Aller au contenu

jdoe

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    8

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par jdoe

  1. jdoe
    A priori pas d'autres soucis. Merci beaucoup pour ton intervention claire, rapide, et efficace. Je te souhaite un bon réveillon ainsi qu'à l'ensemble des membres du forum.
  2. jdoe
    Bonjour, voici le rapport OTL : All processes killed ========== OTL ========== HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. ========== FILES ========== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Aude ->Temp folder emptied: 169118 bytes ->Temporary Internet Files folder emptied: 204163871 bytes ->Java cache emptied: 264085 bytes ->FireFox cache emptied: 134363789 bytes ->Google Chrome cache emptied: 241627449 bytes ->Flash cache emptied: 168797 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 68624 bytes RecycleBin emptied: 63706 bytes Total Files Cleaned = 554,00 mb [EMPTYFLASH] User: All Users User: Aude ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.18.0 log created on 12282010_121645 Files\Folders moved on Reboot... C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2532.log moved successfully. Registry entries deleted on Reboot...
  3. jdoe
    ... enfin 'checkup.txt' : Results of screen317's Security Check version 0.99.8 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 18 Java 6 Update 6 Out of date Java installed! Adobe Flash Player 10.1.102.64 Adobe Reader 8.1.2 - Français Out of date Adobe Reader installed! Mozilla Firefox (3.6.13) ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSASCui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Windows Defender MSASCui.exe ``````````End of Log````````````
  4. jdoe
    ... et 'Extras.txt' : OTL Extras logfile created on: 27/12/2010 23:30:59 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Aude\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 112,00 Gb Total Space | 41,27 Gb Free Space | 36,85% Space Free | Partition Type: NTFS Drive D: | 112,93 Gb Total Space | 30,42 Gb Free Space | 26,94% Space Free | Partition Type: NTFS Drive I: | 232,88 Gb Total Space | 12,37 Gb Free Space | 5,31% Space Free | Partition Type: NTFS Computer Name: PC-DE-AUDE | User Name: Aude | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1260510E-5AE2-48FB-BAAB-2DF5A21625EE}" = lport=445 | protocol=6 | dir=in | app=system | "{4C14F2CE-DE22-422D-BA7A-19A90E143821}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{57CA2754-6740-4A40-9081-5C32043BBDF8}" = lport=2869 | protocol=6 | dir=in | app=system | "{5A854DA4-9865-43FA-94E7-7ECB63C02150}" = rport=138 | protocol=17 | dir=out | app=system | "{64A4FEBC-D682-41DB-A54E-941C97516933}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{73DFA7A6-B77A-41F1-87DF-908BE3BD0D88}" = lport=138 | protocol=17 | dir=in | app=system | "{79BC294D-FE91-402B-846E-C5079E5866C1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{85D3A4A7-3D49-485D-9532-2A3B30B0B1DE}" = rport=445 | protocol=6 | dir=out | app=system | "{876C4E3D-5BD1-4E0C-8C7C-3E8638BB53EE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{8991933E-7338-43BD-911F-3288B191B628}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{92DF03D8-4987-44CC-A1FC-1511235F8E25}" = lport=137 | protocol=17 | dir=in | app=system | "{968EF115-1FCA-4643-B10A-713BA9075BAB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A3AD9D23-162B-4F89-B1B0-F731D1CE761D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A6A095C8-062D-410F-824A-DEEE1007F8C8}" = lport=139 | protocol=6 | dir=in | app=system | "{CE313A42-8D5D-4775-84C1-1B8A8F1E7F90}" = rport=137 | protocol=17 | dir=out | app=system | "{D4CF0A15-59A4-4059-9F48-37E83DB4BA83}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D4D24ED1-909F-4C7C-886A-1D0AEB23C164}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E92D419D-F1D3-4598-AFEB-633810868B53}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{FB018F6C-15B0-4B1A-80CC-26D7D0D8F7EF}" = rport=139 | protocol=6 | dir=out | app=system | "{FBD90891-873D-4E55-9B8E-95F44644A673}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00B90023-5443-40FC-9E2D-723FBA70B2DE}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{0105C09F-C394-4106-AB5B-A38E86904CE2}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{1698992B-4A66-4275-9E48-57E45717B6EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{170DA1D3-0737-456A-BD2B-3C51E3E4EF66}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1ECCFFC4-0DB4-4A11-88EE-BD25E44315D3}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{287C7132-3210-496C-A3BC-50DEE99BBF11}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "{33E8172F-BD74-4396-AA5B-B0CD9A6CD4DE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{37702F96-CE47-4A06-BCD4-A2ED633A77B6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{509D51F7-D4EA-49A1-8121-89414C859B3C}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{530D2B0D-CC18-44E6-AAB7-E27982879D85}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{53CF7385-AC3F-47D2-A5BE-6E9E2946B206}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{583CB55A-5CDF-447E-9F6D-37952093B574}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe | "{58688ADE-AA71-4BDF-A988-19506EAA0E0A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{5D487081-C37F-46D9-B0EE-927473A6D6FF}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "{857AC73C-5250-4CDE-892A-4F127E2852A4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{85D99EE4-7612-4A4C-AE00-448C7C83868F}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe | "{9EBE6E92-77E0-4F88-B03D-F83C3FB7596C}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{A74713DD-5BD7-4BFE-B71D-F5179CDEC428}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe | "{A76638CC-E5B0-49AE-AF6F-79A0E959A639}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{B0B6EE5F-F1D5-4994-971F-E6C5AD8A8CF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BD7B264E-6BE9-4D7A-BA71-495D8ACB3FAA}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe | "{C028AC9B-D1A5-4C75-A9BB-515409A8E086}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C43B5F52-ECA1-4C56-8BC3-AB94836B09C4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{CBE6BBD8-0DD0-478C-BF80-052760133B69}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{CFF6386E-85AE-455A-8EA1-98DCF5E7E724}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D41CDCC7-5529-416B-9517-DACE6D8C9C33}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E76DAEA4-4198-4A83-993E-DB485D3228DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EEFF39FF-B3CF-40F5-A147-EBF60903DD6D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F18C5BB4-7F0C-47F2-9F1D-B4F754FB09AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "TCP Query User{02F29336-216A-4AC1-8828-9E6ADE39140E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{0B88A3C2-0563-47DB-B2E3-98B3D044FFB8}C:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe | "TCP Query User{0C786DD6-71F9-4406-B910-7B46C1551434}C:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe | "TCP Query User{23F7B9F0-081D-48F6-B219-8B5CD5C8B0D6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{44442990-A82D-412A-B7A9-68B026D9000A}C:\program files\snugtv\snugtv station\configwizard.exe" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "TCP Query User{B18BA1B5-BDD2-4838-AC56-90CD6EBDADF4}C:\program files\senstic\air cam\aircamwin.exe" = protocol=6 | dir=in | app=c:\program files\senstic\air cam\aircamwin.exe | "TCP Query User{B4188840-84D3-48CC-9D8A-0F78449AF9E0}C:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe | "UDP Query User{11B6C324-DD12-475F-ACEA-444088410B7A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{18B42973-737F-4728-B3D2-8C166A55941A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{53F96FA6-1FC4-4DC4-B590-65861325511E}C:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe | "UDP Query User{618C910B-BFC1-46BE-B57A-0D4DE9E5DB29}C:\program files\senstic\air cam\aircamwin.exe" = protocol=17 | dir=in | app=c:\program files\senstic\air cam\aircamwin.exe | "UDP Query User{749E1AB6-A1C9-4922-9F22-35502129903B}C:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe | "UDP Query User{797E731D-0E46-4C80-AEC3-E52F8510E64B}C:\program files\snugtv\snugtv station\configwizard.exe" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe | "UDP Query User{CD0D2BC5-2758-441D-A923-F287A552F25F}C:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings "{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher "{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM) "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10 "{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Support de Présentation VAIO "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10 "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 "{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6 "{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide "{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM) "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{53FED732-39DF-4973-85CD-854115455007}" = Sun VirtualBox "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5D38959D-2B4D-8AB0-FD1B-27C324E78DB0}" = RichFLV "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM) "{5F5867F0-2D23-4338-A206-01A76C823924}" = Gestion de l’alimentation de VAIO "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM) "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10 "{7BC57149-BF98-49C9-9E7F-850091CE4B2C}" = Air Cam "{80157B54-DB3E-4EE9-8AD8-63A905765FF4}_is1" = Opti Drive Control 1.44 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10 "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90283F22-0731-43B6-81FD-E6DD911A31FB}" = Microsoft SQL Server Native Client "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10 "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{974CAE3B-192C-4988-8841-4685CB3BC239}" = Click to Disc "{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music "{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10 "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM) "{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Services d’impression Bonjour "{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Utilitaire d'identification du processeur Intel® "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AACA8099-4687-4D03-8DCD-6F56D6FFF8F0}" = SnugTV Station "{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français "{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}" = VAIO Entertainment Platform "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM) "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10 "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C74B273E-DF20-4955-899B-15205119894C}" = Microsoft SQL Server VSS Writer "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM) "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10 "{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{E9E37358-E3E1-47BA-9E21-375EF3616BC9}" = Lecteur CANALPLAY 2.3 "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1B1BB41-2494-4FC2-BEF7-9C282B6815A8}" = Image Resizer Powertoy Clone for Windows "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM) "{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F88A7EB0-90F4-4012-9194-33AF2F1C5BF1}" = VAIO Movie Story 1.5 Upgrade "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10 "{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ad-Remover" = Ad-Remover By C_XX "AnyDVD" = AnyDVD "AVerMedia A850 USB DMB-TH" = AVerMedia A850 USB DMB-TH 1.0.0.26 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BFG-Big Fish Games Suite de jeu" = Big Fish Games Suite de jeu "CCleaner" = CCleaner "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP "CPUID CPU-Z_is1" = CPUID CPU-Z 1.55 "de.benz.RichFLV.A73E9F89A0F07611DDC8DCF9F06D33E089C383B6.1" = RichFLV "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = Configuration DivX "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "dt icon module" = "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink_is1" = DVD Shrink 3.2 "ffdshow_is1" = ffdshow [rev 3154] [2009-12-09] "gtfirstboot Setting Request" = "HaaliMkx" = Haali Media Splitter "HDMI" = Intel® Graphics Media Accelerator Driver "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00 "InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MarketingTools" = VAIO Marketing Tools "MFU Module" = "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Picasa 3" = Picasa 3 "Pouchin TV Mod" = Pouchin TV Mod "SpeedFan" = SpeedFan (remove only) "SynTPDeinstKey" = Synaptics Pointing Device Driver "uTorrent" = µTorrent "VAIO Help and Support" = "VLC media player" = VLC media player 1.0.5 "VMware_Player" = VMware Player "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5226 Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5226 Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1061 Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1061 Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2169 Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2169 Error - 14/12/2010 11:06:58 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second [ AVer AutoUpdate Events ] Error - 21/11/2010 09:31:37 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 21/11/2010 13:42:47 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 28/11/2010 07:51:37 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 03/12/2010 07:51:17 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 07:51:00 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:01 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:02 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:03 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:04 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = Error - 24/12/2010 08:51:07 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0 Description = [ AVer MediaAnywhere Events ] Error - 18/11/2010 15:59:19 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 16389 Description = Error - 19/11/2010 03:00:40 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 470759 Description = Error - 19/11/2010 03:00:59 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 16389 Description = Error - 19/11/2010 18:48:36 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:39 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:39 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:40 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 19/11/2010 18:48:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. Error - 20/11/2010 03:57:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583 Description = Cannot find any network adapter. [ System Events ] Error - 23/12/2010 04:53:47 | Computer Name = PC-de-Aude | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 23/12/2010 04:55:06 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7000 Description = Error - 23/12/2010 05:00:43 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 23/12/2010 05:03:58 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 23/12/2010 05:08:23 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7034 Description = Error - 23/12/2010 05:09:07 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 23/12/2010 05:19:14 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030 Description = Error - 24/12/2010 07:51:15 | Computer Name = PC-de-Aude | Source = Dhcp | ID = 1002 Description = Le bail de l'adresse IP 192.168.1.12 pour la carte réseau dont l'adresse réseau est 001FE1D71941 a été refusé par le serveur DHCP 192.168.0.1 (celui-ci a envoyé un message DHCPNACK). Error - 26/12/2010 07:18:51 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7011 Description = Error - 26/12/2010 15:49:25 | Computer Name = PC-de-Aude | Source = Dhcp | ID = 1002 Description = Le bail de l'adresse IP 192.168.0.7 pour la carte réseau dont l'adresse réseau est 001FE1D71941 a été refusé par le serveur DHCP 192.168.1.254 (celui-ci a envoyé un message DHCPNACK). < End of report >
