Virus

Over-lOoukiNGg -
g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention - 25 mai 2008 à 21:31

Bonjour,
je ne sais pas si se message a déjà été poster mais voila je vous explique,
donc, j'ai fait une analyse avec <hijackthis> mais le problème c'est que je ne sais pas lire, enfin comprendre, se qu'il essai de me diire...
donc je vous affiche les détail du scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:57:06, on 24/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\DesktopEarth\DesktopEarth.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\laurence\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/?tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LabelCommand module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Program Files\LabelCommand\LabelCommand.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {E738884B-E75D-4AC3-B03F-62F7E7DD853E} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Game Service 4] C:\PROGRA~1\ubi.com\Core\GS4.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\iIbBrPhH.dll,#1
O4 - HKLM\..\Run: [advap32] C:\Users\laurence\AppData\Local\Temp\stdcons.exe/r
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\laurence\AppData\Local\Temp\ddcDvtsR.dll,#1
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Startup: DesktopEarth AutoStart.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Magic-i Visual Effects.lnk = C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ProRat - {89999700-cba3-4071-b251-47cb894244cd} - C:\Users\laurence\Desktop\ProRat.exe (file missing)
O9 - Extra 'Tools' menuitem: ProRat - {89999700-cba3-4071-b251-47cb894244cd} - C:\Users\laurence\Desktop\ProRat.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: mpfanvqg - {E9C2C106-E266-405E-80DA-F4F3ACC9197D} - C:\Windows\mpfanvqg.dll
O21 - SSODL: vbksrofa - {637E02FF-F2E1-4F2F-A18A-2FAEE764C278} - C:\Windows\vbksrofa.dll (file missing)
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: L Ile Noyee Drivers Auto Removal (pr2ajbeb) (pr2ajbeb) - Micro Application - C:\Windows\system32\pr2ajbeb.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: sgSchedulerService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe (file missing)
O23 - Service: sgShutdownService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgShutdownService.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Afficher la suite

A voir également:

Virus
Virus mcafee - Accueil - Piratage
Virus facebook demande d'amis - Accueil - Facebook
Undisclosed-recipients virus - Guide
Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
Altruistic virus ✓ - Forum Antivirus

16 réponses

Réponse 1 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

Salut,

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

post egalement un nouveau rapport hijack this stp

@+

Réponse 2 / 16

Over-lOoukiNGg

salut, g!rly

merci de t'est reponses j'ai telecharger le logiciel et voila le rapport du scan combofix:

ComboFix 08-05-21.3 - laurence 2008-05-24 19:27:13.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1134 [GMT 2:00]
Endroit: C:\Users\laurence\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\Google\googletoolbar1.dll
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\resources\languages_v2.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\sqlite3.dll
C:\Program Files\webmediaplayer\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Conditions générales.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Confidentialité.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Désinstaller.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\MessengerSkinner.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Conditions générales.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Confidentialité.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Désinstaller.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\WebMediaPlayer.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url
C:\Users\laurence\AppData\Local\vvkankvah.dat
C:\Users\laurence\AppData\Local\vvkankvah_nav.dat
C:\Users\laurence\AppData\Local\vvkankvah_navps.dat
C:\Users\laurence\AppData\Local\xbmwadm.dat
C:\Users\laurence\AppData\Local\xbmwadm_nav.dat
C:\Users\laurence\AppData\Local\xbmwadm_navps.dat
C:\Users\laurence\AppData\Roaming\MessengerSkinner
C:\Users\laurence\AppData\Roaming\MessengerSkinner\Userdata\pack1.cab
C:\Users\Public\Desktop\webmediaplayer.lnk
C:\Windows\system32\MSINET.oca
C:\Windows\system32\nvs2.inf

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-24 to 2008-05-24 ))))))))))))))))))))))))))))))))))))
.

2008-05-24 16:50 . 2008-05-24 16:50 244 --ah----- C:\sqmnoopt01.sqm
2008-05-24 16:50 . 2008-05-24 16:50 232 --ah----- C:\sqmdata01.sqm
2008-05-24 16:06 . 2008-02-27 18:26 215,056 --a------ C:\Windows\System32\drivers\afw.sys
2008-05-24 16:06 . 2007-10-25 19:17 49 --a------ C:\Windows\transp.gif
2008-05-24 15:46 . 2008-05-24 19:16 <REP> d-------- C:\Windows\System32\Filt
2008-05-24 15:46 . 2008-05-24 15:46 <REP> d-------- C:\Program Files\Agnitum
2008-05-24 15:44 . 2008-05-24 15:44 <REP> d-------- C:\ProgramData\Agnitum
2008-05-24 00:00 . 2008-05-24 00:00 <REP> d--hs---- C:\found.000
2008-05-23 16:09 . 2008-05-23 16:28 <REP> d-------- C:\Users\laurence\AppData\Roaming\LimeWire
2008-05-23 16:08 . 2008-05-23 16:16 <REP> d-------- C:\Program Files\LimeWire
2008-05-22 02:02 . 2008-05-22 02:02 <REP> d-------- C:\Program Files\Smart Projects
2008-05-21 23:25 . 2008-05-21 23:25 28,812,800 --a------ C:\Windows\System32\imageres.dll
2008-05-21 04:37 . 2008-05-21 04:37 <REP> d-------- C:\Program Files\Yamicsoft
2008-05-21 04:34 . 2008-05-21 04:34 <REP> d-------- C:\ProgramData\Stardock
2008-05-21 04:34 . 2008-05-21 04:34 <REP> d-------- C:\Program Files\Stardock
2008-05-21 04:34 . 2007-06-05 11:26 567,040 --a------ C:\Windows\System32\wbocx.ocx
2008-05-21 04:34 . 2007-06-05 11:26 56,496 --a------ C:\Windows\System32\wbhelp2.dll
2008-05-21 02:12 . 2008-05-21 02:12 <REP> d-------- C:\ProgramData\Avg8
2008-05-20 23:45 . 2008-05-21 01:47 <REP> d--h----- C:\$AVG8.VAULT$
2008-05-20 21:42 . 2008-05-21 00:36 <REP> d-------- C:\ProgramData\Avira
2008-05-20 21:42 . 2008-05-20 21:42 <REP> d-------- C:\Program Files\Avira
2008-05-20 21:29 . 2008-05-20 21:29 <REP> d-------- C:\Program Files\Crawler
2008-05-20 21:28 . 2008-05-24 15:51 <REP> d-------- C:\Users\laurence\AppData\Roaming\Spyware Terminator
2008-05-20 21:28 . 2008-05-24 16:15 <REP> d-------- C:\ProgramData\Spyware Terminator
2008-05-20 21:28 . 2008-05-24 16:15 <REP> d-------- C:\Program Files\Spyware Terminator
2008-05-20 21:28 . 2008-05-20 21:28 141,312 --a------ C:\Windows\System32\drivers\sp_rsdrv2.sys
2008-05-20 20:46 . 2008-05-20 23:00 <REP> d-------- C:\Program Files\AxBx
2008-05-20 20:14 . 2008-05-20 20:14 <REP> d-------- C:\Users\laurence\temp
2008-05-20 20:14 . 2008-05-20 20:14 <REP> d-------- C:\Users\laurence\AppData\Roaming\TeamViewer
2008-05-20 20:14 . 2008-05-20 20:15 <REP> d-------- C:\Program Files\TeamViewer3
2008-05-20 08:31 . 2008-05-20 08:31 <REP> d-------- C:\ProgramData\WindowsSearch
2008-05-17 01:24 . 2008-05-17 01:49 <REP> d-------- C:\Program Files\MSNServersX
2008-05-16 18:26 . 2008-05-16 18:26 <REP> d-------- C:\Program Files\7-Zip
2008-05-16 15:59 . 2008-05-24 17:09 281,045,225 --a------ C:\Windows\MEMORY.DMP
2008-05-16 01:59 . 2004-02-05 20:53 389,120 --a------ C:\Windows\System32\actskn43.ocx
2008-05-16 01:59 . 2004-01-08 01:43 253,952 --a------ C:\Windows\System32\histogram.ocx
2008-05-16 01:59 . 2004-01-09 10:54 188,416 --a------ C:\Windows\System32\actsplash.ocx
2008-05-16 01:53 . 2008-05-16 16:44 <REP> d-------- C:\Users\laurence\AppData\Roaming\DMCache
2008-05-16 01:05 . 2008-05-16 01:05 <REP> d-------- C:\ProgramData\CheckPoint
2008-05-16 01:05 . 2008-05-16 01:05 <REP> d-------- C:\Program Files\Zone Labs
2008-05-16 01:05 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
2008-05-16 01:04 . 2008-05-24 17:09 <REP> d-------- C:\Windows\System32\ZoneLabs
2008-05-16 01:04 . 2008-05-24 17:09 351,782 --ah----- C:\Windows\System32\drivers\vsconfig.xml
2008-05-16 01:04 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys
2008-05-16 01:03 . 2008-05-24 19:18 <REP> d-------- C:\Windows\Internet Logs
2008-05-15 19:15 . 2008-05-20 23:57 <REP> d-------- C:\Program Files\LabelCommand
2008-05-15 18:17 . 2008-05-15 18:17 29,312 --a------ C:\Windows\System32\mlJAqPGY.dll
2008-05-15 18:16 . 2008-05-15 18:16 29,312 --a------ C:\Windows\System32\opnOijhg.dll
2008-05-15 18:15 . 2008-05-15 18:15 29,312 --a------ C:\Windows\System32\iIbBrPhH.dll
2008-05-15 15:59 . 2008-05-15 16:43 <REP> d-------- C:\Downloads
2008-05-15 15:12 . 2008-05-15 15:12 <REP> d-------- C:\Users\laurence\AppData\Roaming\Intelore
2008-05-15 15:12 . 2008-05-15 21:37 <REP> d-------- C:\Program Files\Intelore
2008-05-15 15:02 . 2008-05-15 15:02 <REP> d-------- C:\Windows\Downloaded Installations
2008-05-14 15:15 . 2008-05-14 15:15 <REP> d-------- C:\ProgramData\WinZip
2008-05-14 15:02 . 2008-05-14 15:02 <REP> d-------- C:\ProgramData\PY_Software
2008-05-14 15:02 . 2007-08-13 14:51 446,464 --a------ C:\Windows\System32\wmvdmoe.dll
2008-05-14 15:01 . 2008-05-14 15:47 <REP> d-------- C:\Program Files\Active WebCam
2008-05-12 17:17 . 2008-05-12 17:17 <REP> d-------- C:\Program Files\Msn Messenger
2008-05-12 04:01 . 2008-05-21 15:38 <REP> d-------- C:\FAUXVIRUS
2008-05-12 02:02 . 2008-05-12 02:02 <REP> d-------- C:\Users\laurence\AppData\Roaming\FlashGet
2008-05-12 01:58 . 2008-05-12 02:02 <REP> d-------- C:\Program Files\FlashGet
2008-05-12 00:47 . 1996-07-18 14:06 297,472 --a------ C:\Windows\uninst.exe
2008-05-08 13:52 . 2008-05-08 13:59 <REP> d-------- C:\Program Files\Buzz
2008-05-08 13:50 . 2008-05-08 13:59 <REP> d-------- C:\Program Files\Jeskola Buzz
2008-05-07 01:01 . 2008-05-07 01:01 <REP> d-------- C:\Program Files\DJ Mix Lite
2008-05-04 18:19 . 2008-05-24 17:12 <REP> d-------- C:\Users\laurence\AppData\Roaming\OpenOffice.org2
2008-05-04 18:03 . 2008-05-04 18:11 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-30 14:27 . 2008-04-30 14:27 <REP> d-------- C:\Program Files\Micro Application
2008-04-30 07:22 . 2008-04-30 07:31 <REP> d-------- C:\Update
2008-04-26 17:23 . 2008-04-26 17:23 <REP> d-------- C:\ProgramData\Player Metaboli
2008-04-26 11:06 . 2008-04-26 11:06 <REP> d-------- C:\Users\laurence\AppData\Roaming\Apple Computer
2008-04-26 11:06 . 2008-04-26 11:06 <REP> d-------- C:\Program Files\iPod
2008-04-26 11:05 . 2008-04-26 11:06 <REP> d-------- C:\Program Files\iTunes
2008-04-26 11:04 . 2008-04-26 11:04 <REP> d-------- C:\Program Files\Bonjour
2008-04-26 11:02 . 2008-04-26 11:05 <REP> d-------- C:\ProgramData\Apple Computer
2008-04-26 11:02 . 2008-04-26 11:03 <REP> d-------- C:\Program Files\QuickTime
2008-04-26 11:01 . 2008-04-26 11:01 <REP> d-------- C:\Program Files\Apple Software Update
2008-04-26 10:58 . 2008-04-26 10:58 <REP> d-------- C:\ProgramData\Apple
2008-04-26 10:58 . 2008-04-26 10:58 <REP> d-------- C:\Program Files\Common Files\Apple
2008-04-26 02:29 . 2008-04-26 02:29 <REP> d-------- C:\Users\laurence\AppData\Roaming\DAEMON Tools
2008-04-26 02:29 . 2008-04-26 02:29 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-04-24 08:51 . 2007-12-23 18:08 <REP> d-------- C:\Windows\System32\Counter-Strike 1.6 + Half-Life

