jdoe
-
Compteur de contenus
8 -
Inscription
-
Dernière visite
jdoe's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
A priori pas d'autres soucis. Merci beaucoup pour ton intervention claire, rapide, et efficace. Je te souhaite un bon réveillon ainsi qu'à l'ensemble des membres du forum.
-
Bonjour, voici le rapport OTL : All processes killed ========== OTL ========== HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. ========== FILES ========== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Aude ->Temp folder emptied: 169118 bytes ->Temporary Internet Files folder emptied: 204163871 bytes ->Java cache emptied: 264085 bytes ->FireFox cache emptied: 134363789 bytes ->Google Chrome cache emptied: 241627449 bytes ->Flash cache emptied: 168797 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 68624 bytes RecycleBin emptied: 63706 bytes Total Files Cleaned = 554,00 mb [EMPTYFLASH] User: All Users User: Aude ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.18.0 log created on 12282010_121645 Files\Folders moved on Reboot... C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2532.log moved successfully. Registry entries deleted on Reboot...
-
... enfin 'checkup.txt' : Results of screen317's Security Check version 0.99.8 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 18 Java 6 Update 6 Out of date Java installed! Adobe Flash Player 10.1.102.64 Adobe Reader 8.1.2 - Français Out of date Adobe Reader installed! Mozilla Firefox (3.6.13) ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSASCui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Windows Defender MSASCui.exe ``````````End of Log````````````
-
... et 'Extras.txt' : OTL Extras logfile created on: 27/12/2010 23:30:59 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Aude\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 112,00 Gb Total Space | 41,27 Gb Free Space | 36,85% Space Free | Partition Type: NTFS Drive D: | 112,93 Gb Total Space | 30,42 Gb Free Space | 26,94% Space Free | Partition Type: NTFS Drive I: | 232,88 Gb Total Space | 12,37 Gb Free Space | 5,31% Space Free | Partition Type: NTFS Computer Name: PC-DE-AUDE | User Name: Aude | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1260510E-5AE2-48FB-BAAB-2DF5A21625EE}" = lport=445 | protocol=6 | dir=in | app=system | "{4C14F2CE-DE22-422D-BA7A-19A90E143821}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{57CA2754-6740-4A40-9081-5C32043BBDF8}" = lport=2869 | protocol=6 | dir=in | app=system | "{5A854DA4-9865-43FA-94E7-7ECB63C02150}" = rport=138 | protocol=17 | dir=out | app=system | "{64A4FEBC-D682-41DB-A54E-941C97516933}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{73DFA7A6-B77A-41F1-87DF-908BE3BD0D88}" = lport=138 | protocol=17 | dir=in | app=system | "{79BC294D-FE91-402B-846E-C5079E5866C1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{85D3A4A7-3D49-485D-9532-2A3B30B0B1DE}" = rport=445 | protocol=6 | dir=out | app=system | "{876C4E3D-5BD1-4E0C-8C7C-3E8638BB53EE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{8991933E-7338-43BD-911F-3288B191B628}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{92DF03D8-4987-44CC-A1FC-1511235F8E25}" = lport=137 | protocol=17 | dir=in | app=system | "{968EF115-1FCA-4643-B10A-713BA9075BAB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A3AD9D23-162B-4F89-B1B0-F731D1CE761D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A6A095C8-062D-410F-824A-DEEE1007F8C8}" = lport=139 | protocol=6 | dir=in | app=system | "{CE313A42-8D5D-4775-84C1-1B8A8F1E7F90}" = rport=137 | protocol=17 | dir=out | app=system | "{D4CF0A15-59A4-4059-9F48-37E83DB4BA83}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D4D24ED1-909F-4C7C-886A-1D0AEB23C164}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E92D419D-F1D3-4598-AFEB-633810868B53}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{FB018F6C-15B0-4B1A-80CC-26D7D0D8F7EF}" = rport=139 | protocol=6 | dir=out | app=system | "{FBD90891-873D-4E55-9B8E-95F44644A673}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00B90023-5443-40FC-9E2D-723FBA70B2DE}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{0105C09F-C394-4106-AB5B-A38E86904CE2}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{1698992B-4A66-4275-9E48-57E45717B6EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{170DA1D3-0737-456A-BD2B-3C51E3E4EF66}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1ECCFFC4-0DB4-4A11-88EE-BD25E44315D3}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{287C7132-3210-496C-A3BC-50DEE99BBF11}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "{33E8172F-BD74-4396-AA5B-B0CD9A6CD4DE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{37702F96-CE47-4A06-BCD4-A2ED633A77B6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{509D51F7-D4EA-49A1-8121-89414C859B3C}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{530D2B0D-CC18-44E6-AAB7-E27982879D85}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{53CF7385-AC3F-47D2-A5BE-6E9E2946B206}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{583CB55A-5CDF-447E-9F6D-37952093B574}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{58688ADE-AA71-4BDF-A988-19506EAA0E0A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{5D487081-C37F-46D9-B0EE-927473A6D6FF}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "{857AC73C-5250-4CDE-892A-4F127E2852A4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{85D99EE4-7612-4A4C-AE00-448C7C83868F}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe | "{9EBE6E92-77E0-4F88-B03D-F83C3FB7596C}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{A74713DD-5BD7-4BFE-B71D-F5179CDEC428}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe | "{A76638CC-E5B0-49AE-AF6F-79A0E959A639}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{B0B6EE5F-F1D5-4994-971F-E6C5AD8A8CF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BD7B264E-6BE9-4D7A-BA71-495D8ACB3FAA}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{C028AC9B-D1A5-4C75-A9BB-515409A8E086}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C43B5F52-ECA1-4C56-8BC3-AB94836B09C4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{CBE6BBD8-0DD0-478C-BF80-052760133B69}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{CFF6386E-85AE-455A-8EA1-98DCF5E7E724}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D41CDCC7-5529-416B-9517-DACE6D8C9C33}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E76DAEA4-4198-4A83-993E-DB485D3228DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EEFF39FF-B3CF-40F5-A147-EBF60903DD6D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F18C5BB4-7F0C-47F2-9F1D-B4F754FB09AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "TCP Query User{02F29336-216A-4AC1-8828-9E6ADE39140E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{0B88A3C2-0563-47DB-B2E3-98B3D044FFB8}C:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe | "TCP Query User{0C786DD6-71F9-4406-B910-7B46C1551434}C:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe | "TCP Query User{23F7B9F0-081D-48F6-B219-8B5CD5C8B0D6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{44442990-A82D-412A-B7A9-68B026D9000A}C:\program files\snugtv\snugtv station\configwizard.exe" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "TCP Query User{B18BA1B5-BDD2-4838-AC56-90CD6EBDADF4}C:\program files\senstic\air cam\aircamwin.exe" = protocol=6 | dir=in | app=c:\program files\senstic\air cam\aircamwin.exe | "TCP Query User{B4188840-84D3-48CC-9D8A-0F78449AF9E0}C:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe | "UDP Query User{11B6C324-DD12-475F-ACEA-444088410B7A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{18B42973-737F-4728-B3D2-8C166A55941A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{53F96FA6-1FC4-4DC4-B590-65861325511E}C:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe | "UDP Query User{618C910B-BFC1-46BE-B57A-0D4DE9E5DB29}C:\program files\senstic\air cam\aircamwin.exe" = protocol=17 | dir=in | app=c:\program files\senstic\air cam\aircamwin.exe | "UDP Query User{749E1AB6-A1C9-4922-9F22-35502129903B}C:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe | "UDP Query User{797E731D-0E46-4C80-AEC3-E52F8510E64B}C:\program files\snugtv\snugtv station\configwizard.exe" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "UDP Query User{CD0D2BC5-2758-441D-A923-F287A552F25F}C:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings "{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher "{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM) "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10 "{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Support de Présentation VAIO "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10 "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 "{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6 "{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide "{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM) "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{53FED732-39DF-4973-85CD-854115455007}" = Sun VirtualBox "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5D38959D-2B4D-8AB0-FD1B-27C324E78DB0}" = RichFLV "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM) "{5F5867F0-2D23-4338-A206-01A76C823924}" = Gestion de l’alimentation de VAIO "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM) "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10 "{7BC57149-BF98-49C9-9E7F-850091CE4B2C}" = Air Cam "{80157B54-DB3E-4EE9-8AD8-63A905765FF4}_is1" = Opti Drive Control 1.44 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10 "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90283F22-0731-43B6-81FD-E6DD911A31FB}" = Microsoft SQL Server Native Client "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10 "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{974CAE3B-192C-4988-8841-4685CB3BC239}" = Click to Disc "{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music "{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10 "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM) "{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Services d’impression Bonjour "{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Utilitaire d'identification du processeur Intel® "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AACA8099-4687-4D03-8DCD-6F56D6FFF8F0}" = SnugTV Station "{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français "{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}" = VAIO Entertainment Platform "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM) "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10 "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C74B273E-DF20-4955-899B-15205119894C}" = Microsoft SQL Server VSS Writer "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM) "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10 "{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{E9E37358-E3E1-47BA-9E21-375EF3616BC9}" = Lecteur CANALPLAY 2.3 "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1B1BB41-2494-4FC2-BEF7-9C282B6815A8}" = Image Resizer Powertoy Clone for Windows "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM) "{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F88A7EB0-90F4-4012-9194-33AF2F1C5BF1}" = VAIO Movie Story 1.5 Upgrade "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10 "{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ad-Remover" = Ad-Remover By C_XX "AnyDVD" = AnyDVD "AVerMedia A850 USB DMB-TH" = AVerMedia A850 USB DMB-TH 1.0.0.26 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BFG-Big Fish Games Suite de jeu" = Big Fish Games Suite de jeu "CCleaner" = CCleaner "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP "CPUID CPU-Z_is1" = CPUID CPU-Z 1.55 "de.benz.RichFLV.A73E9F89A0F07611DDC8DCF9F06D33E089C383B6.1" = RichFLV "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = Configuration DivX "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "dt icon module" = "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink_is1" = DVD Shrink 3.2 "ffdshow_is1" = ffdshow [rev 3154] [2009-12-09] "gtfirstboot Setting Request" = "HaaliMkx" = Haali Media Splitter "HDMI" = Intel® Graphics Media Accelerator Driver "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00 "InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MarketingTools" = VAIO Marketing Tools "MFU Module" = "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Picasa 3" = Picasa 3 "Pouchin TV Mod" = Pouchin TV Mod "SpeedFan" = SpeedFan (remove only) "SynTPDeinstKey" = Synaptics Pointing Device Driver "uTorrent" = µTorrent "VAIO Help and Support" = "VLC media player" = VLC media player 1.0.5 "VMware_Player" = VMware Player "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5226 Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5226 Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1061 Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1061 Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2169 Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2169 Error - 14/12/2010 11:06:58 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second [ AVer AutoUpdate Events ] Error - 21/11/2010 09:31:37 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 21/11/2010 13:42:47 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 28/11/2010 07:51:37 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 03/12/2010 07:51:17 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 07:51:00 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:01 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:02 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:03 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:04 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:07 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = [ AVer MediaAnywhere Events ] Error - 18/11/2010 15:59:19 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 16389 Description = Error - 19/11/2010 03:00:40 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 470759 Description = Error - 19/11/2010 03:00:59 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 16389 Description = Error - 19/11/2010 18:48:36 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:39 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:39 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:40 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 20/11/2010 03:57:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. [ System Events ] Error - 23/12/2010 04:53:47 | Computer Name = PC-de-Aude | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 23/12/2010 04:55:06 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7000 Description = Error - 23/12/2010 05:00:43 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 23/12/2010 05:03:58 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 23/12/2010 05:08:23 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7034 Description = Error - 23/12/2010 05:09:07 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 23/12/2010 05:19:14 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 24/12/2010 07:51:15 | Computer Name = PC-de-Aude | Source = Dhcp | ID = 1002 Description = Le bail de l'adresse IP 192.168.1.12 pour la carte réseau dont l'adresse réseau est 001FE1D71941 a été refusé par le serveur DHCP 192.168.0.1 (celui-ci a envoyé un message DHCPNACK). Error - 26/12/2010 07:18:51 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7011 Description = Error - 26/12/2010 15:49:25 | Computer Name = PC-de-Aude | Source = Dhcp | ID = 1002 Description = Le bail de l'adresse IP 192.168.0.7 pour la carte réseau dont l'adresse réseau est 001FE1D71941 a été refusé par le serveur DHCP 192.168.1.254 (celui-ci a envoyé un message DHCPNACK). < End of report >
-
Bonsoir, comme convenu voici le contenu du fichier 'OTL.txt' : OTL logfile created on: 27/12/2010 23:30:59 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Aude\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 112,00 Gb Total Space | 41,27 Gb Free Space | 36,85% Space Free | Partition Type: NTFS Drive D: | 112,93 Gb Total Space | 30,42 Gb Free Space | 26,94% Space Free | Partition Type: NTFS Drive I: | 232,88 Gb Total Space | 12,37 Gb Free Space | 5,31% Space Free | Partition Type: NTFS Computer Name: PC-DE-AUDE | User Name: Aude | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe PRC - [2010/12/09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Aude\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/07/27 08:59:20 | 000,518,144 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe PRC - [2010/07/06 12:04:40 | 000,168,448 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/04/09 13:37:34 | 001,459,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010/03/05 16:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010/02/01 01:05:11 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2010/01/31 16:17:26 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe PRC - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe PRC - [2010/01/22 21:56:46 | 000,064,048 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe PRC - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe PRC - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe PRC - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009/04/08 10:49:30 | 000,344,064 | ---- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe PRC - [2009/03/05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe PRC - [2009/03/05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009/03/05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2008/12/09 17:01:50 | 000,405,504 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe PRC - [2008/07/07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe PRC - [2008/07/07 11:28:04 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2008/07/04 