  5. jdoe
    Bonsoir, comme convenu voici le contenu du fichier 'OTL.txt' : OTL logfile created on: 27/12/2010 23:30:59 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Aude\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 112,00 Gb Total Space | 41,27 Gb Free Space | 36,85% Space Free | Partition Type: NTFS Drive D: | 112,93 Gb Total Space | 30,42 Gb Free Space | 26,94% Space Free | Partition Type: NTFS Drive I: | 232,88 Gb Total Space | 12,37 Gb Free Space | 5,31% Space Free | Partition Type: NTFS Computer Name: PC-DE-AUDE | User Name: Aude | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe PRC - [2010/12/09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Aude\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/07/27 08:59:20 | 000,518,144 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe PRC - [2010/07/06 12:04:40 | 000,168,448 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/04/09 13:37:34 | 001,459,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010/03/05 16:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010/02/01 01:05:11 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2010/01/31 16:17:26 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe PRC - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe PRC - [2010/01/22 21:56:46 | 000,064,048 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe PRC - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe PRC - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe PRC - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009/04/08 10:49:30 | 000,344,064 | ---- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe PRC - [2009/03/05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe PRC - [2009/03/05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009/03/05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2008/12/09 17:01:50 | 000,405,504 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe PRC - [2008/07/07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe PRC - [2008/07/07 11:28:04 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2008/07/04 04:02:44 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe PRC - [2008/07/03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE PRC - [2008/06/27 21:01:36 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\NSUService.exe PRC - [2008/06/27 21:01:34 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\LANUtil.exe PRC - [2008/06/19 18:53:20 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe PRC - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe PRC - [2008/06/10 11:34:02 | 000,159,744 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe PRC - [2008/04/03 19:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (SafeList) ========== MOD - [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2010/07/27 08:59:20 | 000,518,144 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service) SRV - [2010/07/06 12:04:40 | 000,168,448 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer) SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/04/09 13:37:34 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent) SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service) SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009/10/12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60) SRV - [2009/09/08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper) SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/04/08 10:49:30 | 000,344,064 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote) SRV - [2009/04/02 00:15:30 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2009/03/05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw) SRV - [2009/03/05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009/03/05 18:47:40 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009/03/05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2008/12/09 17:01:50 | 000,405,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService) SRV - [2008/07/07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2008/07/03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService) SRV - [2008/06/27 21:01:36 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService) SRV - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2008/06/11 23:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2008/05/20 19:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms) SRV - [2008/05/20 19:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp) SRV - [2008/05/20 19:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/10/01 18:27:46 | 000,423,584 | ---- | M] (Canal+ Active) [On_Demand | Stopped] -- C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- (Service CANALPLAY) SRV - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010/07/09 12:18:54 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz134_x32.sys -- (cpuz134) DRV - [2010/03/21 11:28:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/03/18 17:45:47 | 000,104,768 