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-24 17:27 --------- d-----w C:\Program Files\Google
2008-05-24 17:27 --------- d-----w C:\Program Files\GamesBar
2008-05-24 17:13 27,620 ----a-w C:\Users\laurence\AppData\Roaming\nvModes.dat
2008-05-24 14:47 --------- d-----w C:\ProgramData\GamesBar
2008-05-24 11:34 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-21 23:12 --------- d-----w C:\ProgramData\eMule
2008-05-21 20:56 --------- d-----w C:\ProgramData\Roxio
2008-05-21 17:32 1,208,320 ----a-w C:\Windows\Internet Logs\xDBA0D0.tmp
2008-05-21 00:31 3,748,864 ----a-w C:\Windows\Internet Logs\xDB8600.tmp
2008-05-18 00:35 161,792 ----a-w C:\Windows\Internet Logs\xDB8499.tmp
2008-05-17 22:44 --------- d-----w C:\Program Files\eMule
2008-05-17 22:26 1,175,040 ----a-w C:\Windows\Internet Logs\xDB7D3A.tmp
2008-05-16 22:21 --------- d-----w C:\Program Files\Windows Mail
2008-05-16 14:46 22,528 ----a-w C:\Windows\Internet Logs\xDB86DB.tmp
2008-05-16 14:46 1,987,072 ----a-w C:\Windows\Internet Logs\xDB8862.tmp
2008-05-16 14:25 44,544 ----a-w C:\Windows\Internet Logs\xDB83A0.tmp
2008-05-16 14:00 24,576 ----a-w C:\Windows\Internet Logs\xDBD91F.tmp
2008-05-16 13:58 47,616 ----a-w C:\Windows\Internet Logs\xDBBBBF.tmp
2008-05-16 00:22 1,041,920 ----a-w C:\Windows\Internet Logs\xDB8F24.tmp
2008-05-16 00:21 1,982,976 ----a-w C:\Windows\Internet Logs\xDB93B7.tmp
2008-05-15 23:58 680,960 ----a-w C:\Windows\is-1M35J.exe
2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-05-15 12:25 --------- d-----w C:\Program Files\Java
2008-05-12 13:19 --------- d-----w C:\Users\laurence\AppData\Roaming\uTorrent
2008-05-11 03:58 --------- d-----w C:\ProgramData\Part Hide Grey Pop
2008-05-11 03:58 --------- d-----w C:\ProgramData\BrowseSizeBags
2008-05-11 03:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-05-11 03:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-30 05:21 --------- d-----w C:\Users\laurence\AppData\Roaming\Sony Corporation
2008-04-26 15:23 --------- d-----w C:\Program Files\Player Metaboli
2008-04-26 00:25 --------- d-----w C:\ProgramData\Sony Corporation
2008-04-23 15:55 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-23 15:54 --------- d-----w C:\Program Files\Microsoft Works
2008-04-23 15:49 --------- d-----w C:\Program Files\WarRock
2008-04-23 15:41 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-04-23 15:41 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-04-21 13:37 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2008-04-21 13:18 22,328 ----a-w C:\Users\laurence\AppData\Roaming\PnkBstrK.sys
2008-04-21 12:20 --------- d-----w C:\Program Files\Circle Developement
2008-04-21 12:13 --------- d-----w C:\Users\laurence\AppData\Roaming\Roxio
2008-04-21 12:10 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-04-19 18:07 --------- d---a-w C:\ProgramData\TEMP
2008-04-19 00:56 --------- d-----w C:\Program Files\AtomixMP3
2008-04-19 00:04 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-04-15 19:35 --------- d-----w C:\ProgramData\Symantec
2008-04-15 19:35 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-15 19:00 --------- d-----w C:\Program Files\Wolfenstein - Enemy Territory
2008-04-15 18:45 --------- d-----w C:\Program Files\Symantec
2008-04-15 18:45 --------- d-----w C:\Program Files\Norton 360
2008-04-15 11:18 174 --sha-w C:\Program Files\desktop.ini
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Sidebar
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Journal
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Defender
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Collaboration
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Calendar
2008-04-15 10:41 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-04-15 10:41 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-04-14 16:30 --------- d-----w C:\Program Files\Big City Adventure - San Francisco Deluxe
2008-04-14 16:21 --------- d-----w C:\Program Files\Common Files\Oberon Media
2008-04-14 08:06 --------- d-----w C:\Program Files\Reverse & Upper
2008-04-14 07:42 --------- d-----w C:\ProgramData\Messenger Plus!
2008-04-14 01:59 --------- d-----w C:\Users\laurence\AppData\Roaming\Symantec
2008-04-13 11:24 --------- d-----w C:\Program Files\Windows Live
2008-04-13 10:37 --------- d-----w C:\Program Files\Tronics
2008-04-13 09:53 --------- d-----w C:\Program Files\uTorrent
2008-04-13 06:40 --------- d-----w C:\Users\laurence\AppData\Roaming\Azureus
2008-04-13 03:28 --------- d-----w C:\Program Files\Azureus
2008-04-13 02:44 228 ----a-w C:\Users\laurence\AppData\Roaming\wklnhst.dat
2008-04-12 20:26 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-04-12 20:25 --------- d-----w C:\Program Files\Windows Live Favorites
2008-04-12 20:20 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-12 20:06 --------- d-----w C:\ProgramData\WLInstaller
2008-04-12 05:37 --------- d-----w C:\Users\laurence\AppData\Roaming\ubi.com
2008-04-12 05:37 --------- d-----w C:\Program Files\Common Files\PocketSoft
2008-04-11 00:08 --------- d-----w C:\Program Files\DesktopEarth
2008-04-10 18:53 --------- d-----w C:\ProgramData\Oberon Media
2008-04-09 10:08 988,216 ----a-w C:\Windows\System32\winload.exe
2008-04-09 10:08 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-04-09 10:08 615,992 ----a-w C:\Windows\System32\ci.dll
2008-04-09 10:08 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-04-09 10:08 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-04-09 10:08 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-04-09 10:08 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-04-09 10:08 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-04-09 10:08 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-04-09 10:08 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-04-09 10:07 295,936 ----a-w C:\Windows\System32\gdi32.dll
2008-04-09 10:07 2,032,128 ----a-w C:\Windows\System32\win32k.sys
2008-04-09 10:03 826,880 ----a-w C:\Windows\System32\wininet.dll
2008-04-08 20:48 --------- d-----w C:\ProgramData\Awem
2008-04-08 20:47 --------- d-----w C:\Users\laurence\AppData\Roaming\Zylom
2008-04-08 02:33 --------- d-----w C:\Users\laurence\AppData\Roaming\Template
2008-04-06 15:21 --------- d-----w C:\ProgramData\BC Soft Games
2008-04-05 15:59 --------- d-----w C:\Users\laurence\AppData\Roaming\FloodLightGames
2008-04-05 15:59 --------- d-----w C:\ProgramData\FloodLightGames
2008-04-04 17:14 --------- d-----w C:\Users\laurence\AppData\Roaming\Flood Light Games
2008-04-04 17:14 --------- d-----w C:\ProgramData\Flood Light Games
2008-04-04 17:13 --------- d-----w C:\Program Files\orange
2008-04-02 14:52 --------- d-----w C:\Program Files\Metin2_France
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B}]
C:\Program Files\LabelCommand\LabelCommand.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 09:36 2153472 C:\Windows\System32\oobefldr.dll]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-05-12 01:58 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 03:58 835584]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-26 02:39 4489216 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-06-26 02:39 1826816 C:\Windows\SkyTel.exe]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-01 02:18 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-01 02:17 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-01 02:17 81920]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-06-29 13:44 1990704]
"MSServer"="C:\Windows\system32\iIbBrPhH.dll" [2008-05-15 18:15 29312]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
"RegistryMechanic"="" []
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-20 21:28 1817600]
"OutpostMonitor"="C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" [2008-04-23 10:43 1098568]
"OutpostFeedBack"="C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" [2008-04-22 12:31 419144]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

