Sujet Précédent Sujet Suivant

Infection par Antivirus pro 2010

Fermé
Flumi - 3 oct. 2009 à 22:05
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 - 5 oct. 2009 à 23:11
Bonjour,

Je suis infesté depuis hier par antivirus pro 2010. Il rame terriblement et je ne peux plus utiliser internet. Au démarrage, antivirus pro 2010 se lance ainsi que différente fenêtre de "l'antivirus". J'utilise Avast comme antivirus qui a détecté le troyen mais n'a pas réussi à le supprimer. J'ai tenté Avast mais rien n'y fait...
Si un helper pouvait m'aider, je lui en serais très reconnaissant! (une fois de plus! :))
A voir également:

56 réponses

Réponse 1 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
3 oct. 2009 à 22:10
Salut, fais ceci :

RSIT ----->

[x] Télécharge Random's System Information Tool à cette adresse : http://images.malwareremoval.com/random/RSIT.exe

[x] Double clique sur " RSIT.exe ".

[x] Clique sur " Continue ".

[x] Si hijackthis n'est pas présent il sera automatiquement téléchargé et tu devras accepter la license.

[x] Une fois l'analyse finie, deux fichiers ( info.txt & log.txt ) s'ouvriront.

[x] Copie colle le contenu des deux rapports dans ton prochain message

-------> Si jamais tu as fermé les rapports sans faire attention, ils sont sous C:\rsit
0
Réponse 2 / 56
Flumi
3 oct. 2009 à 22:25
Voilà les 2 rapports
Merci!!!!!

info.txt logfile of random's system information tool 1.06 2009-10-03 22:18:27

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat Elements 6.0 - Français-->MsiExec.exe /I{E5E6E687-1036-BA7E-6000-000000000001}
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Photoshop Album 2.0 Edition Découverte-->MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
Adobe Photoshop Elements 2.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Premiere Standard-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{7998F67D-655B-42E3-B651-18D96DD17268}\setup.exe"
Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
Antivirus Pro 2010-->C:\Program Files\AntivirusPro_2010\Uninstall.exe
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AxCrypt (Désinstaller uniquement)-->"D:\Program Files\Axon Data\AxCrypt\AxCryptU.exe"
BitZipper 5.1-->"C:\Program Files\BitZipper\unins000.exe"
Click to DVD 2.1.10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C2F71B2-6C73-11D6-B659-00C04F790F76}\setup.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Counter-Strike 1.6-->D:\Program Files\Counter-Strike 1.6\Uninstal.exe
Counter-Strike: Condition Zero-->D:\Valve\CONDIT~1\UNWISE.EXE D:\Valve\CONDIT~1\INSTALL.LOG
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Données de menu Click to DVD 2.0.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98A3A654-3AEF-42D9-BA91-DE5815EA5897}\setup.exe"
Enregistrement en ligne VAIO (Français)-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{668B1BD6-4593-4959-970E-249AFFE6F35C} /l1036
Favorit-->"c:\documents and settings\fred\local settings\application data\xrcueyjc.exe" -uninstall
FlightParis AutogenPack-->D:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_fpap.exe
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.24\Installer\setup.exe" --uninstall --system-level
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HotKey Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB311F54-39D6-4A03-8E18-053D1B2833D7}\Setup.exe" -l0x40c
hp deskjet 940c series (Supprimer uniquement)-->C:\Program Files\hp deskjet 940c series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=940c -huninstall
HP Photo and Imaging 2.0 - Scanners-->MsiExec.exe /I{6CC93102-135E-49E2-99A4-C431E671C12A}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
InterVideo WinDVD 5 for VAIO-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
InterVideo WinDVDX-->"C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
iPod Updater 2004-08-06-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F8C106A-7DFC-45DE-8006-F9145AADF1D8} /l1036
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x40c
Lock Folder XP 3.6-->"D:\Program Files\Everstrike Software\Lock Folder XP 3.6\Uninstall.exe" "C:\Program Files\Fichiers communs\Everstrike Software\Lock Folder XP 3.6\install.log"
Macrogaming SweetIM 2.1-->MsiExec.exe /X{502358FB-0718-45BC-B142-7511F1694D58}
Macromedia Flash Player-->MsiExec.exe /X{27579b3c-5470-4496-be6c-0c872674f19f}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Flight Simulator 2004 Un siècle d'aviation-->"D:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Small Business-->MsiExec.exe /I{9113040C-6000-11D3-8CFE-0050048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
MoodLogic-->C:\WINDOWS\ml-uninstall-v10.exe
Mozilla Firefox (2.0.0.20)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
My Info Centre-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{62B715BC-01F5-4CC9-9811-D24ED44C16D4} /l1036
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OpenMG Limited Patch 4.0-04-07-14-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.0-04-07-14-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.0.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{6F1974D6-4249-43B6-88B0-9A9B8A33956C} /l1033 UNINSTALL
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PowerQuest PartitionMagic 8.0 Demo-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E691604-B328-4B4A-8F17-C9D6395075C5}\Setup.exe" -l0x40c
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoftV92 Data Fax Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D\HXFSETUP.EXE -U -IVEN_8086&DEV_24C6&SUBSYS_818C104D
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SonicStage 2.1.00-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\Setup.exe" -l0x40c UNINSTALL
SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB467B85-4F52-48C2-AEED-0673D00417B0}\Setup.exe" -l0x40c
Sony Notebook Setup-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{936FADC9-C609-471A-B6F2-A33E2E660D1A}\Setup.exe" -l0x40c
Sony USB Mouse-->PMUninst.exe MouseSuite98
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\Setup.exe" -l0x9
Sony Video Shared Library-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6990A2BF-D1D2-11D3-81BC-00609789C908}\setup.exe"
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VAIO Edit Components-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{761C9026-14F0-4352-8658-934558272404}\setup.exe"
VAIO Enquête (Français)-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9080C5D2-82FA-452A-87FA-CBB4B05D67A5} /l1036
VAIO Entertainment Platform-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}\Setup.exe" -l0x40c
VAIO GrandBlue Wallpaper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8E2BDAE-4AEB-464D-A410-89AF090B08D9}\Setup.exe" -l0x9
VAIO Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A43F939E-A863-433D-AC78-0897E44CFEB2}\setup.exe" -l0x40c
VAIO Media 3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EB317D8-8945-4FD6-B37F-DF470317C6AB}\Setup.exe" -l0x40c UNINSTALL
VAIO Media Integrated Server 3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A79D11B-FD82-4A5E-834F-20173515DD14}\setup.exe" -l0x40c UNINSTALL
VAIO Media Redistribution 3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7128C69B-8F7E-4336-8698-3FD3CDD955EC}\Setup.exe" -l0x40c UNINSTALL
VAIO Power Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\Setup.exe" -l0x40c
VAIO SLIT Pattern Wallpaper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{266AEE68-5718-4A31-BDD3-D356B1250C70}\Setup.exe" -l0x9
VAIO SLIT Scene Wallpaper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A17456ED-3432-49FF-A14D-E0F00A96A2AA}\Setup.exe" -l0x9
VAIO SLIT-A Screen Saver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D324F1B-A39E-4D5A-BA58-147416FE019A}\Setup.exe" -l0x9
VAIO SLIT-B Screen Saver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3600FB01-C63B-4A3D-B044-BB21792C6811}\Setup.exe" -l0x9
VAIO SLIT-C Screen Saver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01AF4645-78E6-46C4-B528-54863679CC40}\Setup.exe" -l0x9
VAIO TV Tuner Library 1.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC6E3CD5-A93D-44EA-85AE-894C1603B7E2}\Setup.exe"
VAIO Update 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\Setup.exe" -l0x40c
VAIO Zone-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}\Setup.exe" -l0x40c
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Wallpaper-->D:\Program Files\Wallpaper\uninst.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\Setup.exe" -l0x40c
Xara3D6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3783869-5D14-4838-A042-910DF816D070}\setup.exe" -l0x9
x-black LCD-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{546CCE4F-3620-47A8-98C9-4D6FD8F311AF} /l1036
YouTubeGet 5.2.1-->"c:\YouTubeGet\unins000.exe"
ZHPDiag 1.24-->"C:\Program Files\ZHPDiag\unins000.exe"

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 091002-0]

======System event log======

Computer Name: FRÉDÉRIC
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service Configuration automatique sans fil.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20091003205428.000000+120
Event Type: Informations
User: FRÉDÉRIC\Fred

Computer Name: FRÉDÉRIC
Event Code: 4202
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{50F4C089-A729-48A6-BC81-D6B71FFF7DE3} était déconnectée du réseau,
et la configuration réseau de la carte a été abandonnée. Si la carte
réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement.
Contactez le fabricant pour des pilotes mis à jour.

Record Number: 4
Source Name: Tcpip
Time Written: 20091003205257.000000+120
Event Type: Informations
User:

Computer Name: FRÉDÉRIC
Event Code: 18
Message: Windows ne peut pas enregistrer les clés de liaison Bluetooth sur le transmetteur local car il ne peut pas déterminer si la sécurité appropriée est activée pour le périphérique.

Record Number: 3
Source Name: BTHUSB
Time Written: 20091003205257.000000+120
Event Type: Avertissement
User:

Computer Name: FRÉDÉRIC
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20091003205242.000000+120
Event Type: Informations
User:

Computer Name: FRÉDÉRIC
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20091003205242.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: FRÉDÉRIC
Event Code: 1002
Message: Application bloquée QuickZip.exe, version 0.0.0.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 1081
Source Name: Application Hang
Time Written: 20071220232351.000000+060
Event Type: erreur
User:

Computer Name: FRÉDÉRIC
Event Code: 1002
Message: L'environnement s'est arrêté de façon inattendue et Explorer.exe a redémarré.

Record Number: 1080
Source Name: Winlogon
Time Written: 20071220232326.000000+060
Event Type: Informations
User:

Computer Name: FRÉDÉRIC
Event Code: 1002
Message: Application bloquée QuickZip.exe, version 0.0.0.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 1079
Source Name: Application Hang
Time Written: 20071220232033.000000+060
Event Type: erreur
User:

Computer Name: FRÉDÉRIC
Event Code: 1000
Message: Application défaillante fs9.exe, version 9.0.0.30612, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0xffff0000.

