20 415744] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-08-24 55840] S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2008-06-07 224384] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-08-24 312904] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-10 9344] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mfeavfk01 *Deregistered* - qnrnwo [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' 2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 06:22] 2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 06:22] 2010-09-26 c:\windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job - c:\windows\system32\msfeedssync.exe [2010-08-15 04:24] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = *.local IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com Trusted Zone: internet Trusted Zone: mcafee.com Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-{537BF16E-7412-448C-95D8-846E85A1D817} - c:\programdata\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-26 20:52 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\40AD.tmp" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\qnrnwo] . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(5852) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\btncopy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\windows\system32\rundll32.exe c:\program files\Sony\VAIO Event Service\VESMgr.exe c:\windows\system32\DllHost.exe c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Common Files\McAfee\SystemCore\mfefire.exe c:\program files\Sony\VAIO Event Service\VESMgrSub.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\igfxext.exe c:\windows\system32\igfxsrvc.exe c:\windows\system32\DllHost.exe c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe c:\windows\system32\conime.exe c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe c:\progra~1\mcafee.com\agent\mcagent.exe . ************************************************************************** . Heure de fin: 2010-09-26 20:59:16 - La machine a redémarré ComboFix-quarantined-files.txt 2010-09-26 18:58 Avant-CF: 342 596 333 568 octets libres Après-CF: 342 201 729 024 octets libres - - End Of File - - 6283E2B177FD9495B3F6FD1A9C62FED1 Merci d'ava

Bonsoir, Je n'arrive pas à télécharger ce programme. Bloqué par "la connexion serveur a été réinitialisée" ??? Y a t-il un autre moyen ? Pour info, je vous donne ci-dessous le rapport du passage de Combofix : ComboFix 10-09-25.07 - Funky 26/09/2010 20:36:09.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2924.1419 [GMT 2:00] Lancé depuis: c:\users\Funky\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Drivers\hgvtwnrb.sys c:\windows\system32\drivers\kmdxfq.sys C:\zip.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_cubkvdkc -------\Service_knylpl ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-26 au 2010-09-26 )))))))))))))))))))))))))))))))))))) . 2010-09-26 18:49 . 2010-09-26 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-09-26 12:11 . 2010-09-26 13:15 0 ----a-w- C:\backup.reg 2010-09-26 12:11 . 2010-09-26 13:15 574 ----a-w- C:\cleanup.bat 2010-09-26 11:48 . 2010-09-26 13:28 -------- d-----w- c:\program files\ZHPDiag 2010-09-25 20:57 . 2010-09-26 13:10 -------- d-----w- c:\program files\Panda Security 2010-09-25 19:31 . 2010-09-25 19:31 -------- d-----w- c:\users\Funky\Pavark 2010-09-25 16:45 . 2010-09-25 19:41 -------- d-----w- c:\program files\Sophos 2010-09-25 09:55 . 2010-09-25 10:17 -------- d-----w- c:\programdata\Alwil Software 2010-09-25 09:55 . 2010-09-25 09:55 -------- d-----w- c:\program files\Alwil Software 2010-09-24 22:46 . 2010-09-24 22:46 -------- d-sh--w- c:\windows\system32\%APPDATA% 2010-09-24 19:56 . 2010-09-24 20:00 -------- d-----w- c:\programdata\Yahoo! Companion 2010-09-24 19:56 . 2010-09-24 19:56 -------- d-----w- c:\users\Funky\AppData\Roaming\Yahoo! 2010-09-24 19:56 . 2010-09-24 19:56 -------- d-----w- c:\program files\Yahoo! 2010-09-24 19:56 . 2010-09-24 19:56 -------- d-----w- c:\program files\CCleaner 2010-09-24 17:48 . 2010-09-25 15:35 -------- d-----w- c:\users\Funky\AppData\Local\Adobe 2010-09-24 17:29 . 2010-09-24 17:29 -------- d-----w- c:\users\Funky\AppData\Roaming\Malwarebytes 2010-09-24 17:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-24 17:29 . 2010-09-24 17:29 -------- d-----w- c:\programdata\Malwarebytes 2010-09-24 17:29 . 2010-09-24 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-24 17:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-24 13:39 . 2010-09-24 13:39 -------- d-----w- c:\windows\8F1A20DC251D47B091B7DCA2523EE6C9.TMP 2010-09-24 13:17 . 2010-09-26 12:15 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-09-24 13:17 . 2010-09-26 10:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-09-23 17:54 . 2010-08-24 12:57 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2010-09-23 17:54 . 2010-08-24 12:57 141792 ----a-w- c:\windows\system32\mfevtps.exe 2010-09-23 17:54 . 2010-08-24 12:57 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2010-09-23 17:54 . 2010-08-24 12:57 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2010-09-23 17:54 . 2010-08-24 12:57 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys 2010-09-23 17:54 . 2010-08-24 12:57 312904 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2010-09-23 17:54 . 2010-08-24 12:57 164808 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2010-09-23 17:54 . 2010-08-24 12:57 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys 2010-09-21 21:22 . 2010-09-21 21:22 -------- d-----w- c:\program files\AxBx 2010-09-15 10:00 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll 2010-09-15 10:00 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe 2010-09-15 10:00 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL 2010-09-15 09:59 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll 2010-09-05 17:05 . 2010-09-05 17:05 -------- d-----w- c:\users\Funky\AppData\Roaming\vlc . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-26 18:50 . 2008-07-25 12:20 12 ----a-w- c:\windows\bthservsdp.dat 2010-09-25 15:29 . 2009-07-20 15:14 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\SACore 2010-09-25 10:10 . 2008-07-25 12:33 -------- d-----w- c:\program files\Google 2010-09-24 17:43 . 2009-08-14 15:04 -------- d-----w- c:\users\Funky\AppData\Roaming\Skype 2010-09-24 16:46 . 2010-07-03 17:40 -------- d-----w- c:\users\Funky\AppData\Roaming\skypePM 2010-09-24 16:34 . 2008-01-21 08:40 673700 ----a-w- c:\windows\system32\perfh00C.dat 2010-09-24 16:34 . 2008-01-21 08:40 125430 ----a-w- c:\windows\system32\perfc00C.dat 2010-09-24 14:00 . 2010-09-24 14:00 300384 ----a-w- c:\programdata\McAfee\Supportability\Content\MVT\XMLFiles\detect.dll 2010-09-24 14:00 . 2009-09-17 20:08 300384 ----a-w- c:\users\Funky\AppData\Roaming\McAfee\Supportability\MVTLogs\Results\detect.dll 2010-09-24 13:40 . 