C:\Users\laurence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Audio Filter.lnk - C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe [2007-09-08 03:41:15 5742136]
DesktopEarth AutoStart.lnk - C:\Users\laurence\AppData\Roaming\Microsoft\Installer\{D87176E9-ECD0-48C6-8E8B-B0054781DFB4}\_2B52280D74B238E888B1F2.exe [2008-04-11 02:08:11 29926]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-07-03 10:31:46 739880]
Magic-i Visual Effects.lnk - C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe [2008-03-22 18:46:56 330496]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{4F2194FF-4E9C-4948-A5FB-E5D7A05AAB9E}"= C:\Windows\system32\iIbBrPhH.dll [2008-05-15 18:15 29312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2007-07-24 19:26 98304 C:\Windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\agnitum\outpos~1\wl_hook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9D1354B2-32AA-492B-9BA3-C193E984C6F5}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{83634136-311B-4F8E-A26B-E8DAAE890EDF}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{0339FB09-CA61-469B-BB26-89845EAB81A2}"= Disabled:UDP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{2363B687-DD31-4765-8833-D49227ED8A7A}"= Disabled:TCP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"TCP Query User{8580D146-E2F8-4AF7-B793-578D0F9E5AD0}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{957FB1A9-70FA-4731-9435-9C133B400ECB}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{CAE30764-25A5-4936-BABD-30654ABCB019}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{51B22EB5-91B3-498E-95CE-526CEF03ED6F}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{A902B566-28D1-424E-9D41-8A5C707EC0DA}C:\\windows\\system32\\dpnsvr.exe"= UDP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"UDP Query User{F39A9EB9-F6D9-4F38-B648-B126295C3B21}C:\\windows\\system32\\dpnsvr.exe"= TCP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"{BF86D596-FBBC-427A-9F21-6C1F823BD6E0}"= C:\Program Files\Windows Live\Messenger\wlcsdk.exe:Windows Live Messenger (Phone)
"{4F5C9938-1D0E-450C-8774-E285D5C005F8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{4955ED3B-7F77-49BD-9397-0CBDB3B50B35}C:\\program files\\metin2_france\\metin2.bin"= UDP:C:\program files\metin2_france\metin2.bin:metin2.bin
"UDP Query User{E8F9C6EB-7EDE-4BFB-9706-A8F8218B506A}C:\\program files\\metin2_france\\metin2.bin"= TCP:C:\program files\metin2_france\metin2.bin:metin2.bin
"TCP Query User{A82616D1-8CF4-4ADC-A45D-E726AB2BF990}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{9A86B7F1-4349-47A6-A05F-47A67F37C95C}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{D1D0BDC7-4D1B-4339-B980-7173DAB5ABEB}C:\\program files\\urbanterror\\iourbanterror.exe"= UDP:C:\program files\urbanterror\iourbanterror.exe:ioUrbanTerror
"UDP Query User{27CF99FC-8AB2-4050-9396-8E41189E7243}C:\\program files\\urbanterror\\iourbanterror.exe"= TCP:C:\program files\urbanterror\iourbanterror.exe:ioUrbanTerror
"TCP Query User{990D7BFC-552B-4210-8BC5-CDB84C0B0C62}C:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{9FB89298-73E7-467A-AF68-012C8AF91E29}C:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"TCP Query User{544308AD-4646-47A3-B435-06CDAC6F669C}C:\\program files\\romusoft\\romustrike\\romustrike.exe"= UDP:C:\program files\romusoft\romustrike\romustrike.exe:romustrike
"UDP Query User{A5B69905-BE94-4C83-8FE0-5FC0B1C09A51}C:\\program files\\romusoft\\romustrike\\romustrike.exe"= TCP:C:\program files\romusoft\romustrike\romustrike.exe:romustrike
"TCP Query User{149E2D7B-913C-4698-B0ED-CC5135FE9AFC}C:\\program files\\ubi soft\\il-2 sturmovik forgotten battles\\il2fb.exe"= UDP:C:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe:il2fb
"UDP Query User{688D445B-F933-4D7A-902A-ADF36DC9B93A}C:\\program files\\ubi soft\\il-2 sturmovik forgotten battles\\il2fb.exe"= TCP:C:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe:il2fb
"TCP Query User{B5CAEE9F-0BAF-4BBD-B47B-E1F30C7D977D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{46BAE939-AB87-4F46-9231-5C83200AB1A0}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{A3749770-E0FD-4B6C-827C-44F881BACEF9}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{29493646-C225-47DC-8882-78609DCFE5B3}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{EC53B07D-748F-4FFF-B00D-CC386BC2E4C2}C:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{7080DEE8-B13E-4C43-B1E4-C7857498FF72}C:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"{1AA86562-8DDC-4E85-B135-6791AD83EA11}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CBBB56EB-CC72-42A2-AB51-A6E17478C1B3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{944546E1-E57D-462E-970D-41A50A3E3C31}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{BEB19802-9B62-4FF2-B9BD-F6244B50B828}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8D539923-E73E-40DA-80F6-EA727BD6711F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2A8B8782-BACB-4AA0-BF95-7AD6573EDB58}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DC81D270-24FC-41FA-AD2A-0ED3C330BE7D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{D7E406F4-FA67-4667-A185-C49CD689B7E5}C:\\sierra\\half-life\\hl.exe"= UDP:C:\sierra\half-life\hl.exe:Half-Life Launcher
"UDP Query User{CD5846FC-C8B9-4225-AB59-CE7DF4246562}C:\\sierra\\half-life\\hl.exe"= TCP:C:\sierra\half-life\hl.exe:Half-Life Launcher
"{2FA411EB-287D-40F0-B7EA-5828D17EB931}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{5589924F-A9F1-40B5-B52A-F91011B84B93}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{19F1028B-AA2A-4A45-9E41-151F857D8460}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{0E56E709-3997-4B38-8795-30A1BE9D55A1}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{E9FF69AF-2278-4A72-B3E2-65C827FA4A5F}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{15DAE65B-CB27-46A0-AED4-A7B6D2E21BA6}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{8D0DE13B-FA87-469E-8AAA-ACFDB3DE1D5F}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hl.exe"= UDP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hl.exe:hl.exe
"UDP Query User{F8718D74-D1FE-4A6E-908D-C8E7DED7F9A6}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hl.exe"= TCP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hl.exe:hl.exe
"TCP Query User{316ED69C-0669-4CF5-870F-A68E618829F6}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hltv.exe"= UDP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hltv.exe:hltv.exe
"UDP Query User{C884B349-B0BD-43A2-A4A7-A1876C601CF1}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hltv.exe"= TCP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hltv.exe:hltv.exe
"TCP Query User{1E1BF027-2190-4567-86AF-3EC670BA2304}C:\\sierra\\half-life\\pingtool\\pingtool.exe"= UDP:C:\sierra\half-life\pingtool\pingtool.exe:PingTool
"UDP Query User{146E0D90-3E45-4E0A-8D55-A73E17CEB3CF}C:\\sierra\\half-life\\pingtool\\pingtool.exe"= TCP:C:\sierra\half-life\pingtool\pingtool.exe:PingTool
"{51B9D976-D2F1-4A2C-9CC8-16D4B0EEA08E}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{2250065A-6F13-4B2D-8C77-EE11F6F21DCA}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{8FBD0F36-EFC6-4AFF-A13B-7C24213BF685}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{AEAB6399-D78B-45B9-BA87-745EFF7024F1}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{BA722279-EB77-4515-BD5F-CDEE441E14B8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{05558D01-EA71-42E2-8155-4FBD61A88FC6}C:\\program files\\flashget\\flashget.exe"= UDP:C:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{41A15DC5-5875-434C-BD51-D8C522440E40}C:\\program files\\flashget\\flashget.exe"= TCP:C:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{ED7D6854-FBE0-4500-AAD3-210BDD12DFFE}C:\\program files\\active webcam\\webcam.exe"= UDP:C:\program files\active webcam\webcam.exe:Active WebCam
"UDP Query User{1F771DD3-6840-4DE9-AA00-F78A4FD9FAE6}C:\\program files\\active webcam\\webcam.exe"= TCP:C:\program files\active webcam\webcam.exe:Active WebCam
"TCP Query User{9BB785A2-BBB3-4E8E-968D-CFC012AABD44}C:\\users\\laurence\\desktop\\hacker logiciel\\proconnective.exe"= UDP:C:\users\laurence\desktop\hacker logiciel\proconnective.exe:proconnective.exe
"UDP Query User{2386B152-DE81-4B1D-8398-6563745A5702}C:\\users\\laurence\\desktop\\hacker logiciel\\proconnective.exe"= TCP:C:\users\laurence\desktop\hacker logiciel\proconnective.exe:proconnective.exe
"TCP Query User{F867815B-AD0A-4552-8306-EB2A444360D1}C:\\program files\\azureus\\azureus.exe"= Disabled:UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{70C5A063-547E-4F13-BB1D-D0FFFEC77D05}C:\\program files\\azureus\\azureus.exe"= Disabled:TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{47C3CF9C-0B0B-4F4E-87F4-4DED3B32B2E0}C:\\users\\laurence\\desktop\\h4ck0r1sus(2).exe"= Disabled:UDP:C:\users\laurence\desktop\h4ck0r1sus(2).exe:h4ck0r1sus(2).exe
"UDP Query User{D3F967B3-C2B7-4AF9-829B-40EE8E84FCC5}C:\\users\\laurence\\desktop\\h4ck0r1sus(2).exe"= Disabled:TCP:C:\users\laurence\desktop\h4ck0r1sus(2).exe:h4ck0r1sus(2).exe
"TCP Query User{F94BB909-45C3-4E6F-9E83-3BB68F2E9319}C:\\users\\laurence\\desktop\\h4ck0r1sus.exe"= Disabled:UDP:C:\users\laurence\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe
"UDP Query User{B48AE23A-AE9E-432B-801A-A0BECB894A73}C:\\users\\laurence\\desktop\\h4ck0r1sus.exe"= Disabled:TCP:C:\users\laurence\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe
"{5E00AE05-1C8F-43AE-9F10-45CF708C418A}"= UDP:C:\Users\laurence\Desktop\LimeWireWin\LimeWire\LimeWire.exe:LimeWire
"{54058BFD-6F1A-475E-AB92-C3426A7AB73A}"= TCP:C:\Users\laurence\Desktop\LimeWireWin\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{A8C55862-6B94-4FE3-888D-40351CA77D78}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{290A9F4F-B66A-4531-9AD0-B22CBAA36651}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);C:\Windows\system32\drivers\pe3ajbeb.sys [2007-08-22 18:31]
R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);C:\Windows\system32\drivers\ps7ajbeb.sys [2007-08-22 18:30]
R1 afw;Agnitum Firewall Driver;C:\Windows\system32\DRIVERS\afw.sys [2008-02-27 18:26]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-05-20 21:28]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [2007-04-17 20:09]
R2 TeamViewer;TeamViewer 3;"C:\Program Files\TeamViewer3\TeamViewer_Host.exe" -service []
R2 vkservice;VirusKeeper antivirus/antispyware;C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_service.exe [2008-05-14 11:58]
R2 X4HSX32Ex;X4HSX32Ex;C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [2007-11-14 11:30]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-13 08:14]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-05-30 20:14]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2007-04-20 02:00]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2007-04-20 02:00]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 02:00]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-07-13 08:15]
S2 acssrv;Agnitum Client Security Service;C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2008-04-22 12:31]
S2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);C:\Windows\system32\pr2ajbeb.exe svc []
S2 sgSchedulerService;sgSchedulerService;C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe []
S2 sgShutdownService;sgShutdownService;C:\Program Files\SystemGuards.com\SystemGuards\sgShutdownService.exe []
S3 ASWFilt;ASWFilt;C:\Windows\system32\Filt\ASWFilt.dll [2008-03-12 12:32]
S3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-07-24 02:56]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-07-24 02:56]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-07-24 02:55]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-24 02:56]
S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2007-07-09 15:53]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 16:51]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" []
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 15:34]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2007-07-05 19:12]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [2007-07-05 17:43]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

*Newly Created Service* - AFW
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-12 20:26:14 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-24 19:30:03
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-24 19:31:08
ComboFix-quarantined-files.txt 2008-05-24 17:30:49

Pre-Run: 32,421,314,560 octets libres
Post-Run: 39,040,303,104 octets libres

419 --- E O F --- 2008-05-24 11:34:10

et voilà hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:08:35, on 24/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\DesktopEarth\DesktopEarth.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Users\laurence\Desktop\logiciel anti virus, anti spayware\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/?tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LabelCommand module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Program Files\LabelCommand\LabelCommand.dll (file missing)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {E738884B-E75D-4AC3-B03F-62F7E7DD853E} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\iIbBrPhH.dll,#1
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\laurence\AppData\Local\Temp\opnlMdAP.dll,#1
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Startup: DesktopEarth AutoStart.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Magic-i Visual Effects.lnk = C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - (no file)
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - (no file)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ProRat - {89999700-cba3-4071-b251-47cb894244cd} - C:\Users\laurence\Desktop\ProRat.exe (file missing)
O9 - Extra 'Tools' menuitem: ProRat - {89999700-cba3-4071-b251-47cb894244cd} - C:\Users\laurence\Desktop\ProRat.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: L Ile Noyee Drivers Auto Removal (pr2ajbeb) (pr2ajbeb) - Micro Application - C:\Windows\system32\pr2ajbeb.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: sgSchedulerService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe (file missing)
O23 - Service: sgShutdownService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgShutdownService.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Réponse 3 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

re,

Copie le texte ci-dessous :