Record Number: 1078
Source Name: Application Error
Time Written: 20071220230836.000000+060
Event Type: erreur
User:

Computer Name: FRÉDÉRIC
Event Code: 1000
Message: Application défaillante fs9.exe, version 9.0.0.30612, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0xffff0000.

Record Number: 1077
Source Name: Application Error
Time Written: 20071220230533.000000+060
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0d06
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Le 2ème


Logfile of random's system information tool 1.06 (written by random/random)
Run by Fred at 2009-10-03 22:18:11
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 3 GB (15%) free of 20 GB
Total RAM: 511 MB (27% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2002-12-20 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class - D:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-21 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-02 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-21 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - SweetIM For Internet Explorer - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-21 256112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2003-11-07 114688]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-07-10 339968]
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe [2004-06-29 122880]
"VAIO Update 2"=C:\Program Files\sony\vaio update 2\VAIOUpdt.exe [2004-06-29 147456]
"Switcher.exe"=C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2004-01-19 290816]
"SonyPowerCfg"=C:\Program Files\sony\vaio power management\SPMgr.exe [2004-06-29 180224]
"Hcontrol"=C:\WINDOWS\ATK0100\Hcontrol.exe [2003-09-19 61440]
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2002-03-14 45056]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
"ezShieldProtector for Px"=C:\WINDOWS\system32\ezSP_Px.exe [2002-08-20 40960]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-20 196608]
"Share-to-Web Namespace Daemon"=c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"EoEngine"= []
"EoWeather"= []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-08-25 185632]
"Silent Fear Internet Radio"=rem D:\Program Files\Silent Fear\Silent Fear Internet Radio 3.1\InternetRadio.exe []
"LFAgent"= []
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"sysgif32"=C:\WINDOWS\Temp\wpv821254042811.exe [2009-10-02 36352]
"restorer32_a"=C:\WINDOWS\system32\restorer32_a.exe [2009-10-02 45056]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"Antivirus Pro 2010"=C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe [2009-10-02 567808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-17 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Silent Fear Internet Radio"=D:\Program Files\Silent Fear\Silent Fear Internet Radio 3.1\InternetRadio.exe []
"Fondecran"=D:\Program Files\Fondecran\Fondecran.exe /background []
"Wallpaper"=D:\Program Files\Wallpaper\Wallpaper.exe [2007-08-21 233472]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"xrcueyjc"=c:\documents and settings\fred\local settings\application data\xrcueyjc.exe [2009-10-01 393728]
"restorer32_a"=C:\Documents and Settings\Fred\restorer32_a.exe [2009-10-02 45056]
"mserv"=C:\Documents and Settings\Fred\Application Data\seres.exe [2009-10-02 13824]
"svchost"=C:\Documents and Settings\Fred\Application Data\svcst.exe [2009-10-02 13824]
"ntias64"=C:\Documents and Settings\Fred\Local Settings\Application Data\ntias64\ntias64.dll [2009-10-02 69632]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office10\OSA.EXE
Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe

C:\Documents and Settings\Fred\Menu Démarrer\Programmes\Démarrage
ikowin32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-07-10 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\Program Files\LimeWire\LimeWire.exe"="D:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"J:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="J:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="D:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e6634f1-ca09-11dc-9abf-080046db6a76}]
shell\AutoRun\command - H:\stub.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32325727-4cdb-11dc-895e-080046db6a76}]
shell\AutoRun\command - H:\setupSNK.exe


======List of files/folders created in the last 1 months======

2009-10-03 22:18:11 ----D---- C:\rsit
2009-10-03 22:18:11 ----D---- C:\Program Files\trend micro
2009-10-03 20:58:42 ----A---- C:\WINDOWS\system32\tmp.txt
2009-10-03 20:57:24 ----A---- C:\rapport.txt
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\404Fix.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\swsc.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-10-03 20:56:29 ----A---- C:\WINDOWS\system32\swreg.exe
2009-10-03 20:56:29 ----A---- C:\WINDOWS\system32\Process.exe
2009-10-02 22:51:58 ----A---- C:\WINDOWS\upah.dll
2009-10-02 22:51:58 ----A---- C:\WINDOWS\system32\tinaz.vbs
2009-10-02 22:51:58 ----A---- C:\WINDOWS\onizeny.com
2009-10-02 22:51:58 ----A---- C:\Program Files\Fichiers communs\ivum.dll
2009-10-02 22:51:57 ----A---- C:\WINDOWS\system32\gozaf.vbs
2009-10-02 22:51:57 ----A---- C:\Documents and Settings\Fred\Application Data\edyniwoga.com
2009-10-02 22:51:37 ----D---- C:\Program Files\AntivirusPro_2010
2009-10-02 18:01:48 ----A---- C:\Program Files\Fichiers communs\azaj.bat
2009-10-02 18:01:48 ----A---- C:\Documents and Settings\Fred\Application Data\keto.vbs
2009-10-02 18:01:48 ----A---- C:\Documents and Settings\Fred\Application Data\buciruko.bat
2009-10-02 18:01:47 ----A---- C:\WINDOWS\oronoge.dll
2009-10-02 18:01:47 ----A---- C:\WINDOWS\kixeryn.exe
2009-10-02 18:01:47 ----A---- C:\WINDOWS\ikyjam.bat
2009-10-02 18:01:46 ----A---- C:\WINDOWS\system32\heva.bat
2009-10-02 18:01:46 ----A---- C:\WINDOWS\lixugonaja.bat
2009-10-02 18:01:46 ----A---- C:\WINDOWS\cituko.bat
2009-10-02 17:45:01 ----D---- C:\Program Files\ZHPDiag
2009-10-02 17:30:09 ----A---- C:\Documents and Settings\Fred\Application Data\lizkavd.exe
2009-10-02 17:30:05 ----A---- C:\Documents and Settings\Fred\Application Data\svcst.exe
2009-10-02 17:30:01 ----A---- C:\Documents and Settings\Fred\Application Data\seres.exe
2009-10-02 17:29:53 ----A---- C:\WINDOWS\system32\restorer32_a.exe
2009-09-25 19:20:38 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2009-09-25 19:20:37 ----D---- C:\Documents and Settings\Fred\Application Data\MSN6
2009-09-23 07:52:07 ----D---- C:\tmpDownload
2009-09-22 20:56:46 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-09-22 20:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-09-22 20:50:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-09-21 11:41:37 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2009-09-21 11:40:56 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-21 11:40:48 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-21 11:40:06 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-21 11:39:50 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-21 11:38:07 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-21 11:36:33 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-21 11:36:14 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-21 11:33:50 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-21 11:18:26 ----D---- C:\tmp
2009-09-21 11:18:11 ----D---- C:\Download
2009-09-21 11:17:47 ----D---- C:\YouTubeGet
2009-09-21 10:04:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-21 10:01:07 ----SHD---- C:\Config.Msi
2009-09-21 08:52:17 ----A---- C:\WINDOWS\system32\muweb.dll
2009-09-21 08:52:16 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-09-21 08:52:16 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-09-20 20:23:38 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-20 20:22:00 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-20 20:19:39 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-20 20:17:31 ----D---- C:\Program Files\Microsoft
2009-09-20 20:17:06 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-20 20:16:14 ----D---- C:\Program Files\Windows Live
2009-09-20 20:01:15 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-11 07:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-11 07:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$