2010-09-24 13:40 49152 ----a-r- c:\users\Funky\AppData\Roaming\Microsoft\Installer\{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}\Icon49FA793C.exe 2010-09-24 13:39 . 2009-06-08 15:50 -------- d-----w- c:\program files\McAfee 2010-09-24 11:58 . 2009-09-17 21:22 -------- d-----w- c:\program files\McAfee.com 2010-09-23 18:02 . 2009-06-08 15:50 -------- d-----w- c:\programdata\McAfee 2010-09-23 18:02 . 2009-09-17 21:22 -------- d-----w- c:\program files\Common Files\McAfee 2010-09-15 10:51 . 2009-06-08 15:36 -------- d-----w- c:\programdata\Microsoft Help 2010-09-15 10:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-08-24 12:57 . 2009-09-17 21:22 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-08-24 12:57 . 2009-09-17 21:22 152992 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-08-24 12:57 . 2009-07-08 11:44 386712 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2010-08-15 19:47 . 2009-06-08 15:38 -------- d-----w- c:\program files\Microsoft Works 2010-07-09 05:43 . 2010-07-09 05:43 0 ----a-w- c:\users\Funky\AppData\Roaming\wklnhst.dat 2010-07-03 17:40 . 2010-07-03 17:40 56 ---ha-w- c:\programdata\ezsidmv.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-27 262144] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-18 39408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-08-26 1779512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-11 6244896] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-26 148888] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-21 30192] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-06-08 24576] "SystrayORAHSS"="c:\program files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "Skytel"="Skytel.exe" [2008-07-11 1826816] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-30 1193848] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] c:\users\Funky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-1 768552] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] Lancement rapide d'Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-7-25 295606] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-07-15 16:04 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2008-07-19 00:06 170520 ----a-w- c:\windows\System32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2008-07-19 00:06 150040 ----a-w- c:\windows\System32\igfxtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] 2008-07-19 00:06 145944 ----a-w- c:\windows\System32\igfxpers.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R2 0068661285333463mcinstcleanup;McAfee Application Installer Cleanup (0068661285333463);c:\windows\TEMP\006866~1.EXE [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 135664] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-15 29736] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-21 30192] R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\40AD.tmp [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-08-24 84264] R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224] R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 436096] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-05-20 103712] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-05-20 353568] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-05-20 62752] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-11 337184] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-06-11 83232] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-08-24 64304] S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-08-24 164808] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-07-23 206112] S2 McMPFSvc;Service McAfee Personal Firewall;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-08-24 188136] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-08-24 141792] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-06-27 299008] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032] S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-07-11 98304] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-06-19 411488] S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-06-20 415744] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-08-24 55840] S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2008-06-07 224384] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-08-24 312904] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-10 9344] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mfeavfk01 *Deregistered* - qnrnwo [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' 2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 06:22] 2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 06:22] 2010-09-26 c:\windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job - c:\windows\system32\msfeedssync.exe [2010-08-15 04:24] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = *.local IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com Trusted Zone: internet Trusted Zone: mcafee.com Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-{537BF16E-7412-448C-95D8-846E85A1D817} - c:\programdata\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-26 20:52 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\40AD.tmp" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\qnrnwo] . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(5852) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\btncopy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\windows\system32\rundll32.exe c:\program files\Sony\VAIO Event Service\VESMgr.exe c:\windows\system32\DllHost.exe c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Common Files\McAfee\SystemCore\mfefire.exe c:\program files\Sony\VAIO Event Service\VESMgrSub.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\igfxext.exe c:\windows\system32\igfxsrvc.exe c:\windows\system32\DllHost.exe c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe c:\windows\system32\conime.exe c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe c:\progra~1\mcafee.com\agent\mcagent.exe . ************************************************************************** . Heure de fin: 2010-09-26 20:59:16 - La machine a redémarré ComboFix-quarantined-files.txt 2010-09-26 18:58 Avant-CF: 342 596 333 568 octets libres Après-CF: 342 201 729 024 octets libres - - End Of File - - 6283E2B177FD9495B3F6FD1A9C62FED1 Merci d'ava

Bonjour à tous, Un problème courant peut être mais étant néophyte, je vous demande quelques conseils. J'ai détecté une infection sur mon ordi qui m'amène un ralentissement sur Internet et surtout m'empeche l'accès à ma boite mail ou à divers sites sur lesquels il faut faire un code de saisie. J'ai déjà fait un tour sur les forums et essayé des astuces : - Spybot - Mbam - Avenger - ZHPDiag - Sophos - GMER (qui bloque à la suppression) Bref, rien n'a pu empecher cet "agent rootkit" infectant "C:\windows\system32\drivers\qnrnwo.sys". Pourriez vous m'aider ? Merci.