File::
C:\Windows\System32\mlJAqPGY.dll
C:\Windows\System32\opnOijhg.dll
C:\Windows\system32\DRIVERS\afw.sys
c:\progra~1\agnitum\outpos~1\wl_hook.dll
C:\Users\laurence\AppData\Local\Temp\opnlMdAP.dll
C:\Users\laurence\AppData\Local\Temp\opnlMdAP.dll,#1
C:\Windows\system32\iIbBrPhH.dll

Folder::
C:\Program Files\SystemGuards.com
C:\Program Files\AxBx
C:\Program Files\Common Files\Symantec
C:\Program Files\LabelCommand
C:\PROGRA~1\Agnitum\OUTPOS~1
C:\Windows\System32\Filt

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Symantec PIF AlertEng"=-
"MSServer"=-
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{4F2194FF-4E9C-4948-A5FB-E5D7A05AAB9E}"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
"AppInit_DLLs"=""
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

Driver::
vkservice
afw
acssrv
sgSchedulerService
sgShutdownService

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

@+

Réponse 4 / 16

Over-lOoukiNGg

salut g!rly !!

je te remercie fortement de ton aide car je suis pas tres fort pour eviter les probleme mais le reste on va dire que oui lOOl

voila le rapport de scan de combofix:

ComboFix 08-05-21.3 - laurence 2008-05-24 23:45:45.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1125 [GMT 2:00]
Endroit: C:\Users\laurence\Desktop\ComboFix.exe
Command switches used :: C:\Users\laurence\Desktop\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
c:\progra~1\agnitum\outpos~1\wl_hook.dll
C:\Users\laurence\AppData\Local\Temp\opnlMdAP.dll
C:\Users\laurence\AppData\Local\Temp\opnlMdAP.dll,#1
C:\Windows\system32\DRIVERS\afw.sys
C:\Windows\system32\iIbBrPhH.dll
C:\Windows\System32\mlJAqPGY.dll
C:\Windows\System32\opnOijhg.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\PROGRA~1\Agnitum\OUTPOS~1
C:\PROGRA~1\Agnitum\OUTPOS~1\__preset.conf
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.de
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.es
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\ads_link.inet
C:\PROGRA~1\Agnitum\OUTPOS~1\afm.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\ASWFilt.cat
C:\PROGRA~1\Agnitum\OUTPOS~1\ASWFilt.inf
C:\PROGRA~1\Agnitum\OUTPOS~1\clean.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\compatibility.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\configuration.backup
C:\PROGRA~1\Agnitum\OUTPOS~1\configuration.conf
C:\PROGRA~1\Agnitum\OUTPOS~1\feedback.de
C:\PROGRA~1\Agnitum\OUTPOS~1\feedback.es
C:\PROGRA~1\Agnitum\OUTPOS~1\feedback.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\feedback.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\feedback.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\help\ofp_de.chm
C:\PROGRA~1\Agnitum\OUTPOS~1\help\ofp_en.chm
C:\PROGRA~1\Agnitum\OUTPOS~1\help\ofp_es.chm
C:\PROGRA~1\Agnitum\OUTPOS~1\help\ofp_fr.chm
C:\PROGRA~1\Agnitum\OUTPOS~1\help\ofp_ru.chm
C:\PROGRA~1\Agnitum\OUTPOS~1\html_ui.de
C:\PROGRA~1\Agnitum\OUTPOS~1\html_ui.es
C:\PROGRA~1\Agnitum\OUTPOS~1\html_ui.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\html_ui.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\advice_no_process.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\advice_process.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\alert.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\firewall_plugin!ids.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\firewall_plugin!network_activity.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\firewall_plugin!open_ports.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\firewall_plugin.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\amw.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\asm.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\block.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\block2.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\blockred.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\blue_alert_bk.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\blue_alert_close.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\button-back-active.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\button-back-hover.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\button-back.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\def_app.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\fw.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\gray_alert_bk.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\gray_alert_close.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\hilight_link.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\hp.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\lamp.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\logo.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\logs.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\AgnitumNews.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\AgnitumNewsBg.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\arrow.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\corner.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\footerBg.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\hdr-bg.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\hdr-l.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\hdr-r.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\hor1.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\hor2.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\main\Shortcuts.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\red_alert_bk.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\red_alert_close.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\table.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\img\web.png
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\logs_plugin.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\logs_plugin_main.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\malware_plugin!quarantine.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\malware_plugin.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\mysecurity_plugin.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\mysecurity_plugin_av.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\news.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\privacy_protection!content.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\privacy_protection!general.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\privacy_protection!general_av.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\sandbox_plugin!processes-activity.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\sandbox_plugin.html
C:\PROGRA~1\Agnitum\OUTPOS~1\html_view\styles.css
C:\PROGRA~1\Agnitum\OUTPOS~1\htmlayout.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\ie_bar.de
C:\PROGRA~1\Agnitum\OUTPOS~1\ie_bar.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\ie_bar.es
C:\PROGRA~1\Agnitum\OUTPOS~1\ie_bar.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\ie_bar.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\improve_net_report.xm~
C:\PROGRA~1\Agnitum\OUTPOS~1\license
C:\PROGRA~1\Agnitum\OUTPOS~1\log\acs.0
C:\PROGRA~1\Agnitum\OUTPOS~1\log\acs.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\amw.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\antileak.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\comps.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\content.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\contentstream.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\context.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\error.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\hst_parser.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\http_service.0
C:\PROGRA~1\Agnitum\OUTPOS~1\log\http_service.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\improve_net.0
C:\PROGRA~1\Agnitum\OUTPOS~1\log\improve_net.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\lsp.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\net.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\net.log.~0
C:\PROGRA~1\Agnitum\OUTPOS~1\log\netstat.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\netstat4.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\op_mon.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\presets_acs.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\profiler.0
C:\PROGRA~1\Agnitum\OUTPOS~1\log\profiler.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\protect.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\rules.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\sandbox.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\system.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\update.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\update_syntax_err.log
C:\PROGRA~1\Agnitum\OUTPOS~1\log\updater.0
C:\PROGRA~1\Agnitum\OUTPOS~1\log\updater.log
C:\PROGRA~1\Agnitum\OUTPOS~1\machine.conf
C:\PROGRA~1\Agnitum\OUTPOS~1\machine.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\modules.0
C:\PROGRA~1\Agnitum\OUTPOS~1\modules.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\news\img\agnitum-blog.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\news\img\arrow.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\news\img\security-insight.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\news\img\securityteacher.jpg
C:\PROGRA~1\Agnitum\OUTPOS~1\news\index.html
C:\PROGRA~1\Agnitum\OUTPOS~1\op_cmn.de
C:\PROGRA~1\Agnitum\OUTPOS~1\op_cmn.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\op_cmn.es
C:\PROGRA~1\Agnitum\OUTPOS~1\op_cmn.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\op_cmn.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\op_import.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\op_install.de
C:\PROGRA~1\Agnitum\OUTPOS~1\op_install.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\op_install.es
C:\PROGRA~1\Agnitum\OUTPOS~1\op_install.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\op_install.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\op_links.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.de
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.es
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\op_shell.de
C:\PROGRA~1\Agnitum\OUTPOS~1\op_shell.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\op_shell.es
C:\PROGRA~1\Agnitum\OUTPOS~1\op_shell.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\op_shell.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\antimalware.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\antimalware.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\antimalware.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\antimalware.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\antimalware.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\logviewer.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\logviewer.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\logviewer.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\logviewer.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\logviewer.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\netstatviewer.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\netstatviewer.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\netstatviewer.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\netstatviewer.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins\netstatviewer.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\amw.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\amw.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\amw.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\amw.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\amw.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\amw\ondemand_scan.profile
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\amw\sched_scan.profile
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\content.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\content.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\content.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\content.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\content.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\downloader.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\downloader.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\downloader.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\downloader.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\downloader.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\firewall.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\firewall.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\firewall.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\firewall.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\firewall.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\hips.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\hips.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\hips.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\hips.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\hips.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\sand.de
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\sand.es
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\sand.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\sand.ofp
C:\PROGRA~1\Agnitum\OUTPOS~1\plugins_acs\sand.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\preconfig.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\preset.conf
C:\PROGRA~1\Agnitum\OUTPOS~1\py_localize.de
C:\PROGRA~1\Agnitum\OUTPOS~1\py_localize.en
C:\PROGRA~1\Agnitum\OUTPOS~1\py_localize.es
C:\PROGRA~1\Agnitum\OUTPOS~1\py_localize.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\py_localize.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\python25.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\rc_macro.lst
C:\PROGRA~1\Agnitum\OUTPOS~1\SandBox.cat
C:\PROGRA~1\Agnitum\OUTPOS~1\SandBox.inf
C:\PROGRA~1\Agnitum\OUTPOS~1\sp_db.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\spy_sites.inet
C:\PROGRA~1\Agnitum\OUTPOS~1\unins000.dat
C:\PROGRA~1\Agnitum\OUTPOS~1\unins000.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\unrar.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\update.de
C:\PROGRA~1\Agnitum\OUTPOS~1\update.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\update.es
C:\PROGRA~1\Agnitum\OUTPOS~1\update.fr
C:\PROGRA~1\Agnitum\OUTPOS~1\update.ico
C:\PROGRA~1\Agnitum\OUTPOS~1\update.ru
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\ads_link.inet
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\compatibility.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\preset.479.zip
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\spy.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\spy\spy6_inc.sdb
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\spy\spy6_main.sdb
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\spy_sites.inet
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\spy6_inc.zip
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\spy6_main.zip
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\update.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\update_presets.ini
C:\PROGRA~1\Agnitum\OUTPOS~1\update_oss20\downloaded files\vendors.inet
C:\PROGRA~1\Agnitum\OUTPOS~1\upx.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\vendors.inet
C:\PROGRA~1\Agnitum\OUTPOS~1\Warning.wav
C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\xpbar.dll
C:\PROGRA~1\Agnitum\OUTPOS~1\zlib.dll
C:\Program Files\AxBx
C:\Program Files\AxBx\PC Security Test 2008\aide_faq.txt
C:\Program Files\AxBx\PC Security Test 2008\aide_hacking.txt
C:\Program Files\AxBx\PC Security Test 2008\aide_spyware.txt
C:\Program Files\AxBx\PC Security Test 2008\aide_virus.txt
C:\Program Files\AxBx\PC Security Test 2008\conseils.pdf
C:\Program Files\AxBx\PC Security Test 2008\detail_h1.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_h2.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_h3.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_s1.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_s2.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_s3.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_v1.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_v2.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_v3.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_v4.txt
C:\Program Files\AxBx\PC Security Test 2008\detail_v5.txt
C:\Program Files\AxBx\PC Security Test 2008\PCSecurityTest.exe
C:\Program Files\AxBx\PC Security Test 2008\PCSecurityTest.url
C:\Program Files\AxBx\PC Security Test 2008\profil.csv
C:\Program Files\AxBx\PC Security Test 2008\qcm.csv
C:\Program Files\AxBx\PC Security Test 2008\sop.exe
C:\Program Files\AxBx\PC Security Test 2008\test_vir.dat
C:\Program Files\AxBx\PC Security Test 2008\unins000.dat
C:\Program Files\AxBx\PC Security Test 2008\unins000.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\bon_commande_pro2008.rtf
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\francais.lng
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\iedata.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\licence.txt
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\ProcessWatch2.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\Quarantaine\attention ce dossier peut contenir des fichiers infectes\attention ce dossier peut contenir des fichiers infectes
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\Quarantaine\fdsv.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\Quarantaine\FreeMem.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\Quarantaine\grep.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\Quarantaine\Nircmd.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\Quarantaine\sed.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\Quarantaine\system32.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\reg.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\root.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\sys.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\sys32.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\temp.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\unins000.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\unins000.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\viruskeeper.001
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\viruskeeper.cfg
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\VirusKeeper.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\viruskeeper.hlp
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\VirusKeeper.url
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_bhotb.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_close.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_dpl.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_pemd.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_pemd2.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_plan.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_planrun.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_quarant.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_report.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_restart.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_run.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_scan.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_scanfile.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_scanprocess.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_scanroot.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_scanspy.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_service.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_sig.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_sig2.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_ss.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_sscan.dll
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_state.dll
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_sw.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_unreg.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_uz.dll
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vklog.dat
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vkscanspy.001
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vkw.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\win.dat
C:\Program Files\LabelCommand
C:\Program Files\LabelCommand\uninstall.dat
C:\Program Files\LabelCommand\Uninstall.exe
C:\Users\laurence\AppData\Local\Temp\opnlMdAP.dll
C:\Windows\system32\DRIVERS\afw.sys
C:\Windows\System32\Filt
C:\Windows\System32\Filt\~spy6_main.sdb
C:\Windows\System32\Filt\ASWFilt.dll
C:\Windows\System32\Filt\spy6_inc.sdb
C:\Windows\System32\Filt\spy6_main.sdb
C:\Windows\system32\iIbBrPhH.dll
C:\Windows\System32\mlJAqPGY.dll
C:\Windows\System32\opnOijhg.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AFW
-------\Service_acssrv
-------\Service_afw
-------\Service_sgSchedulerService
-------\Service_sgShutdownService
-------\Service_vkservice

