Pb de suppression myway.mywebsearch
panha
Messages postés
1
Date d'inscription
Statut
Membre
Dernière intervention
-
panha -
panha -
Bonjour,
voici le rapport de toolbar suivi de celui de hijack
question :avast n a pas pu scanner 28 dossier ci dessous , pourquoi et quels sont les elements que je dois supprimer dans hijack
merci
Checking avec
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft® Windows Vista™ Home Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz )
BIOS : Ver 1.00PARTTBL
USER : nathalie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081226-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:102 Go (Free:46 Go)
D:\ (USB)
E:\ (USB)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 26/12/2008|20:02 )
[ UAC => 1 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\SrchAstt
C:\Program Files\AskSBar\bar\1.bin
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
C:\Program Files\AskSBar\SrchAstt\1.bin
C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="http://vaio-online.sony.com/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 26/12/2008|20:02 - Option : [1]
-----------\\ Fin du rapport a 20:02:45,27
Avast : question : pourquoi avast ne peut pas scanner dossiers ci dessous
c/ documents and setting impossible to scane
programe data
application data / desktop / documents / favorite / start menu / template
c user / defaut
all user / defaults user / application data / history / temporary internet file / application data / cokkies / my misic / my pictures / my video / local setting / my document / nethood / printhood/recent / send to / start menu / templates/
user public
my music / my picture / my video
hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:35, on 27/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio-online.sony.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PrepareYourVAIO] C:\Program Files\Sony\Prepare your VAIO\PYVAlert.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {23D236EA-B936-4B2B-900C-D0E8DBBF9570} (BugsGameStarts Class) - http://audition.playpark.com/nProtect/CStart/ThaiGameStart.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sebmic.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
voici le rapport de toolbar suivi de celui de hijack
question :avast n a pas pu scanner 28 dossier ci dessous , pourquoi et quels sont les elements que je dois supprimer dans hijack
merci
Checking avec
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft® Windows Vista™ Home Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz )
BIOS : Ver 1.00PARTTBL
USER : nathalie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081226-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:102 Go (Free:46 Go)
D:\ (USB)
E:\ (USB)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 26/12/2008|20:02 )
[ UAC => 1 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\SrchAstt
C:\Program Files\AskSBar\bar\1.bin
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
C:\Program Files\AskSBar\SrchAstt\1.bin
C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="http://vaio-online.sony.com/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 26/12/2008|20:02 - Option : [1]
-----------\\ Fin du rapport a 20:02:45,27
Avast : question : pourquoi avast ne peut pas scanner dossiers ci dessous
c/ documents and setting impossible to scane
programe data
application data / desktop / documents / favorite / start menu / template
c user / defaut
all user / defaults user / application data / history / temporary internet file / application data / cokkies / my misic / my pictures / my video / local setting / my document / nethood / printhood/recent / send to / start menu / templates/
user public
my music / my picture / my video
hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:35, on 27/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio-online.sony.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PrepareYourVAIO] C:\Program Files\Sony\Prepare your VAIO\PYVAlert.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {23D236EA-B936-4B2B-900C-D0E8DBBF9570} (BugsGameStarts Class) - http://audition.playpark.com/nProtect/CStart/ThaiGameStart.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sebmic.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
A voir également:
- Pb de suppression myway.mywebsearch
- Forcer suppression fichier - Guide
- Suppression compte gmail - Guide
- Suppression page word - Guide
- Suppression pub youtube - Accueil - Streaming
- Outil de suppression mcafee - Guide
35 réponses
Salut problème, heu panha ;-)
Joli pays que la Thaïlande ! J´ai un ami qui est en vacances là bas en ce moment, quand je voie les photos; je me dis "oh mon dieux (le mien :) que c´est beau" vraiment paradisiaque ! Mon ami est un fin gourmet et il photographie aussi tout les plats qu´il mange, miam (très coloré !)
Retour a ton chère pc :
Telecharge UsbFix sur ton bureau
http://sd-1.archive-host.com/membres/up/1366464061/UsbFix.rar
dezip le sur ton bureau
--> Lance l installation avec les parametres par default
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci UsbFix sur ton bureau
--> Le pc va redémarer
-->Apres redémarrage post le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
@+
Joli pays que la Thaïlande ! J´ai un ami qui est en vacances là bas en ce moment, quand je voie les photos; je me dis "oh mon dieux (le mien :) que c´est beau" vraiment paradisiaque ! Mon ami est un fin gourmet et il photographie aussi tout les plats qu´il mange, miam (très coloré !)
Retour a ton chère pc :
Telecharge UsbFix sur ton bureau
http://sd-1.archive-host.com/membres/up/1366464061/UsbFix.rar
dezip le sur ton bureau
--> Lance l installation avec les parametres par default
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci UsbFix sur ton bureau
--> Le pc va redémarer
-->Apres redémarrage post le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
@+
panha,
je pense que le fichier dont tu parles correspond a des restes après l´installation d´un logiciel, mais je ne serais te dire lequel...
pour usbfix le rapport est ici C:\usbfix
@+
je pense que le fichier dont tu parles correspond a des restes après l´installation d´un logiciel, mais je ne serais te dire lequel...
pour usbfix le rapport est ici C:\usbfix
@+
merci , j espere que tu as passe un bon reveillons
Changelog UsbFix établit le 2 decembre 2008
outils créé par Chiquitine29 , aide aux mises a jours -> Chimay8
>>>>>>in "ProgramFiles"<<<<<<<<<
Internet Explorer\Connection Wizard\icwconn1\rada
Internet Explorer\Connection Wizard\icwconn1\rade
Internet Explorer\Connection Wizard\icwconn1\radf
Internet Explorer\Connection Wizard\icwconn1\rad5
Internet Explorer\Connection Wizard\icwconn1\rad0
Internet Explorer\Connection Wizard\icwconn1\rad9
Internet Explorer\Connection Wizard\icwconn1\rad4
Internet Explorer\Connection Wizard\icwconn1\rad1
Internet Explorer\Connection Wizard\icwconn1
Movie Maker\explorer.exe
Internet Explorer\explorer.exe
>>>>>>in "Windows"<<<<<<<<<
autorun.inf
autorun.exe
autorun.vbs
autorun.reg
autorun.ini
autorun.fcb
autorun.bat
autorun.com
AdobeR.exe
Alecks.vbs
bittorrent.exe
cmd32.exe
CwbRmDir.bat
Fonts\Fonts.exe
FS6519.dll.vbs
funny.exe
GMOGLFEO.exe
hiqalowo.inf
icapy.scr
ilezyvu.bin
Lany.vbs
lumy.exe
manulopa.reg
MS32DLL.dll.vbs
MyMP3.vbs
nar.vbs
osok.inf
osotilasiq.pif
oxafa.com
qobo.dat
rundll32.vbe
sleep.vbe
SysRes.vbs
takice.lib
tusoha.exe
unahafiwik.exe
waol.exe
waziqepehi.ban
WillPolo.vbs
Win32DLL.vbs
win.vbe
window.exe
wyzeha.com
xcopy.exe
yjilu.inf
ylacupyb.dll
RECYCLER\systems.com
temp\039.tmp
>>>>>>in "Windows\system32"<<<<<<<<<
agucuri.vbs
ahr.exe
Alecks.vbs
antinul.vbe
amvo.exe
amvo0.dll
amvo1.dll
amvo2.dll
autorun.bat
Autorun.com
autorun.exe
autorun.fcb
autorun.inf
autorun.ini
autorun.reg
autorun.vbs
Autoruns.exe
avpo.exe
avpo0.dll
avpo1.dll
Bitkvo.exe
Bitkv0.dll
Bitkv1.dll
cftmonn.exe
Christina.jpg
Christina.vbs
ckvo.exe
ckvo0.dll
ckvo1.dll
ckvo2.dll
cradle_of_filth.vbe
delself.bat
FS6519.dll.vbs
GMOGLFEO.exe
icf.exe.exe
ie.exe
jvvo.exe
jvvo0.dll
jvvo1.dll
jvvo2.dll
jvvo3.dll
j3ewro.exe
jwedsfdo0.dll
jwedsfdo1.dll
jwedsfdo2.dll
jwedsfdo3.dll
jxnraqjxg.exe
kavo.exe
kamsoft.exe
kav0.dll
kav1.dll
kav2.dll
kav3.dll
kavo0.dll
kavo1.dll
kavo2.dll
kavo3.dll
kdkfm.exe
KEYBOARD.exe
keygen.exe
kulitut.bat
kulitut.vbs
kxvo.exe
kxvo0.dll
kxvo1.dll
kxvo2.dll
kxvo3.dll
lExplore.exe
loader.exe
logoneui.exe
LOVE-LETTER-FOR-YOU.HTM
LOVE-LETTER-FOR-YOU.TXT.vbs
msfun80.exe
msime82.exe
MSKernel32.vbs
ne0kS.dll.wsf
ne0kS.exe
OeApi.vbs
pubnet.vbs
rs32net.exe
SemiAntiVirus.vbs
Sexy Girls.scr
SpiderH.bmp
SpiderH.jpeg
SpiderH.vbs
sys.vbs
Syso.vbs
SysRes.vbs
syx.exe
taso.exe
tavo.exe
tavo0.dll
tavo1.dll
tavo2.dll
tavo3.dll
temp1.exe
temp2.exe
temp?.exe
text.txt
Ecran.exe
THe Girls
tmp.reg
tmp.txt
t.txt
vb@dock.vbs
vl@dock.vbs
Win32.vbs
winudp64.exe
dllcache\Default.exe
>>>>>>in "Windows\system32\drivers"<<<<<<<<<
._Sanaa style-1 les formes.exe
0hct8ybw.exe
1ere partie du projet modifier.exe
abdelali lahrach.exe
Analyse transactionnelle.exe
AutoRun.exe
Bernoulli01215.exe"
Cahiers français Quels modes de financement pour les entreprises - La Documentation française.exe
Copie de Devoir I.exe
e-ticket Juba Paris.exe
fdfp2.exe
fihi ghizlane Rapport de stage.exe
graphic.exe
intel.exe
isew32.exe
kheireddine.exe
le_cadeau_du_sud(1).exe
LEADERSHIP SKILLS FINAL.exe
lettre de motivation.exe
MSDS.exe
Note.exe
PREMIER CHAPITRE modifié.exe
Raila Odinga.exe
Rapport NADIA.exe
spectro_masse1.exe
td de reacteur.exe
these-223.exe
xyw9tmdj.exe
>>>>>>in "Documents and Settings"<<<<<<<<<
tazebama.dl_
hook.dl_
>>>>>>in "appdata"<<<<<<<<<
fetomiv.vbs
gumugy.vbs
jicapikase.vbs
mobyhikaja.vbs
nebohozi.com
orimuwy.exe
sidymyvig.vbs
tazebama\tazebama.log
tazebama\zPharaoh.dat
tazebama
>>>>>>in "Temp files"<<<<<<<<<
1.reg
2.dll
6257890.exe
fq9.dll
help.exe
help1.rar
inst.exe
system.dll
w2e.sys
winhqqo.exe
wintoift.exe
xhjb.dll
xxx6042.exe
zb5ok.dll
>>>>>>in "All Drives"<<<<<<<<<
._autorun.inf
autorun.inf
autorun.ini
autorun.reg
autorun.bat
autorun.vbs
autorun2.inf
autosys.exe
00hoeav.com
096.bat
0gjn3yw.exe
0qx0sc6.bat
0tmhoc.cmd
0u.cmd
0w.com
0wk2.cmd
108i.cmd
1aq1obb.bat
1bbvq96y.com
1dg.exe
1i.com
1nkbd8h.bat
1rfw8hjr.com
1u0o8bnq.cmd
1weicxa.com
1XXEC.exe
22xo.exe
2ifetri.cmd
2y8la.exe
30ed3.exe
33gmhso.bat
39lpji.com
3o.exe
3wcxx91.cmd
3xXx31.exe
4vzjaw3o.sys
62oop0ak.bat
68.exe
6tkoyhx.cmd
6x8be16.cmd
8e9gmih.bat
8ng8w.com
93vx0c.com
9yqusig.bat
22wcb21o.exe
31n3b2h.exe
39lpji.com
80avp08.com
82r9.cmd
83fgj.com
83l3v.cmd
8df.exe >
8h3hh3m.exe
8tss2gwq.bat
90imhpnc.exe
92j11sm.com
9es.com
a1.bat
a9.com
abk.bat
activexdebugger32.exe
Administrateur_Fichiers.exe
admp.exe
adobeR.exe
Akon.exe
Alecks.vbs
antihost.exe
antinul.vbe
aoutfq.exe
ar.exe
Atisetup.exe
auto.exe
autorum.exe
AutoRun\Demo.exe
autorun.exe
autorun.pif
autoruns.exe
AutoScr.exe
ay8p6v3.cmd
Ayame.exe
b3b9u.com
bicsxk03.com
bittorrent.exe
bndafai.exe
bo1dhu.bat
bobm.exe
boot.exe
bootin.exe
bplrl98.cmd
buis.exe
bwpncb6.com
bxuup9r.bat c18vk.exe
c9.com
c9hehpa.bat
camp.exe
cayfq2.cmd
cd8idoyl.com
cdr.exe
ceb6eu98.bat
cekbru.pif
clear.bat
ClickMe.exe
cftmonn.exe
cfv90h.com
Christina.vbs
cjq.exe
commands.txt
comment.htt
copetttt.com
copy.exe
cradle_of_filth.vbe
cqdis.cmd
cvqkuk.exe
d3bn0j.exe
ddyikr.cmd
delautorun.bat
DFD34719171.bat
DFD34719375.bat
DFD34719609.bat
DFD34723328.bat
DFD34723375.bat
DFD34723781.bat
DFD34724390.bat
DFD34719609.bat
DFD34724531.bat
DFD34724656.bat
DFD34725125.bat
DFD34725218.bat
DFD34726312.bat
DFD34724390.bat
DFD34726328.bat
DFD34729609.bat
DFD34730531.bat
DFD34730937.bat
DFD34734937.bat
DFD34739859.bat
DFD34741421.bat
DFD34741734.bat
DFD34741843.bat
DFD*.bat
dhv2u8.cmd
DPFMate.exe
dstart.exe
dtqlv.exe
dynrn6e.cmd
e898.com
e9ehn1m8.com
eb9ehyh.exe
Ecran.exe
ek.com
ekf6dbg0.com
ekugb3.bat
erdeIect.com
esta ig.vbs
ev60a2.cmd
explorer.exe
exqmmle.exe
f0.cmd
f2ir.com
fe.bat
ffojc.com
fi.cmd
FLIPART.EXE
folder.exe
Folder.htt
fooool.exe
Form5.exe
forSV.exe
FS6519.dll.vbs
fucker.vbs
fun.xls.exe
g2p3s.exe
g2pfnid.com
g83816.com
gdmae.bmp
Ghost.pif
gkyzcijfb.exe
GMOGLFEO.exe
gqsk.bat
graphic.exe
gsxlexd.cmd
gxlxknou.exe
gy.cmd
h0s2.bat h2.com
hfhludy.exe
hgu.bat
hni.cmd
host.exe
hsomklg.exe
hxt9.bat
i0.cmd
i8.cmd
ie.exe
igxv.cmd
ij.bat
ilpg9ejd.com
info.exe
infrom.exe
ino6.com
install.exe
intel.exe
intro.exe
ipy.cmd
iq0ecwcj.cmd
lsass.exe
itsduel.exe
iwjj.com
j4c8t8b5l3a6.exe
j8q8d.cmd
jbfqv8j.cmd
jdhc2x2.com
jdwx.exe
jfjsipw.exe
jfvkcsy.bat
jiwsxh39.exe
JJJ.exe
Jojo.exe
jwwgtuh.exe
jxnraqjxg.exe
jxpiinstall.exe
k6wkwon2.exe
ka1nk.bat
kaq86asx.bat
kayira.bat
kbqbptn.exe
kdkfm.exe
kdy.cmd
kfmyoc.pif
khbph.exe
killVBS.vbs
kk3.bat
KM.exe
kmd.exe
kn6jhgc.cmd
kqnns.exe
kqsr.exe
krg62.cmd
kulitut.bat
kulitut.vbs
kxax.cmd
l2f.cmd
l9dwu8.bat
lExplore.exe
lgcadwx.bat
lgrncie.bat
lky.exe
ln9.exe
lo.exe
loader.exe
logoneui.exe
Long.exe
LOVE.PIF
ltljrg.exe
lumy.exe
lurjlnps.exe
lvxvo1xg.cmd
m1t8ta.com
m9j.com
mail.exe
manulopa.reg
mcxa.exe
Menu.exe
mgjpcfdg.cm
mnl6on3.com
mp.bat
mp.cmd
mp.com
Movie1.exe
mrsne.bat
MS-DOS.com
MS32DLL.dll.vbs
MSd040.vbs
MSdC64.vbs
MSdFB7.vbs
MSd141.vbs
MSd191.vbs
MSd49A.vbs
MSdE78.vbs
MSd*.vbs
mshta.exe
MSKernel32.vbs
muniu.exe
MyMP3.vbs
n1detect.com
n2de.cmd
n6j.com
n6j6pc0.com
n6t1h.cmd
nansy ajram.vbs
nar.vbs
ne0kS.exe
nemesis.exe
nemesis.inf
nfdmg.com
nideiect.com
niu.exe
njibyekk.com
nl.com
nncu6kk.com
NoLimit.exe
np.exe
nq0cq.cmd
nqvarn.pif
nriljal.exe
ntde1ect.com
ntdelect.com
nq.bat
nq0cq.cmd
nqgcd.com
nsv.bat
nw0t1l0d.exe
o2yf0w.bat
o9o2u.bat
o6opnro.bat
OeApi.vbs
oegbi.exe
ogcikeq.com
oka3yrf.bat
oq.cmd
oskkofa.exe
osotilasiq.pif
osy3.sys
otyh.cmd
oufddh.exe
oxafa.com
p3r1ud.exe
p83gjy.exe
p9.exe
pa39xth.cmd
pagefile.pif
pbwkwj.com
pefbutr.exe
pkxfkrki.bat
ph.com
phgr1j.bat
phim_nguoi_lon.exe
pnc.exe
prhyper.exe
psqrhqn.exe
pxka.exe
q3v.com
q83iwmgf.bat
q8sywiva.cmd
qcwpung.exe
qd.cmd
qjfl.exe
qkarc.exe
qquq.bat
qqzjnhuoi.exe
qpe6.com