======List of files/folders modified in the last 1 months======

2009-10-03 22:18:11 ----RD---- C:\Program Files
2009-10-03 22:17:50 ----D---- C:\WINDOWS\Temp
2009-10-03 22:16:56 ----D---- C:\WINDOWS\Prefetch
2009-10-03 22:14:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-03 21:26:13 ----D---- C:\WINDOWS\system32
2009-10-03 21:16:55 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-03 20:30:12 ----D---- C:\Program Files\Mozilla Firefox
2009-10-03 05:29:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-02 22:51:58 ----D---- C:\WINDOWS
2009-10-02 22:51:58 ----D---- C:\Program Files\Fichiers communs
2009-10-02 17:30:31 ----DC---- C:\WINDOWS\system32\dllcache
2009-10-02 17:30:21 ----D---- C:\WINDOWS\system32\drivers
2009-10-02 06:57:10 ----HD---- C:\WINDOWS\inf
2009-10-01 07:11:49 ----D---- C:\WINDOWS\Help
2009-09-30 21:56:58 ----D---- C:\Documents and Settings\Fred\Application Data\Azureus
2009-09-30 20:43:50 ----D---- C:\Documents and Settings\Fred\Application Data\Real
2009-09-24 23:38:11 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-22 21:01:04 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-22 21:00:33 ----SHD---- C:\WINDOWS\Installer
2009-09-22 20:59:36 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-22 20:59:16 ----A---- C:\WINDOWS\win.ini
2009-09-22 20:56:20 ----A---- C:\WINDOWS\imsins.BAK
2009-09-22 06:59:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-21 14:23:43 ----SD---- C:\Documents and Settings\Fred\Application Data\Microsoft
2009-09-21 11:40:05 ----D---- C:\Program Files\Windows Media Player
2009-09-21 09:04:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-20 20:26:49 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-20 20:26:20 ----RSD---- C:\WINDOWS\assembly
2009-09-20 20:22:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-20 20:22:01 ----D---- C:\WINDOWS\WinSxS
2009-09-20 20:21:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-20 20:20:29 ----D---- C:\WINDOWS\system32\DirectX
2009-09-20 20:16:27 ----RSD---- C:\WINDOWS\Fonts
2009-09-11 07:03:15 ----D---- C:\WINDOWS\ie8updates
2009-09-04 22:41:13 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 LF30FS;LF30FS; \??\D:\Program Files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2004-09-02 15781]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-09 401408]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-07-05 627441]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-09-29 94601]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2003-08-14 125952]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-10-14 1043072]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [2003-10-14 197120]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-24 12288]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [2003-09-19 5786]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 SPI;Sony Programmable I/O Control Device; C:\WINDOWS\System32\DRIVERS\SonyPI.sys [2002-08-20 71961]
R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\tifmsony.sys [2004-05-21 65024]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter; C:\WINDOWS\System32\DRIVERS\w22n51.sys [2004-03-08 1657344]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-10-14 679808]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 32128]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-07-10 747008]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\System32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GcKernel;Pilote de filtre Microsoft SideWinder Value Add; C:\WINDOWS\system32\DRIVERS\GcKernel.sys [2008-04-13 59136]
S3 HIDSwvd;Minipilote de périphérique Microsoft SideWinder HID virtuel; C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys [2001-08-17 2688]
S3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\System32\DRIVERS\pelmouse.sys [2002-06-28 17251]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\System32\DRIVERS\pelusblf.sys [2001-07-24 7520]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SONYTVC;Sony MPEG RR-Engine; C:\WINDOWS\System32\DRIVERS\SONYTVC.sys [2004-07-14 235520]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA; C:\WINDOWS\system32\DRIVERS\SWUSBFLT.sys [2001-08-17 3968]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-02 379456]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2004-07-10 385024]
S2 gupdate1ca27fc1fce6200;Service Google Update (gupdate1ca27fc1fce6200); C:\Program Fi
0
Réponse 3 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
3 oct. 2009 à 22:27
Il manque le log.txt
0
Réponse 4 / 56
Flumi
3 oct. 2009 à 22:38
Il est en 2eme partie, j'ai collé info.txt et log.txt à la suite
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 56
Flumi
3 oct. 2009 à 22:55
Logfile of random's system information tool 1.06 (written by random/random)
Run by Fred at 2009-10-03 22:18:11
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 3 GB (15%) free of 20 GB
Total RAM: 511 MB (27% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2002-12-20 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class - D:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-21 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-02 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-21 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - SweetIM For Internet Explorer - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-21 256112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2003-11-07 114688]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-07-10 339968]
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe [2004-06-29 122880]
"VAIO Update 2"=C:\Program Files\sony\vaio update 2\VAIOUpdt.exe [2004-06-29 147456]
"Switcher.exe"=C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2004-01-19 290816]
"SonyPowerCfg"=C:\Program Files\sony\vaio power management\SPMgr.exe [2004-06-29 180224]
"Hcontrol"=C:\WINDOWS\ATK0100\Hcontrol.exe [2003-09-19 61440]
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2002-03-14 45056]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
"ezShieldProtector for Px"=C:\WINDOWS\system32\ezSP_Px.exe [2002-08-20 40960]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-20 196608]
"Share-to-Web Namespace Daemon"=c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"EoEngine"= []
"EoWeather"= []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-08-25 185632]
"Silent Fear Internet Radio"=rem D:\Program Files\Silent Fear\Silent Fear Internet Radio 3.1\InternetRadio.exe []
"LFAgent"= []
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"sysgif32"=C:\WINDOWS\Temp\wpv821254042811.exe [2009-10-02 36352]
"restorer32_a"=C:\WINDOWS\system32\restorer32_a.exe [2009-10-02 45056]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"Antivirus Pro 2010"=C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe [2009-10-02 567808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-17 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Silent Fear Internet Radio"=D:\Program Files\Silent Fear\Silent Fear Internet Radio 3.1\InternetRadio.exe []
"Fondecran"=D:\Program Files\Fondecran\Fondecran.exe /background []
"Wallpaper"=D:\Program Files\Wallpaper\Wallpaper.exe [2007-08-21 233472]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"xrcueyjc"=c:\documents and settings\fred\local settings\application data\xrcueyjc.exe [2009-10-01 393728]
"restorer32_a"=C:\Documents and Settings\Fred\restorer32_a.exe [2009-10-02 45056]
"mserv"=C:\Documents and Settings\Fred\Application Data\seres.exe [2009-10-02 13824]
"svchost"=C:\Documents and Settings\Fred\Application Data\svcst.exe [2009-10-02 13824]
"ntias64"=C:\Documents and Settings\Fred\Local Settings\Application Data\ntias64\ntias64.dll [2009-10-02 69632]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office10\OSA.EXE
Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe

C:\Documents and Settings\Fred\Menu Démarrer\Programmes\Démarrage
ikowin32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-07-10 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\Program Files\LimeWire\LimeWire.exe"="D:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"J:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="J:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="D:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e6634f1-ca09-11dc-9abf-080046db6a76}]
shell\AutoRun\command - H:\stub.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32325727-4cdb-11dc-895e-080046db6a76}]
shell\AutoRun\command - H:\setupSNK.exe


======List of files/folders created in the last 1 months======

2009-10-03 22:18:11 ----D---- C:\rsit
2009-10-03 22:18:11 ----D---- C:\Program Files\trend micro
2009-10-03 20:58:42 ----A---- C:\WINDOWS\system32\tmp.txt
2009-10-03 20:57:24 ----A---- C:\rapport.txt
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-10-03 20:56:32 ----A---- C:\WINDOWS\system32\404Fix.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-10-03 20:56:31 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\swsc.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-10-03 20:56:30 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-10-03 20:56:29 ----A---- C:\WINDOWS\system32\swreg.exe
2009-10-03 20:56:29 ----A---- C:\WINDOWS\system32\Process.exe
2009-10-02 22:51:58 ----A---- C:\WINDOWS\upah.dll
2009-10-02 22:51:58 ----A---- C:\WINDOWS\system32\tinaz.vbs
2009-10-02 22:51:58 ----A---- C:\WINDOWS\onizeny.com
2009-10-02 22:51:58 ----A---- C:\Program Files\Fichiers communs\ivum.dll
2009-10-02 22:51:57 ----A---- C:\WINDOWS\system32\gozaf.vbs
2009-10-02 22:51:57 ----A---- C:\Documents and Settings\Fred\Application Data\edyniwoga.com
2009-10-02 22:51:37 ----D---- C:\Program Files\AntivirusPro_2010
2009-10-02 18:01:48 ----A---- C:\Program Files\Fichiers communs\azaj.bat
2009-10-02 18:01:48 ----A---- C:\Documents and Settings\Fred\Application Data\keto.vbs
2009-10-02 18:01:48 ----A---- C:\Documents and Settings\Fred\Application Data\buciruko.bat
2009-10-02 18:01:47 ----A---- C:\WINDOWS\oronoge.dll
2009-10-02 18:01:47 ----A---- C:\WINDOWS\kixeryn.exe
2009-10-02 18:01:47 ----A---- C:\WINDOWS\ikyjam.bat
2009-10-02 18:01:46 ----A---- C:\WINDOWS\system32\heva.bat
2009-10-02 18:01:46 ----A---- C:\WINDOWS\lixugonaja.bat
2009-10-02 18:01:46 ----A---- C:\WINDOWS\cituko.bat
2009-10-02 17:45:01 ----D---- C:\Program Files\ZHPDiag
2009-10-02 17:30:09 ----A---- C:\Documents and Settings\Fred\Application Data\lizkavd.exe
2009-10-02 17:30:05 ----A---- C:\Documents and Settings\Fred\Application Data\svcst.exe
2009-10-02 17:30:01 ----A---- C:\Documents and Settings\Fred\Application Data\seres.exe
2009-10-02 17:29:53 ----A---- C:\WINDOWS\system32\restorer32_a.exe
2009-09-25 19:20:38 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2009-09-25 19:20:37 ----D---- C:\Documents and Settings\Fred\Application Data\MSN6
2009-09-23 07:52:07 ----D---- C:\tmpDownload
2009-09-22 20:56:46 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-09-22 20:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-09-22 20:50:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-09-21 11:41:37 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2009-09-21 11:40:56 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-21 11:40:48 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-21 11:40:06 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-21 11:39:50 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-21 11:38:07 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-21 11:36:33 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-21 11:36:14 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-21 11:33:50 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-21 11:18:26 ----D---- C:\tmp
2009-09-21 11:18:11 ----D---- C:\Download
2009-09-21 11:17:47 ----D---- C:\YouTubeGet
2009-09-21 10:04:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-21 10:01:07 ----SHD---- C:\Config.Msi
2009-09-21 08:52:17 ----A---- C:\WINDOWS\system32\muweb.dll
2009-09-21 08:52:16 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-09-21 08:52:16 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-09-20 20:23:38 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-20 20:22:00 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-20 20:19:39 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-20 20:17:31 ----D---- C:\Program Files\Microsoft
2009-09-20 20:17:06 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-20 20:16:14 ----D---- C:\Program Files\Windows Live
2009-09-20 20:01:15 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-11 07:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-11 07:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$