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2010/01/22 21:57:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2010/01/22 21:57:56 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd) DRV - [2010/01/22 21:57:54 | 000,854,192 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86) DRV - [2010/01/22 21:57:54 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci) DRV - [2010/01/22 21:00:42 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon) DRV - [2010/01/22 17:13:00 | 000,036,400 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2010/01/22 17:13:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2010/01/01 18:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2009/12/17 14:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2009/12/17 14:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2009/12/17 14:02:34 | 000,099,152 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2009/12/17 14:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/10/12 14:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/01/05 07:47:18 | 000,487,168 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF15DMBTH.sys -- (AVerAF15DMBTH) DRV - [2008/10/20 14:57:20 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/07/09 01:05:17 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/07/04 04:02:38 | 002,377,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008/07/03 07:06:02 | 002,149,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/06/28 01:33:45 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008/06/27 17:37:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall) DRV - [2008/06/21 01:03:04 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk) DRV - [2008/06/07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2008/05/28 01:07:16 | 000,310,272 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2008/04/22 01:20:41 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008/03/10 12:01:26 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) DRV - [2008/01/25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2008/01/25 03:14:16 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2008/01/25 03:14:12 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2008/01/25 03:14:12 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) DRV - [2007/03/10 03:42:50 | 000,181,560 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/09/24 14:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2004/05/19 00:38:08 | 000,253,909 | ---- | M] (Philips Components BU Imaging Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\camdrv21.sys -- (camvid20) DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8074 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/" FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.9 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.50 FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 20:10:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 20:10:48 | 000,000,000 | ---D | M] [2010/01/31 23:28:23 | 000,000,000 | ---D | M] -- C:\Users\Aude\AppData\Roaming\mozilla\Extensions [2010/12/27 08:57:27 | 000,000,000 | ---D | M] -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions [2010/10/16 07:21:12 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2010/06/05 14:56:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/12/03 08:29:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/10/28 12:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2010/03/17 20:51:20 | 000,002,650 | ---- | M] () -- C:\Users\Aude\AppData\Roaming\Mozilla\FireFox\Profiles\29ml9a1p.default\searchplugins\bing.xml [2010/12/27 08:57:27 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/03/31 23:02:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/12/23 10:19:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.) O4 - HKCU..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O15 - HKLM\..Trusted Domains: canalplay.com ([]* in Trusted sites) O15 - HKLM\..Trusted Domains: canalplusactive.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: D:\AUDE\photos zen\animaux insecte\Le-Papillon.jpg O24 - Desktop BackupWallPaper: D:\AUDE\photos zen\animaux insecte\Le-Papillon.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007/01/24 15:05:34 | 000,000,000 | ---D | M] - I:\autorun -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.I420 - msh263.drv File not found Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2010/12/27 23:18:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe [2010/12/23 10:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\RichFLV [2010/12/23 10:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010/12/23 10:22:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010/12/23 10:04:38 | 000,000,000 | ---D | C] -- C:\ComboFix [2010/12/23 10:03:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010/12/23 10:02:31 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010/12/23 10:02:31 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010/12/23 10:02:31 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010/12/23 10:02:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010/12/23 10:00:45 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/12/22 