qobo.dat
qrkugxtw.exe
qxbx9blb.com
r1y1.bat
r2nl.com
r6r.exe
r813.bat
Raila Odinga.exe
Raila Odinga.gif
ranvrgn.exe
ravmon.exe
ravmon.log
ReadMe.exe
RecInfo\RecInfo.exe
Recycle.exe
Recycled\ctfmon.exe
RECYCLED\INFO.exe
Recycled.exe
RECYCLER\Lock Folder.exe
RECYCLER\RECYCLER.exe
RECYCLER\*.exe
regxpcom.exe
resycled\boot.com
resycled\ctfmon.exe
revo.exe
rggbw.exe
rjiybg.exe
rn.exe
rombkaewl.exe
rosftpm.exe
rqq2v.bat
rs.cmd
rt.exe
Run.exe
runaut~1\autorun.pif
RunDll32.exe
rxukgcm.exe
s38k.exe
sal.xls.exe
sasyg1y8.com
script.bat
scriptlo.txt
scvhosts.exe
sdcvhost.exe
SemiAntiVirus.vbs
smkjd.cmd
smss.exe
semo2x.exe
spq.bat
serivces.exe
server.exe
server.inf
Sex City.jpg.wsf
sowar.vbs
SpiderH.vbs
sq.com
sqlserv.exe
SSVICHOSST.exe
stwi.com
svch0st.exe
scvhosts.exe
svdioajm.cmd
sxs.exe
sydp.exe
sys.vbs
Syso.vbs
SysRes.vbs
system.exe
system32.exe
systems.com
systems.exe
t82e2v.cmd
TAE7ESLP.exe
taipingtianguov1.1.exe
takice.lib
tel.xls.exe
temp.bat
temp.exe
temp.temp
temp1.exe
temp2.exe
test.exe
testfile.bat
testflo.bat
tfk8.exe
The_Cars.vbs
THe Girls
tknapl.exe
tknn6.bat
tmf3w3g0.com
TMMDW8LP.exe
Toy.exe
tusoha.exe
tyktjfww.exe
u18vxqle.com
u6k.cmd
u9dyi.exe
udnnnvq.exe
UFO.exe
ufuaugwq.exe
uis.com
uis.exe
um.cmd
un9.cmd
unahafiwik.exe
UnplugDrive.exe
uorys.cmd
update.exe
uqhqx1.cmd
usdeiect.com
userinit.exe
utdetect.com
uxdeiect.com
u?de?ect.com
v2h3.exe
v3pif.bat
VB6FR.DLL
vb@dock.vbs
vfpkkbq.exe
vksucydrh.exe
vl@dock.vbs
vmhr.bat
vmyphd.bat
vva0hc0p.cmd
vxl.exe
w0o.com
w0owgn.bat
w32sys.exe
w3dn9f.bat
waziqepehi.ban
wa6.vbs
Wallpaper.vbs
WallpaperMEHDI.vbs
wfhth.exe
whi.com
WillPolo.vbs
WINDOWS.EXE
Windows.scr
winfile.exe
winglogon.exe
winrun.vbs
winstall.exe
wjlfhtfm.cmd
wol.exe
wsctf.exe
wtbcccq.exe
x0.cmd
XAdeIect.com
xcopy.exe
xfoolavp.com
xih9.cmd
xj.bat
xk2n.bat
xlk9.com
xlu8a8sy.exe
xmnm2.cmd
xn1i9x.com
xnynrnh.exe
xo8wr9.exe
xp19.com
xpbkh.com
xqf.com
xvlyb.exe
xyhav.pif
y82td3td.com
ybj8df.exe
yew.bat
yg.cmd
yjilu.inf
ylacupyb.dl
ylr.exe
yjkjfuo.cmd
yjvmtaa.exe
ynfs9ks.cmd
yssjnngm.cmd
yvmkdwn.exe
zPharaoh.exe
0.cmd
1.cmd
2.cmd
3.cmd
4.cmd
5.cmd
6.cmd
7.cmd
8.cmd
9.cmd
0.bat
1.bat
2.bat
3.bat
4.bat
5.bat
6.bat
7.bat
8.bat
9.bat
0.exe
1.exe
2.exe
3.exe
4.exe
5.exe
6.exe
7.exe
8.exe
9.exe
0.com
1.com
2.com
3.com
4.com
5.com
6.com
7.com
8.com
9.com
0.vbs
1.vbs
2.vbs
3.vbs
4.vbs
5.vbs
6.vbs
7.vbs
8.vbs
9.vbs
a.com
b.com
c.com
d.com
e.com
f.com
g.com
h.com
i.com
j.com
k.com
l.com
m.com
n.com
o.com
p.com
q.com
r.com
s.com
t.com
u.com
v.com
w.com
x.com
y.com
z.com
a.bat
b.bat
c.bat
d.bat
e.bat
f.bat
g.bat
h.bat
i.bat
j.bat
k.bat
l.bat
m.bat
n.bat
o.bat
p.bat
q.bat
r.bat
s.bat
t.bat
u.bat
v.bat
w.bat
x.bat
y.bat
z.bat
a.cmd
b.cmd
c.cmd
d.cmd
e.cmd
f.cmd
g.cmd
h.cmd
i.cmd
j.cmd
k.cmd
l.cmd
m.cmd
n.cmd
o.cmd
p.cmd
q.cmd
r.cmd
s.cmd
t.cmd
u.cmd
v.cmd
w.cmd
x.cmd
y.cmd
z.cmd
a.exe
b.exe
c.exe
d.exe
e.exe
f.exe
g.exe
h.exe
i.exe
j.exe
k.exe
l.exe
m.exe
n.exe
o.exe
p.exe
q.exe
r.exe
s.exe
t.exe
u.exe
v.exe
w.exe
x.exe
y.exe
z.exe
a.vbs
b.vbs
c.vbs
d.vbs
e.vbs
f.vbs
g.vbs
h.vbs
i.vbs
j.vbs
k.vbs
l.vbs
m.vbs
n.vbs
o.vbs
p.vbs
q.vbs
r.vbs
s.vbs
t.vbs
u.vbs
v.vbs
w.vbs
x.vbs
y.vbs
z.vbs
*.dll.vbs
>>Dossiers :
AutoRun
autorun.inf
fsc.tmp
RecInfo
Recycled\Recycled
Recycler\Recycler
resycled
runaut~1
sdlflzoip
>>>>>>"Registry"<<<<<<<<<
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Window Title"=-
"Start Page"=-
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN]
"Start Page"="https://www.msn.com/fr-fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"fucker"=-
"SysDir"=-
"ms32dll"=-
"cftmonn"=-
"Lany"=-
"Zip"=-
"RavAV"=-
"cmd32"=-
"Install.exe"=-
"FIXEDFON.FON"=-
"MS-RAD0"=-
"MS-RAD1"=-
"MS-RAD2"=-
"MS-RAD3"=-
"MS-RAD4"=-
"MS-RAD5"=-
"MS-RAD6"=-
"MS-RAD7"=-
"MS-RAD8"=-
"MS-RAD9"=-
"MS-RADA"=-
"MS-RADB"=-
"MS-RADC"=-
"MS-RADD"=-
"MS-RADE"=-
"MS-RADF"=-
"MS-RADG"=-
"MS-RADH"=-
"MS-RADI"=-
"MS-RADJ"=-
"MS-RADK"=-
"MS-RADL"=-
"MS-RADM"=-
"MS-RADN"=-
"MS-RADO"=-
"MS-RADP"=-
"MS-RADQ"=-
"MS-RADR"=-
"MS-RADS"=-
"MS-RADT"=-
"MS-RADU"=-
"MS-RADV"=-
"MS-RADW"=-
"MS-RADX"=-
"MS-RADY"=-
"MS-RADZ"=-
" "=-
"winrun.dll"=-
"loader.exe"=-
"recinfo49"=-
"System"=-
"System Updater Machine"=-
"SpiderH"=-
"winudp64.exe"=-
"System12"=-
"System64"=-
"IMJPMIG8.2"=-
"CARPService"=-
"039.tmp"=-
"userd"=-
"nar"=-
"MSKernel32"=-
"WillPolo"=-
"MyMP3"=-
"FS6519"=-
"Windows\SysRes.vbs"=-
"SysRes"=-
"Raila Odinga"=-
"reginit"=-
"lnternet Update"=-
"GMOGLFEO"=-
"WintelUpdate"=-
"Pubnet"=-
"antihost"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
"System Updater Machine"=-
"Win32DLL"=-
"lnternet Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
" "=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RavAV]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kamsoft"=-
"amva"=-
"kava"=-
"tava"=-
"avpa"=-
"internet_explorer"=-
"anti-virus 2007"=-
"Mp3 player"=-
"kxvo"=-
"EXPLORER.EXE"=-
"wsctf.exe"=-
"loader.exe"=-
"jvvo"=-
"taso"=-
"Avg_AntiHost"=-
"jvsoft"=-
"tasoft"=-
"SpiderH"=-
"MsServer"=-
"MSFox"=-
"msn"=-
"????r"=-
"Windows Update"=-
"Microsoft Debug Manager"=-
"protect_autorun"=-
"Le Petit Robert Hyperappel"=-
"firewall 2008"=-
" "=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
" "=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"test"=-
"Msn"=-
"MsnHost"=-
"MsnLoad"=-
"MsnConvert"=-
"MsnMessendger"=-
"sys"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"=-
"LegalNoticeCaption"=-
"LegalNoticeText"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\NoChangingWallPaper]
-------------------------------------------------------------------------------------------------------------
Mises a jours du 5 decembre 2008
>>>>>>in "All Drives"<<<<<<<<<
6xdgw26.com
6xig.com
8386nac.com
8e.com
8u.com
8uot.exe
arun.exe
asneg.com
bpu.exe
br1e.com
cdwfql2v.com
ceqfqp.bat
cm0.com
d1y36.com
dh66ln.cmd
dpu1.exe
dyr2j6mv.exe
ermvu8.cmd
fblfnthuh.exe
fn20.exe
fufb6tq3.cmd
g2o1n.exe
gx.com h3hi1k3.exe
i8.com
ivcvknr.bat
jv.exe
kernel32.dll.vbs
kg2v.com
klp8j6i.com
ktnquo.exe
l1.cmd
lp3c.bat
m0g8sqx.cmd
m6dqm2vd.exe
m8wafly.com
m9as2c.cmd
MicrosoftPowerPoint.exe
MSd30D.vbs
msnmsgr_plus.exe
ncyrf.bat
ntdeIect.com
ntnq.exe
ntphyy.com
NTsys.exe
o6pq1n8.com
okhr.exe
ous.exe
ox.cmd
p1f6b.exe
program.exe
qeoc6sj.exe
qwultj1.bat
rcukd.cmd
rdsfk.com
rjx0.exe
rqb0v2ot.bat
scene.exe
Server082.exe
tigi.cmd
uh31.exe
uwlmj.com
uxkktr.cmd
vd91t29.exe
w2qagd.com
welcome.exe
WindowsXP.exe
winsys3.exe
ypjq1.cmd
.MGT_reg32.dll.vbs
achitasin.dll.vbs
autoupdate.dll.vbs
bat32.txt
happy.vbs
ie.vbs
killgodzilla.vbs
maskrider.dll.vbs
maskrider2001.vbs
msiexec.dll.vbs
MsUpdate.sys.vbs
nohack.vbs
RUNDLL64.dll.vbs
setup.dll.vbs
VBRuntime32.dll.vbs
viva.dll.vbs
Win32.dll.vbs
winconfig.dll.vbs
xepet.html
xepet.txt
>>>>>>in "Windows"<<<<<<<<<
.MGT_reg32.dll.vbs
achitasin.dll.vbs
autoupdate.dll.vbs
bat32.txt
boot.ini
happy.vbs
ie.vbs
killgodzilla.vbs
maskrider.dll.vbs
maskrider2001.vbs
msiexec.dll.vbs
MsUpdate.sys.vbs
nohack.vbs
RUNDLL64.dll.vbs
setup.dll.vbs
VBRuntime32.dll.vbs
viva.dll.vbs
Win32.dll.vbs
winconfig.dll.vbs
xepet.html
xepet.txt
>>>>>>in "Windows\system32"<<<<<<<<<
kdyul.exe
gasretyw0.dll
gasretyw1.dll
gasretyw2.dll
gasretyw3.dll
DC4491.DLL
>>>>>>"Registry"<<<<<<<<<
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Winboot"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UC"=-
"r4n694-24y"=-
"kernel32"=-
"MSConfigs"=-
"Microsoft"=-
"MGT_reg"=-
"Winboot"=-
"Winamp"=-
"Macromedia"=-
"WINFIX"=-
"winconfig"=-
"Achitasin"=-
"mcafee"=-
"wscript32dll"=-
"Batch32"=-
"maskrider"=-
"autoupdate"=-
"KILLMS32DLL"=-
"WinExpress"=-
"WinDebugger"=-
"C:\WINDOWS\system32\kdyul.exe"=-
mises a jours du 6 Décembre 2008
>>>>>>in "All Drives"<<<<<<<<<
lgrncie.bat
info.bat
iqosrtk.bat
0oyl662q.cmd
eb.bat
New Folder.exe
Setup_ver1.1779.2.exe
Setup_ver*.exe
>>>>>>in "Windows"<<<<<<<<<
SSVICHOSST.exe
>>>>>>in "Windows\system32"<<<<<<<<<
SSVICHOSST.exe
kdxkt.exe
kdjay.exe
kdwzh.exe
msiconf.exe
>>>>>>"Registry"<<<<<<<<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"MsUpdate"=-
"C:\WINDOWS\system32\kdxkt.exe"=-
"C:\WINDOWS\system32\kdjay.exe"=-
"C:\WINDOWS\system32\kdwzh.exe"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"msiexec.exe"=-
"Yahoo Messengger"=-
mises a jours du 11 Décembre 2008
>>>>>>in "All Drives"<<<<<<<<<
Secret.exe
hupxj.bat
fphj6j31.bat
shell.exe
Installer.exe
fvbk.exe
snaoc9i.exe
bt8vuaw.com
wjlc.exe
6fnlpetp.exe
g8rruyw.exe
o1.com
yannh.cmd
1t6yxlxx.cmd
2h60k.cmd
3rl3lqbq.bat
ewatr.cmd
Maradona.exe
iw.bat
m2nl.bat
ov.cmd
pnt.com
t1ypkh.exe
grgarevn.inf
microsvn.inf
refsanvn.inf
Zidan vs Tito.exe
desktop.exe
omsirutnarg.exe
Alisa.exe
blazzers.exe
burimi.exe
nfd.exe
repppp.exe
wax.exe
wny.exe
msv2008.exe
GETBOOTD.BAT
tbm9.bat
08dgu.com
>>>>>>in "Windows\system32"<<<<<<<<<
vamsoft.exe
vbsdfe0.dll
vbsdfe1.dll
vbsdfe2.dll
vbsdfe3.dll
syx.exe
>>>>>>"Registry"<<<<<<<<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"Host Process for Windows Services"=-
"Advanced DHTML Enable"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\runServices]
"Host Process for Windows Services"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"Runonce"=-
"vamsoft"=-
Changelog UsbFix établit le 2 decembre 2008
outils créé par Chiquitine29 , aide aux mises a jours -> Chimay8
>>>>>>in "ProgramFiles"<<<<<<<<<
Internet Explorer\Connection Wizard\icwconn1\rada
Internet Explorer\Connection Wizard\icwconn1\rade
Internet Explorer\Connection Wizard\icwconn1\radf
Internet Explorer\Connection Wizard\icwconn1\rad5
Internet Explorer\Connection Wizard\icwconn1\rad0
Internet Explorer\Connection Wizard\icwconn1\rad9
Internet Explorer\Connection Wizard\icwconn1\rad4
Internet Explorer\Connection Wizard\icwconn1\rad1
Internet Explorer\Connection Wizard\icwconn1
Movie Maker\explorer.exe
Internet Explorer\explorer.exe
>>>>>>in "Windows"<<<<<<<<<
autorun.inf
autorun.exe
autorun.vbs
autorun.reg
autorun.ini
autorun.fcb
autorun.bat
autorun.com
AdobeR.exe
Alecks.vbs
bittorrent.exe
cmd32.exe
CwbRmDir.bat
Fonts\Fonts.exe
FS6519.dll.vbs
funny.exe
GMOGLFEO.exe
hiqalowo.inf
icapy.scr
ilezyvu.bin
Lany.vbs
lumy.exe
manulopa.reg
MS32DLL.dll.vbs
MyMP3.vbs
nar.vbs
osok.inf
osotilasiq.pif
oxafa.com
qobo.dat
rundll32.vbe
sleep.vbe
SysRes.vbs
takice.lib
tusoha.exe
unahafiwik.exe
waol.exe
waziqepehi.ban
WillPolo.vbs
Win32DLL.vbs
win.vbe
window.exe
wyzeha.com
xcopy.exe
yjilu.inf
ylacupyb.dll
RECYCLER\systems.com
temp\039.tmp
>>>>>>in "Windows\system32"<<<<<<<<<
agucuri.vbs
ahr.exe
Alecks.vbs
antinul.vbe
amvo.exe
amvo0.dll
amvo1.dll
amvo2.dll
autorun.bat
Autorun.com
autorun.exe
autorun.fcb
autorun.inf
autorun.ini
autorun.reg
autorun.vbs
Autoruns.exe
avpo.exe
avpo0.dll
avpo1.dll
Bitkvo.exe
Bitkv0.dll
Bitkv1.dll
cftmonn.exe
Christina.jpg
Christina.vbs
ckvo.exe
ckvo0.dll
ckvo1.dll
ckvo2.dll
cradle_of_filth.vbe
delself.bat
FS6519.dll.vbs
GMOGLFEO.exe
icf.exe.exe
ie.exe
jvvo.exe
jvvo0.dll
jvvo1.dll
jvvo2.dll
jvvo3.dll
j3ewro.exe
jwedsfdo0.dll
jwedsfdo1.dll
jwedsfdo2.dll
jwedsfdo3.dll
jxnraqjxg.exe
kavo.exe
kamsoft.exe
kav0.dll
kav1.dll
kav2.dll
kav3.dll
kavo0.dll
kavo1.dll
kavo2.dll
kavo3.dll
kdkfm.exe
KEYBOARD.exe
keygen.exe
kulitut.bat
kulitut.vbs
kxvo.exe
kxvo0.dll
kxvo1.dll
kxvo2.dll
kxvo3.dll
lExplore.exe
loader.exe
logoneui.exe
LOVE-LETTER-FOR-YOU.HTM
LOVE-LETTER-FOR-YOU.TXT.vbs
msfun80.exe
msime82.exe
MSKernel32.vbs
ne0kS.dll.wsf
ne0kS.exe
OeApi.vbs
pubnet.vbs
rs32net.exe
SemiAntiVirus.vbs
Sexy Girls.scr
SpiderH.bmp
SpiderH.jpeg
SpiderH.vbs
sys.vbs
Syso.vbs
SysRes.vbs
syx.exe
taso.exe
tavo.exe
tavo0.dll
tavo1.dll
tavo2.dll
tavo3.dll
temp1.exe
temp2.exe
temp?.exe
text.txt
Ecran.exe
THe Girls
tmp.reg
tmp.txt
t.txt
vb@dock.vbs
vl@dock.vbs
Win32.vbs
winudp64.exe
dllcache\Default.exe
>>>>>>in "Windows\system32\drivers"<<<<<<<<<
._Sanaa style-1 les formes.exe
0hct8ybw.exe
1ere partie du projet modifier.exe
abdelali lahrach.exe
Analyse transactionnelle.exe
AutoRun.exe
Bernoulli01215.exe"
Cahiers français Quels modes de financement pour les entreprises - La Documentation française.exe
Copie de Devoir I.exe
e-ticket Juba Paris.exe
fdfp2.exe
fihi ghizlane Rapport de stage.exe
graphic.exe
intel.exe
isew32.exe
kheireddine.exe
le_cadeau_du_sud(1).exe
LEADERSHIP SKILLS FINAL.exe
lettre de motivation.exe
MSDS.exe
Note.exe
PREMIER CHAPITRE modifié.exe
Raila Odinga.exe
Rapport NADIA.exe
spectro_masse1.exe
td de reacteur.exe
these-223.exe
xyw9tmdj.exe
>>>>>>in "Documents and Settings"<<<<<<<<<
tazebama.dl_
hook.dl_
>>>>>>in "appdata"<<<<<<<<<
fetomiv.vbs
gumugy.vbs
jicapikase.vbs
mobyhikaja.vbs
nebohozi.com
orimuwy.exe
sidymyvig.vbs
tazebama\tazebama.log
tazebama\zPharaoh.dat
tazebama
>>>>>>in "Temp files"<<<<<<<<<
1.reg
2.dll
6257890.exe
fq9.dll
help.exe
help1.rar
inst.exe
system.dll
w2e.sys
winhqqo.exe
wintoift.exe
xhjb.dll
xxx6042.exe
zb5ok.dll
>>>>>>in "All Drives"<<<<<<<<<
._autorun.inf
autorun.inf
autorun.ini
autorun.reg
autorun.bat
autorun.vbs
autorun2.inf
autosys.exe
00hoeav.com
096.bat
0gjn3yw.exe
0qx0sc6.bat
0tmhoc.cmd
0u.cmd
0w.com
0wk2.cmd
108i.cmd
1aq1obb.bat
1bbvq96y.com
1dg.exe
1i.com
1nkbd8h.bat
1rfw8hjr.com
1u0o8bnq.cmd
1weicxa.com
1XXEC.exe
22xo.exe
2ifetri.cmd
2y8la.exe
30ed3.exe
33gmhso.bat
39lpji.com
3o.exe
3wcxx91.cmd
3xXx31.exe
4vzjaw3o.sys
62oop0ak.bat
68.exe
6tkoyhx.cmd
6x8be16.cmd
8e9gmih.bat
8ng8w.com
93vx0c.com
9yqusig.bat
22wcb21o.exe
31n3b2h.exe
39lpji.com
80avp08.com
82r9.cmd
83fgj.com
83l3v.cmd
8df.exe >
8h3hh3m.exe
8tss2gwq.bat
90imhpnc.exe
92j11sm.com
9es.com
a1.bat
a9.com
abk.bat
activexdebugger32.exe
Administrateur_Fichiers.exe
admp.exe
adobeR.exe
Akon.exe
Alecks.vbs
antihost.exe
antinul.vbe
aoutfq.exe
ar.exe
Atisetup.exe
auto.exe
autorum.exe
AutoRun\Demo.exe
autorun.exe
autorun.pif
autoruns.exe
AutoScr.exe
ay8p6v3.cmd
Ayame.exe
b3b9u.com
bicsxk03.com
bittorrent.exe
bndafai.exe
bo1dhu.bat
bobm.exe
boot.exe
bootin.exe
bplrl98.cmd
buis.exe
bwpncb6.com
bxuup9r.bat c18vk.exe
c9.com
c9hehpa.bat
camp.exe
cayfq2.cmd
cd8idoyl.com
cdr.exe
ceb6eu98.bat
cekbru.pif
clear.bat
ClickMe.exe
cftmonn.exe
cfv90h.com