04:02:44 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe PRC - [2008/07/03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE PRC - [2008/06/27 21:01:36 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\NSUService.exe PRC - [2008/06/27 21:01:34 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\LANUtil.exe PRC - [2008/06/19 18:53:20 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe PRC - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe PRC - [2008/06/10 11:34:02 | 000,159,744 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe PRC - [2008/04/03 19:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (SafeList) ========== MOD - [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2010/07/27 08:59:20 | 000,518,144 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service) SRV - [2010/07/06 12:04:40 | 000,168,448 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer) SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/04/09 13:37:34 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent) SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service) SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009/10/12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60) SRV - [2009/09/08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper) SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/04/08 10:49:30 | 000,344,064 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote) SRV - [2009/04/02 00:15:30 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2009/03/05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw) SRV - [2009/03/05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009/03/05 18:47:40 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009/03/05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2008/12/09 17:01:50 | 000,405,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService) SRV - [2008/07/07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2008/07/03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService) SRV - [2008/06/27 21:01:36 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService) SRV - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2008/06/11 23:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2008/05/20 19:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms) SRV - [2008/05/20 19:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp) SRV - [2008/05/20 19:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/10/01 18:27:46 | 000,423,584 | ---- | M] (Canal+ Active) [On_Demand | Stopped] -- C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- (Service CANALPLAY) SRV - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010/07/09 12:18:54 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz134_x32.sys -- (cpuz134) DRV - [2010/03/21 11:28:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/03/18 17:45:47 | 000,104,768 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2010/01/22 21:57:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2010/01/22 21:57:56 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd) DRV - [2010/01/22 21:57:54 | 000,854,192 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86) DRV - [2010/01/22 21:57:54 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci) DRV - [2010/01/22 21:00:42 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon) DRV - [2010/01/22 17:13:00 | 000,036,400 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2010/01/22 17:13:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2010/01/01 18:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2009/12/17 14:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2009/12/17 14:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2009/12/17 14:02:34 | 000,099,152 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2009/12/17 14:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/10/12 14:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/01/05 07:47:18 | 000,487,168 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF15DMBTH.sys -- (AVerAF15DMBTH) DRV - [2008/10/20 14:57:20 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/07/09 01:05:17 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/07/04 04:02:38 | 002,377,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008/07/03 07:06:02 | 002,149,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/06/28 01:33:45 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008/06/27 17:37:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall) DRV - [2008/06/21 01:03:04 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk) DRV - [2008/06/07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2008/05/28 01:07:16 | 000,310,272 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2008/04/22 01:20:41 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008/03/10 12:01:26 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) DRV - [2008/01/25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2008/01/25 03:14:16 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2008/01/25 03:14:12 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2008/01/25 03:14:12 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) DRV - [2007/03/10 03:42:50 | 000,181,560 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/09/24 14:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2004/05/19 00:38:08 | 000,253,909 | ---- | M] (Philips Components BU Imaging Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\camdrv21.sys -- (camvid20) DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8074 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/" FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.9 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.50 FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 20:10:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 20:10:48 | 000,000,000 | ---D | M] [2010/01/31 23:28:23 | 000,000,000 | ---D | M] -- C:\Users\Aude\AppData\Roaming\mozilla\Extensions [2010/12/27 08:57:27 | 000,000,000 | ---D | M] -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions [2010/10/16 07:21:12 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2010/06/05 14:56:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/12/03 08:29:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/10/28 12:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2010/03/17 20:51:20 | 000,002,650 | ---- | M] () -- C:\Users\Aude\AppData\Roaming\Mozilla\FireFox\Profiles\29ml9a1p.default\searchplugins\bing.xml [2010/12/27 08:57:27 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/03/31 23:02:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/12/23 10:19:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.) O4 - HKCU..