((((((((((((((((((((((((((((( Fichiers créés 2008-04-24 to 2008-05-24 ))))))))))))))))))))))))))))))))))))
.

2008-05-24 22:11 . 2008-05-24 22:13 <REP> d-------- C:\Program Files\PeerGuardian2
2008-05-24 19:44 . 2008-05-24 23:33 <REP> d-------- C:\Program Files\WinClamAVShield
2008-05-24 16:50 . 2008-05-24 16:50 244 --ah----- C:\sqmnoopt01.sqm
2008-05-24 16:50 . 2008-05-24 16:50 232 --ah----- C:\sqmdata01.sqm
2008-05-24 16:06 . 2007-10-25 19:17 49 --a------ C:\Windows\transp.gif
2008-05-24 15:46 . 2008-05-24 23:24 <REP> d-------- C:\Program Files\Agnitum
2008-05-24 15:44 . 2008-05-24 15:44 <REP> d-------- C:\ProgramData\Agnitum
2008-05-24 00:00 . 2008-05-24 00:00 <REP> d--hs---- C:\found.000
2008-05-23 16:09 . 2008-05-23 16:28 <REP> d-------- C:\Users\laurence\AppData\Roaming\LimeWire
2008-05-23 16:08 . 2008-05-23 16:16 <REP> d-------- C:\Program Files\LimeWire
2008-05-22 02:02 . 2008-05-22 02:02 <REP> d-------- C:\Program Files\Smart Projects
2008-05-21 23:25 . 2008-05-21 23:25 28,812,800 --a------ C:\Windows\System32\imageres.dll
2008-05-21 04:37 . 2008-05-21 04:37 <REP> d-------- C:\Program Files\Yamicsoft
2008-05-21 04:34 . 2008-05-21 04:34 <REP> d-------- C:\ProgramData\Stardock
2008-05-21 04:34 . 2008-05-21 04:34 <REP> d-------- C:\Program Files\Stardock
2008-05-21 04:34 . 2007-06-05 11:26 567,040 --a------ C:\Windows\System32\wbocx.ocx
2008-05-21 04:34 . 2007-06-05 11:26 56,496 --a------ C:\Windows\System32\wbhelp2.dll
2008-05-21 02:12 . 2008-05-21 02:12 <REP> d-------- C:\ProgramData\Avg8
2008-05-20 23:45 . 2008-05-21 01:47 <REP> d--h----- C:\$AVG8.VAULT$
2008-05-20 21:42 . 2008-05-21 00:36 <REP> d-------- C:\ProgramData\Avira
2008-05-20 21:42 . 2008-05-20 21:42 <REP> d-------- C:\Program Files\Avira
2008-05-20 21:29 . 2008-05-20 21:29 <REP> d-------- C:\Program Files\Crawler
2008-05-20 21:28 . 2008-05-24 23:13 <REP> d-------- C:\Users\laurence\AppData\Roaming\Spyware Terminator
2008-05-20 21:28 . 2008-05-24 23:16 <REP> d-------- C:\ProgramData\Spyware Terminator
2008-05-20 21:28 . 2008-05-24 23:15 <REP> d-------- C:\Program Files\Spyware Terminator
2008-05-20 21:28 . 2008-05-20 21:28 141,312 --a------ C:\Windows\System32\drivers\sp_rsdrv2.sys
2008-05-20 20:14 . 2008-05-20 20:14 <REP> d-------- C:\Users\laurence\temp
2008-05-20 20:14 . 2008-05-20 20:14 <REP> d-------- C:\Users\laurence\AppData\Roaming\TeamViewer
2008-05-20 20:14 . 2008-05-20 20:15 <REP> d-------- C:\Program Files\TeamViewer3
2008-05-20 08:31 . 2008-05-20 08:31 <REP> d-------- C:\ProgramData\WindowsSearch
2008-05-17 01:24 . 2008-05-17 01:49 <REP> d-------- C:\Program Files\MSNServersX
2008-05-16 18:26 . 2008-05-16 18:26 <REP> d-------- C:\Program Files\7-Zip
2008-05-16 15:59 . 2008-05-24 22:53 243,284,201 --a------ C:\Windows\MEMORY.DMP
2008-05-16 01:59 . 2004-02-05 20:53 389,120 --a------ C:\Windows\System32\actskn43.ocx
2008-05-16 01:59 . 2004-01-08 01:43 253,952 --a------ C:\Windows\System32\histogram.ocx
2008-05-16 01:59 . 2004-01-09 10:54 188,416 --a------ C:\Windows\System32\actsplash.ocx
2008-05-16 01:53 . 2008-05-16 16:44 <REP> d-------- C:\Users\laurence\AppData\Roaming\DMCache
2008-05-16 01:05 . 2008-05-16 01:05 <REP> d-------- C:\ProgramData\CheckPoint
2008-05-16 01:05 . 2008-05-16 01:05 <REP> d-------- C:\Program Files\Zone Labs
2008-05-16 01:05 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
2008-05-16 01:04 . 2008-05-24 17:09 <REP> d-------- C:\Windows\System32\ZoneLabs
2008-05-16 01:04 . 2008-05-24 23:28 351,782 --ah----- C:\Windows\System32\drivers\vsconfig.xml
2008-05-16 01:04 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys
2008-05-16 01:03 . 2008-05-24 23:31 <REP> d-------- C:\Windows\Internet Logs
2008-05-15 15:59 . 2008-05-15 16:43 <REP> d-------- C:\Downloads
2008-05-15 15:12 . 2008-05-15 15:12 <REP> d-------- C:\Users\laurence\AppData\Roaming\Intelore
2008-05-15 15:12 . 2008-05-15 21:37 <REP> d-------- C:\Program Files\Intelore
2008-05-15 15:02 . 2008-05-15 15:02 <REP> d-------- C:\Windows\Downloaded Installations
2008-05-14 15:15 . 2008-05-14 15:15 <REP> d-------- C:\ProgramData\WinZip
2008-05-14 15:02 . 2008-05-14 15:02 <REP> d-------- C:\ProgramData\PY_Software
2008-05-14 15:02 . 2007-08-13 14:51 446,464 --a------ C:\Windows\System32\wmvdmoe.dll
2008-05-14 15:01 . 2008-05-14 15:47 <REP> d-------- C:\Program Files\Active WebCam
2008-05-12 17:17 . 2008-05-12 17:17 <REP> d-------- C:\Program Files\Msn Messenger
2008-05-12 04:01 . 2008-05-21 15:38 <REP> d-------- C:\FAUXVIRUS
2008-05-12 02:02 . 2008-05-12 02:02 <REP> d-------- C:\Users\laurence\AppData\Roaming\FlashGet
2008-05-12 01:58 . 2008-05-12 02:02 <REP> d-------- C:\Program Files\FlashGet
2008-05-12 00:47 . 1996-07-18 14:06 297,472 --a------ C:\Windows\uninst.exe
2008-05-08 13:52 . 2008-05-08 13:59 <REP> d-------- C:\Program Files\Buzz
2008-05-08 13:50 . 2008-05-08 13:59 <REP> d-------- C:\Program Files\Jeskola Buzz
2008-05-07 01:01 . 2008-05-07 01:01 <REP> d-------- C:\Program Files\DJ Mix Lite
2008-05-04 18:19 . 2008-05-24 23:34 <REP> d-------- C:\Users\laurence\AppData\Roaming\OpenOffice.org2
2008-05-04 18:03 . 2008-05-04 18:11 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-30 14:27 . 2008-04-30 14:27 <REP> d-------- C:\Program Files\Micro Application
2008-04-30 07:22 . 2008-04-30 07:31 <REP> d-------- C:\Update
2008-04-26 17:23 . 2008-04-26 17:23 <REP> d-------- C:\ProgramData\Player Metaboli
2008-04-26 11:06 . 2008-04-26 11:06 <REP> d-------- C:\Users\laurence\AppData\Roaming\Apple Computer
2008-04-26 11:06 . 2008-04-26 11:06 <REP> d-------- C:\Program Files\iPod
2008-04-26 11:05 . 2008-04-26 11:06 <REP> d-------- C:\Program Files\iTunes
2008-04-26 11:04 . 2008-04-26 11:04 <REP> d-------- C:\Program Files\Bonjour
2008-04-26 11:02 . 2008-04-26 11:05 <REP> d-------- C:\ProgramData\Apple Computer
2008-04-26 11:02 . 2008-04-26 11:03 <REP> d-------- C:\Program Files\QuickTime
2008-04-26 11:01 . 2008-04-26 11:01 <REP> d-------- C:\Program Files\Apple Software Update
2008-04-26 10:58 . 2008-04-26 10:58 <REP> d-------- C:\ProgramData\Apple
2008-04-26 10:58 . 2008-04-26 10:58 <REP> d-------- C:\Program Files\Common Files\Apple
2008-04-26 02:29 . 2008-04-26 02:29 <REP> d-------- C:\Users\laurence\AppData\Roaming\DAEMON Tools
2008-04-26 02:29 . 2008-04-26 02:29 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-04-24 08:51 . 2007-12-23 18:08 <REP> d-------- C:\Windows\System32\Counter-Strike 1.6 + Half-Life