Christina.vbs
cjq.exe
commands.txt
comment.htt
copetttt.com
copy.exe
cradle_of_filth.vbe
cqdis.cmd
cvqkuk.exe
d3bn0j.exe
ddyikr.cmd
delautorun.bat
DFD34719171.bat
DFD34719375.bat
DFD34719609.bat
DFD34723328.bat
DFD34723375.bat
DFD34723781.bat
DFD34724390.bat
DFD34719609.bat
DFD34724531.bat
DFD34724656.bat
DFD34725125.bat
DFD34725218.bat
DFD34726312.bat
DFD34724390.bat
DFD34726328.bat
DFD34729609.bat
DFD34730531.bat
DFD34730937.bat
DFD34734937.bat
DFD34739859.bat
DFD34741421.bat
DFD34741734.bat
DFD34741843.bat
DFD*.bat
dhv2u8.cmd
DPFMate.exe
dstart.exe
dtqlv.exe
dynrn6e.cmd
e898.com
e9ehn1m8.com
eb9ehyh.exe
Ecran.exe
ek.com
ekf6dbg0.com
ekugb3.bat
erdeIect.com
esta ig.vbs
ev60a2.cmd
explorer.exe
exqmmle.exe
f0.cmd
f2ir.com
fe.bat
ffojc.com
fi.cmd
FLIPART.EXE
folder.exe
Folder.htt
fooool.exe
Form5.exe
forSV.exe
FS6519.dll.vbs
fucker.vbs
fun.xls.exe
g2p3s.exe
g2pfnid.com
g83816.com
gdmae.bmp
Ghost.pif
gkyzcijfb.exe
GMOGLFEO.exe
gqsk.bat
graphic.exe
gsxlexd.cmd
gxlxknou.exe
gy.cmd
h0s2.bat h2.com
hfhludy.exe
hgu.bat
hni.cmd
host.exe
hsomklg.exe
hxt9.bat
i0.cmd
i8.cmd
ie.exe
igxv.cmd
ij.bat
ilpg9ejd.com
info.exe
infrom.exe
ino6.com
install.exe
intel.exe
intro.exe
ipy.cmd
iq0ecwcj.cmd
lsass.exe
itsduel.exe
iwjj.com
j4c8t8b5l3a6.exe
j8q8d.cmd
jbfqv8j.cmd
jdhc2x2.com
jdwx.exe
jfjsipw.exe
jfvkcsy.bat
jiwsxh39.exe
JJJ.exe
Jojo.exe
jwwgtuh.exe
jxnraqjxg.exe
jxpiinstall.exe
k6wkwon2.exe
ka1nk.bat
kaq86asx.bat
kayira.bat
kbqbptn.exe
kdkfm.exe
kdy.cmd
kfmyoc.pif
khbph.exe
killVBS.vbs
kk3.bat
KM.exe
kmd.exe
kn6jhgc.cmd
kqnns.exe
kqsr.exe
krg62.cmd
kulitut.bat
kulitut.vbs
kxax.cmd
l2f.cmd
l9dwu8.bat
lExplore.exe
lgcadwx.bat
lgrncie.bat
lky.exe
ln9.exe
lo.exe
loader.exe
logoneui.exe
Long.exe
LOVE.PIF
ltljrg.exe
lumy.exe
lurjlnps.exe
lvxvo1xg.cmd
m1t8ta.com
m9j.com
mail.exe
manulopa.reg
mcxa.exe
Menu.exe
mgjpcfdg.cm
mnl6on3.com
mp.bat
mp.cmd
mp.com
Movie1.exe
mrsne.bat
MS-DOS.com
MS32DLL.dll.vbs
MSd040.vbs
MSdC64.vbs
MSdFB7.vbs
MSd141.vbs
MSd191.vbs
MSd49A.vbs
MSdE78.vbs
MSd*.vbs
mshta.exe
MSKernel32.vbs
muniu.exe
MyMP3.vbs
n1detect.com
n2de.cmd
n6j.com
n6j6pc0.com
n6t1h.cmd
nansy ajram.vbs
nar.vbs
ne0kS.exe
nemesis.exe
nemesis.inf
nfdmg.com
nideiect.com
niu.exe
njibyekk.com
nl.com
nncu6kk.com
NoLimit.exe
np.exe
nq0cq.cmd
nqvarn.pif
nriljal.exe
ntde1ect.com
ntdelect.com
nq.bat
nq0cq.cmd
nqgcd.com
nsv.bat
nw0t1l0d.exe
o2yf0w.bat
o9o2u.bat
o6opnro.bat
OeApi.vbs
oegbi.exe
ogcikeq.com
oka3yrf.bat
oq.cmd
oskkofa.exe
osotilasiq.pif
osy3.sys
otyh.cmd
oufddh.exe
oxafa.com
p3r1ud.exe
p83gjy.exe
p9.exe
pa39xth.cmd
pagefile.pif
pbwkwj.com
pefbutr.exe
pkxfkrki.bat
ph.com
phgr1j.bat
phim_nguoi_lon.exe
pnc.exe
prhyper.exe
psqrhqn.exe
pxka.exe
q3v.com
q83iwmgf.bat
q8sywiva.cmd
qcwpung.exe
qd.cmd
qjfl.exe
qkarc.exe
qquq.bat
qqzjnhuoi.exe
qpe6.com
qobo.dat
qrkugxtw.exe
qxbx9blb.com
r1y1.bat
r2nl.com
r6r.exe
r813.bat
Raila Odinga.exe
Raila Odinga.gif
ranvrgn.exe
ravmon.exe
ravmon.log
ReadMe.exe
RecInfo\RecInfo.exe
Recycle.exe
Recycled\ctfmon.exe
RECYCLED\INFO.exe
Recycled.exe
RECYCLER\Lock Folder.exe
RECYCLER\RECYCLER.exe
RECYCLER\*.exe
regxpcom.exe
resycled\boot.com
resycled\ctfmon.exe
revo.exe
rggbw.exe
rjiybg.exe
rn.exe
rombkaewl.exe
rosftpm.exe
rqq2v.bat
rs.cmd
rt.exe
Run.exe
runaut~1\autorun.pif
RunDll32.exe
rxukgcm.exe
s38k.exe
sal.xls.exe
sasyg1y8.com
script.bat
scriptlo.txt
scvhosts.exe
sdcvhost.exe
SemiAntiVirus.vbs
smkjd.cmd
smss.exe
semo2x.exe
spq.bat
serivces.exe
server.exe
server.inf
Sex City.jpg.wsf
sowar.vbs
SpiderH.vbs
sq.com
sqlserv.exe
SSVICHOSST.exe
stwi.com
svch0st.exe
scvhosts.exe
svdioajm.cmd
sxs.exe
sydp.exe
sys.vbs
Syso.vbs
SysRes.vbs
system.exe
system32.exe
systems.com
systems.exe
t82e2v.cmd
TAE7ESLP.exe
taipingtianguov1.1.exe
takice.lib
tel.xls.exe
temp.bat
temp.exe
temp.temp
temp1.exe
temp2.exe
test.exe
testfile.bat
testflo.bat
tfk8.exe
The_Cars.vbs
THe Girls
tknapl.exe
tknn6.bat
tmf3w3g0.com
TMMDW8LP.exe
Toy.exe
tusoha.exe
tyktjfww.exe
u18vxqle.com
u6k.cmd
u9dyi.exe
udnnnvq.exe
UFO.exe
ufuaugwq.exe
uis.com
uis.exe
um.cmd
un9.cmd
unahafiwik.exe
UnplugDrive.exe
uorys.cmd
update.exe
uqhqx1.cmd
usdeiect.com
userinit.exe
utdetect.com
uxdeiect.com
u?de?ect.com
v2h3.exe
v3pif.bat
VB6FR.DLL
vb@dock.vbs
vfpkkbq.exe
vksucydrh.exe
vl@dock.vbs
vmhr.bat
vmyphd.bat
vva0hc0p.cmd
vxl.exe
w0o.com
w0owgn.bat
w32sys.exe
w3dn9f.bat
waziqepehi.ban
wa6.vbs
Wallpaper.vbs
WallpaperMEHDI.vbs
wfhth.exe
whi.com
WillPolo.vbs
WINDOWS.EXE
Windows.scr
winfile.exe
winglogon.exe
winrun.vbs
winstall.exe
wjlfhtfm.cmd
wol.exe
wsctf.exe
wtbcccq.exe
x0.cmd
XAdeIect.com
xcopy.exe
xfoolavp.com
xih9.cmd
xj.bat
xk2n.bat
xlk9.com
xlu8a8sy.exe
xmnm2.cmd
xn1i9x.com
xnynrnh.exe
xo8wr9.exe
xp19.com
xpbkh.com
xqf.com
xvlyb.exe
xyhav.pif
y82td3td.com
ybj8df.exe
yew.bat
yg.cmd
yjilu.inf
ylacupyb.dl
ylr.exe
yjkjfuo.cmd
yjvmtaa.exe
ynfs9ks.cmd
yssjnngm.cmd
yvmkdwn.exe
zPharaoh.exe
0.cmd
1.cmd
2.cmd
3.cmd
4.cmd
5.cmd
6.cmd
7.cmd
8.cmd
9.cmd
0.bat
1.bat
2.bat
3.bat
4.bat
5.bat
6.bat
7.bat
8.bat
9.bat
0.exe
1.exe
2.exe
3.exe
4.exe
5.exe
6.exe
7.exe
8.exe
9.exe
0.com
1.com
2.com
3.com
4.com
5.com
6.com
7.com
8.com
9.com
0.vbs
1.vbs
2.vbs
3.vbs
4.vbs
5.vbs
6.vbs
7.vbs
8.vbs
9.vbs
a.com
b.com
c.com
d.com
e.com
f.com
g.com
h.com
i.com
j.com
k.com
l.com
m.com
n.com
o.com
p.com
q.com
r.com
s.com
t.com
u.com
v.com
w.com
x.com
y.com
z.com
a.bat
b.bat
c.bat
d.bat
e.bat
f.bat
g.bat
h.bat
i.bat
j.bat
k.bat
l.bat
m.bat
n.bat
o.bat
p.bat
q.bat
r.bat
s.bat
t.bat
u.bat
v.bat
w.bat
x.bat
y.bat
z.bat
a.cmd
b.cmd
c.cmd
d.cmd
e.cmd
f.cmd
g.cmd
h.cmd
i.cmd
j.cmd
k.cmd
l.cmd
m.cmd
n.cmd
o.cmd
p.cmd
q.cmd
r.cmd
s.cmd
t.cmd
u.cmd
v.cmd
w.cmd
x.cmd
y.cmd
z.cmd
a.exe
b.exe
c.exe
d.exe
e.exe
f.exe
g.exe
h.exe
i.exe
j.exe
k.exe
l.exe
m.exe
n.exe
o.exe
p.exe
q.exe
r.exe
s.exe
t.exe
u.exe
v.exe
w.exe
x.exe
y.exe
z.exe
a.vbs
b.vbs
c.vbs
d.vbs
e.vbs
f.vbs
g.vbs
h.vbs
i.vbs
j.vbs
k.vbs
l.vbs
m.vbs
n.vbs
o.vbs
p.vbs
q.vbs
r.vbs
s.vbs
t.vbs
u.vbs
v.vbs
w.vbs
x.vbs
y.vbs
z.vbs
*.dll.vbs
>>Dossiers :
AutoRun
autorun.inf
fsc.tmp
RecInfo
Recycled\Recycled
Recycler\Recycler
resycled
runaut~1
sdlflzoip
>>>>>>"Registry"<<<<<<<<<
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Window Title"=-
"Start Page"=-
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN]
"Start Page"="https://www.msn.com/fr-fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"fucker"=-
"SysDir"=-
"ms32dll"=-
"cftmonn"=-
"Lany"=-
"Zip"=-
"RavAV"=-
"cmd32"=-
"Install.exe"=-
"FIXEDFON.FON"=-
"MS-RAD0"=-
"MS-RAD1"=-
"MS-RAD2"=-
"MS-RAD3"=-
"MS-RAD4"=-
"MS-RAD5"=-
"MS-RAD6"=-
"MS-RAD7"=-
"MS-RAD8"=-
"MS-RAD9"=-
"MS-RADA"=-
"MS-RADB"=-
"MS-RADC"=-
"MS-RADD"=-
"MS-RADE"=-
"MS-RADF"=-
"MS-RADG"=-
"MS-RADH"=-
"MS-RADI"=-
"MS-RADJ"=-
"MS-RADK"=-
"MS-RADL"=-
"MS-RADM"=-
"MS-RADN"=-
"MS-RADO"=-
"MS-RADP"=-
"MS-RADQ"=-
"MS-RADR"=-
"MS-RADS"=-
"MS-RADT"=-
"MS-RADU"=-
"MS-RADV"=-
"MS-RADW"=-
"MS-RADX"=-
"MS-RADY"=-
"MS-RADZ"=-
" "=-
"winrun.dll"=-
"loader.exe"=-
"recinfo49"=-
"System"=-
"System Updater Machine"=-
"SpiderH"=-
"winudp64.exe"=-
"System12"=-
"System64"=-
"IMJPMIG8.2"=-
"CARPService"=-
"039.tmp"=-
"userd"=-
"nar"=-
"MSKernel32"=-
"WillPolo"=-
"MyMP3"=-
"FS6519"=-
"Windows\SysRes.vbs"=-
"SysRes"=-
"Raila Odinga"=-
"reginit"=-
"lnternet Update"=-
"GMOGLFEO"=-
"WintelUpdate"=-
"Pubnet"=-
"antihost"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
"System Updater Machine"=-
"Win32DLL"=-
"lnternet Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
" "=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RavAV]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kamsoft"=-
"amva"=-
"kava"=-
"tava"=-
"avpa"=-
"internet_explorer"=-
"anti-virus 2007"=-
"Mp3 player"=-
"kxvo"=-
"EXPLORER.EXE"=-
"wsctf.exe"=-
"loader.exe"=-
"jvvo"=-
"taso"=-
"Avg_AntiHost"=-
"jvsoft"=-
"tasoft"=-
"SpiderH"=-
"MsServer"=-
"MSFox"=-
"msn"=-
"????r"=-
"Windows Update"=-
"Microsoft Debug Manager"=-
"protect_autorun"=-
"Le Petit Robert Hyperappel"=-
"firewall 2008"=-
" "=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
" "=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"test"=-
"Msn"=-
"MsnHost"=-
"MsnLoad"=-
"MsnConvert"=-
"MsnMessendger"=-
"sys"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"=-
"LegalNoticeCaption"=-
"LegalNoticeText"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\NoChangingWallPaper]
-------------------------------------------------------------------------------------------------------------
Mises a jours du 5 decembre 2008
>>>>>>in "All Drives"<<<<<<<<<
6xdgw26.com
6xig.com
8386nac.com
8e.com
8u.com
8uot.exe
arun.exe
asneg.com
bpu.exe
br1e.com
cdwfql2v.com
ceqfqp.bat
cm0.com
d1y36.com
dh66ln.cmd
dpu1.exe
dyr2j6mv.exe
ermvu8.cmd
fblfnthuh.exe
fn20.exe
fufb6tq3.cmd
g2o1n.exe
gx.com h3hi1k3.exe
i8.com
ivcvknr.bat
jv.exe
kernel32.dll.vbs
kg2v.com
klp8j6i.com
ktnquo.exe
l1.cmd
lp3c.bat
m0g8sqx.cmd
m6dqm2vd.exe
m8wafly.com
m9as2c.cmd
MicrosoftPowerPoint.exe
MSd30D.vbs
msnmsgr_plus.exe
ncyrf.bat
ntdeIect.com
ntnq.exe
ntphyy.com
NTsys.exe
o6pq1n8.com
okhr.exe
ous.exe
ox.cmd
p1f6b.exe
program.exe
qeoc6sj.exe
qwultj1.bat
rcukd.cmd
rdsfk.com
rjx0.exe
rqb0v2ot.bat
scene.exe
Server082.exe
tigi.cmd
uh31.exe
uwlmj.com
uxkktr.cmd
vd91t29.exe
w2qagd.com
welcome.exe
WindowsXP.exe
winsys3.exe
ypjq1.cmd
.MGT_reg32.dll.vbs
achitasin.dll.vbs
autoupdate.dll.vbs
bat32.txt
happy.vbs
ie.vbs
killgodzilla.vbs
maskrider.dll.vbs
maskrider2001.vbs
msiexec.dll.vbs
MsUpdate.sys.vbs
nohack.vbs
RUNDLL64.dll.vbs
setup.dll.vbs
VBRuntime32.dll.vbs
viva.dll.vbs
Win32.dll.vbs
winconfig.dll.vbs
xepet.html
xepet.txt
>>>>>>in "Windows"<<<<<<<<<
.MGT_reg32.dll.vbs
achitasin.dll.vbs
autoupdate.dll.vbs
bat32.txt
boot.ini
happy.vbs
ie.vbs
killgodzilla.vbs
maskrider.dll.vbs
maskrider2001.vbs
msiexec.dll.vbs
MsUpdate.sys.vbs
nohack.vbs
RUNDLL64.dll.vbs
setup.dll.vbs
VBRuntime32.dll.vbs
viva.dll.vbs
Win32.dll.vbs
winconfig.dll.vbs
xepet.html
xepet.txt
>>>>>>in "Windows\system32"<<<<<<<<<
kdyul.exe
gasretyw0.dll
gasretyw1.dll
gasretyw2.dll
gasretyw3.dll
DC4491.DLL
>>>>>>"Registry"<<<<<<<<<
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Winboot"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UC"=-
"r4n694-24y"=-
"kernel32"=-
"MSConfigs"=-
"Microsoft"=-
"MGT_reg"=-
"Winboot"=-
"Winamp"=-
"Macromedia"=-
"WINFIX"=-
"winconfig"=-
"Achitasin"=-
"mcafee"=-
"wscript32dll"=-
"Batch32"=-
"maskrider"=-
"autoupdate"=-
"KILLMS32DLL"=-
"WinExpress"=-
"WinDebugger"=-
"C:\WINDOWS\system32\kdyul.exe"=-
mises a jours du 6 Décembre 2008
>>>>>>in "All Drives"<<<<<<<<<
lgrncie.bat
info.bat
iqosrtk.bat
0oyl662q.cmd
eb.bat
New Folder.exe
Setup_ver1.1779.2.exe
Setup_ver*.exe
>>>>>>in "Windows"<<<<<<<<<
SSVICHOSST.exe
>>>>>>in "Windows\system32"<<<<<<<<<
SSVICHOSST.exe
kdxkt.exe
kdjay.exe
kdwzh.exe
msiconf.exe
>>>>>>"Registry"<<<<<<<<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"MsUpdate"=-
"C:\WINDOWS\system32\kdxkt.exe"=-
"C:\WINDOWS\system32\kdjay.exe"=-
"C:\WINDOWS\system32\kdwzh.exe"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"msiexec.exe"=-
"Yahoo Messengger"=-
mises a jours du 11 Décembre 2008
>>>>>>in "All Drives"<<<<<<<<<
Secret.exe
hupxj.bat
fphj6j31.bat
shell.exe
Installer.exe
fvbk.exe
snaoc9i.exe
bt8vuaw.com
wjlc.exe
6fnlpetp.exe
g8rruyw.exe
o1.com
yannh.cmd
1t6yxlxx.cmd
2h60k.cmd
3rl3lqbq.bat
ewatr.cmd
Maradona.exe
iw.bat
m2nl.bat
ov.cmd
pnt.com
t1ypkh.exe
grgarevn.inf
microsvn.inf
refsanvn.inf
Zidan vs Tito.exe
desktop.exe
omsirutnarg.exe
Alisa.exe
blazzers.exe
burimi.exe
nfd.exe
repppp.exe
wax.exe
wny.exe
msv2008.exe
GETBOOTD.BAT
tbm9.bat
08dgu.com
>>>>>>in "Windows\system32"<<<<<<<<<
vamsoft.exe
vbsdfe0.dll
vbsdfe1.dll
vbsdfe2.dll
vbsdfe3.dll
syx.exe
>>>>>>"Registry"<<<<<<<<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"Host Process for Windows Services"=-
"Advanced DHTML Enable"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\runServices]
"Host Process for Windows Services"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"Runonce"=-
"vamsoft"=-
Meilleurs voeux panha :)
Ce que tu m´as posté c´est le "changelog du programme"
On va faire ceci :
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
Ce que tu m´as posté c´est le "changelog du programme"
On va faire ceci :
Télécharge combofix.exe (par sUBs) sur ton Bureau.
-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.
- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
bonjour
en premier bizare quand je vais sur spybot / resident / la case sd helper est griser , je ne peux plus la decocher /
pour le tea timer , c est ok je peux decocher , mais pas pour la premiere case
ensuite je ne vois pas comment deconnecte avast , je vois beaucoup de site comment supprimer avast mais je n ai rien trouve pour juste deconnecte
dans le tutoriel il montre (voir ci dessous ) faut til vraiment faire cette demarche?? , cela me parrait complique
Pour l'instant, ne lancez pas ComboFix car il reste quelques opérations préliminaires qui doivent être réalisées.
Vous devriez maintenant installer la Console de Récupération Windows. La Console de Récupération Windows vous permettra de démarrer votre PC dans un mode spécial de récupération qui donnera à votre assistant la possibilité de vous aider si votre ordinateur rencontre des problèmes après une tentative de nettoyage de nuisibles. Si vous utilisez Windows XP et si vous possédez un CD Windows, vous pouvez suivre les instructions données dans l'un des tutoriels listés ci-dessous:
merci
en premier bizare quand je vais sur spybot / resident / la case sd helper est griser , je ne peux plus la decocher /
pour le tea timer , c est ok je peux decocher , mais pas pour la premiere case
ensuite je ne vois pas comment deconnecte avast , je vois beaucoup de site comment supprimer avast mais je n ai rien trouve pour juste deconnecte
dans le tutoriel il montre (voir ci dessous ) faut til vraiment faire cette demarche?? , cela me parrait complique
Pour l'instant, ne lancez pas ComboFix car il reste quelques opérations préliminaires qui doivent être réalisées.