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\Aude\AppData\Roaming\Malwarebytes [2010/12/22 22:03:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/22 22:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/12/22 22:03:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/22 22:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/12/22 21:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2010/12/22 07:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Haali [2010/12/22 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\Aude\Documents\SpiritON TV Software [2010/12/22 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\Aude\AppData\Roaming\SpiritON TV Software [2010/12/22 06:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/12/15 21:59:48 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/12/15 21:59:45 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010/12/15 21:59:44 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010/12/15 21:59:44 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010/12/15 21:59:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010/12/15 21:59:39 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/12/15 21:59:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/12/15 21:59:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/12/15 21:59:34 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/12/15 21:59:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/12/15 21:59:33 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/12/15 21:59:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/12/15 21:59:32 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/12/15 21:59:32 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/12/15 21:59:32 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/12/15 21:59:32 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/12/15 21:59:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/12/15 21:59:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/12/15 21:59:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/12/15 21:59:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/12/15 21:59:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/12/15 21:59:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/12/15 21:59:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/12/15 21:59:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/12/15 21:59:31 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/12/15 21:59:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/12/09 13:19:03 | 000,178,176 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMIU9X.DLL [2010/12/09 13:16:35 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/12/27 23:29:43 | 000,672,250 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/12/27 23:29:43 | 000,589,862 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/12/27 23:29:43 | 000,124,766 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/12/27 23:29:43 | 000,102,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/12/27 23:21:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job [2010/12/27 23:18:24 | 000,879,047 | ---- | M] () -- C:\Users\Aude\Desktop\SecurityCheck.exe [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe [2010/12/27 23:04:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/27 23:04:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/27 22:43:02 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/12/27 21:04:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/27 16:13:14 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job [2010/12/27 12:43:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/12/23 14:04:49 | 000,020,992 | ---- | M] () -- C:\Users\Aude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/23 10:32:12 | 000,000,738 | ---- | M] () -- C:\Users\Public\Desktop\RichFLV.lnk [2010/12/23 10:19:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/12/22 22:47:03 | 000,002,032 | ---- | M] () -- C:\Users\Aude\AppData\Local\d3d9caps.dat [2010/12/22 22:03:36 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/22 21:55:25 | 000,001,676 | ---- | M] () -- C:\Users\Aude\Desktop\AD-R.lnk [2010/12/22 21:35:08 | 000,000,016 | ---- | M] () -- C:\Users\Aude\AppData\Roaming\mchagw.dat [2010/12/21 21:22:28 | 019,985,265 | ---- | M] () -- C:\Users\Aude\Documents\vlc-1.1.5-win32.exe [2010/12/16 03:25:15 | 000,392,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/14 17:17:47 | 000,002,037 | ---- | M] () -- C:\Users\Aude\Desktop\Google Chrome.lnk [2010/12/14 17:17:47 | 000,001,999 | ---- | M] () -- C:\Users\Aude\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/12/27 23:18:18 | 000,879,047 | ---- | C] () -- C:\Users\Aude\Desktop\SecurityCheck.exe [2010/12/23 10:32:12 | 000,000,738 | ---- | C] () -- C:\Users\Public\Desktop\RichFLV.lnk [2010/12/23 10:02:31 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010/12/23 10:02:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010/12/23 10:02:31 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2010/12/23 10:02:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010/12/23 10:02:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/12/22 22:03:36 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/22 21:51:36 | 000,001,676 | ---- | C] () -- C:\Users\Aude\Desktop\AD-R.lnk [2010/12/22 21:35:07 | 000,000,016 | ---- | C] () -- C:\Users\Aude\AppData\Roaming\mchagw.dat [2010/12/21 21:20:48 | 019,985,265 | ---- | C] () -- C:\Users\Aude\Documents\vlc-1.1.5-win32.exe [2010/07/10 18:00:12 | 000,000,000 | ---- | C] () -- C:\Users\Aude\AppData\Roaming\.NANotifyHere [2010/06/13 14:06:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AVerIO.dll [2010/06/13 14:06:02 | 000,003,456 | ---- | C] () -- C:\Windows\System32\AVerIO.sys [2010/06/13 14:05:55 | 000,598,016 | ---- | C] () -- C:\Windows\System32\sptlib21.dll [2010/06/13 14:05:55 | 000,311,296 | ---- | C] () -- C:\Windows\System32\sptlib01.dll [2010/06/13 14:05:55 | 000,294,912 | ---- | C] () -- C:\Windows\System32\sptlib11.dll [2010/06/13 14:05:55 | 000,290,816 | ---- | C] () -- C:\Windows\System32\sptlib22.dll [2010/06/13 14:05:55 | 000,249,856 | ---- | C] () -- C:\Windows\System32\sptlib03.dll [2010/06/13 14:05:55 | 000,225,280 | ---- | C] () -- C:\Windows\System32\sptlib02.dll [2010/06/13 14:05:55 | 000,135,168 | ---- | C] () -- C:\Windows\System32\sptlib12.dll [2010/06/12 10:07:11 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/03/21 11:28:45 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010/03/20 17:47:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/03/11 21:06:37 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010/02/10 00:22:34 | 000,000,031 | -HS- | C] () -- C:\ProgramData\.zreglib [2010/02/06 09:35:52 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2010/02/04 23:36:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/01/31 20:00:29 | 000,020,992 | ---- | C] () -- C:\Users\Aude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/31 16:41:21 | 000,002,032 | ---- | C] () -- C:\Users\Aude\AppData\Local\d3d9caps.dat [2010/01/31 16:25:47 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2008/07/09 21:35:41 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll [2008/07/09 21:35:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/07/09 21:32:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/03/21 12:26:42 | 000,001,024 | ---- | M] () -- C:\.rnd [2010/12/22 21:56:47 | 000,002,627 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2010/12/22 21:52:19 | 000,002,381 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/07/09 21:24:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010/12/23 10:22:22 | 000,012,929 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010/01/31 16:04:37 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log [2010/12/23 09:53:30 | 2321,874,944 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys < End of report >
  6. jdoe
    Et pour ComboFix: ComboFix 10-12-22.05 - Aude 23/12/2010 10:09:32.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.1914.786 [GMT 1:00] Lancé depuis: c:\users\Aude\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\users\Aude\AppData\Local\cleanmgr.dll c:\users\Aude\AppData\Local\cleanmgr.exe c:\users\Aude\AppData\Roaming\mdjaw.dat c:\users\Aude\AppData\Roaming\Microsoft\Windows\Recent\iPhone de Gianni.compta.pif c:\windows\system\Agcgauge.ax c:\windows\system32\pthreadVC.dll ----- BITS: Il y a peut-être des sites infectés ----- hxxp://update.snugtv.com . ((((((((((((((((((((((((((((( Fichiers créés du 2010-11-23 au 2010-12-23 )))))))))))))))))))))))))))))))))))) . 2010-12-23 09:19 . 2010-12-23 09:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\users\Aude\AppData\Roaming\Malwarebytes 2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\programdata\Malwarebytes 2010-12-22 21:03 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-22 21:03 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-22 20:51 . 2010-12-22 20:51 -------- d-----w- c:\program files\Ad-Remover 2010-12-22 06:07 . 2010-12-22 06:07 -------- d-----w- c:\program files\Haali 2010-12-22 05:55 . 2010-12-22 05:55 -------- d-----w- c:\users\Aude\AppData\Roaming\SpiritON TV Software 2010-12-21 09:24 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C275C9E4-8EDE-494A-B54D-99FFC3D8DA83}\mpengine.dll 2010-12-09 12:19 . 2009-03-18 08:09 178176 ----a-w- c:\windows\system32\CNMIU9X.DLL 2010-12-09 12:16 . 2010-12-09 12:16 -------- d--h--w- c:\program files\CanonBJ 2010-12-08 08:47 . 2010-12-08 08:47 84621672 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlc28EC.tmp . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-12 18:46 . 2010-11-12 18:46 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-10-19 09:41 . 2010-02-02 18:14 222080 ------w- c:\windows\system32\MpSigStub.