======List of files/folders modified in the last 1 months======

2009-10-03 22:18:11 ----RD---- C:\Program Files
2009-10-03 22:17:50 ----D---- C:\WINDOWS\Temp
2009-10-03 22:16:56 ----D---- C:\WINDOWS\Prefetch
2009-10-03 22:14:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-03 21:26:13 ----D---- C:\WINDOWS\system32
2009-10-03 21:16:55 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-03 20:30:12 ----D---- C:\Program Files\Mozilla Firefox
2009-10-03 05:29:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-02 22:51:58 ----D---- C:\WINDOWS
2009-10-02 22:51:58 ----D---- C:\Program Files\Fichiers communs
2009-10-02 17:30:31 ----DC---- C:\WINDOWS\system32\dllcache
2009-10-02 17:30:21 ----D---- C:\WINDOWS\system32\drivers
2009-10-02 06:57:10 ----HD---- C:\WINDOWS\inf
2009-10-01 07:11:49 ----D---- C:\WINDOWS\Help
2009-09-30 21:56:58 ----D---- C:\Documents and Settings\Fred\Application Data\Azureus
2009-09-30 20:43:50 ----D---- C:\Documents and Settings\Fred\Application Data\Real
2009-09-24 23:38:11 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-22 21:01:04 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-22 21:00:33 ----SHD---- C:\WINDOWS\Installer
2009-09-22 20:59:36 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-22 20:59:16 ----A---- C:\WINDOWS\win.ini
2009-09-22 20:56:20 ----A---- C:\WINDOWS\imsins.BAK
2009-09-22 06:59:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-21 14:23:43 ----SD---- C:\Documents and Settings\Fred\Application Data\Microsoft
2009-09-21 11:40:05 ----D---- C:\Program Files\Windows Media Player
2009-09-21 09:04:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-20 20:26:49 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-20 20:26:20 ----RSD---- C:\WINDOWS\assembly
2009-09-20 20:22:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-20 20:22:01 ----D---- C:\WINDOWS\WinSxS
2009-09-20 20:21:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-20 20:20:29 ----D---- C:\WINDOWS\system32\DirectX
2009-09-20 20:16:27 ----RSD---- C:\WINDOWS\Fonts
2009-09-11 07:03:15 ----D---- C:\WINDOWS\ie8updates
2009-09-04 22:41:13 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 LF30FS;LF30FS; \??\D:\Program Files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2004-09-02 15781]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-09 401408]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-07-05 627441]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-09-29 94601]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2003-08-14 125952]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-10-14 1043072]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [2003-10-14 197120]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-24 12288]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [2003-09-19 5786]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 SPI;Sony Programmable I/O Control Device; C:\WINDOWS\System32\DRIVERS\SonyPI.sys [2002-08-20 71961]
R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\tifmsony.sys [2004-05-21 65024]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter; C:\WINDOWS\System32\DRIVERS\w22n51.sys [2004-03-08 1657344]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-10-14 679808]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 32128]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-07-10 747008]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\System32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GcKernel;Pilote de filtre Microsoft SideWinder Value Add; C:\WINDOWS\system32\DRIVERS\GcKernel.sys [2008-04-13 59136]
S3 HIDSwvd;Minipilote de périphérique Microsoft SideWinder HID virtuel; C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys [2001-08-17 2688]
S3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\System32\DRIVERS\pelmouse.sys [2002-06-28 17251]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\System32\DRIVERS\pelusblf.sys [2001-07-24 7520]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SONYTVC;Sony MPEG RR-Engine; C:\WINDOWS\System32\DRIVERS\SONYTVC.sys [2004-07-14 235520]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA; C:\WINDOWS\system32\DRIVERS\SWUSBFLT.sys [2001-08-17 3968]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-02 379456]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2004-07-10 385024]
S2 gupdate1ca27fc1fce6200;Service Google Update (gupdate1ca27fc1fce6200); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-28 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 VAIO Entertainment Aggregation and Control Service;VAIO Entertainment Aggregation and Control Service; C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [2004-07-08 118784]
S3 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service; C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [2004-07-08 118877]
S3 VAIO Entertainment Task Scheduler;VAIO Entertainment Task Scheduler; C:\Program Files\sony\vaio entertainment\VzTaskScheduler.exe [2004-07-28 401408]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2004-07-08 69632]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe [2004-07-08 278528]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2004-07-09 1826816]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2004-06-16 57344]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2004-06-22 733184]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2004-06-16 188416]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
0
Réponse 6 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
3 oct. 2009 à 22:55
Autant pour moi, j'avais pas fait attention, mais il manque la partie log hijackthis.

Télécharge le ici : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

Puis refais un rapport RSIT ( juste le log.txt )
0
Réponse 7 / 56
Flumi
3 oct. 2009 à 23:08
Voilà ce que ça donne...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:13, on 03/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Temp\wpv821254042811.exe
C:\WINDOWS\system32\restorer32_a.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
D:\Program Files\Wallpaper\Wallpaper.exe
C:\documents and settings\fred\local settings\application data\xrcueyjc.exe
C:\Documents and Settings\Fred\restorer32_a.exe
C:\Documents and Settings\Fred\Application Data\seres.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Documents and Settings\Fred\Application Data\svcst.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Fred\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe tftp.nfo beforegllav
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Silent Fear Internet Radio] rem D:\Program Files\Silent Fear\Silent Fear Internet Radio 3.1\InternetRadio.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sysgif32] C:\WINDOWS\Temp\wpv821254042811.exe
O4 - HKLM\..\Run: [restorer32_a] C:\WINDOWS\system32\restorer32_a.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [Antivirus Pro 2010] "C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe" /hide
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Silent Fear Internet Radio] D:\Program Files\Silent Fear\Silent Fear Internet Radio 3.1\InternetRadio.exe
O4 - HKCU\..\Run: [Fondecran] "D:\Program Files\Fondecran\Fondecran.exe" /background
O4 - HKCU\..\Run: [Wallpaper] "D:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [xrcueyjc] "c:\documents and settings\fred\local settings\application data\xrcueyjc.exe" xrcueyjc
O4 - HKCU\..\Run: [restorer32_a] C:\Documents and Settings\Fred\restorer32_a.exe
O4 - HKCU\..\Run: [mserv] C:\Documents and Settings\Fred\Application Data\seres.exe
O4 - HKCU\..\Run: [svchost] C:\Documents and Settings\Fred\Application Data\svcst.exe
O4 - HKCU\..\Run: [ntias64] rundll32.exe "C:\Documents and Settings\Fred\Local Settings\Application Data\ntias64\ntias64.dll", DllInit
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: ikowin32.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: ikowin32.exe (User 'Default user')
O4 - Startup: ikowin32.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Google Update (gupdate1ca27fc1fce6200) (gupdate1ca27fc1fce6200) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe
0
Réponse 8 / 56
Astucien
3 oct. 2009 à 23:10
bonjours,

Les lignes du rapport Hijakcthis..,
Sont également présente dans la section ======Registry dump======

Ligne >>>>>> 02 - BHO ............
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]


etc..........
0
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
3 oct. 2009 à 23:15
Moins facile à analyser.
0
Réponse 9 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
3 oct. 2009 à 23:16
On a du boulot !

Commence par faire ceci :

-+-+-+-+-+-+-+-+-+-+-> ComboFix <-+-+-+-+-+-+-+-+-+-+-


[x] Télécharge ComboFIX ( de sUBs ) à cette adresse : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

[x] /!\ Fermez toutes les fenêtres de programme ouvertes /!\

[x] /!\ Désactivez toutes les protections résidentes ( Antivirus, Pare-Feu, AntiSpyware ) /!\

[x] Double clique sur " Combofix.exe "

[x] Suis les indications qui sont données à l'écran, à un moment tu auras un message te demandant d'installer la console de récupération, fais le

[x] Combofix va maintenant déconnecter ton PC d'internet

[x] Pendant le scan, ne touche à rien ( souris, clavier )

[x] A la fin du scan, le rapport s'ouvrira automatiquement, copie/colle le dans ton prochain message.

[o] Nb : Si jamais il ne s'ouvrait pas, il se trouve sous C:\Combofix.txt
0
Réponse 10 / 56
Astucien
3 oct. 2009 à 23:22
Bof..,
OK pour les BHO qui avec leurs CLSID, nécessite de replacer le [HKEY_LOCAL_MACHINE\........ pour chacun.

Après pour les ; Toolbar, Run de HKLM.. ou de HKCU.. et de Startup c'est pas plus compliqués
0
Réponse 11 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
3 oct. 2009 à 23:23
Les process sont pas listés dans l'info.txt
0
Réponse 12 / 56
Flumi
4 oct. 2009 à 00:06
Quelle galère, vraiment merci pour le coup de main.
Voilà le rapport:


ComboFix 09-10-01.05 - Fred 03/10/2009 23:34.1.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.194 [GMT 2:00]
Lancé depuis: c:\documents and settings\Fred\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 091002-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\agevehor.dl
c:\documents and settings\All Users\Application Data\ecisa._dl
c:\documents and settings\All Users\Application Data\powad.sys
c:\documents and settings\All Users\Application Data\rowizoba.bin
c:\documents and settings\All Users\Application Data\udyb._dl
c:\documents and settings\All Users\Application Data\uporizav.dl
c:\documents and settings\All Users\Application Data\uwomoze.sys
c:\documents and settings\All Users\Application Data\ygupanoj.dl
c:\documents and settings\All Users\Documents\agyju._dl
c:\documents and settings\All Users\Documents\ajewujyr.bat
c:\documents and settings\All Users\Documents\rihuzaf.pif
c:\documents and settings\Fred\Application Data\buciruko.bat
c:\documents and settings\Fred\Application Data\Dossier de téléchargement Share-to-Web
c:\documents and settings\Fred\Application Data\edyniwoga.com
c:\documents and settings\Fred\Application Data\kefuqivy.reg
c:\documents and settings\Fred\Application Data\keto.vbs
c:\documents and settings\Fred\Application Data\lizkavd.exe
c:\documents and settings\Fred\Application Data\seres.exe
c:\documents and settings\Fred\Application Data\suxonuje.lib
c:\documents and settings\Fred\Application Data\svcst.exe
c:\documents and settings\Fred\Application Data\wiaserva.log
c:\documents and settings\Fred\Cookies\eveg.ban
c:\documents and settings\Fred\Cookies\uxysos.bat
c:\documents and settings\Fred\Cookies\ygywajafe.dat
c:\documents and settings\Fred\Cookies\ykuvolyze.ban
c:\documents and settings\Fred\Local Settings\Application Data\cyjaxobyh.reg
c:\documents and settings\Fred\Local Settings\Application Data\imac.dl
c:\documents and settings\Fred\Local Settings\Application Data\mygicily.com
c:\documents and settings\Fred\Local Settings\Application Data\ntias64\ntias64.dll
c:\documents and settings\Fred\Local Settings\Application Data\uwazamucu.vbs
c:\documents and settings\Fred\Local Settings\Application Data\xrcueyjc.dat
c:\documents and settings\Fred\Local Settings\Application Data\xrcueyjc.exe
c:\documents and settings\Fred\Local Settings\Application Data\xrcueyjc_nav.dat
c:\documents and settings\Fred\Local Settings\Application Data\xrcueyjc_navps.dat
c:\documents and settings\Fred\Local Settings\Application Data\xytiwulade.vbs
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\afyzuce.ban
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\ijihur.db
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\uwarekym.com
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\ynanudoxu.dl
c:\documents and settings\Fred\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\Fred\restorer32_a.exe
c:\program files\Fichiers communs\azaj.bat
c:\program files\Fichiers communs\ivum.dll
c:\program files\Fichiers communs\qibin.pif
c:\windows\cituko.bat
c:\windows\ebusyp.bin
c:\windows\ikyjam.bat
c:\windows\iwakuxode.inf
c:\windows\kixeryn.exe
c:\windows\lixugonaja.bat
c:\windows\mikalyqog.pif
c:\windows\norunumaz._dl
c:\windows\nuwybehe.reg
c:\windows\oronoge.dll
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\aqeryliv.pif
c:\windows\system32\dumphive.exe
c:\windows\system32\enasuw.inf
c:\windows\system32\gozaf.vbs
c:\windows\system32\heva.bat
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\Ijl11.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\syrez.ban
c:\windows\system32\tinaz.vbs
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\vogo.reg
c:\windows\system32\WS2Fix.exe
c:\windows\system32\xulik.scr
c:\windows\upah.dll
c:\windows\uqila.ban

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-03 au 2009-10-03 ))))))))))))))))))))))))))))))))))))
.