Vous devriez maintenant installer la Console de Récupération Windows. La Console de Récupération Windows vous permettra de démarrer votre PC dans un mode spécial de récupération qui donnera à votre assistant la possibilité de vous aider si votre ordinateur rencontre des problèmes après une tentative de nettoyage de nuisibles. Si vous utilisez Windows XP et si vous possédez un CD Windows, vous pouvez suivre les instructions données dans l'un des tutoriels listés ci-dessous:
merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salut panha,
pour désactiver avast > click droit sur la boule d´avast dans la barre des taches et choisie arrêter les services...
@+
pour désactiver avast > click droit sur la boule d´avast dans la barre des taches et choisie arrêter les services...
@+
protection résidente
merci
ComboFix 08-12-31.01 - nathalie 2009-01-02 18:07:32.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2038.924 [GMT 7:00]
Running from: c:\users\nathalie\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 090101-0] *On-access scanning disabled* (Updated)
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\x64
.
((((((((((((((((((((((((( Files Created from 2008-12-02 to 2009-01-02 )))))))))))))))))))))))))))))))
.
2009-01-02 18:05 . 2009-01-02 18:05 6,736 --a------ c:\windows\System32\drivers\PROCEXP90.SYS
2009-01-01 20:21 . 2009-01-01 20:21 <DIR> d-------- c:\users\nathalie\Documents
2008-12-30 19:14 . 2008-12-30 19:14 <DIR> d-------- c:\users\nathalie\Phone Browser
2008-12-30 16:30 . 2008-12-30 16:31 <DIR> d-------- c:\programdata\Lavasoft
2008-12-30 16:28 . 2008-12-31 10:35 <DIR> d-------- c:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-12-30 16:28 . 2008-12-30 16:28 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-28 16:55 . 2008-12-28 16:55 0 --a------ c:\windows\tosOBEX.INI
2008-12-28 15:52 . 2008-12-28 15:52 56 --ah----- c:\windows\System32\ezsidmv.dat
2008-12-28 15:51 . 2008-12-29 16:46 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-28 15:51 . 2008-12-28 15:51 1,409 --a------ c:\windows\QTFont.for
2008-12-27 12:36 . 2008-12-27 12:36 <DIR> d-------- c:\program files\Trend Micro
2008-12-26 19:59 . 2008-12-31 10:48 <DIR> d-------- C:\ToolBar SD
2008-12-26 16:24 . 2008-12-31 10:35 <DIR> d-------- c:\programdata\Spybot - Search & Destroy
2008-12-26 16:24 . 2008-12-30 10:48 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-12-19 06:16 . 2008-12-12 08:53 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-12-16 06:46 . 2008-12-26 21:02 <DIR> d-------- c:\users\nathalie\AppData\Roaming\MailWasherPro
2008-12-11 06:37 . 2008-10-22 06:31 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-10 12:06 . 2008-10-21 12:16 297,472 --a------ c:\windows\System32\gdi32.dll
2008-12-10 12:01 . 2008-11-01 06:38 4,247,552 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-10 12:01 . 2008-11-01 10:33 1,687,040 --a------ c:\windows\System32\gameux.dll
2008-12-10 12:01 . 2008-11-01 10:33 28,672 --a------ c:\windows\System32\Apphlpdm.dll
2008-12-10 11:56 . 2008-10-29 13:20 2,923,520 --a------ c:\windows\explorer.exe
2008-12-10 11:52 . 2008-06-23 08:52 2,855,424 --a------ c:\windows\System32\mf.dll
2008-12-10 11:52 . 2008-06-23 08:52 996,352 --a------ c:\windows\System32\WMNetMgr.dll
2008-12-10 11:52 . 2008-06-23 08:52 98,816 --a------ c:\windows\System32\mfps.dll
2008-12-10 11:52 . 2008-06-23 08:52 94,720 --a------ c:\windows\System32\logagent.exe
2008-12-10 11:52 . 2008-06-23 08:52 52,736 --a------ c:\windows\System32\rrinstaller.exe
2008-12-10 11:52 . 2008-06-23 08:52 24,576 --a------ c:\windows\System32\mfpmp.exe
2008-12-10 11:52 . 2008-06-23 05:34 2,048 --a------ c:\windows\System32\mferror.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 11:03 --------- d-----w c:\users\nathalie\AppData\Roaming\Skype
2009-01-02 09:03 --------- d-----w c:\users\nathalie\AppData\Roaming\skypePM
2008-12-31 03:35 --------- d-----w c:\programdata\Ulead Systems
2008-12-28 14:40 --------- d-----w c:\users\nathalie\AppData\Roaming\dvdcss
2008-12-28 02:10 --------- d-----w c:\program files\Bonjour
2008-12-26 13:59 --------- d-----w c:\program files\Java
2008-12-19 16:14 --------- d-----w c:\users\nathalie\AppData\Roaming\LimeWire
2008-12-10 23:53 174 --sha-w c:\program files\desktop.ini
2008-12-10 23:48 --------- d-----w c:\program files\Windows Mail
2008-12-10 23:43 --------- d-----w c:\programdata\Microsoft Help
2008-12-03 03:08 --------- d-----w c:\programdata\CanonIJPLM
2008-11-21 05:03 --------- d-----w c:\programdata\DVD Shrink
2008-11-15 00:28 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-11 10:44 --------- d-----w c:\users\nathalie\AppData\Roaming\Ulead Systems
2008-11-11 10:36 --------- d-----w c:\programdata\InterVideo
2008-11-11 10:36 --------- d-----w c:\program files\Common Files\InterVideo
2008-11-11 10:34 --------- d-----w c:\program files\Windows Media Components
2008-11-11 10:34 --------- d-----w c:\program files\Common Files\Ulead Systems
2008-11-11 10:33 --------- d-----w c:\program files\Ulead Systems
2008-11-10 05:20 --------- d-----w c:\programdata\Pinnacle
2008-11-02 18:39 --------- d-----w c:\program files\MessengerPlus! 3
2008-11-02 18:32 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-01 03:33 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:33 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:33 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:33 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:33 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-10-31 23:23 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-10-22 03:43 95,232 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2008-10-22 03:43 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-22 03:43 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2008-10-21 05:16 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll
2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll
2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-10-16 07:08 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-10-16 06:56 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-10-16 04:40 826,368 ----a-w c:\windows\System32\wininet.dll
2008-10-16 04:40 56,320 ----a-w c:\windows\System32\iesetup.dll
2008-10-16 04:40 26,624 ----a-w c:\windows\System32\ieUnatt.exe
2008-07-06 19:31 61,224 ----a-w c:\users\nathalie\GoToAssistDownloadHelper.exe
2007-11-20 03:13 32 ----a-w c:\programdata\ezsid.dat
2008-06-19 12:07 88 --sha-r c:\windows\System32\DAD1DEA4F4.sys
2008-06-19 13:28 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2007-10-09 208946]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-11 21741864]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-06-12 317560]
"E-Flyer"="c:\program files\Sony\E-Flyer\SubFlyer.exe" [2006-10-17 456824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-30 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-30 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-30 133656]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"PrepareYourVAIO"="c:\program files\Sony\Prepare your VAIO\PYVAlert.exe" [2007-05-17 477304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"PCSuiteTrayApplication"="c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2008-11-03 190024]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-08 c:\windows\RtHDVCpl.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
c:\users\nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-05-23 2756608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-07-25 09:26 98304 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
"VIDC.ACDV"= ACDV.dll
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 17:06 40048 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D19E9366-1EAB-4F6D-B095-1239351D3924}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{0A4CAF8F-5565-4395-92D6-8385AE28C466}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{FCD01020-3D95-4138-977E-F7F1C363F2F8}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{217A5682-DF38-4684-86B1-188112BBC333}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E19D0238-9C35-4908-8079-5678AD282700}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{AEBB7DAA-CBA9-482D-8BF1-3C83FBAD613B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{43AE81A5-2604-4598-98B8-DD84250662F0}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A12C8ADB-8163-4641-8925-F0DE3453411D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{024D5124-2566-44DE-8879-AA72CE33214A}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{AA3E0AF4-344F-4F41-83B8-86A467B42FA0}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"{138643A1-B664-488A-BF27-9DCA93409F6A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0EA288AC-B7BB-4501-B277-B723B306FC00}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{9887234A-9DBE-46FF-9153-90DBA495EC7D}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{69EFE161-D015-4BC6-9703-819DF69ACA4D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CEE3511E-C1C7-4D2D-85AB-E75E124F9E68}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{AB35D24D-BA0B-4F17-9CC8-BA4E83BA5057}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{9246520D-F1A7-4884-9A1A-0E437746531C}"= UDP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"{ED404A4E-4163-4071-89CB-7F3CF9FD7625}"= TCP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"TCP Query User{D0A02840-438F-4D7C-9841-5795AC645770}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{5B79D8C4-CDD4-4E32-961A-A3115FF9BEBB}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{F71CAEDF-72D4-4F12-8A9B-33CDEEA686C2}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0664A8F2-DB0A-4F96-A20B-BCD161175432}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{83EF610B-860F-4F83-84D0-F747C45BCFF1}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{201353F3-4D01-4BAD-BC27-A3CAF9916E49}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{F7DD50C4-15AC-4A66-94EE-F59020D9B5D9}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{24BC405D-5877-4102-B42E-F37F4D8386E5}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{7AB9919E-E3A4-4A0F-B101-C02A83957E50}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{66B74A7C-5FAB-4D5E-B387-0D97D4FF343D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{7727ACCE-2F18-4D1E-B3EA-BE0A6B2D0525}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{8987DCA6-3DE0-42E9-B664-3426EE0F9D5E}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{46FB6681-24AE-4B7E-BB68-FC167F14FBA1}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B7A03FBD-C156-4816-B5C1-4C654C252859}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{620B305F-1BD3-4C0D-8F5D-3D2FA422D010}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{A82B61EB-6F61-439C-AB67-71ECCF102451}c:\\program files\\macromedia\\dreamweaver 8\\dreamweaver.exe"= UDP:c:\program files\macromedia\dreamweaver 8\dreamweaver.exe:Dreamweaver 8
"UDP Query User{0D7AC641-8563-47EE-8B5D-B0FA695F1E58}c:\\program files\\macromedia\\dreamweaver 8\\dreamweaver.exe"= TCP:c:\program files\macromedia\dreamweaver 8\dreamweaver.exe:Dreamweaver 8
"TCP Query User{B67AAA63-E46C-4E69-BF91-EFAAF5934DA9}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3
"UDP Query User{CA1F6593-53F6-4071-BFEF-5CCD627D3FC4}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3
"{EA5BB933-0D51-485A-AFC6-E81DCB0D196A}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{45A76AD4-FCD9-4C0B-8B0B-D408BA161D3C}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{EBFDAB42-076B-49E4-B09B-DF470E0417CC}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{C644F5E4-43F0-4561-93E6-A91FD11CE0D9}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{E610EAF5-8762-4A4C-AC90-DC103A18789A}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{27200C18-474C-4FCC-BBBE-2FC4D0B7FDAB}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{93508EF5-DC0C-4D95-B657-2C1EFF44F2FD}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{D751BC81-87FA-49D8-A439-52959A7B33FE}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-06-20 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-06-20 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2007-11-20 51280]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2007-09-23 292152]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-09-04 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-09-04 43904]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-09-05 812544]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [2007-09-23 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;"c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe" [2007-09-23 67760]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-09-23 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" []
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-09-23 1089536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [2007-09-23 79736]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d880558-c245-11dc-a10c-001bfbcc8d7f}]
\shell\AutoRun\command - vmsavzvx.exe
\shell\explore\Command - vmsavzvx.exe
\shell\open\Command - vmsavzvx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fbef56a-c647-11dd-808e-001bfbcc8d7f}]
\shell\AutoRun\command - yannh.cmd
\shell\explore\Command - yannh.cmd
\shell\open\Command - yannh.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fac4b5e-cecf-11dc-8694-001bfbcc8d7f}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7bcf703-94d2-11dd-a5cf-001bfbcc8d7f}]
\shell\verb1\command - desktop.exe
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
2008-07-27 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-20 01:20]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\Sony\Image Converter 3\menu.htm
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-02 18:10:58
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(4300)
c:\program files\MessengerPlus! 3\MsgPlusLoader.dll
.