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-24 17:27 --------- d-----w C:\Program Files\Google
2008-05-24 17:27 --------- d-----w C:\Program Files\GamesBar
2008-05-24 17:13 27,620 ----a-w C:\Users\laurence\AppData\Roaming\nvModes.dat
2008-05-24 14:47 --------- d-----w C:\ProgramData\GamesBar
2008-05-24 11:34 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-21 23:12 --------- d-----w C:\ProgramData\eMule
2008-05-21 20:56 --------- d-----w C:\ProgramData\Roxio
2008-05-21 17:32 1,208,320 ----a-w C:\Windows\Internet Logs\xDBA0D0.tmp
2008-05-21 00:31 3,748,864 ----a-w C:\Windows\Internet Logs\xDB8600.tmp
2008-05-18 00:35 161,792 ----a-w C:\Windows\Internet Logs\xDB8499.tmp
2008-05-17 22:44 --------- d-----w C:\Program Files\eMule
2008-05-17 22:26 1,175,040 ----a-w C:\Windows\Internet Logs\xDB7D3A.tmp
2008-05-16 22:21 --------- d-----w C:\Program Files\Windows Mail
2008-05-16 14:46 22,528 ----a-w C:\Windows\Internet Logs\xDB86DB.tmp
2008-05-16 14:46 1,987,072 ----a-w C:\Windows\Internet Logs\xDB8862.tmp
2008-05-16 14:25 44,544 ----a-w C:\Windows\Internet Logs\xDB83A0.tmp
2008-05-16 14:00 24,576 ----a-w C:\Windows\Internet Logs\xDBD91F.tmp
2008-05-16 13:58 47,616 ----a-w C:\Windows\Internet Logs\xDBBBBF.tmp
2008-05-16 00:22 1,041,920 ----a-w C:\Windows\Internet Logs\xDB8F24.tmp
2008-05-16 00:21 1,982,976 ----a-w C:\Windows\Internet Logs\xDB93B7.tmp
2008-05-15 23:58 680,960 ----a-w C:\Windows\is-1M35J.exe
2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-05-15 12:25 --------- d-----w C:\Program Files\Java
2008-05-12 13:19 --------- d-----w C:\Users\laurence\AppData\Roaming\uTorrent
2008-05-11 03:58 --------- d-----w C:\ProgramData\Part Hide Grey Pop
2008-05-11 03:58 --------- d-----w C:\ProgramData\BrowseSizeBags
2008-05-11 03:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-05-11 03:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-30 05:21 --------- d-----w C:\Users\laurence\AppData\Roaming\Sony Corporation
2008-04-26 15:23 --------- d-----w C:\Program Files\Player Metaboli
2008-04-26 00:25 --------- d-----w C:\ProgramData\Sony Corporation
2008-04-23 15:55 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-23 15:54 --------- d-----w C:\Program Files\Microsoft Works
2008-04-23 15:49 --------- d-----w C:\Program Files\WarRock
2008-04-23 15:41 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-04-23 15:41 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-04-21 13:37 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2008-04-21 13:18 22,328 ----a-w C:\Users\laurence\AppData\Roaming\PnkBstrK.sys
2008-04-21 12:20 --------- d-----w C:\Program Files\Circle Developement
2008-04-21 12:13 --------- d-----w C:\Users\laurence\AppData\Roaming\Roxio
2008-04-21 12:10 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-04-19 18:07 --------- d---a-w C:\ProgramData\TEMP
2008-04-19 00:56 --------- d-----w C:\Program Files\AtomixMP3
2008-04-19 00:04 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-04-15 19:35 --------- d-----w C:\ProgramData\Symantec
2008-04-15 19:35 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-15 19:00 --------- d-----w C:\Program Files\Wolfenstein - Enemy Territory
2008-04-15 18:45 --------- d-----w C:\Program Files\Symantec
2008-04-15 18:45 --------- d-----w C:\Program Files\Norton 360
2008-04-15 11:18 174 --sha-w C:\Program Files\desktop.ini
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Sidebar
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Journal
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Defender
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Collaboration
2008-04-15 11:08 --------- d-----w C:\Program Files\Windows Calendar
2008-04-15 10:41 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-04-15 10:41 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-04-14 16:30 --------- d-----w C:\Program Files\Big City Adventure - San Francisco Deluxe
2008-04-14 16:21 --------- d-----w C:\Program Files\Common Files\Oberon Media
2008-04-14 08:06 --------- d-----w C:\Program Files\Reverse & Upper
2008-04-14 07:42 --------- d-----w C:\ProgramData\Messenger Plus!
2008-04-14 01:59 --------- d-----w C:\Users\laurence\AppData\Roaming\Symantec
2008-04-13 11:24 --------- d-----w C:\Program Files\Windows Live
2008-04-13 10:37 --------- d-----w C:\Program Files\Tronics
2008-04-13 09:53 --------- d-----w C:\Program Files\uTorrent
2008-04-13 06:40 --------- d-----w C:\Users\laurence\AppData\Roaming\Azureus
2008-04-13 03:28 --------- d-----w C:\Program Files\Azureus
2008-04-13 02:44 228 ----a-w C:\Users\laurence\AppData\Roaming\wklnhst.dat
2008-04-12 20:26 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-04-12 20:25 --------- d-----w C:\Program Files\Windows Live Favorites
2008-04-12 20:20 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-12 20:06 --------- d-----w C:\ProgramData\WLInstaller
2008-04-12 05:37 --------- d-----w C:\Users\laurence\AppData\Roaming\ubi.com
2008-04-12 05:37 --------- d-----w C:\Program Files\Common Files\PocketSoft
2008-04-11 00:08 --------- d-----w C:\Program Files\DesktopEarth
2008-04-10 18:53 --------- d-----w C:\ProgramData\Oberon Media
2008-04-09 10:08 988,216 ----a-w C:\Windows\System32\winload.exe
2008-04-09 10:08 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-04-09 10:08 615,992 ----a-w C:\Windows\System32\ci.dll
2008-04-09 10:08 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-04-09 10:08 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-04-09 10:08 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-04-09 10:08 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-04-09 10:08 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-04-09 10:08 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-04-09 10:08 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-04-09 10:07 295,936 ----a-w C:\Windows\System32\gdi32.dll
2008-04-09 10:07 2,032,128 ----a-w C:\Windows\System32\win32k.sys
2008-04-09 10:03 826,880 ----a-w C:\Windows\System32\wininet.dll
2008-04-08 20:48 --------- d-----w C:\ProgramData\Awem
2008-04-08 20:47 --------- d-----w C:\Users\laurence\AppData\Roaming\Zylom
2008-04-08 02:33 --------- d-----w C:\Users\laurence\AppData\Roaming\Template
2008-04-06 15:21 --------- d-----w C:\ProgramData\BC Soft Games
2008-04-05 15:59 --------- d-----w C:\Users\laurence\AppData\Roaming\FloodLightGames
2008-04-05 15:59 --------- d-----w C:\ProgramData\FloodLightGames
2008-04-04 17:14 --------- d-----w C:\Users\laurence\AppData\Roaming\Flood Light Games
2008-04-04 17:14 --------- d-----w C:\ProgramData\Flood Light Games
2008-04-04 17:13 --------- d-----w C:\Program Files\orange
2008-04-02 14:52 --------- d-----w C:\Program Files\Metin2_France
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((( snapshot_2008-05-24_23.36.50.02 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-24 21:30:49 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-05-24 21:38:34 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-05-24 21:31:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-05-24 21:38:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-05-24 21:31:11 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-05-24 21:38:42 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-05-24 21:31:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-05-24 21:38:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 09:36 2153472 C:\Windows\System32\oobefldr.dll]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-05-12 01:58 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 03:58 835584]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-26 02:39 4489216 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-06-26 02:39 1826816 C:\Windows\SkyTel.exe]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-01 02:18 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-01 02:17 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-01 02:17 81920]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-06-29 13:44 1990704]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
"RegistryMechanic"="" []
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-20 21:28 1817600]
"OutpostFeedBack"="C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