2009-10-03 21:47 . 2009-10-03 21:47 -------- d-----w- c:\documents and settings\Fred\Application Data\Dossier de téléchargement Share-to-Web
2009-10-03 20:18 . 2009-10-03 20:18 -------- d-----w- C:\rsit
2009-10-03 20:18 . 2009-10-03 20:18 -------- d-----w- c:\program files\trend micro
2009-10-02 20:51 . 2009-10-02 20:51 14666 ----a-w- c:\windows\onizeny.com
2009-10-02 20:51 . 2009-10-02 20:51 10470 ----a-w- c:\windows\asod.dat
2009-10-02 15:45 . 2009-10-02 15:46 -------- d-----w- c:\program files\ZHPDiag
2009-10-02 15:30 . 2009-10-03 21:43 -------- d-----w- c:\documents and settings\Fred\Local Settings\Application Data\ntias64
2009-10-02 15:29 . 2009-10-02 15:29 45056 ----a-w- c:\windows\system32\restorer32_a.exe
2009-09-25 17:20 . 2009-09-25 17:20 -------- d-----w- c:\documents and settings\All Users\Application Data\MSN6
2009-09-25 17:20 . 2009-10-01 17:11 -------- d-----w- c:\documents and settings\Fred\Application Data\MSN6
2009-09-23 05:52 . 2009-09-23 06:01 -------- d-----w- C:\tmpDownload
2009-09-21 09:41 . 2009-09-21 09:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-09-21 09:40 . 2009-09-21 09:40 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-21 09:36 . 2009-09-21 09:38 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-09-21 09:36 . 2009-09-21 09:36 -------- d-----w- c:\windows\system32\LogFiles
2009-09-21 09:18 . 2009-09-21 09:18 -------- d-----w- C:\tmp
2009-09-21 09:18 . 2009-09-23 06:01 -------- d-----w- C:\Download
2009-09-21 09:17 . 2009-09-21 09:23 -------- d-----w- C:\YouTubeGet
2009-09-21 06:52 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-09-21 06:52 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-09-20 18:30 . 2009-09-20 18:30 -------- d-----w- c:\documents and settings\Fred\Tracing
2009-09-20 18:23 . 2009-09-22 04:53 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-20 18:22 . 2009-08-05 20:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-09-20 18:22 . 2009-09-20 18:22 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-09-20 18:21 . 2009-09-20 18:21 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-09-20 18:19 . 2009-09-20 18:19 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-20 18:17 . 2009-09-20 18:23 -------- d-----w- c:\program files\Microsoft
2009-09-20 18:17 . 2009-09-20 18:17 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-20 18:16 . 2009-09-20 18:22 -------- d-----w- c:\program files\Windows Live
2009-09-20 18:01 . 2009-09-20 18:01 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-09-10 05:23 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-04 20:38 . 2009-10-02 05:33 -------- d-----w- c:\documents and settings\Fred\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-03 21:49 . 2009-10-03 21:49 -------- d-----w- c:\documents and settings\Fred\Application Data\6974678903
2009-10-03 21:48 . 2009-10-03 21:48 58681 ----a-w- c:\documents and settings\Fred\restorer32_a.exe
2009-10-02 20:51 . 2009-10-02 20:51 11180 ----a-w- c:\documents and settings\Fred\Application Data\gapapopyvu.dat
2009-10-02 16:01 . 2009-10-02 16:01 17266 ----a-w- c:\program files\Fichiers communs\kivosume.db
2009-09-30 19:56 . 2007-08-17 10:32 -------- d-----w- c:\documents and settings\Fred\Application Data\Azureus
2009-09-22 04:59 . 2004-08-26 14:34 81294 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-22 04:59 . 2004-08-26 14:34 501470 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-20 18:29 . 2007-08-17 13:50 131896 ----a-w- c:\documents and settings\Fred\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-28 16:26 . 2004-08-27 09:48 -------- d-----w- c:\program files\Google
2009-08-28 16:25 . 2009-08-28 16:24 -------- d-----w- c:\program files\DivX
2009-08-28 16:24 . 2009-08-28 16:24 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-08-21 22:12 . 2009-08-21 22:12 -------- d-----w- c:\program files\MSBuild
2009-08-21 22:12 . 2009-08-21 22:12 -------- d-----w- c:\program files\Reference Assemblies
2009-08-06 17:24 . 2004-08-27 08:02 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2004-08-27 08:02 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2007-04-16 20:45 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2004-08-27 08:02 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2004-08-26 12:46 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-26 14:34 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2004-08-27 08:02 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2004-08-26 12:46 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:00 . 2002-12-11 22:14 205312 ------w- c:\windows\system32\mswebdvd.dll
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 19:03 . 2004-08-26 14:34 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2004-08-26 12:54 286208 ------w- c:\windows\system32\wmpdxm.dll
2009-07-10 11:01 . 2009-07-10 11:01 307560 ----a-w- c:\windows\WLXPGSS.SCR
2008-12-20 22:45 . 2007-08-17 14:01 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-20 22:45 . 2007-08-17 14:01 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-20 22:45 . 2007-08-17 14:06 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-20 22:46 . 2007-08-17 14:06 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-20 22:46 . 2007-08-17 14:01 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2007-12-20 21:33 . 2007-12-20 21:33 61 --sh--w- c:\windows\cnerolf.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-17 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Wallpaper"="d:\program files\Wallpaper\Wallpaper.exe" [2007-08-20 233472]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
"restorer32_a"="c:\documents and settings\Fred\restorer32_a.exe" [2009-10-03 58681]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Silent Fear Internet Radio"="rem" [X]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-10 339968]
"HKSERV.EXE"="c:\program files\Sony\HotKey Utility\HKserv.exe" [2004-06-29 122880]
"VAIO Update 2"="c:\program files\sony\vaio update 2\VAIOUpdt.exe" [2004-06-29 147456]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2004-01-19 290816]
"SonyPowerCfg"="c:\program files\sony\vaio power management\SPMgr.exe" [2004-06-29 180224]
"Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2003-09-19 61440]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-20 196608]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-08-25 185632]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"restorer32_a"="c:\windows\system32\restorer32_a.exe" [2009-10-02 45056]
"sysgif32"="c:\windows\Temp\wpv891254489937.exe" [2009-10-03 26112]
"6974678903"="c:\docume~1\Fred\APPLIC~1\697467~1\6974678903.exe" [2009-10-03 1048615]
"PromoReg"="c:\windows\Temp\_ex-08.exe" [2009-10-03 524800]
"Antivirus Pro 2010"="c:\program files\AntivirusPro_2010\AntivirusPro_2010.exe" [2009-10-03 567296]
"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\system32\ico.exe [2002-03-14 45056]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-17 110592]
Assistant d'Acrobat.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-7-30 217195]
Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Sagem - Utilitaire r‚seau pour Cl‚ USB Wi-Fi 802.11g.lnk - c:\program files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2007-8-17 679936]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Azureus\\Azureus.exe"=
"d:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"d:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21/04/2009 18:50 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21/04/2009 18:50 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [20/09/2009 20:22 54752]
R2 LF30FS;LF30FS;d:\program files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [19/11/2004 18:07 101488]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [30/10/2002 17:10 71961]
S2 gupdate1ca27fc1fce6200;Service Google Update (gupdate1ca27fc1fce6200);c:\program files\Google\Update\GoogleUpdate.exe [28/08/2009 18:25 133104]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [27/08/2004 09:49 17251]
S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBlf.SYS [27/08/2004 09:49 7520]
S3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA;c:\windows\system32\drivers\SWUSBFLT.SYS [17/12/2007 23:51 3968]
S3 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [27/08/2004 11:10 118877]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM --> c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM [?]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\drivers\WlanUIG.sys [17/08/2007 21:48 379456]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-09-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

2009-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 16:24]

2009-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 16:24]
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xporter vers Microsoft Excel - d:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
FF - ProfilePath - c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\3xgx3ht3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?sourceid=navclient-ff&ie=UTF-8&rlz=1R0GGGL_fr
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Silent Fear Internet Radio - d:\program files\Silent Fear\Silent Fear Internet Radio 3.1\InternetRadio.exe
HKCU-Run-Fondecran - d:\program files\Fondecran\Fondecran.exe
HKCU-Run-xrcueyjc - c:\documents and settings\fred\local settings\application data\xrcueyjc.exe
HKCU-Run-mserv - c:\documents and settings\Fred\Application Data\seres.exe
HKCU-Run-ntias64 - c:\documents and settings\Fred\Local Settings\Application Data\ntias64\ntias64.dll
HKCU-Run-svchost - c:\documents and settings\Fred\Application Data\svcst.exe
HKLM-Run-Regedit32 - c:\windows\system32\regedit.exe
HKLM-Run-EoEngine - (no file)
HKLM-Run-EoWeather - (no file)
HKLM-Run-LFAgent - (no file)
AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9c.exe
AddRemove-xrcueyjc - c:\documents and settings\fred\local settings\application data\xrcueyjc.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-03 23:47
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,ea,76,13,49,29,
61,7d,00,c8,28,51,af,b0,29,a3,98,d5,5d,ba,af,b5,3a,47,f0,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,47,96,56,21,86,
93,b4,c3,71,3b,04,66,8b,46,0d,96,1c,56,97,38,6f,10,70,30,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,be,5f,a2,d0,75,
49,52,90,25,da,ec,7e,55,20,c9,26,d3,0b,31,93,cd,cb,44,58,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,70,52,9d,04,ff,
d1,24,3c,3e,1e,9e,e0,57,5a,93,61,f7,0e,11,6a,c8,c6,cf,ee,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:e9,02,6c,fa,fb,1d,47,57,9b,87,69,02,f7,
74,32,65,cd,44,cd,b9,a6,33,6c,cd,49,d1,bd,eb,29,be,ea,4a,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,a8,9c,4b,7c,9e,
9e,b3,58,b0,18,ed,a7,3f,8d,37,a4,7a,20,20,a0,dc,d3,85,40,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,8f,f3,9d,26,77,
0d,28,66,31,77,e1,ba,b1,f8,68,02,35,e1,92,77,40,2e,07,e7,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,5e,05,23,a9,b5,
a4,87,45,83,6c,56,8b,a0,85,96,ab,ce,f6,90,f6,08,30,04,30,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,ca,be,01,bd,32,
c0,40,e7,51,fa,6e,91,28,9e,14,cc,ec,ff,a8,b9,7f,e1,7b,a3,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,2f,2b,ef,01,e7,
80,9b,81,b1,cd,45,5a,a8,c4,f8,b9,f8,38,ea,3d,d5,da,a9,64,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,32,a9,9f,99,eb,
a9,9d,7c,e3,0e,66,d5,eb,bc,2f,6b,2f,94,c7,03,a1,0b,38,88,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,8f,3d,60,fc,f1,
b2,ef,04,fa,ea,66,7f,d4,3b,6b,70,11,7c,60,5a,1b,08,03,6c,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(948)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\CLBCATQ.DLL