Completion time: 2009-01-02 18:13:12
ComboFix-quarantined-files.txt 2009-01-02 11:11:59
Pre-Run: 55,154,032,640 bytes free
Post-Run: 55,123,152,896 bytes free
260 --- E O F --- 2009-01-02 04:52:22
ComboFix 08-12-31.01 - nathalie 2009-01-02 18:07:32.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2038.924 [GMT 7:00]
Running from: c:\users\nathalie\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 090101-0] *On-access scanning disabled* (Updated)
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\x64
.
((((((((((((((((((((((((( Files Created from 2008-12-02 to 2009-01-02 )))))))))))))))))))))))))))))))
.
2009-01-02 18:05 . 2009-01-02 18:05 6,736 --a------ c:\windows\System32\drivers\PROCEXP90.SYS
2009-01-01 20:21 . 2009-01-01 20:21 <DIR> d-------- c:\users\nathalie\Documents
2008-12-30 19:14 . 2008-12-30 19:14 <DIR> d-------- c:\users\nathalie\Phone Browser
2008-12-30 16:30 . 2008-12-30 16:31 <DIR> d-------- c:\programdata\Lavasoft
2008-12-30 16:28 . 2008-12-31 10:35 <DIR> d-------- c:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-12-30 16:28 . 2008-12-30 16:28 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-28 16:55 . 2008-12-28 16:55 0 --a------ c:\windows\tosOBEX.INI
2008-12-28 15:52 . 2008-12-28 15:52 56 --ah----- c:\windows\System32\ezsidmv.dat
2008-12-28 15:51 . 2008-12-29 16:46 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-28 15:51 . 2008-12-28 15:51 1,409 --a------ c:\windows\QTFont.for
2008-12-27 12:36 . 2008-12-27 12:36 <DIR> d-------- c:\program files\Trend Micro
2008-12-26 19:59 . 2008-12-31 10:48 <DIR> d-------- C:\ToolBar SD
2008-12-26 16:24 . 2008-12-31 10:35 <DIR> d-------- c:\programdata\Spybot - Search & Destroy
2008-12-26 16:24 . 2008-12-30 10:48 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-12-19 06:16 . 2008-12-12 08:53 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-12-16 06:46 . 2008-12-26 21:02 <DIR> d-------- c:\users\nathalie\AppData\Roaming\MailWasherPro
2008-12-11 06:37 . 2008-10-22 06:31 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-10 12:06 . 2008-10-21 12:16 297,472 --a------ c:\windows\System32\gdi32.dll
2008-12-10 12:01 . 2008-11-01 06:38 4,247,552 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-10 12:01 . 2008-11-01 10:33 1,687,040 --a------ c:\windows\System32\gameux.dll
2008-12-10 12:01 . 2008-11-01 10:33 28,672 --a------ c:\windows\System32\Apphlpdm.dll
2008-12-10 11:56 . 2008-10-29 13:20 2,923,520 --a------ c:\windows\explorer.exe
2008-12-10 11:52 . 2008-06-23 08:52 2,855,424 --a------ c:\windows\System32\mf.dll
2008-12-10 11:52 . 2008-06-23 08:52 996,352 --a------ c:\windows\System32\WMNetMgr.dll
2008-12-10 11:52 . 2008-06-23 08:52 98,816 --a------ c:\windows\System32\mfps.dll
2008-12-10 11:52 . 2008-06-23 08:52 94,720 --a------ c:\windows\System32\logagent.exe
2008-12-10 11:52 . 2008-06-23 08:52 52,736 --a------ c:\windows\System32\rrinstaller.exe
2008-12-10 11:52 . 2008-06-23 08:52 24,576 --a------ c:\windows\System32\mfpmp.exe
2008-12-10 11:52 . 2008-06-23 05:34 2,048 --a------ c:\windows\System32\mferror.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 11:03 --------- d-----w c:\users\nathalie\AppData\Roaming\Skype
2009-01-02 09:03 --------- d-----w c:\users\nathalie\AppData\Roaming\skypePM
2008-12-31 03:35 --------- d-----w c:\programdata\Ulead Systems
2008-12-28 14:40 --------- d-----w c:\users\nathalie\AppData\Roaming\dvdcss
2008-12-28 02:10 --------- d-----w c:\program files\Bonjour
2008-12-26 13:59 --------- d-----w c:\program files\Java
2008-12-19 16:14 --------- d-----w c:\users\nathalie\AppData\Roaming\LimeWire
2008-12-10 23:53 174 --sha-w c:\program files\desktop.ini
2008-12-10 23:48 --------- d-----w c:\program files\Windows Mail
2008-12-10 23:43 --------- d-----w c:\programdata\Microsoft Help
2008-12-03 03:08 --------- d-----w c:\programdata\CanonIJPLM
2008-11-21 05:03 --------- d-----w c:\programdata\DVD Shrink
2008-11-15 00:28 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-11 10:44 --------- d-----w c:\users\nathalie\AppData\Roaming\Ulead Systems
2008-11-11 10:36 --------- d-----w c:\programdata\InterVideo
2008-11-11 10:36 --------- d-----w c:\program files\Common Files\InterVideo
2008-11-11 10:34 --------- d-----w c:\program files\Windows Media Components
2008-11-11 10:34 --------- d-----w c:\program files\Common Files\Ulead Systems
2008-11-11 10:33 --------- d-----w c:\program files\Ulead Systems
2008-11-10 05:20 --------- d-----w c:\programdata\Pinnacle
2008-11-02 18:39 --------- d-----w c:\program files\MessengerPlus! 3
2008-11-02 18:32 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-01 03:33 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:33 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:33 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:33 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:33 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-10-31 23:23 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-10-22 03:43 95,232 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2008-10-22 03:43 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-22 03:43 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2008-10-21 05:16 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll
2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll
2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-10-16 07:08 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-10-16 06:56 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-10-16 04:40 826,368 ----a-w c:\windows\System32\wininet.dll
2008-10-16 04:40 56,320 ----a-w c:\windows\System32\iesetup.dll
2008-10-16 04:40 26,624 ----a-w c:\windows\System32\ieUnatt.exe
2008-07-06 19:31 61,224 ----a-w c:\users\nathalie\GoToAssistDownloadHelper.exe
2007-11-20 03:13 32 ----a-w c:\programdata\ezsid.dat
2008-06-19 12:07 88 --sha-r c:\windows\System32\DAD1DEA4F4.sys
2008-06-19 13:28 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2007-10-09 208946]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-11 21741864]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-06-12 317560]
"E-Flyer"="c:\program files\Sony\E-Flyer\SubFlyer.exe" [2006-10-17 456824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-30 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-30 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-30 133656]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"PrepareYourVAIO"="c:\program files\Sony\Prepare your VAIO\PYVAlert.exe" [2007-05-17 477304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"PCSuiteTrayApplication"="c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2008-11-03 190024]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-08 c:\windows\RtHDVCpl.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
c:\users\nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-05-23 2756608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-07-25 09:26 98304 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
"VIDC.ACDV"= ACDV.dll
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 17:06 40048 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D19E9366-1EAB-4F6D-B095-1239351D3924}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{0A4CAF8F-5565-4395-92D6-8385AE28C466}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{FCD01020-3D95-4138-977E-F7F1C363F2F8}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{217A5682-DF38-4684-86B1-188112BBC333}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E19D0238-9C35-4908-8079-5678AD282700}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{AEBB7DAA-CBA9-482D-8BF1-3C83FBAD613B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{43AE81A5-2604-4598-98B8-DD84250662F0}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A12C8ADB-8163-4641-8925-F0DE3453411D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{024D5124-2566-44DE-8879-AA72CE33214A}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{AA3E0AF4-344F-4F41-83B8-86A467B42FA0}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"{138643A1-B664-488A-BF27-9DCA93409F6A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0EA288AC-B7BB-4501-B277-B723B306FC00}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{9887234A-9DBE-46FF-9153-90DBA495EC7D}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{69EFE161-D015-4BC6-9703-819DF69ACA4D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CEE3511E-C1C7-4D2D-85AB-E75E124F9E68}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{AB35D24D-BA0B-4F17-9CC8-BA4E83BA5057}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{9246520D-F1A7-4884-9A1A-0E437746531C}"= UDP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"{ED404A4E-4163-4071-89CB-7F3CF9FD7625}"= TCP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"TCP Query User{D0A02840-438F-4D7C-9841-5795AC645770}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{5B79D8C4-CDD4-4E32-961A-A3115FF9BEBB}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{F71CAEDF-72D4-4F12-8A9B-33CDEEA686C2}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0664A8F2-DB0A-4F96-A20B-BCD161175432}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{83EF610B-860F-4F83-84D0-F747C45BCFF1}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{201353F3-4D01-4BAD-BC27-A3CAF9916E49}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{F7DD50C4-15AC-4A66-94EE-F59020D9B5D9}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{24BC405D-5877-4102-B42E-F37F4D8386E5}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{7AB9919E-E3A4-4A0F-B101-C02A83957E50}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{66B74A7C-5FAB-4D5E-B387-0D97D4FF343D}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{7727ACCE-2F18-4D1E-B3EA-BE0A6B2D0525}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{8987DCA6-3DE0-42E9-B664-3426EE0F9D5E}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{46FB6681-24AE-4B7E-BB68-FC167F14FBA1}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B7A03FBD-C156-4816-B5C1-4C654C252859}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{620B305F-1BD3-4C0D-8F5D-3D2FA422D010}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{A82B61EB-6F61-439C-AB67-71ECCF102451}c:\\program files\\macromedia\\dreamweaver 8\\dreamweaver.exe"= UDP:c:\program files\macromedia\dreamweaver 8\dreamweaver.exe:Dreamweaver 8
"UDP Query User{0D7AC641-8563-47EE-8B5D-B0FA695F1E58}c:\\program files\\macromedia\\dreamweaver 8\\dreamweaver.exe"= TCP:c:\program files\macromedia\dreamweaver 8\dreamweaver.exe:Dreamweaver 8
"TCP Query User{B67AAA63-E46C-4E69-BF91-EFAAF5934DA9}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3
"UDP Query User{CA1F6593-53F6-4071-BFEF-5CCD627D3FC4}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3
"{EA5BB933-0D51-485A-AFC6-E81DCB0D196A}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{45A76AD4-FCD9-4C0B-8B0B-D408BA161D3C}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{EBFDAB42-076B-49E4-B09B-DF470E0417CC}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{C644F5E4-43F0-4561-93E6-A91FD11CE0D9}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{E610EAF5-8762-4A4C-AC90-DC103A18789A}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{27200C18-474C-4FCC-BBBE-2FC4D0B7FDAB}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{93508EF5-DC0C-4D95-B657-2C1EFF44F2FD}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{D751BC81-87FA-49D8-A439-52959A7B33FE}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-06-20 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-06-20 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2007-11-20 51280]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2007-09-23 292152]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-09-04 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-09-04 43904]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-09-05 812544]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [2007-09-23 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;"c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe" [2007-09-23 67760]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-09-23 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" []
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-09-23 1089536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [2007-09-23 79736]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d880558-c245-11dc-a10c-001bfbcc8d7f}]
\shell\AutoRun\command - vmsavzvx.exe
\shell\explore\Command - vmsavzvx.exe
\shell\open\Command - vmsavzvx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fbef56a-c647-11dd-808e-001bfbcc8d7f}]
\shell\AutoRun\command - yannh.cmd
\shell\explore\Command - yannh.cmd
\shell\open\Command - yannh.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fac4b5e-cecf-11dc-8694-001bfbcc8d7f}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7bcf703-94d2-11dd-a5cf-001bfbcc8d7f}]
\shell\verb1\command - desktop.exe
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
2008-07-27 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-20 01:20]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\Sony\Image Converter 3\menu.htm
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-02 18:10:58
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(4300)
c:\program files\MessengerPlus! 3\MsgPlusLoader.dll
.
Completion time: 2009-01-02 18:13:12
ComboFix-quarantined-files.txt 2009-01-02 11:11:59
Pre-Run: 55,154,032,640 bytes free
Post-Run: 55,123,152,896 bytes free
260 --- E O F --- 2009-01-02 04:52:22
salut panah,
excuse pour le délais de réponse, j´ai pas eu le temps...
voila ce que l´on va faire :
tu vas déziper ce fichier .reg sur ton bureau et double cliker dessus et accepter la fusion avec ton registre.
voici le fichier :
http://sd-1.archive-host.com/membres/up/1366464061/panha.rar
puis post ce rapport :
Télécharge DDS.scr de sUBs
https://download.bleepingcomputer.com/sUBs/dds.scr
Sur le bureau.
L'outil ne nécessite pas d'installation.
Lances-le en cliquant sur l'icône dds.scr
Cette fenêtre DOS va apparaitre:
https://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg
Le scan ne doit pas dépasser trois minutes.
Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
Il te sera demandé si tu veux faire le scan optionnel.
Accepte par Oui
Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
Tu ne le fourniras que si nécessaire.
Poste le rapport DDS.txt
@+
excuse pour le délais de réponse, j´ai pas eu le temps...
voila ce que l´on va faire :
tu vas déziper ce fichier .reg sur ton bureau et double cliker dessus et accepter la fusion avec ton registre.
voici le fichier :
http://sd-1.archive-host.com/membres/up/1366464061/panha.rar
puis post ce rapport :
Télécharge DDS.scr de sUBs
https://download.bleepingcomputer.com/sUBs/dds.scr
Sur le bureau.
L'outil ne nécessite pas d'installation.
Lances-le en cliquant sur l'icône dds.scr
Cette fenêtre DOS va apparaitre:
https://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg
Le scan ne doit pas dépasser trois minutes.
Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
Il te sera demandé si tu veux faire le scan optionnel.
Accepte par Oui
Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
Tu ne le fourniras que si nécessaire.