C:\Users\laurence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Audio Filter.lnk - C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe [2007-09-08 03:41:15 5742136]
DesktopEarth AutoStart.lnk - C:\Users\laurence\AppData\Roaming\Microsoft\Installer\{D87176E9-ECD0-48C6-8E8B-B0054781DFB4}\_2B52280D74B238E888B1F2.exe [2008-04-11 02:08:11 29926]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-07-03 10:31:46 739880]
Magic-i Visual Effects.lnk - C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe [2008-03-22 18:46:56 330496]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2007-07-24 19:26 98304 C:\Windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9D1354B2-32AA-492B-9BA3-C193E984C6F5}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{83634136-311B-4F8E-A26B-E8DAAE890EDF}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{0339FB09-CA61-469B-BB26-89845EAB81A2}"= Disabled:UDP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{2363B687-DD31-4765-8833-D49227ED8A7A}"= Disabled:TCP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"TCP Query User{8580D146-E2F8-4AF7-B793-578D0F9E5AD0}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{957FB1A9-70FA-4731-9435-9C133B400ECB}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{CAE30764-25A5-4936-BABD-30654ABCB019}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{51B22EB5-91B3-498E-95CE-526CEF03ED6F}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{A902B566-28D1-424E-9D41-8A5C707EC0DA}C:\\windows\\system32\\dpnsvr.exe"= UDP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"UDP Query User{F39A9EB9-F6D9-4F38-B648-B126295C3B21}C:\\windows\\system32\\dpnsvr.exe"= TCP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"{BF86D596-FBBC-427A-9F21-6C1F823BD6E0}"= C:\Program Files\Windows Live\Messenger\wlcsdk.exe:Windows Live Messenger (Phone)
"{4F5C9938-1D0E-450C-8774-E285D5C005F8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{4955ED3B-7F77-49BD-9397-0CBDB3B50B35}C:\\program files\\metin2_france\\metin2.bin"= UDP:C:\program files\metin2_france\metin2.bin:metin2.bin
"UDP Query User{E8F9C6EB-7EDE-4BFB-9706-A8F8218B506A}C:\\program files\\metin2_france\\metin2.bin"= TCP:C:\program files\metin2_france\metin2.bin:metin2.bin
"TCP Query User{A82616D1-8CF4-4ADC-A45D-E726AB2BF990}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{9A86B7F1-4349-47A6-A05F-47A67F37C95C}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{D1D0BDC7-4D1B-4339-B980-7173DAB5ABEB}C:\\program files\\urbanterror\\iourbanterror.exe"= UDP:C:\program files\urbanterror\iourbanterror.exe:ioUrbanTerror
"UDP Query User{27CF99FC-8AB2-4050-9396-8E41189E7243}C:\\program files\\urbanterror\\iourbanterror.exe"= TCP:C:\program files\urbanterror\iourbanterror.exe:ioUrbanTerror
"TCP Query User{990D7BFC-552B-4210-8BC5-CDB84C0B0C62}C:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{9FB89298-73E7-467A-AF68-012C8AF91E29}C:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"TCP Query User{544308AD-4646-47A3-B435-06CDAC6F669C}C:\\program files\\romusoft\\romustrike\\romustrike.exe"= UDP:C:\program files\romusoft\romustrike\romustrike.exe:romustrike
"UDP Query User{A5B69905-BE94-4C83-8FE0-5FC0B1C09A51}C:\\program files\\romusoft\\romustrike\\romustrike.exe"= TCP:C:\program files\romusoft\romustrike\romustrike.exe:romustrike
"TCP Query User{149E2D7B-913C-4698-B0ED-CC5135FE9AFC}C:\\program files\\ubi soft\\il-2 sturmovik forgotten battles\\il2fb.exe"= UDP:C:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe:il2fb
"UDP Query User{688D445B-F933-4D7A-902A-ADF36DC9B93A}C:\\program files\\ubi soft\\il-2 sturmovik forgotten battles\\il2fb.exe"= TCP:C:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe:il2fb
"TCP Query User{B5CAEE9F-0BAF-4BBD-B47B-E1F30C7D977D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{46BAE939-AB87-4F46-9231-5C83200AB1A0}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{A3749770-E0FD-4B6C-827C-44F881BACEF9}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{29493646-C225-47DC-8882-78609DCFE5B3}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{EC53B07D-748F-4FFF-B00D-CC386BC2E4C2}C:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{7080DEE8-B13E-4C43-B1E4-C7857498FF72}C:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"{1AA86562-8DDC-4E85-B135-6791AD83EA11}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CBBB56EB-CC72-42A2-AB51-A6E17478C1B3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{944546E1-E57D-462E-970D-41A50A3E3C31}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{BEB19802-9B62-4FF2-B9BD-F6244B50B828}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8D539923-E73E-40DA-80F6-EA727BD6711F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2A8B8782-BACB-4AA0-BF95-7AD6573EDB58}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DC81D270-24FC-41FA-AD2A-0ED3C330BE7D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{D7E406F4-FA67-4667-A185-C49CD689B7E5}C:\\sierra\\half-life\\hl.exe"= UDP:C:\sierra\half-life\hl.exe:Half-Life Launcher
"UDP Query User{CD5846FC-C8B9-4225-AB59-CE7DF4246562}C:\\sierra\\half-life\\hl.exe"= TCP:C:\sierra\half-life\hl.exe:Half-Life Launcher
"{2FA411EB-287D-40F0-B7EA-5828D17EB931}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{5589924F-A9F1-40B5-B52A-F91011B84B93}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{19F1028B-AA2A-4A45-9E41-151F857D8460}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{0E56E709-3997-4B38-8795-30A1BE9D55A1}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{E9FF69AF-2278-4A72-B3E2-65C827FA4A5F}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{15DAE65B-CB27-46A0-AED4-A7B6D2E21BA6}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{8D0DE13B-FA87-469E-8AAA-ACFDB3DE1D5F}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hl.exe"= UDP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hl.exe:hl.exe
"UDP Query User{F8718D74-D1FE-4A6E-908D-C8E7DED7F9A6}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hl.exe"= TCP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hl.exe:hl.exe
"TCP Query User{316ED69C-0669-4CF5-870F-A68E618829F6}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hltv.exe"= UDP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hltv.exe:hltv.exe
"UDP Query User{C884B349-B0BD-43A2-A4A7-A1876C601CF1}C:\\users\\laurence\\documents\\downloads\\counter-strike 1.6 + half-life\\hltv.exe"= TCP:C:\users\laurence\documents\downloads\counter-strike 1.6 + half-life\hltv.exe:hltv.exe
"TCP Query User{1E1BF027-2190-4567-86AF-3EC670BA2304}C:\\sierra\\half-life\\pingtool\\pingtool.exe"= UDP:C:\sierra\half-life\pingtool\pingtool.exe:PingTool
"UDP Query User{146E0D90-3E45-4E0A-8D55-A73E17CEB3CF}C:\\sierra\\half-life\\pingtool\\pingtool.exe"= TCP:C:\sierra\half-life\pingtool\pingtool.exe:PingTool
"{51B9D976-D2F1-4A2C-9CC8-16D4B0EEA08E}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{2250065A-6F13-4B2D-8C77-EE11F6F21DCA}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{8FBD0F36-EFC6-4AFF-A13B-7C24213BF685}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{AEAB6399-D78B-45B9-BA87-745EFF7024F1}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{BA722279-EB77-4515-BD5F-CDEE441E14B8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{05558D01-EA71-42E2-8155-4FBD61A88FC6}C:\\program files\\flashget\\flashget.exe"= UDP:C:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{41A15DC5-5875-434C-BD51-D8C522440E40}C:\\program files\\flashget\\flashget.exe"= TCP:C:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{ED7D6854-FBE0-4500-AAD3-210BDD12DFFE}C:\\program files\\active webcam\\webcam.exe"= UDP:C:\program files\active webcam\webcam.exe:Active WebCam
"UDP Query User{1F771DD3-6840-4DE9-AA00-F78A4FD9FAE6}C:\\program files\\active webcam\\webcam.exe"= TCP:C:\program files\active webcam\webcam.exe:Active WebCam
"TCP Query User{9BB785A2-BBB3-4E8E-968D-CFC012AABD44}C:\\users\\laurence\\desktop\\hacker logiciel\\proconnective.exe"= UDP:C:\users\laurence\desktop\hacker logiciel\proconnective.exe:proconnective.exe
"UDP Query User{2386B152-DE81-4B1D-8398-6563745A5702}C:\\users\\laurence\\desktop\\hacker logiciel\\proconnective.exe"= TCP:C:\users\laurence\desktop\hacker logiciel\proconnective.exe:proconnective.exe
"TCP Query User{F867815B-AD0A-4552-8306-EB2A444360D1}C:\\program files\\azureus\\azureus.exe"= Disabled:UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{70C5A063-547E-4F13-BB1D-D0FFFEC77D05}C:\\program files\\azureus\\azureus.exe"= Disabled:TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{47C3CF9C-0B0B-4F4E-87F4-4DED3B32B2E0}C:\\users\\laurence\\desktop\\h4ck0r1sus(2).exe"= Disabled:UDP:C:\users\laurence\desktop\h4ck0r1sus(2).exe:h4ck0r1sus(2).exe
"UDP Query User{D3F967B3-C2B7-4AF9-829B-40EE8E84FCC5}C:\\users\\laurence\\desktop\\h4ck0r1sus(2).exe"= Disabled:TCP:C:\users\laurence\desktop\h4ck0r1sus(2).exe:h4ck0r1sus(2).exe
"TCP Query User{F94BB909-45C3-4E6F-9E83-3BB68F2E9319}C:\\users\\laurence\\desktop\\h4ck0r1sus.exe"= Disabled:UDP:C:\users\laurence\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe
"UDP Query User{B48AE23A-AE9E-432B-801A-A0BECB894A73}C:\\users\\laurence\\desktop\\h4ck0r1sus.exe"= Disabled:TCP:C:\users\laurence\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe
"{5E00AE05-1C8F-43AE-9F10-45CF708C418A}"= UDP:C:\Users\laurence\Desktop\LimeWireWin\LimeWire\LimeWire.exe:LimeWire
"{54058BFD-6F1A-475E-AB92-C3426A7AB73A}"= TCP:C:\Users\laurence\Desktop\LimeWireWin\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{A8C55862-6B94-4FE3-888D-40351CA77D78}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{290A9F4F-B66A-4531-9AD0-B22CBAA36651}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);C:\Windows\system32\drivers\pe3ajbeb.sys [2007-08-22 18:31]
R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);C:\Windows\system32\drivers\ps7ajbeb.sys [2007-08-22 18:30]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-05-20 21:28]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [2007-04-17 20:09]
R2 TeamViewer;TeamViewer 3;"C:\Program Files\TeamViewer3\TeamViewer_Host.exe" -service []
R2 X4HSX32Ex;X4HSX32Ex;C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [2007-11-14 11:30]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-13 08:14]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-05-30 20:14]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2007-04-20 02:00]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2007-04-20 02:00]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 02:00]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-07-13 08:15]
S2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);C:\Windows\system32\pr2ajbeb.exe svc []
S3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-07-24 02:56]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-07-24 02:56]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-07-24 02:55]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-24 02:56]
S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2007-07-09 15:53]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 16:51]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" []
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 15:34]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2007-07-05 19:12]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [2007-07-05 17:43]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-12 20:26:14 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-24 23:47:17
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-24 23:48:20
ComboFix-quarantined-files.txt 2008-05-24 21:48:03
ComboFix2.txt 2008-05-24 17:31:09

Pre-Run: 37,649,809,408 octets libres
Post-Run: 37,619,777,536 octets libres

724 --- E O F --- 2008-05-24 11:34:10

et voila le rapport de hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:56:05, on 24/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\laurence\Desktop\logiciel anti virus, anti spayware\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/?tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {E738884B-E75D-4AC3-B03F-62F7E7DD853E} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Startup: DesktopEarth AutoStart.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Magic-i Visual Effects.lnk = C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTR

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

salut

Fais un scan avec cet antispyware :

Telecharge malwarebytes + tutoriel :

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

@+

Réponse 6 / 16

Over-lOoukiNGg

salut g!rly
je suis en train de faire le scan là,
mais je voulais savoir aussi si il y a un logiciel pour voir si il ne manque pas de fichier sur mon ordinateur, des fichier important, parce que je suis sous vista et j'ai pleins de problème, je navigue un peut sur le net et après je peut plus naviguer je suis obliger de redémarrer mon ordi parce que tout les programmes beug, donc je pense que c'est des fichier important qui sont soit endommager, soit supprimer, parce que la dernière fois, j'ai, pratiquer la routine j'ai redémarrer mon pc, et il me dit que le démarrage ne se passe pas correctement car des fichier, sont endommager alors j'ai du reprendre une sauvegarder du système, alors si il y aurai un programme pour vérifier l'état de mon système et corriger tout les fichier endommager ou rajouter les fichier supprimer sa serai vraiment cool

là je suis en train de faire le scan des qu'il es fini je t'envoie le rapport !

Réponse 7 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

salut,

on va voir le rapport de malwarebytes, ce que tu m´explique est en relation avec tes infections du moment, donc laisse tourner malwarebytes, au besoin on pourra effectuer une reparation de windows, mais je pensse que les maux de ton pc sont comme je te l´ai dit du aux infections...

@+

guigui27

salut g!rly, je voulai savoir si tu avais quelque minute a m'accorder pour mon sujet d'hier, je ne sais pa si tu te souvien(ask toolbar et funwebproducts)j'ai fait ce que tu ma di et g tt poster sur mon topic, dsl pour le derangement

Réponse 8 / 16

Over-lOoukiNGg

reuh' g!rly
voila le scan a reveler beaucoup de virus ^^ et j'ai tout supprimer!!
$(4n d3 M47W4R3bYtEs ::

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 785

Type de recherche: Examen complet (C:\|)
Eléments examinés: 188616
Temps écoulé: 39 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7c4bcd17-bdba-4078-9d8c-8ca8b7eabe77} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\LogicFunctions (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pvnsmfor.belp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\pvnsmfor.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\SystemRestore\FRStaging\Users\laurence\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYNLX1NN\Install_526_1_[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\SystemRestore\FRStaging\Users\laurence\AppData\Local\Temp\wtifgfyh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

bonne chance g!rly et et encore mercii

Réponse 9 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

ok

post moi ce rapport stp

Télécharge ComboScan sur ton Bureau en bas de cette pae en clickant sur download file

-> http://www.geekstogo.com/forum/files/

Ferme toutes les applications en cours : antivirus, pare-feu, etc ..
Double-clic sur comboscan.exe, dans la fenêtre qui s'affiche, clic sur OK.
Soit patient...
Le rapport Comboscan.txt s'affichera, copie et colle le contenu de ce fichier ici.