- - - - - - - > 'explorer.exe'(2524)
c:\program files\Fichiers communs\Ahead\Lib\NeroSearchBar.dll
c:\program files\Fichiers communs\Ahead\Lib\MFC71U.DLL
c:\program files\Fichiers communs\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
d:\program files\Microsoft Office\Office10\msohev.dll
c:\program files\Nero\Nero 7\Nero BackItUp\NBShell.dll
c:\program files\BitZipper\BZShlExt.dll
d:\program files\Axon Data\AxCrypt\1.6.3-0\AxCrypt.dll
c:\program files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
c:\program files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
c:\program files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL
c:\program files\Hewlett-Packard\HP Share-to-Web\S2WNSRES.DLL
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
c:\program files\Fichiers communs\Ahead\Lib\MediaLibraryNSE.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Apoint\ApntEx.exe
c:\windows\system32\rundll32.exe
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
c:\windows\ATK0100\ATKOSD.exe
c:\program files\sony\HotKey Utility\HKWnd.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Java\jre1.6.0_05\bin\jucheck.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-10-03 23:59 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-03 21:59

Avant-CF: 3 134 046 208 octets libres
Après-CF: 3 320 840 192 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

413 --- E O F --- 2009-09-22 19:00
0
Réponse 13 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
4 oct. 2009 à 06:53
Ok, combofix à fait du bon boulot ( comme d'habitude lol )

Fais maintenant ceci :

[x] Crée un nouveau fichier texte ( .txt ) , copie/colle ce qui est en gras dedans :

KillAll::

File::
c:\windows\asod.dat
c:\windows\onizeny.com
c:\windows\system32\restorer32_a.exe


[x] Enregistre le ensuite en CFScript.txt sur ton bureau.

[x] Ensuite, fais glisser l'icone de CFScript.txt sur l'icone de combofix.exe, combofix se lancera

[x] Patiente pendant le scan, puis copie/colle le rapport qui s'ouvrira
0
Réponse 14 / 56
Flumi
4 oct. 2009 à 09:18
Salut Xplode!

Ya du nouveau, antivirus pro 2010 ne s'ouvre plus, il semble avoir disparu :-) La croix rouge d'alerte à disparu aussi de la barre. Ce que j'ai toujours, c'est le message d'ATI:

"Impossible de lancer panneau de contrôle ATI car aucun pilote d'ATI ne fonctionne pas correctement. Le panneau de contrôle ATI va fermer"

Voilà ce que ça donne avec Combofix:

ComboFix 09-10-01.05 - Fred 04/10/2009 8:43.2.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.328 [GMT 2:00]
Lancé depuis: c:\documents and settings\Fred\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Fred\Bureau\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 091003-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\asod.dat"
"c:\windows\onizeny.com"
"c:\windows\system32\restorer32_a.exe"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\cenezomi.reg
c:\documents and settings\All Users\Documents\tedit.exe
c:\documents and settings\Fred\Application Data\Dossier de téléchargement Share-to-Web
c:\documents and settings\Fred\Application Data\lizkavd.exe
c:\documents and settings\Fred\Application Data\Microsoft\Clip Organizer\mstore10.mgc
c:\documents and settings\Fred\Application Data\Microsoft\Clip Organizer\Offic10.MGC
c:\documents and settings\Fred\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusPro_2010.lnk
c:\documents and settings\Fred\Application Data\rezeva._sy
c:\documents and settings\Fred\Application Data\wiaserva.log
c:\documents and settings\Fred\Application Data\wyqodibul.com
c:\documents and settings\Fred\Bureau\AntivirusPro_2010.lnk
c:\documents and settings\Fred\Cookies\erycizaka._dl
c:\documents and settings\Fred\Cookies\filehaju.ban
c:\documents and settings\Fred\Cookies\tukupygofu.vbs
c:\documents and settings\Fred\Local Settings\Application Data\esigesem.exe
c:\documents and settings\Fred\Local Settings\Application Data\feqiga.dl
c:\documents and settings\Fred\Local Settings\Application Data\iniferoba.bat
c:\documents and settings\Fred\Local Settings\Application Data\qyvogi.scr
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\edidezik.ban
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\onukaco.com
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\sucymi.scr
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\xuzynuv.vbs
c:\documents and settings\Fred\Local Settings\Temporary Internet Files\zozekapir.inf
c:\documents and settings\Fred\restorer32_a.exe
c:\program files\AntivirusPro_2010
c:\program files\AntivirusPro_2010\AntivirusPro_2010.cfg
c:\program files\AntivirusPro_2010\AntivirusPro_2010.exe
c:\program files\AntivirusPro_2010\AVEngn.dll
c:\program files\AntivirusPro_2010\data\daily.cvd
c:\program files\AntivirusPro_2010\htmlayout.dll
c:\program files\AntivirusPro_2010\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
c:\program files\AntivirusPro_2010\Microsoft.VC80.CRT\msvcm80.dll
c:\program files\AntivirusPro_2010\Microsoft.VC80.CRT\msvcp80.dll
c:\program files\AntivirusPro_2010\Microsoft.VC80.CRT\msvcr80.dll
c:\program files\AntivirusPro_2010\pthreadVC2.dll
c:\program files\AntivirusPro_2010\Uninstall.exe
c:\program files\AntivirusPro_2010\wscui.cpl
c:\windows\asod.dat
c:\windows\emefaz.scr
c:\windows\mylyro.dll
c:\windows\neryhimoq.exe
c:\windows\onizeny.com
c:\windows\opos.sys
c:\windows\rucipesi.sys
c:\windows\system32\_scui.cpl
c:\windows\system32\evyrixiqah.bin
c:\windows\system32\restorer32_a.exe
c:\windows\system32\tudaburolo.bin

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-04 au 2009-10-04 ))))))))))))))))))))))))))))))))))))
.