Poste le rapport DDS.txt
@+
bonjour panha,
je suis confuse, j´ai mal préparé le fichier .reg
ce que l´on veut supprimé ce situe ici :
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d880558-c245-11dc-a10c-001bfbcc8d7f}]
\shell\AutoRun\command - vmsavzvx.exe
\shell\explore\Command - vmsavzvx.exe
\shell\open\Command - vmsavzvx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fbef56a-c647-11dd-808e-001bfbcc8d7f}]
\shell\AutoRun\command - yannh.cmd
\shell\explore\Command - yannh.cmd
\shell\open\Command - yannh.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fac4b5e-cecf-11dc-8694-001bfbcc8d7f}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7bcf703-94d2-11dd-a5cf-001bfbcc8d7f}]
\shell\verb1\command - desktop.exe
je te redonne le fichier corrigé
http://sd-1.archive-host.com/membres/up/1366464061/panha_81.rar
cette fois ci, il ne devrait pas y avoir de problème...
en fait on a passé usbfix pour la même chose; mais sa base de donnée ne comporte pas les clés que l´on doit supprimer; on va passer dds pour vérifier qu´elles ne sont plus la après suppression...
voila
@+
je suis confuse, j´ai mal préparé le fichier .reg
ce que l´on veut supprimé ce situe ici :
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d880558-c245-11dc-a10c-001bfbcc8d7f}]
\shell\AutoRun\command - vmsavzvx.exe
\shell\explore\Command - vmsavzvx.exe
\shell\open\Command - vmsavzvx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fbef56a-c647-11dd-808e-001bfbcc8d7f}]
\shell\AutoRun\command - yannh.cmd
\shell\explore\Command - yannh.cmd
\shell\open\Command - yannh.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fac4b5e-cecf-11dc-8694-001bfbcc8d7f}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7bcf703-94d2-11dd-a5cf-001bfbcc8d7f}]
\shell\verb1\command - desktop.exe
je te redonne le fichier corrigé
http://sd-1.archive-host.com/membres/up/1366464061/panha_81.rar
cette fois ci, il ne devrait pas y avoir de problème...
en fait on a passé usbfix pour la même chose; mais sa base de donnée ne comporte pas les clés que l´on doit supprimer; on va passer dds pour vérifier qu´elles ne sont plus la après suppression...
voila
@+
Salut panha,
tu en es où ?
tu en es où ?
j avoue ne pas avoir fais grand chose , mon internet marche mal , un coup oui un coup non , et j ai des programmes qui me disent ne plus etre en service , alors j ai peur de faire des betises
cela va enlever des choses importantes a mon ordi
qu est ce que c est exactement , des espions ou des dossiers qui ne devrais pas etre la , est ce vraiment important , ces dossiers la , peuvent t il faire des degas a mon ordi ?
cela va enlever des choses importantes a mon ordi
qu est ce que c est exactement , des espions ou des dossiers qui ne devrais pas etre la , est ce vraiment important , ces dossiers la , peuvent t il faire des degas a mon ordi ?
je suis folle
j ai deux adresses email EGO et HOTMAIL
depuis 4 mois je recois des email sur l adresse EGO des adresses des messages de viagra
qui viennent de ma propre adresse , donc quand maintenant j envoie des emails a mes clients avec EGO on me refuse car sur hotmail je suis mis comme un spam
mais depuis aujourd hui il ont pris aussi mon adresse de hotmail
encore le meme message de viagra , donc hotmail va maintenant me prendre comme spam aussi et je vais plus pouvoir ecrire a mes clients ni sur l un ou sur l autre adresse
qu il prenne une adresse sur internet ok , mais la comme par hasard il on trouve mon autre adresse et je recois le meme email de viagra
que puis je faire , pour moi mes clients c est super important
tu peux m expliquer , merci
j ai deux adresses email EGO et HOTMAIL
depuis 4 mois je recois des email sur l adresse EGO des adresses des messages de viagra
qui viennent de ma propre adresse , donc quand maintenant j envoie des emails a mes clients avec EGO on me refuse car sur hotmail je suis mis comme un spam
mais depuis aujourd hui il ont pris aussi mon adresse de hotmail
encore le meme message de viagra , donc hotmail va maintenant me prendre comme spam aussi et je vais plus pouvoir ecrire a mes clients ni sur l un ou sur l autre adresse
qu il prenne une adresse sur internet ok , mais la comme par hasard il on trouve mon autre adresse et je recois le meme email de viagra
que puis je faire , pour moi mes clients c est super important
tu peux m expliquer , merci
Panha,
Ce que je te demande de faire au post 56 va supprimé des clés infectieuses...
pour les soit disant programmes qui ne répondent pas, je vais voir avec ce rapport :
Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
[*]Double-clique sur Lop S&D.exe pour lancer l'installation,
[*]Puis double-clique sur le raccourci Lop S&D présent sur le Bureau.
[*]Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
[*]A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
[*]Enregistre le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt
Tutoriel par Eric71
https://sites.google.com/site/eric71mespages/lop.sd.exe
Pour les spams, il n´y a malheureusement rien a faire; j´en reçois egalement à moins d´acheter un anti spam dernier cri et encore je doute que cela ne change quoi que ce soit. Mais cela ne m´empêche pas d´écrire des mails a mes correspondants et je doute que cela soit différent dans ton cas...
@+
Ce que je te demande de faire au post 56 va supprimé des clés infectieuses...
pour les soit disant programmes qui ne répondent pas, je vais voir avec ce rapport :
Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
[*]Double-clique sur Lop S&D.exe pour lancer l'installation,
[*]Puis double-clique sur le raccourci Lop S&D présent sur le Bureau.
[*]Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
[*]A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
[*]Enregistre le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt
Tutoriel par Eric71
https://sites.google.com/site/eric71mespages/lop.sd.exe
Pour les spams, il n´y a malheureusement rien a faire; j´en reçois egalement à moins d´acheter un anti spam dernier cri et encore je doute que cela ne change quoi que ce soit. Mais cela ne m´empêche pas d´écrire des mails a mes correspondants et je doute que cela soit différent dans ton cas...
@+
ALORS J AI EN PREMIER TELECHARGER TON DOSSIER ET ENSUITE FAIT DDS
LE DOSSIER QUE J AI TELECHARGER A ETAIT ENREGISTRER DANS MON ORDI , C EST NORMAL ??
C ETAIT QUOI
VOILA LE RAPPORT MAIS CELA N A RIEN SUPPRIMER
JE FAIS QUOI MAINTENANT ?
ET POUR LES SPAMS CE QUE JE NE COMPREND PAS C EST QUE CELA VIENT DE MA PROPRE ADRESSE ,C EST COMME SI JE M ECRIS A MOI MEME
MERCI
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-01-07.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 19/11/2007 16:13:05
System Uptime: 14/01/2009 06:21:00 (0 hours ago)
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | N/A | 2001/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 103 GiB total, 49,644 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
==== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1)
ACDSee 10 Gestionnaire de photos
Activation Assistant for the 2007 Microsoft Office suites
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 9 ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8.1.0
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Magic-i Visual Effects Installer
ArcSoft PhotoStudio 5.5
Assistant de connexion Windows Live
avast! Antivirus
AviSynth 2.5
Bluetooth Stack for Windows by Toshiba
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon CanoScan Toolbox 5.0
Canon G.726 WMP-Decoder
Canon iP1800 series
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-LayoutPrint
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CanoScan LiDE 70
CCleaner (remove only)
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
DVD Shrink 3.2
Extension de Windows Live Toolbar (Windows Live Toolbar)
Galerie de photos Windows Live
Google Toolbar for Internet Explorer
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 2.0.2
Image Converter 3
Imikimi Plugin
IncrediMail Xe
Instant Mode
Intel(R) Graphics Media Accelerator Driver
InterVideo DeviceService
iTunes
Java(TM) 6 Update 7
LimeWire 4.18.6
Macromedia Extension Manager
Menus intelligents (Windows Live Toolbar)
Messenger Plus! 3
Messenger Plus! Live
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Nero 7 Ultra Edition
Nero Sipps
neroxml
Nokia Connectivity Cable Driver
Nokia PC Connectivity Solution
Nokia PC Suite
OpenMG Limited Patch 4.7-07-15-19-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
PDF Settings
PhotoFiltre
Picasa 2
PIXMA Extended Survey Program
QuickTime
Realtek High Definition Audio Driver
Roxio Easy Media Creator Home
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
Skype™ 3.8
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Video Shared Library
Spybot - Search & Destroy
Surligneur (Windows Live Toolbar)
Synaptics Pointing Device Driver
Ulead VideoStudio 11
Update for Microsoft Office 2007 Help for Common Features (KB957244)
Update for Microsoft Office Access 2007 Help (KB957241)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office InfoPath 2007 Help (KB957243)
Update for Microsoft Office OneNote 2007 Help (KB957245)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office Publisher 2007 Help (KB957249)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Script Editor Help (KB957253)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb958619)
VAIO Aqua Breeze Wallpaper
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Content Folder Setting
VAIO Content Importer VAIO Content Exporter
VAIO Content Importer / VAIO Content Exporter
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Cozy Orange Wallpaper
VAIO Data Restore Tool
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO Launcher
VAIO Long Battery Life Wallpaper
VAIO Manual
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.1
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO Original Function Setting
VAIO Power Management
VAIO Teal Whisper Wallpaper
VAIO Tender Yellow Wallpaper
VAIO Update 3
VCRedistSetup
VideoLAN VLC media player 0.8.6d
Videora iPod Converter 3.07
VideoStudio
Virtual DJ - Atomix Productions
Windows Live Favorites pour Windows Live Toolbar
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Toolbar
Windows Live Writer
WinDVD for VAIO
Wireless Switch Setting Utility
Yahoo! Toolbar
==== End Of File ===========================
DDS (Ver_09-01-07.01) - NTFSx86
Run by nathalie at 6:41:24,41 on 14/01/2009
Internet Explorer: 7.0.6000.16764
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2038.827 [GMT 7:00]
AV: avast! antivirus 4.8.1229 [VPS 090113-0] *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VCM Manager Setting\VcmMgrNotification.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\nathalie\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://vaio-online.sony.com/
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [E-Flyer] "c:\program files\sony\e-flyer\SubFlyer.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [PrepareYourVAIO] c:\program files\sony\prepare your vaio\PYVAlert.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
mRun: [PCSuiteTrayApplication] c:\progra~1\nokia\nokiap~1\LAUNCH~1.EXE -startup
mRun: [MessengerPlus3] "c:\program files\messengerplus! 3\MsgPlus.exe"
mRun: [UVS11 Preload] c:\program files\ulead systems\ulead videostudio 11\uvPL.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\users\nathalie\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
mPolicies-system: FilterAdministratorToken = 1 (0x1)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~3.0_0\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-20 78416]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-9-4 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-9-4 43904]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-9-5 812544]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-20 20560]
R4 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2007-11-20 51280]
R4 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2007-9-23 292152]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2007-9-23 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2007-9-23 67760]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-9-23 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-9-23 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-9-23 1089536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2007-9-23 79736]
=============== Created Last 30 ================
2009-01-02 18:05 <DIR> --d----- C:\ComboFix
2009-01-02 18:05 6,736 a------- c:\windows\system32\drivers\PROCEXP90.SYS
2009-01-02 07:49 161,792 a------- c:\windows\SWREG.exe
2009-01-02 07:49 98,816 a------- c:\windows\sed.exe
2008-12-30 16:30 <DIR> --d----- c:\programdata\Lavasoft
2008-12-30 16:28 <DIR> --d----- c:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-12-30 16:28 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2008-12-28 16:55 0 a------- c:\windows\tosOBEX.INI
2008-12-28 15:52 56 a---h--- c:\windows\system32\ezsidmv.dat
2008-12-28 15:51 54,156 a---h--- c:\windows\QTFont.qfn
2008-12-28 15:51 1,409 a------- c:\windows\QTFont.for
2008-12-27 12:36 <DIR> --d----- c:\program files\Trend Micro
2008-12-26 19:59 <DIR> --d----- C:\ToolBar SD
2008-12-26 16:24 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2008-12-26 16:24 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-12-26 16:24 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2008-12-19 06:16 1,383,424 a------- c:\windows\system32\mshtml.tlb
2008-12-16 06:46 <DIR> --d----- c:\users\nathalie\appdata\roaming\MailWasherPro
==================== Find3M ====================
2009-01-10 23:38 221,716 a------- c:\windows\system32\prfh0404.dat
2009-01-10 23:38 76,128 a------- c:\windows\system32\prfc0404.dat
2008-12-11 06:53 174 a--sh--- c:\program files\desktop.ini
2008-11-01 10:33 1,687,040 a------- c:\windows\system32\gameux.dll
2008-11-01 10:33 52,736 a------- c:\windows\apppatch\iebrshim.dll
2008-11-01 10:33 2,144,256 a------- c:\windows\apppatch\AcGenral.dll
2008-11-01 10:33 537,600 a------- c:\windows\apppatch\AcLayers.dll
2008-11-01 10:33 449,536 a------- c:\windows\apppatch\AcSpecfc.dll
2008-11-01 10:33 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2008-11-01 10:33 28,672 a------- c:\windows\system32\Apphlpdm.dll
2008-11-01 06:38 4,247,552 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2008-11-01 06:23 2,560 a------- c:\windows\apppatch\AcRes.dll
2008-10-29 13:20 2,923,520 a------- c:\windows\explorer.exe
2008-10-22 10:43 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2008-10-22 10:43 160,768 a------- c:\windows\system32\PortableDeviceTypes.dll
2008-10-22 10:43 95,232 a------- c:\windows\system32\PortableDeviceClassExtension.dll
2008-10-22 06:31 2,048 a------- c:\windows\system32\tzres.dll
2008-10-21 12:16 1,645,568 a------- c:\windows\system32\connect.dll
2008-10-21 12:16 297,472 a------- c:\windows\system32\gdi32.dll
2008-10-17 03:56 1,524,736 a------- c:\windows\system32\wucltux.dll
2008-10-17 03:55 83,456 a------- c:\windows\system32\wudriver.dll
2008-10-16 14:08 162,064 a------- c:\windows\system32\wuwebv.dll
2008-10-16 13:56 31,232 a------- c:\windows\system32\wuapp.exe
2008-10-16 11:40 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 11:40 56,320 a------- c:\windows\system32\iesetup.dll
2008-10-16 11:40 26,624 a------- c:\windows\system32\ieUnatt.exe
2008-08-26 10:30 86,016 a------- c:\windows\inf\infstrng.dat
2008-08-26 10:30 86,016 a------- c:\windows\inf\infstor.dat
2008-08-26 10:30 51,200 a------- c:\windows\inf\infpub.dat
2008-07-07 02:31 61,224 a------- c:\users\nathalie\GoToAssistDownloadHelper.exe
2008-06-15 03:12 665,600 a------- c:\windows\inf\drvindex.dat
2007-11-20 10:13 32 a------- c:\programdata\ezsid.dat
2007-11-20 10:13 32 a------- c:\progra~2\ezsid.dat
2007-09-05 05:23 116,540 a------- c:\windows\inf\perflib\0404\perfi.dat
2007-09-05 05:23 116,540 a------- c:\windows\inf\perflib\0404\perfh.dat
2007-09-05 05:23 30,674 a------- c:\windows\inf\perflib\0404\perfd.dat
2007-09-05 05:23 30,674 a------- c:\windows\inf\perflib\0404\perfc.dat
2006-11-02 19:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 19:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 19:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 19:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 16:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 16:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 16:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 16:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-06-19 19:07 88 a--shr-- c:\windows\system32\DAD1DEA4F4.sys
2008-06-19 20:28 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys
============= FINISH: 6:43:12,18 ===============
LE DOSSIER QUE J AI TELECHARGER A ETAIT ENREGISTRER DANS MON ORDI , C EST NORMAL ??
C ETAIT QUOI
VOILA LE RAPPORT MAIS CELA N A RIEN SUPPRIMER
JE FAIS QUOI MAINTENANT ?