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-27 262144] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-01 39408] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2010-03-19 3353536] "Google Update"="c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-15 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6295552] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-04 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-04 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-04 145944] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2010-01-31 24576] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "Skytel"="Skytel.exe" [2008-07-03 1826816] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912] "VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2010-01-22 64048] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888] "NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-6-5 159744] AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-6-13 651264] SnugTV Quick Start.lnk - c:\windows\Installer\{AACA8099-4687-4D03-8DCD-6F56D6FFF8F0}\NewShortcut1_46FEF19C05F1475DAA14D9007DC15270_2.exe [2010-8-2 57344] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2008-07-07 10:28 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664] R3 AVerAF15DMBTH;AVerMedia A850 USB;c:\windows\system32\Drivers\AVerAF15DMBTH.sys [2009-01-05 487168] R3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\DRIVERS\camdrv21.sys [x] R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2007-10-01 423584] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-05-20 103712] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-05-20 353568] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-05-20 62752] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-11 337184] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312] R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 722288] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-21 691696] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2009-12-17 123280] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2009-12-17 41616] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-08 344064] S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-09 405504] S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2010-07-06 168448] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280] S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-06-27 299008] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032] S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-07-03 104992] S2 SnugTV Service;SnugTV Service;c:\program files\SnugTV\SnugTV Station\AMAServer.exe [2010-07-27 518144] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-06-19 411488] S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-03-05 5189992] S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-01-22 70704] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-10 9344] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 99152] S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2009-12-17 110096] . Contenu du dossier 'Tâches planifiées' 2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 21:40] 2010-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 21:40] 2010-12-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job - c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 10:38] 2010-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job - c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 10:38] . . ------- Examen supplémentaire ------- . uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = http=127.0.0.1:8074 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html LSP: c:\program files\VMware\VMware Player\vsocklib.dll Trusted Zone: canalplay.com Trusted Zone: canalplusactive.com FF - ProfilePath - c:\users\Aude\AppData\Roaming\Mozilla\Firefox\Profiles\29ml9a1p.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe AddRemove-Notification de cadeaux MSN - c:\users\Aude\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-12-23 10:19 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000003d . Heure de fin: 2010-12-23 10:22:22 ComboFix-quarantined-files.txt 2010-12-23 09:22 Avant-CF: 42 128 471 552 octets libres Après-CF: 44 592 731 136 octets libres - - End Of File - - D5EE79EE4E0E3E5FC71A6BD02078027D
  7. jdoe
    Voici le rapport MBAM : Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Version de la base de données: 5378 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18999 22/12/2010 22:41:18 mbam-log-2010-12-22 (22-41-18).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 287736 Temps écoulé: 34 minute(s), 4 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jxhkmore (Trojan.FakeAlert) -> Value: jxhkmore -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Users\Aude\AppData\Local\Temp\lgpkwncks\fuidjltlajb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Aude\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\regmem32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
  8. jdoe
    Bonjour, Mon ordinateur à subi une infection. Cela a commencé par des lancements intempestifs d'une application nommée OfferBox installée sans mon accord. J'ai réussi à la désinstaller via 'Ajout/Suppression de programmes'. En paralléle Antivir a lancé une alerte 'Logiciel malveillant détecté' / TR/Dropper.Gen pour le fichier : AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe J'ai réussi à supprimer ce fichier aprés avoir tué le processus. Par la suite la navigation sur internet a été détournée. La moindre consultation d'une page était détournée sur un site nommé 'Gomeo'. Donc j'ai lancé le mode sans échec et j'ai suivi la procédure suivante : Supprimer Gomeo Donc l'ordinateur a été scanné et traité par AD-R, MBAM et ComboFix. Ces actions semblent avoir porté leur fruit. Je demande donc l'assistance d'une personne qualifiée pour finaliser l'opération. Quels rapports doit-je poster ? D'avance merci.
×
×
  • Créer...