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O15 - HKLM\..Trusted Domains: canalplay.com ([]* in Trusted sites) O15 - HKLM\..Trusted Domains: canalplusactive.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: D:\AUDE\photos zen\animaux insecte\Le-Papillon.jpg O24 - Desktop BackupWallPaper: D:\AUDE\photos zen\animaux insecte\Le-Papillon.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007/01/24 15:05:34 | 000,000,000 | ---D | M] - I:\autorun -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.I420 - msh263.drv File not found Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2010/12/27 23:18:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe [2010/12/23 10:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\RichFLV [2010/12/23 10:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010/12/23 10:22:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010/12/23 10:04:38 | 000,000,000 | ---D | C] -- C:\ComboFix [2010/12/23 10:03:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010/12/23 10:02:31 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010/12/23 10:02:31 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010/12/23 10:02:31 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010/12/23 10:02:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010/12/23 10:00:45 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/12/22 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\Aude\AppData\Roaming\Malwarebytes [2010/12/22 22:03:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/22 22:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/12/22 22:03:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/22 22:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/12/22 21:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2010/12/22 07:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Haali [2010/12/22 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\Aude\Documents\SpiritON TV Software [2010/12/22 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\Aude\AppData\Roaming\SpiritON TV Software [2010/12/22 06:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/12/15 21:59:48 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/12/15 21:59:45 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010/12/15 21:59:44 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010/12/15 21:59:44 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010/12/15 21:59:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010/12/15 21:59:39 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/12/15 21:59:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/12/15 21:59:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/12/15 21:59:34 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/12/15 21:59:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/12/15 21:59:33 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/12/15 21:59:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/12/15 21:59:32 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/12/15 21:59:32 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/12/15 21:59:32 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/12/15 21:59:32 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/12/15 21:59:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/12/15 21:59:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/12/15 21:59:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/12/15 21:59:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/12/15 21:59:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/12/15 21:59:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/12/15 21:59:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/12/15 21:59:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/12/15 21:59:31 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/12/15 21:59:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/12/09 13:19:03 | 000,178,176 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMIU9X.DLL [2010/12/09 13:16:35 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/12/27 23:29:43 | 000,672,250 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/12/27 23:29:43 | 000,589,862 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/12/27 23:29:43 | 000,124,766 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/12/27 23:29:43 | 000,102,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/12/27 23:21:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job [2010/12/27 23:18:24 | 000,879,047 | ---- | M] () -- C:\Users\Aude\Desktop\SecurityCheck.exe [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe [2010/12/27 23:04:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/27 23:04:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/27 22:43:02 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/12/27 21:04:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/27 16:13:14 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job [2010/12/27 12:43:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/12/23 14:04:49 | 000,020,992 | ---- | M] () -- C:\Users\Aude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/23 10:32:12 | 000,000,738 | ---- | M] () -- C:\Users\Public\Desktop\RichFLV.lnk [2010/12/23 10:19:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/12/22 22:47:03 | 000,002,032 | ---- | M] () -- C:\Users\Aude\AppData\Local\d3d9caps.dat [2010/12/22 22:03:36 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/22 21:55:25 | 000,001,676 | ---- | M] () -- C:\Users\Aude\Desktop\AD-R.lnk [2010/12/22 21:35:08 | 000,000,016 | ---- | M] () -- C:\Users\Aude\AppData\Roaming\mchagw.dat [2010/12/21 21:22:28 | 019,985,265 | ---- | M] () -- C:\Users\Aude\Documents\vlc-1.1.5-win32.exe [2010/12/16 03:25:15 | 000,392,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/14 17:17:47 | 000,002,037 | ---- | M] () -- C:\Users\Aude\Desktop\Google Chrome.lnk [2010/12/14 17:17:47 | 000,001,999 | ---- | M] () -- C:\Users\Aude\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/12/27 23:18:18 | 000,879,047 | ---- | C] () -- C:\Users\Aude\Desktop\SecurityCheck.exe [2010/12/23 10:32:12 | 000,000,738 | ---- | C] () -- C:\Users\Public\Desktop\RichFLV.lnk [2010/12/23 10:02:31 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010/12/23 10:02:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010/12/23 10:02:31 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2010/12/23 10:02:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010/12/23 10:02:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/12/22 22:03:36 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/22 21:51:36 | 000,001,676 | ---- | C] () -- C:\Users\Aude\Desktop\AD-R.lnk [2010/12/22 21:35:07 | 000,000,016 | ---- | C] () -- C:\Users\Aude\AppData\Roaming\mchagw.dat [2010/12/21 21:20:48 | 019,985,265 | ---- | C] () -- C:\Users\Aude\Documents\vlc-1.1.5-win32.exe [2010/07/10 18:00:12 | 000,000,000 | ---- | C] () -- C:\Users\Aude\AppData\Roaming\.NANotifyHere [2010/06/13 14:06:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AVerIO.dll [2010/06/13 14:06:02 | 000,003,456 | ---- | C] () -- C:\Windows\System32\AVerIO.sys [2010/06/13 14:05:55 | 000,598,016 | ---- | C] () -- C:\Windows\System32\sptlib21.dll [2010/06/13 14:05:55 | 000,311,296 | ---- | C] () -- C:\Windows\System32\sptlib01.dll [2010/06/13 14:05:55 | 000,294,912 | ---- | C] () -- C:\Windows\System32\sptlib11.dll [2010/06/13 14:05:55 | 000,290,816 | ---- | C] () -- C:\Windows\System32\sptlib22.dll [2010/06/13 14:05:55 | 000,249,856 | ---- | C] () -- C:\Windows\System32\sptlib03.dll [2010/06/13 14:05:55 | 000,225,280 | ---- | C] () -- C:\Windows\System32\sptlib02.dll [2010/06/13 14:05:55 | 000,135,168 | ---- | C] () -- C:\Windows\System32\sptlib12.dll [2010/06/12 10:07:11 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/03/21 11:28:45 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010/03/20 17:47:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/03/11 21:06:37 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010/02/10 00:22:34 | 000,000,031 | -HS- | C] () -- C:\ProgramData\.zreglib [2010/02/06 09:35:52 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2010/02/04 23:36:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/01/31 20:00:29 | 000,020,992 | ---- | C] () -- C:\Users\Aude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/31 16:41:21 | 000,002,032 | ---- | C] () -- C:\Users\Aude\AppData\Local\d3d9caps.dat [2010/01/31 16:25:47 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2008/07/09 21:35:41 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll [2008/07/09 21:35:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/07/09 21:32:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/03/21 12:26:42 | 000,001,024 | ---- | M] () -- C:\.rnd [2010/12/22 21:56:47 | 000,002,627 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2010/12/22 21:52:19 | 000,002,381 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/07/09 21:24:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010/12/23 10:22:22 | 000,012,929 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010/01/31 16:04:37 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log [2010/12/23 09:53:30 | 2321,874,944 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys < End of report >
-
Et pour ComboFix: ComboFix 10-12-22.05 - Aude 23/12/2010 10:09:32.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.1914.786 [GMT 1:00] Lancé depuis: c:\users\Aude\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\users\Aude\AppData\Local\cleanmgr.dll c:\users\Aude\AppData\Local\cleanmgr.exe c:\users\Aude\AppData\Roaming\mdjaw.dat c:\users\Aude\AppData\Roaming\Microsoft\Windows\Recent\iPhone de Gianni.compta.pif c:\windows\system\Agcgauge.ax c:\windows\system32\pthreadVC.dll ----- BITS: Il y a peut-être des sites infectés ----- hxxp://update.snugtv.com . ((((((((((((((((((((((((((((( Fichiers créés du 2010-11-23 au 2010-12-23 )))))))))))))))))))))))))))))))))))) . 2010-12-23 09:19 . 2010-12-23 09:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\users\Aude\AppData\Roaming\Malwarebytes 2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\programdata\Malwarebytes 2010-12-22 21:03 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-22 21:03 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-22 20:51 . 2010-12-22 20:51 -------- d-----w- c:\program files\Ad-Remover 2010-12-22 06:07 . 2010-12-22 06:07 -------- d-----w- c:\program files\Haali 2010-12-22 05:55 . 2010-12-22 05:55 -------- d-----w- c:\users\Aude\AppData\Roaming\SpiritON TV Software 2010-12-21 09:24 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C275C9E4-8EDE-494A-B54D-99FFC3D8DA83}\mpengine.dll 2010-12-09 12:19 . 2009-03-18 08:09 178176 ----a-w- c:\windows\system32\CNMIU9X.DLL 2010-12-09 12:16 . 2010-12-09 12:16 -------- d--h--w- c:\program files\CanonBJ 2010-12-08 08:47 . 2010-12-08 08:47 84621672 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlc28EC.tmp . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-12 18:46 . 2010-11-12 18:46 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-10-19 09:41 . 