ET POUR LES SPAMS CE QUE JE NE COMPREND PAS C EST QUE CELA VIENT DE MA PROPRE ADRESSE ,C EST COMME SI JE M ECRIS A MOI MEME
MERCI
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-01-07.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 19/11/2007 16:13:05
System Uptime: 14/01/2009 06:21:00 (0 hours ago)
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | N/A | 2001/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 103 GiB total, 49,644 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
==== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1)
ACDSee 10 Gestionnaire de photos
Activation Assistant for the 2007 Microsoft Office suites
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 9 ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8.1.0
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Magic-i Visual Effects Installer
ArcSoft PhotoStudio 5.5
Assistant de connexion Windows Live
avast! Antivirus
AviSynth 2.5
Bluetooth Stack for Windows by Toshiba
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon CanoScan Toolbox 5.0
Canon G.726 WMP-Decoder
Canon iP1800 series
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-LayoutPrint
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CanoScan LiDE 70
CCleaner (remove only)
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
DVD Shrink 3.2
Extension de Windows Live Toolbar (Windows Live Toolbar)
Galerie de photos Windows Live
Google Toolbar for Internet Explorer
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 2.0.2
Image Converter 3
Imikimi Plugin
IncrediMail Xe
Instant Mode
Intel(R) Graphics Media Accelerator Driver
InterVideo DeviceService
iTunes
Java(TM) 6 Update 7
LimeWire 4.18.6
Macromedia Extension Manager
Menus intelligents (Windows Live Toolbar)
Messenger Plus! 3
Messenger Plus! Live
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Nero 7 Ultra Edition
Nero Sipps
neroxml
Nokia Connectivity Cable Driver
Nokia PC Connectivity Solution
Nokia PC Suite
OpenMG Limited Patch 4.7-07-15-19-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
PDF Settings
PhotoFiltre
Picasa 2
PIXMA Extended Survey Program
QuickTime
Realtek High Definition Audio Driver
Roxio Easy Media Creator Home
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
Skype™ 3.8
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Video Shared Library
Spybot - Search & Destroy
Surligneur (Windows Live Toolbar)
Synaptics Pointing Device Driver
Ulead VideoStudio 11
Update for Microsoft Office 2007 Help for Common Features (KB957244)
Update for Microsoft Office Access 2007 Help (KB957241)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office InfoPath 2007 Help (KB957243)
Update for Microsoft Office OneNote 2007 Help (KB957245)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office Publisher 2007 Help (KB957249)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Script Editor Help (KB957253)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb958619)
VAIO Aqua Breeze Wallpaper
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Content Folder Setting
VAIO Content Importer VAIO Content Exporter
VAIO Content Importer / VAIO Content Exporter
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Cozy Orange Wallpaper
VAIO Data Restore Tool
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO Launcher
VAIO Long Battery Life Wallpaper
VAIO Manual
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.1
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO Original Function Setting
VAIO Power Management
VAIO Teal Whisper Wallpaper
VAIO Tender Yellow Wallpaper
VAIO Update 3
VCRedistSetup
VideoLAN VLC media player 0.8.6d
Videora iPod Converter 3.07
VideoStudio
Virtual DJ - Atomix Productions
Windows Live Favorites pour Windows Live Toolbar
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Toolbar
Windows Live Writer
WinDVD for VAIO
Wireless Switch Setting Utility
Yahoo! Toolbar
==== End Of File ===========================
DDS (Ver_09-01-07.01) - NTFSx86
Run by nathalie at 6:41:24,41 on 14/01/2009
Internet Explorer: 7.0.6000.16764
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2038.827 [GMT 7:00]
AV: avast! antivirus 4.8.1229 [VPS 090113-0] *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VCM Manager Setting\VcmMgrNotification.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\nathalie\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://vaio-online.sony.com/
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [E-Flyer] "c:\program files\sony\e-flyer\SubFlyer.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [PrepareYourVAIO] c:\program files\sony\prepare your vaio\PYVAlert.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
mRun: [PCSuiteTrayApplication] c:\progra~1\nokia\nokiap~1\LAUNCH~1.EXE -startup
mRun: [MessengerPlus3] "c:\program files\messengerplus! 3\MsgPlus.exe"
mRun: [UVS11 Preload] c:\program files\ulead systems\ulead videostudio 11\uvPL.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\users\nathalie\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
mPolicies-system: FilterAdministratorToken = 1 (0x1)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~3.0_0\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-20 78416]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-9-4 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-9-4 43904]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-9-5 812544]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-20 20560]
R4 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2007-11-20 51280]
R4 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2007-9-23 292152]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2007-9-23 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2007-9-23 67760]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-9-23 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-9-23 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-9-23 1089536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2007-9-23 79736]
=============== Created Last 30 ================
2009-01-02 18:05 <DIR> --d----- C:\ComboFix
2009-01-02 18:05 6,736 a------- c:\windows\system32\drivers\PROCEXP90.SYS
2009-01-02 07:49 161,792 a------- c:\windows\SWREG.exe
2009-01-02 07:49 98,816 a------- c:\windows\sed.exe
2008-12-30 16:30 <DIR> --d----- c:\programdata\Lavasoft
2008-12-30 16:28 <DIR> --d----- c:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-12-30 16:28 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2008-12-28 16:55 0 a------- c:\windows\tosOBEX.INI
2008-12-28 15:52 56 a---h--- c:\windows\system32\ezsidmv.dat
2008-12-28 15:51 54,156 a---h--- c:\windows\QTFont.qfn
2008-12-28 15:51 1,409 a------- c:\windows\QTFont.for
2008-12-27 12:36 <DIR> --d----- c:\program files\Trend Micro
2008-12-26 19:59 <DIR> --d----- C:\ToolBar SD
2008-12-26 16:24 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2008-12-26 16:24 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-12-26 16:24 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2008-12-19 06:16 1,383,424 a------- c:\windows\system32\mshtml.tlb
2008-12-16 06:46 <DIR> --d----- c:\users\nathalie\appdata\roaming\MailWasherPro
==================== Find3M ====================
2009-01-10 23:38 221,716 a------- c:\windows\system32\prfh0404.dat
2009-01-10 23:38 76,128 a------- c:\windows\system32\prfc0404.dat
2008-12-11 06:53 174 a--sh--- c:\program files\desktop.ini
2008-11-01 10:33 1,687,040 a------- c:\windows\system32\gameux.dll
2008-11-01 10:33 52,736 a------- c:\windows\apppatch\iebrshim.dll
2008-11-01 10:33 2,144,256 a------- c:\windows\apppatch\AcGenral.dll
2008-11-01 10:33 537,600 a------- c:\windows\apppatch\AcLayers.dll
2008-11-01 10:33 449,536 a------- c:\windows\apppatch\AcSpecfc.dll
2008-11-01 10:33 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2008-11-01 10:33 28,672 a------- c:\windows\system32\Apphlpdm.dll
2008-11-01 06:38 4,247,552 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2008-11-01 06:23 2,560 a------- c:\windows\apppatch\AcRes.dll
2008-10-29 13:20 2,923,520 a------- c:\windows\explorer.exe
2008-10-22 10:43 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2008-10-22 10:43 160,768 a------- c:\windows\system32\PortableDeviceTypes.dll
2008-10-22 10:43 95,232 a------- c:\windows\system32\PortableDeviceClassExtension.dll
2008-10-22 06:31 2,048 a------- c:\windows\system32\tzres.dll
2008-10-21 12:16 1,645,568 a------- c:\windows\system32\connect.dll
2008-10-21 12:16 297,472 a------- c:\windows\system32\gdi32.dll
2008-10-17 03:56 1,524,736 a------- c:\windows\system32\wucltux.dll
2008-10-17 03:55 83,456 a------- c:\windows\system32\wudriver.dll
2008-10-16 14:08 162,064 a------- c:\windows\system32\wuwebv.dll
2008-10-16 13:56 31,232 a------- c:\windows\system32\wuapp.exe
2008-10-16 11:40 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 11:40 56,320 a------- c:\windows\system32\iesetup.dll
2008-10-16 11:40 26,624 a------- c:\windows\system32\ieUnatt.exe
2008-08-26 10:30 86,016 a------- c:\windows\inf\infstrng.dat
2008-08-26 10:30 86,016 a------- c:\windows\inf\infstor.dat
2008-08-26 10:30 51,200 a------- c:\windows\inf\infpub.dat
2008-07-07 02:31 61,224 a------- c:\users\nathalie\GoToAssistDownloadHelper.exe
2008-06-15 03:12 665,600 a------- c:\windows\inf\drvindex.dat
2007-11-20 10:13 32 a------- c:\programdata\ezsid.dat
2007-11-20 10:13 32 a------- c:\progra~2\ezsid.dat
2007-09-05 05:23 116,540 a------- c:\windows\inf\perflib\0404\perfi.dat
2007-09-05 05:23 116,540 a------- c:\windows\inf\perflib\0404\perfh.dat
2007-09-05 05:23 30,674 a------- c:\windows\inf\perflib\0404\perfd.dat
2007-09-05 05:23 30,674 a------- c:\windows\inf\perflib\0404\perfc.dat
2006-11-02 19:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 19:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 19:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 19:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 16:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 16:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 16:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 16:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-06-19 19:07 88 a--shr-- c:\windows\system32\DAD1DEA4F4.sys
2008-06-19 20:28 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys
============= FINISH: 6:43:12,18 ===============
salut panha,
tu as bien autorisé la fusion du fichier reg avec le registre ?
pour le spam, c´est étrange en effet, mais c´est compréhensible... enfin moi je ne peux rien y faire...
peux tu poster le rapport de lopsd pour voir stp
puis il nous faudra repasser usbfix pour verifier
@+
tu as bien autorisé la fusion du fichier reg avec le registre ?
pour le spam, c´est étrange en effet, mais c´est compréhensible... enfin moi je ne peux rien y faire...
peux tu poster le rapport de lopsd pour voir stp
puis il nous faudra repasser usbfix pour verifier
@+
voici le rapport lop sd , mais des que j ai eu fini de faire le scane mon ordi , a eu un probleme , plus de possibilite d internet , il a fallut que je fasse revenir mon ordi a hier pour qu il marche , donc tout ce que j ai fais ce matin a ete changer
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Home Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz )
BIOS : Ver 1.00PARTTBL
USER : nathalie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 090113-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:102 Go (Free:49 Go)
D:\ (USB)
E:\ (USB)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 14/01/2009| 7:03 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[05/09/2008|22:42] C:\Users\nathalie\AppData\Local\ACD Systems
[07/11/2008|15:05] C:\Users\nathalie\AppData\Local\Adobe
[09/12/2007|19:01] C:\Users\nathalie\AppData\Local\Ahead
[31/05/2008|16:11] C:\Users\nathalie\AppData\Local\Apple
[22/10/2008|19:05] C:\Users\nathalie\AppData\Local\Apple Computer
[19/11/2007|17:23] C:\Users\nathalie\AppData\Local\Application Data
[07/07/2008|02:31] C:\Users\nathalie\AppData\Local\Apps
[07/04/2008|10:04] C:\Users\nathalie\AppData\Local\Canon Easy-LayoutPrint
[07/07/2008|02:31] C:\Users\nathalie\AppData\Local\Citrix
[19/06/2008|20:26] C:\Users\nathalie\AppData\Local\Corel
[13/01/2009|08:50] C:\Users\nathalie\AppData\Local\d3d9caps.dat
[13/01/2009|19:08] C:\Users\nathalie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[07/07/2008|02:31] C:\Users\nathalie\AppData\Local\Deployment
[05/09/2008|22:34] C:\Users\nathalie\AppData\Local\Downloaded Installations
[11/11/2008|18:21] C:\Users\nathalie\AppData\Local\GDIPFONTCACHEV1.DAT
[04/01/2009|00:35] C:\Users\nathalie\AppData\Local\Google
[19/11/2007|17:23] C:\Users\nathalie\AppData\Local\History
[13/01/2009|23:00] C:\Users\nathalie\AppData\Local\IconCache.db
[18/12/2007|07:04] C:\Users\nathalie\AppData\Local\IM
[17/10/2008|20:18] C:\Users\nathalie\AppData\Local\Microsoft
[19/08/2008|17:23] C:\Users\nathalie\AppData\Local\Microsoft Games
[16/01/2008|13:02] C:\Users\nathalie\AppData\Local\Microsoft Help
[20/11/2007|10:18] C:\Users\nathalie\AppData\Local\Nero
[23/09/2007|19:08] C:\Users\nathalie\AppData\Local\Seven Zip
[14/01/2009|06:55] C:\Users\nathalie\AppData\Local\Temp
[19/11/2007|17:23] C:\Users\nathalie\AppData\Local\Temporary Internet Files
[23/09/2007|19:59] C:\Users\nathalie\AppData\Local\Toshiba
[20/11/2007|10:14] C:\Users\nathalie\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[27/07/2008 23:18][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[14/01/2009 06:21][--ah-----] C:\Windows\tasks\SA.DAT
[13/01/2009 23:00][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[23/09/2007|19:08] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/09/2008|22:37] C:\ProgramData\ACD Systems
[20/11/2007|11:13] C:\ProgramData\Adobe
[31/05/2008|16:10] C:\ProgramData\Apple
[31/05/2008|16:15] C:\ProgramData\Apple Computer
[02/11/2006|20:02] C:\ProgramData\Application Data
[09/12/2007|14:26] C:\ProgramData\CanonBJ
[07/01/2009|06:34] C:\ProgramData\CanonIJPLM
[27/05/2008|19:11] C:\ProgramData\Corel
[02/11/2006|20:02] C:\ProgramData\Desktop
[02/11/2006|20:02] C:\ProgramData\Documents
[27/05/2008|20:13] C:\ProgramData\Downloaded Installations
[21/11/2008|12:03] C:\ProgramData\DVD Shrink
[31/05/2008|17:10] C:\ProgramData\eMule
[20/11/2007|10:13] C:\ProgramData\ezsid.dat
[02/11/2006|20:02] C:\ProgramData\Favorites
[20/11/2007|11:34] C:\ProgramData\FLEXnet
[02/01/2009|18:33] C:\ProgramData\Google
[11/11/2008|17:36] C:\ProgramData\InterVideo
[30/12/2008|16:31] C:\ProgramData\Lavasoft
[08/10/2008|10:51] C:\ProgramData\Macromedia
[23/03/2008|15:33] C:\ProgramData\Messenger Plus!
[15/12/2007|14:58] C:\ProgramData\Microsoft
[11/12/2008|06:43] C:\ProgramData\Microsoft Help
[09/12/2007|18:36] C:\ProgramData\Nero
[27/05/2008|20:18] C:\ProgramData\PC Suite
[10/11/2008|12:20] C:\ProgramData\Pinnacle
[20/11/2007|10:10] C:\ProgramData\Skype
[23/09/2007|19:13] C:\ProgramData\Sonic
[13/09/2008|14:20] C:\ProgramData\Sony Corporation
[31/12/2008|10:35] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|20:02] C:\ProgramData\Start Menu
[19/11/2007|19:25] C:\ProgramData\Symantec
[02/11/2006|20:02] C:\ProgramData\Templates
[26/08/2008|10:29] C:\ProgramData\tpfmon
[31/12/2008|10:35] C:\ProgramData\Ulead Systems
[23/09/2007|19:26] C:\ProgramData\VAIO Media Platform
[20/11/2007|10:00] C:\ProgramData\WindowsLiveInstaller
[11/01/2009|00:29] C:\ProgramData\WLInstaller
[05/09/2008|22:55] C:\ProgramData\Yahoo! Companion
[22/05/2008|12:08] C:\ProgramData\ZoomBrowser
--------------------\\ Listing des dossiers dans C:\Program Files
[05/09/2008|22:37] C:\Program Files\ACD Systems
[23/09/2007|19:08] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[22/10/2008|18:46] C:\Program Files\Adobe
[26/08/2008|10:29] C:\Program Files\Alliance MCA
[20/11/2007|07:52] C:\Program Files\Alwil Software
[31/05/2008|16:11] C:\Program Files\Apple Software Update
[11/12/2007|18:51] C:\Program Files\ArcSoft
[31/05/2008|15:40] C:\Program Files\AviSynth 2.5
[28/12/2008|09:10] C:\Program Files\Bonjour
[22/05/2008|12:09] C:\Program Files\Canon
[06/04/2008|15:27] C:\Program Files\CanonBJ
[21/11/2007|15:40] C:\Program Files\CCleaner
[02/01/2009|18:09] C:\Program Files\Common Files
[05/09/2007|03:37] C:\Program Files\CONEXANT
[23/06/2008|16:57] C:\Program Files\Corel
[15/12/2007|15:06] C:\Program Files\DVD Shrink
[04/06/2008|09:33] C:\Program Files\FrostWire
[02/01/2009|18:34] C:\Program Files\Google
[23/09/2007|18:50] C:\Program Files\GoogleDesktopInstaller
[29/08/2008|02:20] C:\Program Files\Imikimi
[04/06/2008|09:36] C:\Program Files\Incomplete
[20/11/2007|17:13] C:\Program Files\IncrediMail
[15/11/2008|07:28] C:\Program Files\InstallShield Installation Information
[05/09/2007|03:23] C:\Program Files\Intel
[11/12/2008|06:48] C:\Program Files\Internet Explorer
[23/09/2007|19:40] C:\Program Files\InterVideo
[31/05/2008|16:16] C:\Program Files\iPod
[31/05/2008|16:16] C:\Program Files\iTunes
[26/12/2008|20:59] C:\Program Files\Java
[22/08/2008|23:28] C:\Program Files\LimeWire
[22/10/2008|18:36] C:\Program Files\Macromedia
[03/11/2008|01:32] C:\Program Files\Messenger Plus! Live
[03/11/2008|01:39] C:\Program Files\MessengerPlus! 3
[20/11/2007|12:16] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|19:37] C:\Program Files\Microsoft Games
[20/11/2007|09:14] C:\Program Files\Microsoft Office
[15/10/2008|08:04] C:\Program Files\Microsoft Silverlight
[23/09/2007|18:44] C:\Program Files\Microsoft SQL Server
[27/07/2008|23:18] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2007|09:13] C:\Program Files\Microsoft Visual Studio