2009-10-03 21:54 . 2009-10-03 21:54 18859 ----a-w- c:\program files\Fichiers communs\odivysory.dat
2009-10-03 21:54 . 2009-10-03 21:54 16303 ----a-w- c:\documents and settings\Fred\Local Settings\Application Data\zuponoxupy.dat
2009-10-03 21:49 . 2009-10-03 21:49 -------- d-----w- c:\documents and settings\Fred\Application Data\6974678903
2009-10-03 21:47 . 2009-10-03 21:47 -------- d-----w- c:\documents and settings\Fred\Application Data\Dossier de téléchargement Share-to-Web
2009-10-03 20:18 . 2009-10-03 20:18 -------- d-----w- C:\rsit
2009-10-03 20:18 . 2009-10-03 20:18 -------- d-----w- c:\program files\trend micro
2009-10-02 15:45 . 2009-10-02 15:46 -------- d-----w- c:\program files\ZHPDiag
2009-10-02 15:30 . 2009-10-03 21:43 -------- d-----w- c:\documents and settings\Fred\Local Settings\Application Data\ntias64
2009-09-25 17:20 . 2009-09-25 17:20 -------- d-----w- c:\documents and settings\All Users\Application Data\MSN6
2009-09-25 17:20 . 2009-10-01 17:11 -------- d-----w- c:\documents and settings\Fred\Application Data\MSN6
2009-09-23 05:52 . 2009-09-23 06:01 -------- d-----w- C:\tmpDownload
2009-09-21 09:41 . 2009-09-21 09:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-09-21 09:40 . 2009-09-21 09:40 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-21 09:36 . 2009-09-21 09:38 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-09-21 09:36 . 2009-09-21 09:36 -------- d-----w- c:\windows\system32\LogFiles
2009-09-21 09:18 . 2009-09-21 09:18 -------- d-----w- C:\tmp
2009-09-21 09:18 . 2009-09-23 06:01 -------- d-----w- C:\Download
2009-09-21 09:17 . 2009-09-21 09:23 -------- d-----w- C:\YouTubeGet
2009-09-21 06:52 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-09-21 06:52 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-09-20 18:30 . 2009-09-20 18:30 -------- d-----w- c:\documents and settings\Fred\Tracing
2009-09-20 18:23 . 2009-09-22 04:53 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-20 18:22 . 2009-08-05 20:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-09-20 18:22 . 2009-09-20 18:22 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-09-20 18:21 . 2009-09-20 18:21 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-09-20 18:19 . 2009-09-20 18:19 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-20 18:17 . 2009-09-20 18:23 -------- d-----w- c:\program files\Microsoft
2009-09-20 18:17 . 2009-09-20 18:17 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-20 18:16 . 2009-09-20 18:22 -------- d-----w- c:\program files\Windows Live
2009-09-20 18:01 . 2009-09-20 18:01 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-09-10 05:23 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-04 20:38 . 2009-10-02 05:33 -------- d-----w- c:\documents and settings\Fred\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-02 20:51 . 2009-10-02 20:51 11180 ----a-w- c:\documents and settings\Fred\Application Data\gapapopyvu.dat
2009-10-02 16:01 . 2009-10-02 16:01 17266 ----a-w- c:\program files\Fichiers communs\kivosume.db
2009-09-30 19:56 . 2007-08-17 10:32 -------- d-----w- c:\documents and settings\Fred\Application Data\Azureus
2009-09-22 04:59 . 2004-08-26 14:34 81294 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-22 04:59 . 2004-08-26 14:34 501470 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-20 18:29 . 2007-08-17 13:50 131896 ----a-w- c:\documents and settings\Fred\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-28 16:26 . 2004-08-27 09:48 -------- d-----w- c:\program files\Google
2009-08-28 16:25 . 2009-08-28 16:24 -------- d-----w- c:\program files\DivX
2009-08-28 16:24 . 2009-08-28 16:24 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-08-21 22:12 . 2009-08-21 22:12 -------- d-----w- c:\program files\MSBuild
2009-08-21 22:12 . 2009-08-21 22:12 -------- d-----w- c:\program files\Reference Assemblies
2009-08-06 17:24 . 2004-08-27 08:02 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2004-08-27 08:02 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2007-04-16 20:45 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2004-08-27 08:02 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2004-08-26 12:46 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-26 14:34 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2004-08-27 08:02 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2004-08-26 12:46 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:00 . 2002-12-11 22:14 205312 ------w- c:\windows\system32\mswebdvd.dll
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 19:03 . 2004-08-26 14:34 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2004-08-26 12:54 286208 ------w- c:\windows\system32\wmpdxm.dll
2009-07-10 11:01 . 2009-07-10 11:01 307560 ----a-w- c:\windows\WLXPGSS.SCR
2008-12-20 22:45 . 2007-08-17 14:01 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-20 22:45 . 2007-08-17 14:01 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-20 22:45 . 2007-08-17 14:06 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-20 22:46 . 2007-08-17 14:06 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-20 22:46 . 2007-08-17 14:01 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2007-12-20 21:33 . 2007-12-20 21:33 61 --sh--w- c:\windows\cnerolf.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-10-03_21.47.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-04 06:51 . 2009-10-04 06:51 16384 c:\windows\temp\Perflib_Perfdata_7e8.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-17 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Wallpaper"="d:\program files\Wallpaper\Wallpaper.exe" [2007-08-20 233472]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Silent Fear Internet Radio"="rem" [X]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-10 339968]
"HKSERV.EXE"="c:\program files\Sony\HotKey Utility\HKserv.exe" [2004-06-29 122880]
"VAIO Update 2"="c:\program files\sony\vaio update 2\VAIOUpdt.exe" [2004-06-29 147456]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2004-01-19 290816]
"SonyPowerCfg"="c:\program files\sony\vaio power management\SPMgr.exe" [2004-06-29 180224]
"Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2003-09-19 61440]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-20 196608]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-08-25 185632]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"6974678903"="c:\docume~1\Fred\APPLIC~1\697467~1\6974678903.exe" [2009-10-03 1048615]
"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\system32\ico.exe [2002-03-14 45056]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-17 110592]
Assistant d'Acrobat.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-7-30 217195]
Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Sagem - Utilitaire r‚seau pour Cl‚ USB Wi-Fi 802.11g.lnk - c:\program files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2007-8-17 679936]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2008-4-14 32256]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Azureus\\Azureus.exe"=
"d:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"d:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21/04/2009 18:50 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21/04/2009 18:50 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [20/09/2009 20:22 54752]
R2 LF30FS;LF30FS;d:\program files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [19/11/2004 18:07 101488]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [30/10/2002 17:10 71961]
S2 gupdate1ca27fc1fce6200;Service Google Update (gupdate1ca27fc1fce6200);c:\program files\Google\Update\GoogleUpdate.exe [28/08/2009 18:25 133104]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [27/08/2004 09:49 17251]
S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBlf.SYS [27/08/2004 09:49 7520]
S3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA;c:\windows\system32\drivers\SWUSBFLT.SYS [17/12/2007 23:51 3968]
S3 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [27/08/2004 11:10 118877]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM --> c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM [?]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\drivers\WlanUIG.sys [17/08/2007 21:48 379456]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - PCANDIS5

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-09-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

2009-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 16:24]

2009-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 16:24]
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xporter vers Microsoft Excel - d:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
FF - ProfilePath - c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\3xgx3ht3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?sourceid=navclient-ff&ie=UTF-8&rlz=1R0GGGL_fr
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-restorer32_a - c:\documents and settings\Fred\restorer32_a.exe
HKLM-Run-restorer32_a - c:\windows\system32\restorer32_a.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-04 08:52
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,ea,76,13,49,29,
61,7d,00,c8,28,51,af,b0,29,a3,98,d5,5d,ba,af,b5,3a,47,f0,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,47,96,56,21,86,
93,b4,c3,71,3b,04,66,8b,46,0d,96,1c,56,97,38,6f,10,70,30,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,be,5f,a2,d0,75,
49,52,90,25,da,ec,7e,55,20,c9,26,d3,0b,31,93,cd,cb,44,58,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,70,52,9d,04,ff,
d1,24,3c,3e,1e,9e,e0,57,5a,93,61,f7,0e,11,6a,c8,c6,cf,ee,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:e9,02,6c,fa,fb,1d,47,57,9b,87,69,02,f7,
74,32,65,cd,44,cd,b9,a6,33,6c,cd,49,d1,bd,eb,29,be,ea,4a,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,a8,9c,4b,7c,9e,
9e,b3,58,b0,18,ed,a7,3f,8d,37,a4,7a,20,20,a0,dc,d3,85,40,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,8f,f3,9d,26,77,
0d,28,66,31,77,e1,ba,b1,f8,68,02,35,e1,92,77,40,2e,07,e7,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,5e,05,23,a9,b5,
a4,87,45,83,6c,56,8b,a0,85,96,ab,ce,f6,90,f6,08,30,04,30,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,ca,be,01,bd,32,
c0,40,e7,51,fa,6e,91,28,9e,14,cc,ec,ff,a8,b9,7f,e1,7b,a3,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,2f,2b,ef,01,e7,
80,9b,81,b1,cd,45,5a,a8,c4,f8,b9,f8,38,ea,3d,d5,da,a9,64,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,32,a9,9f,99,eb,
a9,9d,7c,e3,0e,66,d5,eb,bc,2f,6b,2f,94,c7,03,a1,0b,38,88,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,8f,3d,60,fc,f1,
b2,ef,04,fa,ea,66,7f,d4,3b,6b,70,11,7c,60,5a,1b,08,03,6c,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(932)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2612)
c:\program files\Macrogaming\SweetIM\mgAdaptersProxy.dll
c:\program files\Fichiers communs\Ahead\Lib\NeroSearchBar.dll
c:\program files\Fichiers communs\Ahead\Lib\MSVCP71.dll
c:\program files\Fichiers communs\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nero\Nero 7\Nero BackItUp\NBShell.dll
c:\program files\BitZipper\BZShlExt.dll
c:\windows\system32\PortableDeviceTypes.dll
d:\program files\Axon Data\AxCrypt\1.6.3-0\AxCrypt.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Apoint\ApntEx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\program files\sony\HotKey Utility\HKWnd.exe
c:\windows\ATK0100\ATKOSD.exe
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Heure de fin: 2009-10-04 9:00 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-04 07:00
ComboFix2.txt 2009-10-03 21:59

Avant-CF: 3 337 003 008 octets libres
Après-CF: 3 289 366 528 octets libres

361 --- E O F --- 2009-09-22 19:00
0
Réponse 15 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
4 oct. 2009 à 09:19
Ok, mais tu n'es pas pour autant complètement désinfécté.

Fais ceci :

-+-+-+-> AD-Remover <-+-+-+-


[x] Si tu es sous vista : Désactive l'UAC (Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le)

[x] Télécharge Ad-remover (de C_XX) sur ton bureau : http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

[x] Lance l'installation avec les paramètres par défaut..

! Déconnecte toi et ferme toutes applications en cours !

[x] Double-clique sur le raccourci Ad-Remover sur ton Bureau. (Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista))

[x] Séléctionne l'option F pour français

[x] A la fenêtre qui s'affiche clique sur " oui "

[x] Séléctionne l'option S

[x] Laisse l'outil travailler.

[x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre

[x] Copie/colle le dans ton prochain post
0
Réponse 16 / 56
Flumi
4 oct. 2009 à 09:42
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_X | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 03.10.2009 à 19:51
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 9:31:02, 04/10/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: FRDRIC | Utilisateur actuel: Fred
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.

HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCU\Software\SWEETIE
HKLM\Software\Classes\CLSID\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\MgMediaPlayer.GifAnimator
HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM\Software\Classes\SWEETIE.IEToolbar
HKLM\Software\Classes\SWEETIE.IEToolbar.1
HKLM\Software\Classes\SWEETIE.SWEETIE
HKLM\Software\Classes\SWEETIE.SWEETIE.1
HKLM\Software\Classes\ToolBand.SWEETIE
HKLM\Software\Classes\ToolBand.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\EoRezo
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
HKU\S-1-5-21-390833125-1082034725-3698614369-1005\Software\Eorezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\BF8532058170CB541B2457111F96D485
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-21-390833125-1082034725-3698614369-1005\Components\96D82BE152767B245B7D948EF9126F46
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-21-390833125-1082034725-3698614369-1005\Components\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-21-390833125-1082034725-3698614369-1005\Components\DF75D238060B32E42A452FB5F328222E
HKLM\software\classes\installer\Products\BF8532058170CB541B2457111F96D485
.
C:\Documents and Settings\Fred\Application Data\EoRezo
C:\Program Files\Advantage
C:\Program Files\Macrogaming
C:\Windows\Installer\14eac738.msi
C:\Windows\Installer\14eac73f.msi
C:\WINDOWS\Prefetch\SWEETIM.EXE-2E64256A.pf
C:\Documents and Settings\Fred\Cookies\fred@ask[2].txt
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 2.0.0.20 *
.
Nom du profil: 3xgx3ht3.default (Fred)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Google");
(Prefs.js) user_pref("browser.search.selectedEngine", "Wikipédia (fr)");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/webhp?sourceid=navclient-ff&ie=UTF-8&rlz=1R0GGGL_fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.20");
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\_call_of_duty_2__FR__le_JEU_cracks_keygen_patch_1_3_logiciel_pour_jouer_sur_le_net.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\call_of_duty_2__FR__le_JEU_cracks_keygen_patch_1_3_logiciel_pour_jouer_sur_le_net.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_of_Duty_4_Cracks_Key_SAVED.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_Of_Duty_4_Key__NOCD_Crack.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Folder_Guard_Professional_v7_91_included_Keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\FS2004_FS2002_FS2000_FS98_FS_Navigator_4_7_keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Lock_Folder_XP_v3_5___Crack__ScottayB_.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\MahJong_Suite_2008_v5_0_WinALL_Incl_Keygen_BRD.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Microsoft_Office_2007_Complete_DVD___Serial.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Microsoft_Office_2007_Complete_DVD___Serial-1.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Nero_7_Premium_7_10_1__French_English____keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\POWER_ISO_3_8___Keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\WinZip_10_french___crack.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Winzip_11_pro___Crack_Really_Working.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Xara3D_v6_Serial_Patch_HeartBug.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Xara3D_v6_with_Serial_Patch___NEWEST_VERSION.torrent
.
===================================
.
11404 Octet(s) - C:\Ad-Report-SCAN[1].log
.
2 Fichier(s) - C:\DOCUME~1\Fred\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
1 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 9:39:25 | 04/10/2009 - SCAN[1]
.
============== E.O.F ==============
.
0
Réponse 17 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
4 oct. 2009 à 09:44