2010-02-02 18:14 222080 ------w- c:\windows\system32\MpSigStub.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-27 262144] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-01 39408] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2010-03-19 3353536] "Google Update"="c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-15 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6295552] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-04 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-04 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-04 145944] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2010-01-31 24576] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "Skytel"="Skytel.exe" [2008-07-03 1826816] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912] "VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2010-01-22 64048] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888] "NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-6-5 159744] AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-6-13 651264] SnugTV Quick Start.lnk - c:\windows\Installer\{AACA8099-4687-4D03-8DCD-6F56D6FFF8F0}\NewShortcut1_46FEF19C05F1475DAA14D9007DC15270_2.exe [2010-8-2 57344] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-07-07 10:28 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664] R3 AVerAF15DMBTH;AVerMedia A850 USB;c:\windows\system32\Drivers\AVerAF15DMBTH.sys [2009-01-05 487168] R3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\DRIVERS\camdrv21.sys [x] R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2007-10-01 423584] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-05-20 103712] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-05-20 353568] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-05-20 62752] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-11 337184] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312] R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 722288] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-21 691696] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2009-12-17 123280] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2009-12-17 41616] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-08 344064] S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-09 405504] S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2010-07-06 168448] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-06-27 299008] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032] S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-07-03 104992] S2 SnugTV Service;SnugTV Service;c:\program files\SnugTV\SnugTV Station\AMAServer.exe [2010-07-27 518144] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-06-19 411488] S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-03-05 5189992] S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-01-22 70704] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-10 9344] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 99152] S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2009-12-17 110096] . Contenu du dossier 'Tâches planifiées' 2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 21:40] 2010-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 21:40] 2010-12-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job - c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 10:38] 2010-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job - c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 10:38] . . ------- Examen supplémentaire ------- . uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = http=127.0.0.1:8074 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html LSP: c:\program files\VMware\VMware Player\vsocklib.dll Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com FF - ProfilePath - c:\users\Aude\AppData\Roaming\Mozilla\Firefox\Profiles\29ml9a1p.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe AddRemove-Notification de cadeaux MSN - c:\users\Aude\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-12-23 10:19 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000003d . Heure de fin: 2010-12-23 10:22:22 ComboFix-quarantined-files.txt 2010-12-23 09:22 Avant-CF: 42 128 471 552 octets libres Après-CF: 44 592 731 136 octets libres - - End Of File - - D5EE79EE4E0E3E5FC71A6BD02078027D
-
Voici le rapport MBAM : Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Version de la base de données: 5378 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18999 22/12/2010 22:41:18 mbam-log-2010-12-22 (22-41-18).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 287736 Temps écoulé: 34 minute(s), 4 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jxhkmore (Trojan.FakeAlert) -> Value: jxhkmore -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Users\Aude\AppData\Local\Temp\lgpkwncks\fuidjltlajb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Aude\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\regmem32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
-
Bonjour, Mon ordinateur à subi une infection. Cela a commencé par des lancements intempestifs d'une application nommée OfferBox installée sans mon accord. J'ai réussi à la désinstaller via 'Ajout/Suppression de programmes'. En paralléle Antivir a lancé une alerte 'Logiciel malveillant détecté' / TR/Dropper.Gen pour le fichier : AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe J'ai réussi à supprimer ce fichier aprés avoir tué le processus. Par la suite la navigation sur internet a été détournée. La moindre consultation d'une page était détournée sur un site nommé 'Gomeo'. Donc j'ai lancé le mode sans échec et j'ai suivi la procédure suivante : Supprimer Gomeo Donc l'ordinateur a été scanné et traité par AD-R, MBAM et ComboFix. Ces actions semblent avoir porté leur fruit. Je demande donc l'assistance d'une personne qualifiée pour finaliser l'opération. Quels rapports doit-je poster ? D'avance merci.