[20/11/2007|09:08] C:\Program Files\Microsoft Visual Studio 8
[20/11/2007|09:15] C:\Program Files\Microsoft Works
[20/11/2007|09:12] C:\Program Files\Microsoft.NET
[05/09/2007|05:24] C:\Program Files\Movie Maker
[20/11/2007|09:15] C:\Program Files\MSBuild
[03/11/2008|01:33] C:\Program Files\MSN
[05/09/2007|02:11] C:\Program Files\MSXML 4.0
[09/12/2007|18:58] C:\Program Files\Nero
[27/05/2008|20:16] C:\Program Files\Nokia
[05/09/2008|18:15] C:\Program Files\PhotoFiltre
[16/09/2008|19:32] C:\Program Files\Picasa2
[31/05/2008|16:14] C:\Program Files\QuickTime
[05/09/2007|03:51] C:\Program Files\Realtek
[31/05/2008|15:40] C:\Program Files\Red Kawa
[02/11/2006|19:37] C:\Program Files\Reference Assemblies
[23/09/2007|19:13] C:\Program Files\Roxio
[20/11/2007|10:10] C:\Program Files\Skype
[23/09/2007|19:48] C:\Program Files\Sony
[30/12/2008|10:48] C:\Program Files\Spybot - Search & Destroy
[21/06/2008|11:52] C:\Program Files\Sun
[05/09/2007|03:47] C:\Program Files\Synaptics
[23/09/2007|19:18] C:\Program Files\Toshiba
[27/12/2008|12:36] C:\Program Files\Trend Micro
[11/11/2008|17:33] C:\Program Files\Ulead Systems
[03/10/2008|22:55] C:\Program Files\UnFREEz
[02/11/2006|20:01] C:\Program Files\Uninstall Information
[08/12/2007|12:35] C:\Program Files\VideoLAN
[08/09/2008|23:48] C:\Program Files\VirtualDJ
[20/11/2007|08:38] C:\Program Files\Windows Calendar
[05/09/2007|05:24] C:\Program Files\Windows Collaboration
[05/09/2007|05:24] C:\Program Files\Windows Defender
[05/09/2007|05:24] C:\Program Files\Windows Journal
[29/07/2008|13:35] C:\Program Files\Windows Live
[27/07/2008|23:17] C:\Program Files\Windows Live Favorites
[27/07/2008|23:18] C:\Program Files\Windows Live Toolbar
[11/12/2008|06:48] C:\Program Files\Windows Mail
[11/11/2008|17:34] C:\Program Files\Windows Media Components
[20/11/2007|08:38] C:\Program Files\Windows Media Player
[02/11/2006|19:37] C:\Program Files\Windows NT
[05/09/2007|05:24] C:\Program Files\Windows Photo Gallery
[10/01/2008|07:40] C:\Program Files\Windows Sidebar
[22/06/2008|22:24] C:\Program Files\WinRAR
[05/09/2008|22:38] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[05/09/2008|22:38] C:\Program Files\Common Files\ACD Systems
[22/10/2008|18:44] C:\Program Files\Common Files\Adobe
[09/12/2007|19:00] C:\Program Files\Common Files\Ahead
[31/05/2008|16:10] C:\Program Files\Common Files\Apple
[22/05/2008|12:06] C:\Program Files\Common Files\CANON
[20/11/2007|09:13] C:\Program Files\Common Files\DESIGNER
[23/09/2007|19:09] C:\Program Files\Common Files\InstallShield
[11/11/2008|17:36] C:\Program Files\Common Files\InterVideo
[15/03/2008|10:13] C:\Program Files\Common Files\Java
[22/10/2008|18:36] C:\Program Files\Common Files\Macromedia
[20/11/2007|10:35] C:\Program Files\Common Files\Macrovision Shared
[11/11/2008|17:30] C:\Program Files\Common Files\microsoft shared
[27/05/2008|20:17] C:\Program Files\Common Files\Nokia
[27/05/2008|20:17] C:\Program Files\Common Files\PCSuite
[23/09/2007|19:13] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|18:18] C:\Program Files\Common Files\Services
[15/09/2008|07:22] C:\Program Files\Common Files\Skype
[23/09/2007|19:13] C:\Program Files\Common Files\Sonic Shared
[23/09/2007|19:26] C:\Program Files\Common Files\Sony Shared
[02/11/2006|18:18] C:\Program Files\Common Files\SpeechEngines
[19/11/2007|19:25] C:\Program Files\Common Files\Symantec Shared
[20/11/2007|09:07] C:\Program Files\Common Files\System
[11/11/2008|17:34] C:\Program Files\Common Files\Ulead Systems
[27/07/2008|23:13] C:\Program Files\Common Files\WindowsLiveInstaller
[30/12/2008|16:28] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 99 Processes )
iexplore.exe ~ [PID:1084]
MsgPlus.exe ~ [PID:3820]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-14 07:03:44
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 45
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:467][D:18]-> C:\Users\nathalie\AppData\Local\Temp
[F:57][D:1]-> C:\Users\nathalie\AppData\Roaming\MICROS~1\Windows\Cookies
[F:42][D:5]-> C:\Users\nathalie\AppData\Local\MICROS~2\Windows\TEMPOR~1\content.IE5
[F:45][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 14/01/2009| 7:07 - Option : [1]
--------------------\\ Fin du rapport a 7:07:53
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Home Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz )
BIOS : Ver 1.00PARTTBL
USER : nathalie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 090113-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:102 Go (Free:49 Go)
D:\ (USB)
E:\ (USB)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 14/01/2009| 7:03 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[05/09/2008|22:42] C:\Users\nathalie\AppData\Local\ACD Systems
[07/11/2008|15:05] C:\Users\nathalie\AppData\Local\Adobe
[09/12/2007|19:01] C:\Users\nathalie\AppData\Local\Ahead
[31/05/2008|16:11] C:\Users\nathalie\AppData\Local\Apple
[22/10/2008|19:05] C:\Users\nathalie\AppData\Local\Apple Computer
[19/11/2007|17:23] C:\Users\nathalie\AppData\Local\Application Data
[07/07/2008|02:31] C:\Users\nathalie\AppData\Local\Apps
[07/04/2008|10:04] C:\Users\nathalie\AppData\Local\Canon Easy-LayoutPrint
[07/07/2008|02:31] C:\Users\nathalie\AppData\Local\Citrix
[19/06/2008|20:26] C:\Users\nathalie\AppData\Local\Corel
[13/01/2009|08:50] C:\Users\nathalie\AppData\Local\d3d9caps.dat
[13/01/2009|19:08] C:\Users\nathalie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[07/07/2008|02:31] C:\Users\nathalie\AppData\Local\Deployment
[05/09/2008|22:34] C:\Users\nathalie\AppData\Local\Downloaded Installations
[11/11/2008|18:21] C:\Users\nathalie\AppData\Local\GDIPFONTCACHEV1.DAT
[04/01/2009|00:35] C:\Users\nathalie\AppData\Local\Google
[19/11/2007|17:23] C:\Users\nathalie\AppData\Local\History
[13/01/2009|23:00] C:\Users\nathalie\AppData\Local\IconCache.db
[18/12/2007|07:04] C:\Users\nathalie\AppData\Local\IM
[17/10/2008|20:18] C:\Users\nathalie\AppData\Local\Microsoft
[19/08/2008|17:23] C:\Users\nathalie\AppData\Local\Microsoft Games
[16/01/2008|13:02] C:\Users\nathalie\AppData\Local\Microsoft Help
[20/11/2007|10:18] C:\Users\nathalie\AppData\Local\Nero
[23/09/2007|19:08] C:\Users\nathalie\AppData\Local\Seven Zip
[14/01/2009|06:55] C:\Users\nathalie\AppData\Local\Temp
[19/11/2007|17:23] C:\Users\nathalie\AppData\Local\Temporary Internet Files
[23/09/2007|19:59] C:\Users\nathalie\AppData\Local\Toshiba
[20/11/2007|10:14] C:\Users\nathalie\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[27/07/2008 23:18][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[14/01/2009 06:21][--ah-----] C:\Windows\tasks\SA.DAT
[13/01/2009 23:00][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[23/09/2007|19:08] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/09/2008|22:37] C:\ProgramData\ACD Systems
[20/11/2007|11:13] C:\ProgramData\Adobe
[31/05/2008|16:10] C:\ProgramData\Apple
[31/05/2008|16:15] C:\ProgramData\Apple Computer
[02/11/2006|20:02] C:\ProgramData\Application Data
[09/12/2007|14:26] C:\ProgramData\CanonBJ
[07/01/2009|06:34] C:\ProgramData\CanonIJPLM
[27/05/2008|19:11] C:\ProgramData\Corel
[02/11/2006|20:02] C:\ProgramData\Desktop
[02/11/2006|20:02] C:\ProgramData\Documents
[27/05/2008|20:13] C:\ProgramData\Downloaded Installations
[21/11/2008|12:03] C:\ProgramData\DVD Shrink
[31/05/2008|17:10] C:\ProgramData\eMule
[20/11/2007|10:13] C:\ProgramData\ezsid.dat
[02/11/2006|20:02] C:\ProgramData\Favorites
[20/11/2007|11:34] C:\ProgramData\FLEXnet
[02/01/2009|18:33] C:\ProgramData\Google
[11/11/2008|17:36] C:\ProgramData\InterVideo
[30/12/2008|16:31] C:\ProgramData\Lavasoft
[08/10/2008|10:51] C:\ProgramData\Macromedia
[23/03/2008|15:33] C:\ProgramData\Messenger Plus!
[15/12/2007|14:58] C:\ProgramData\Microsoft
[11/12/2008|06:43] C:\ProgramData\Microsoft Help
[09/12/2007|18:36] C:\ProgramData\Nero
[27/05/2008|20:18] C:\ProgramData\PC Suite
[10/11/2008|12:20] C:\ProgramData\Pinnacle
[20/11/2007|10:10] C:\ProgramData\Skype
[23/09/2007|19:13] C:\ProgramData\Sonic
[13/09/2008|14:20] C:\ProgramData\Sony Corporation
[31/12/2008|10:35] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|20:02] C:\ProgramData\Start Menu
[19/11/2007|19:25] C:\ProgramData\Symantec
[02/11/2006|20:02] C:\ProgramData\Templates
[26/08/2008|10:29] C:\ProgramData\tpfmon
[31/12/2008|10:35] C:\ProgramData\Ulead Systems
[23/09/2007|19:26] C:\ProgramData\VAIO Media Platform
[20/11/2007|10:00] C:\ProgramData\WindowsLiveInstaller
[11/01/2009|00:29] C:\ProgramData\WLInstaller
[05/09/2008|22:55] C:\ProgramData\Yahoo! Companion
[22/05/2008|12:08] C:\ProgramData\ZoomBrowser
--------------------\\ Listing des dossiers dans C:\Program Files
[05/09/2008|22:37] C:\Program Files\ACD Systems
[23/09/2007|19:08] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[22/10/2008|18:46] C:\Program Files\Adobe
[26/08/2008|10:29] C:\Program Files\Alliance MCA
[20/11/2007|07:52] C:\Program Files\Alwil Software
[31/05/2008|16:11] C:\Program Files\Apple Software Update
[11/12/2007|18:51] C:\Program Files\ArcSoft
[31/05/2008|15:40] C:\Program Files\AviSynth 2.5
[28/12/2008|09:10] C:\Program Files\Bonjour
[22/05/2008|12:09] C:\Program Files\Canon
[06/04/2008|15:27] C:\Program Files\CanonBJ
[21/11/2007|15:40] C:\Program Files\CCleaner
[02/01/2009|18:09] C:\Program Files\Common Files
[05/09/2007|03:37] C:\Program Files\CONEXANT
[23/06/2008|16:57] C:\Program Files\Corel
[15/12/2007|15:06] C:\Program Files\DVD Shrink
[04/06/2008|09:33] C:\Program Files\FrostWire
[02/01/2009|18:34] C:\Program Files\Google
[23/09/2007|18:50] C:\Program Files\GoogleDesktopInstaller
[29/08/2008|02:20] C:\Program Files\Imikimi
[04/06/2008|09:36] C:\Program Files\Incomplete
[20/11/2007|17:13] C:\Program Files\IncrediMail
[15/11/2008|07:28] C:\Program Files\InstallShield Installation Information
[05/09/2007|03:23] C:\Program Files\Intel
[11/12/2008|06:48] C:\Program Files\Internet Explorer
[23/09/2007|19:40] C:\Program Files\InterVideo
[31/05/2008|16:16] C:\Program Files\iPod
[31/05/2008|16:16] C:\Program Files\iTunes
[26/12/2008|20:59] C:\Program Files\Java
[22/08/2008|23:28] C:\Program Files\LimeWire
[22/10/2008|18:36] C:\Program Files\Macromedia
[03/11/2008|01:32] C:\Program Files\Messenger Plus! Live
[03/11/2008|01:39] C:\Program Files\MessengerPlus! 3
[20/11/2007|12:16] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|19:37] C:\Program Files\Microsoft Games
[20/11/2007|09:14] C:\Program Files\Microsoft Office
[15/10/2008|08:04] C:\Program Files\Microsoft Silverlight
[23/09/2007|18:44] C:\Program Files\Microsoft SQL Server
[27/07/2008|23:18] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2007|09:13] C:\Program Files\Microsoft Visual Studio
[20/11/2007|09:08] C:\Program Files\Microsoft Visual Studio 8
[20/11/2007|09:15] C:\Program Files\Microsoft Works
[20/11/2007|09:12] C:\Program Files\Microsoft.NET
[05/09/2007|05:24] C:\Program Files\Movie Maker
[20/11/2007|09:15] C:\Program Files\MSBuild
[03/11/2008|01:33] C:\Program Files\MSN
[05/09/2007|02:11] C:\Program Files\MSXML 4.0
[09/12/2007|18:58] C:\Program Files\Nero
[27/05/2008|20:16] C:\Program Files\Nokia
[05/09/2008|18:15] C:\Program Files\PhotoFiltre
[16/09/2008|19:32] C:\Program Files\Picasa2
[31/05/2008|16:14] C:\Program Files\QuickTime
[05/09/2007|03:51] C:\Program Files\Realtek
[31/05/2008|15:40] C:\Program Files\Red Kawa
[02/11/2006|19:37] C:\Program Files\Reference Assemblies
[23/09/2007|19:13] C:\Program Files\Roxio
[20/11/2007|10:10] C:\Program Files\Skype
[23/09/2007|19:48] C:\Program Files\Sony
[30/12/2008|10:48] C:\Program Files\Spybot - Search & Destroy
[21/06/2008|11:52] C:\Program Files\Sun
[05/09/2007|03:47] C:\Program Files\Synaptics
[23/09/2007|19:18] C:\Program Files\Toshiba
[27/12/2008|12:36] C:\Program Files\Trend Micro
[11/11/2008|17:33] C:\Program Files\Ulead Systems
[03/10/2008|22:55] C:\Program Files\UnFREEz
[02/11/2006|20:01] C:\Program Files\Uninstall Information
[08/12/2007|12:35] C:\Program Files\VideoLAN
[08/09/2008|23:48] C:\Program Files\VirtualDJ
[20/11/2007|08:38] C:\Program Files\Windows Calendar
[05/09/2007|05:24] C:\Program Files\Windows Collaboration
[05/09/2007|05:24] C:\Program Files\Windows Defender
[05/09/2007|05:24] C:\Program Files\Windows Journal
[29/07/2008|13:35] C:\Program Files\Windows Live
[27/07/2008|23:17] C:\Program Files\Windows Live Favorites
[27/07/2008|23:18] C:\Program Files\Windows Live Toolbar
[11/12/2008|06:48] C:\Program Files\Windows Mail
[11/11/2008|17:34] C:\Program Files\Windows Media Components
[20/11/2007|08:38] C:\Program Files\Windows Media Player
[02/11/2006|19:37] C:\Program Files\Windows NT
[05/09/2007|05:24] C:\Program Files\Windows Photo Gallery
[10/01/2008|07:40] C:\Program Files\Windows Sidebar
[22/06/2008|22:24] C:\Program Files\WinRAR
[05/09/2008|22:38] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[05/09/2008|22:38] C:\Program Files\Common Files\ACD Systems
[22/10/2008|18:44] C:\Program Files\Common Files\Adobe
[09/12/2007|19:00] C:\Program Files\Common Files\Ahead
[31/05/2008|16:10] C:\Program Files\Common Files\Apple
[22/05/2008|12:06] C:\Program Files\Common Files\CANON
[20/11/2007|09:13] C:\Program Files\Common Files\DESIGNER
[23/09/2007|19:09] C:\Program Files\Common Files\InstallShield
[11/11/2008|17:36] C:\Program Files\Common Files\InterVideo
[15/03/2008|10:13] C:\Program Files\Common Files\Java
[22/10/2008|18:36] C:\Program Files\Common Files\Macromedia
[20/11/2007|10:35] C:\Program Files\Common Files\Macrovision Shared
[11/11/2008|17:30] C:\Program Files\Common Files\microsoft shared
[27/05/2008|20:17] C:\Program Files\Common Files\Nokia
[27/05/2008|20:17] C:\Program Files\Common Files\PCSuite
[23/09/2007|19:13] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|18:18] C:\Program Files\Common Files\Services
[15/09/2008|07:22] C:\Program Files\Common Files\Skype
[23/09/2007|19:13] C:\Program Files\Common Files\Sonic Shared
[23/09/2007|19:26] C:\Program Files\Common Files\Sony Shared
[02/11/2006|18:18] C:\Program Files\Common Files\SpeechEngines
[19/11/2007|19:25] C:\Program Files\Common Files\Symantec Shared
[20/11/2007|09:07] C:\Program Files\Common Files\System
[11/11/2008|17:34] C:\Program Files\Common Files\Ulead Systems
[27/07/2008|23:13] C:\Program Files\Common Files\WindowsLiveInstaller
[30/12/2008|16:28] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 99 Processes )
iexplore.exe ~ [PID:1084]
MsgPlus.exe ~ [PID:3820]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-14 07:03:44
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 45
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:467][D:18]-> C:\Users\nathalie\AppData\Local\Temp
[F:57][D:1]-> C:\Users\nathalie\AppData\Roaming\MICROS~1\Windows\Cookies
[F:42][D:5]-> C:\Users\nathalie\AppData\Local\MICROS~2\Windows\TEMPOR~1\content.IE5
[F:45][D:6]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 14/01/2009| 7:07 - Option : [1]
--------------------\\ Fin du rapport a 7:07:53
[ UAC => 1 ]
panah,
on va faire un scan en ligne avec kaspersky :
Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.
@+
on va faire un scan en ligne avec kaspersky :
Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.
@+
bonjour , desole je suis pas tres rapide en ce moment
avant tout tu epux me dire le resultat des 2 derniers scans que je t ai envoye ,
je ne comprend pas pourquoin faire tout ces scan et apres rien ?
pourquoi en faire encore un autre , si on ne change pas dabord les autres ?
je suis novice alors j aimerai bien comprendre
merci
avant tout tu epux me dire le resultat des 2 derniers scans que je t ai envoye ,
je ne comprend pas pourquoin faire tout ces scan et apres rien ?
pourquoi en faire encore un autre , si on ne change pas dabord les autres ?
je suis novice alors j aimerai bien comprendre
merci
salut,
les scans que je te demande m´aide a voir ce qu´il y a dans ton pc...
comme je ne voies rien d´anormal, je te demande de faire un scan antivirus en ligne...
les scans que je te demande m´aide a voir ce qu´il y a dans ton pc...
comme je ne voies rien d´anormal, je te demande de faire un scan antivirus en ligne...
desole je suis un peu lente
en etant en thailand , j ai pleins de visiteurs
mon appart est toujours pleins
je viens d essaye Kaspersky , mais
Échec du chargement du contrôle ActiveX Kaspersky On-line Scanner!
Vous devez jouir des privilèges d'administrateur sur ce poste ;
en outre, il faut configurer le niveau de sécurité IE sur Moyen.
donc si je comprend bien il faut turn off le account user control ?
quand je suis aller pour turn off the user account control
spyboat me sort uyne autorisation de autocheck autochk
dois je autoriser ??
et ensuite dois je autorise l instalation de Kaspersky alors que j ai deja avast
cela ne va pas creer des conflies
merci
en etant en thailand , j ai pleins de visiteurs
mon appart est toujours pleins
je viens d essaye Kaspersky , mais
Échec du chargement du contrôle ActiveX Kaspersky On-line Scanner!
Vous devez jouir des privilèges d'administrateur sur ce poste ;
en outre, il faut configurer le niveau de sécurité IE sur Moyen.
donc si je comprend bien il faut turn off le account user control ?
quand je suis aller pour turn off the user account control
spyboat me sort uyne autorisation de autocheck autochk
dois je autoriser ??
et ensuite dois je autorise l instalation de Kaspersky alors que j ai deja avast
cela ne va pas creer des conflies
merci
alors , j ai mis sur mon bureaux usbfix et quand je clic dessus il ne s enclanche pas
systeme cannot find the path specified
et il me dis touche 1 nettoyge 2 vaccination 3 desinstaller
je fais 1 ....... ok ?