C:\Documents and Settings\Fred\Application Data\Azureus\torrents\_call_of_duty_2__FR__le_JEU_cracks_keygen_patch_1_3_logiciel_pour_jouer_sur_le_net.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\call_of_duty_2__FR__le_JEU_cracks_keygen_patch_1_3_logiciel_pour_jouer_sur_le_net.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_of_Duty_4_Cracks_Key_SAVED.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_Of_Duty_4_Key__NOCD_Crack.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Folder_Guard_Professional_v7_91_included_Keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\FS2004_FS2002_FS2000_FS98_FS_Navigator_4_7_keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Lock_Folder_XP_v3_5___Crack__ScottayB_.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\MahJong_Suite_2008_v5_0_WinALL_Incl_Keygen_BRD.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Microsoft_Office_2007_Complete_DVD___Serial.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Microsoft_Office_2007_Complete_DVD___Serial-1.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Nero_7_Premium_7_10_1__French_English____keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\POWER_ISO_3_8___Keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\WinZip_10_french___crack.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Winzip_11_pro___Crack_Really_Working.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Xara3D_v6_Serial_Patch_HeartBug.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Xara3D_v6_with_Serial_Patch___NEWEST_VERSION.torrent


A supprimer, les cracks/keygens sont source d'infection.

-+-+-+-> Suppression - AD-Remover <-+-+-+-


[x] Relance Ad-Remover puis séléctionne l'option " L "

[x] Une fois le nettoyage terminé, le rapport s'affiche.

[x] Copie/Colle le dans ton prochain message
0
Réponse 18 / 56
Flumi
4 oct. 2009 à 09:59
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_X | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 03.10.2009 à 19:51
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 9:47:42, 04/10/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: FRDRIC | Utilisateur actuel: Fred
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKCU\Software\EoRezo
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCU\Software\SWEETIE
HKLM\Software\Classes\CLSID\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\MgMediaPlayer.GifAnimator
HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1
HKLM\Software\Classes\SWEETIE.IEToolbar
HKLM\Software\Classes\SWEETIE.IEToolbar.1
HKLM\Software\Classes\SWEETIE.SWEETIE
HKLM\Software\Classes\SWEETIE.SWEETIE.1
HKLM\Software\Classes\ToolBand.SWEETIE
HKLM\Software\Classes\ToolBand.SWEETIE.1
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\EoRezo
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\BF8532058170CB541B2457111F96D485
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-21-390833125-1082034725-3698614369-1005\Components\96D82BE152767B245B7D948EF9126F46
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-21-390833125-1082034725-3698614369-1005\Components\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-21-390833125-1082034725-3698614369-1005\Components\DF75D238060B32E42A452FB5F328222E
HKLM\software\classes\installer\Products\BF8532058170CB541B2457111F96D485
.
C:\Documents and Settings\Fred\Application Data\EoRezo\cache
C:\Documents and Settings\Fred\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\Fred\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\Fred\Application Data\EoRezo\db
C:\Documents and Settings\Fred\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\Fred\Application Data\EoRezo\eoStats
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather.cfg
C:\Documents and Settings\Fred\Application Data\EoRezo\host.cyp
C:\Documents and Settings\Fred\Application Data\EoRezo\towns.cfg
C:\Documents and Settings\Fred\Application Data\EoRezo\user.cyp
C:\Documents and Settings\Fred\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\Fred\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\Fred\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Fred\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Fred\Application Data\EoRezo\eoStats\eoStats.txt
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\EoWeather.cfg
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\67_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\67_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\69_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\69_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\70_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\70_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\78_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\78_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\82_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\82_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\83_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\83_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\84_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\84_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\85_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\85_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\89_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\89_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\back.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\background.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\background_1.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\background_1days.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\background_2days.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\background_7days.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\backPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\band.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\band_small.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\close.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\closePressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\earth.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\fonds_‚cran.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\help.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\minimise.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\next.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\option.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\small_background.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\about.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\back.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\background.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\close.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_‚cran.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\help.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\next.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\option.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db
C:\Documents and Settings\Fred\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png
C:\Documents and Settings\Fred\Application Data\EoRezo
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\components
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\advantage.png
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\contents.rdf
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\overlay.js
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\overlay.xul
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\vssver2.scc
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale\en-US
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale\en-US\overlay.dtd
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale\en-US\vssver2.scc
C:\Program Files\Advantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\components\MeMedia_FF.dll
C:\Program Files\Advantage
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\logs
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMediaPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\msvcp71.dll
C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Program Files\Macrogaming\SweetIM\resources
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Macrogaming\SweetIM\update
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\autoupdate.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\fluminens@hotmail.com
C:\Program Files\Macrogaming\SweetIM\conf\users\lisserlaetitia@hotmail.com
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\fluminens@hotmail.com\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\fluminens@hotmail.com\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\lisserlaetitia@hotmail.com\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\lisserlaetitia@hotmail.com\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\lisserlaetitia@hotmail.com\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\lisserlaetitia@hotmail.com\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\lisserlaetitia@hotmail.com\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010895.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020071.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020158.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020185.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002041E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003006C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00080011.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\resources\images
C:\Program Files\Macrogaming\SweetIM\resources\images\AudibleButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\DisplayPicturesButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\EmoticonButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\NudgeButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\SoundFxButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\WinksButton.png
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Program Files\Macrogaming
C:\Windows\Installer\14eac738.msi
C:\Windows\Installer\14eac73f.msi
C:\WINDOWS\Prefetch\SWEETIM.EXE-2E64256A.pf
C:\Documents and Settings\Fred\Cookies\fred@ask[2].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 2.0.0.20 *
.
Nom du profil: 3xgx3ht3.default (Fred)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Google");
(Prefs.js) user_pref("browser.search.selectedEngine", "Wikipédia (fr)");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/webhp?sourceid=navclient-ff&ie=UTF-8&rlz=1R0GGGL_fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.20");
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\_call_of_duty_2__FR__le_JEU_cracks_keygen_patch_1_3_logiciel_pour_jouer_sur_le_net.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\call_of_duty_2__FR__le_JEU_cracks_keygen_patch_1_3_logiciel_pour_jouer_sur_le_net.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_of_Duty_4_Cracks_Key_SAVED.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Call_Of_Duty_4_Key__NOCD_Crack.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Folder_Guard_Professional_v7_91_included_Keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\FS2004_FS2002_FS2000_FS98_FS_Navigator_4_7_keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Lock_Folder_XP_v3_5___Crack__ScottayB_.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\MahJong_Suite_2008_v5_0_WinALL_Incl_Keygen_BRD.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Microsoft_Office_2007_Complete_DVD___Serial.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Microsoft_Office_2007_Complete_DVD___Serial-1.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Nero_7_Premium_7_10_1__French_English____keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\POWER_ISO_3_8___Keygen.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\WinZip_10_french___crack.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Winzip_11_pro___Crack_Really_Working.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Xara3D_v6_Serial_Patch_HeartBug.torrent
C:\Documents and Settings\Fred\Application Data\Azureus\torrents\Xara3D_v6_with_Serial_Patch___NEWEST_VERSION.torrent
.
===================================
.
28424 Octet(s) - C:\Ad-Report-CLEAN[1].log
11728 Octet(s) - C:\Ad-Report-SCAN[1].log
.
1 Fichier(s) - C:\DOCUME~1\Fred\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
19 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
56 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 9:55:32 | 04/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 19 / 56
Xplode Messages postés 8820 Date d'inscription vendredi 21 août 2009 Statut Contributeur sécurité Dernière intervention 2 juillet 2015 726
4 oct. 2009 à 10:08
Ok, fais maintenant ceci :

-+-+-+-> Malwarebyte's Anti-Malware <-+-+-+-


[x] Télécharge Malwarebyte's anti-malware (MBAM) à cette adresse : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

[x] Installe le.

[x] Met le à jour.

[x] Coche bien tout les éléments trouvés et supprime les !

[x] Un tutoriel pour son utilisation est disponible ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

[x] Suis les indications données sur le lien précédent puis copie/colle le rapport généré dans ton prochain message
0
Réponse 20 / 56
Flumi
4 oct. 2009 à 10:33
Malwarebyte's Anti-Malware est en train de travailler, je colle quand c'est terminé par contre un truc m'inquiète. J'ai une nouvelle alerte virus très semblable à l'autre sauf que c'est "Security Tool". On dirait que celui ci à pris le relais sur Antivirus pro 2010.
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
Coco71 -

15 réponses
pro direct soccer fiable ?
Doudy28 -
Sm81 -

6 réponses
lien pour le film fracture (Samy seghir)
InesNanouuuuuuuuuuuu -
YasO -

5 réponses
Avis sur Pro Foot X
rimka -
Loulou -

32 réponses