Le rapport peut-être long et en deux morceaux vérifie qu'il soit en entier.

esperons qu´il fonctionne sous vista`

@+

Réponse 10 / 16

Over-lOoukiNGg

salut g!rly

voila le rapport de scan de DSS ( ComboFix ) enfin je croit lol
masi le seul soucis c'est que sa c'est mis en deux parti la partie " MAIN " et la parti " EXTRA "

partie EXTRA :

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Édition Familiale Premium (build 6001) SP 1.0
Architecture: X86; Language: French

CPU 0: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Percentage of Memory in Use: 37%
Physical Memory (total/avail): 2045.7 MiB / 1275.19 MiB
Pagefile Memory (total/avail): 4332.67 MiB / 3404.99 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1867.97 MiB

C: is Fixed (NTFS) - 140.13 GiB total, 35.03 GiB free.
D: is Removable (No Media)
E: is Removable (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE1 - MemoryStick0 Device

\\.\PHYSICALDRIVE2 - SD1 Device

\\.\PHYSICALDRIVE0 - Hitachi HTS541616J9SA00 - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 8.92 GiB
\PARTITION1 (bootable) - Système de fichiers installable - 140.13 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: ZoneAlarm Pro Firewall v7.1.254.000 (Check Point, LTD.) [COLOR=RED]Disabled/COLOR
FW: Outpost Firewall Pro v6.0 (Agnitum) [COLOR=RED]Disabled/COLOR
AV: VirusKeeper 2008 Pro antivirus v8.5 (AxBx)
AV: Avira AntiVir PersonalEdition v 7.0.0.2
(Avira GmbH) [COLOR=RED]Outdated/COLOR
AV: avast! antivirus 4.8.1169 [VPS 080525-0] v4.8.1169 (ALWIL Software)
AS: VirusKeeper 2008 Pro antispyware v8.5 (AxBx)
AS: Avira AntiVir PersonalEdition v 7.0.0.2
(Avira GmbH) [COLOR=RED]Outdated/COLOR
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Outpost Firewall Pro vASWDB6, VB4.3, VDB9 (Agnitum) [COLOR=RED]Disabled/COLOR
AS: avast! antivirus 4.8.1169 [VPS 080525-0] v4.8.1169 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\laurence\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC-DE-LAURENCE
ComSpec=C:\Windows\system32\cmd.exe
configsetroot=C:\Windows\ConfigSetRoot
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\laurence
LOCALAPPDATA=C:\Users\laurence\AppData\Local
LOGONSERVER=\\PC-DE-LAURENCE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\laurence\AppData\Local\Temp
TMP=C:\Users\laurence\AppData\Local\Temp
tvdumpflags=8
USERDOMAIN=PC-de-laurence
USERNAME=laurence
USERPROFILE=C:\Users\laurence
windir=C:\Windows

-- User Profiles ---------------------------------------------------------------

laurence

-- Add/Remove Programs ---------------------------------------------------------

-->
-->
-->
-->
-->
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\Program Files\InstallShield Installation Information\{AFBA0609-EB70-43CB-B11C-294EDADFA101}\setup.exe -runfromtemp -l0x040c -removeonly
--> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
--> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
--> MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
--> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
--> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
--> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
--> MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
--> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
7-Zip 4.57 --> "C:\Users\laurence\Desktop\Nouveau dossier\7-Zip\Uninstall.exe"
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Active WebCam --> "C:\Program Files\Active WebCam\PY_UNINSTAL.EXE" SOFTWARE\PySoft\Act_WebCam
ActiveX Graphic & Chart Components --> MsiExec.exe /I{09F9FC56-D303-4099-94F0-D25B84112C4B}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.1 --> MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop Elements 5.0 --> msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 8.1.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Agnitum Outpost Firewall Pro --> "C:\Program Files\Agnitum\Outpost Firewall Pro\unins000.exe"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AppMon Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09A84598-E18A-4E7B-A49A-E19BB8D5C648}\setup.exe" -l0x40c -removeonly
ArcSoft Magic-i Visual Effects --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56345504-DE57-4528-A18B-A567D1E52928}\Setup.exe" -l0x40c
ArcSoft Magic-i Visual Effects Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}\Setup.exe" -l0x40c
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
AtomixMP3 v2.3 Trial --> C:\PROGRA~1\ATOMIX~1\UNWISE.EXE C:\PROGRA~1\ATOMIX~1\INSTALL.LOG
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
Big City Adventure - San Francisco Deluxe --> C:\Program Files\Big City Adventure - San Francisco Deluxe\Uninstal.exe
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CamStudio 2.0 Fr --> "C:\Program Files\CamStudio\unins000.exe"
Click to DVD 2.0.05 Menu Data --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x40c -removeonly
Click to DVD 2.6.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x40c -removeonly
Crawler Toolbar with Web Security Guard --> C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe uninst
DesktopEarth --> MsiExec.exe /I{D87176E9-ECD0-48C6-8E8B-B0054781DFB4}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DJ Mix Lite --> C:\Program Files\DJ Mix Lite\uninstall.exe
DSD Direct --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x40c -removeonly
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Favorit --> c:\users\laurence\appdata\local\aafic.bat
Favorit --> c:\users\laurence\appdata\local\xbmwadm.bat
FlashGet 1.9.0.1012 --> C:\Program Files\FlashGet\uninst.exe
Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GamesBar 1.1.0.5 --> C:\Program Files\GamesBar\uninst.exe
GearDrvs --> MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Half-Life --> C:\Sierra\HALF-L~1\UNWISE.EXE C:\Sierra\HALF-L~1\INSTALL.LOG
HDAUDIO SoftV92 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf
IDT Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}\setup.exe" -l0x40c -remove -removeonly
Intel(R) Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe
IsoBuster 2.2 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
L'Ile Noyée --> "C:\Program Files\Micro Application\L'Ile Noyée\unins000.exe"
Lecteur CANALPLAY 2.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E9E37358-E3E1-47BA-9E21-375EF3616BC9}\setup.exe" -l0x40c -removeonly
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live & Sponsor (CiD) --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Couleur --> MsiExec.exe /I{21D6DDEC-88CC-43AF-BD8C-44ED5F25D5D3}
MSNServersX --> "C:\Program Files\MSNServersX\unins000.exe"
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NeoTrace Express 3.25 --> C:\PROGRA~1\NEOTRA~1\UNWISE.EXE C:\PROGRA~1\NEOTRA~1\INSTALL.LOG
Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenMG Limited Patch 4.7-07-15-19-01 --> C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
OpenOffice.org 2.4 --> MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
Outil de restauration de données VAIO --> C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x040c -removeonly
Outil VAIO Media Registration 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x40c UNINSTALL -removeonly
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Player Metaboli --> "C:\Program Files\Player Metaboli\Uninstall.exe"
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
Reverse & Upper 1.0 --> "C:\Program Files\Reverse & Upper\unins000.exe"
Roxio Easy Media Creator Home --> MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
SC Net Speed Booster 4.5.0.2 --> "C:\Program Files\SoftwareClub.ws\SC Net Speed Booster\unins000.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Setting Utility Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -l0x40c -removeonly
Skype 3.2 --> "C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
SonicStage Mastering Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Audio Filter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Audio Filter Custom Preset --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Plugins --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}\setup.exe" -l0x40c -removeonly
Sony Video Shared Library --> C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x040c -removeonly
Spyware Terminator --> "C:\Program Files\Spyware Terminator\unins000.exe"
Steam Platform 1.1.2.5 i6 --> deltree "c:\Valve"
Surligneur (Windows Live Toolbar) --> MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ubi.com --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x40c UNINSTALL-L0x40c -uninst
VAIO Aqua Breeze Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97BCD719-6ECB-458F-97D6-F38D2E07375E}\setup.exe" -l0x9 -removeonly
VAIO Azure Float Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0312BD0D-A1FE-4E1A-9208-D436F566D867}\setup.exe" -l0x9 -removeonly
VAIO Camera Capture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -l0x40c -removeonly
VAIO Content Folder Setting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -l0x40c -removeonly
VAIO Content Importer / VAIO Content Exporter --> C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Intelligent Analyzing Manager --> C:\Program Files\InstallShield Installation Information\{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Manager Setting --> C:\Program Files\InstallShield Installation Information\{69351E9E-23ED-41D5-B146-EDBF83C63B66}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata XML Interface Library --> C:\Program Files\InstallShield Installation Information\{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -l0x40c -removeonly
VAIO Cozy Orange Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}\setup.exe" -l0x9 -removeonly
VAIO Entertainment Platform --> C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Event Service --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x40c -removeonly
VAIO Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -l0x40c -removeonly
VAIO Media 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media AC3 Decoder 1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x40c UNINSTALL
VAIO Media Content Collection 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460A-BAFD-895AAE48C532}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Integrated Server 6.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Redistribution 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Movie Story --> C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Movie Story Template Data --> C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO MusicBox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -l0x40c -removeonly
VAIO MusicBox Sample Music --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -l0x40c -removeonly
VAIO Original Function Setting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -l0x40c -removeonly
VAIO Original Screen Saver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}\Setup.exe" -l0x40c
VAIO Power Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -l0x40c -removeonly
VAIO Tender Green Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934A3213-1CB6-4264-84A2-EE080C017BCA}\setup.exe" -l0x9 -removeonly
VAIO Update 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x40c -removeonly
VAIO Xblack Contents -->
WIDCOMM Bluetooth Software 6.1.0.1205 --> MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Windows Live Favorites pour Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Writer --> MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
WinDVD for VAIO --> C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
Wireless Switch Setting Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x40c -removeonly
ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type15995 / Error
Event Submitted/Written: 05/25/2008 03:28:26 PM
Event ID/Source: 7 / VzCdbSvc
Event Description:
Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019)

Event Record #/Type15994 / Success
Event Submitted/Written: 05/25/2008 03:28:25 PM
Event ID/Source: 5617 / WinMgmt
Event Description:

Event Record #/Type15992 / Success
Event Submitted/Written: 05/25/2008 03:28:24 PM
Event ID/Source: 5615 / WinMgmt
Event Description:

Event Record #/Type15987 / Success
Event Submitted/Written: 05/25/2008 03:28:21 PM
Event ID/Source: 2570 / Adobe Active File Monitor 5.0
Event Description:
Le service Adobe Active File Monitor a démarré.

Event Record #/Type15983 / Success
Event Submitted/Written: 05/25/2008 03:28:10 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Le service de gestion des licences du logiciel a démarré.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

No Errors/Warnings found.

-- End of Deckard's System Scanner: finished at 2008-05-25 15:34:51 ------------

et la partie MAIN je sais pas la quelle est la premiere et la quelle est la deuxieme =(

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Édition Familiale Premium (build 6001) SP 1.0
Architecture: X86; Language: French

CPU 0: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Percentage of Memory in Use: 37%
Physical Memory (total/avail): 2045.7 MiB / 1275.19 MiB
Pagefile Memory (total/avail): 4332.67 MiB / 3404.99 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1867.97 MiB

C: is Fixed (NTFS) - 140.13 GiB total, 35.03 GiB free.
D: is Removable (No Media)
E: is Removable (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE1 - MemoryStick0 Device

\\.\PHYSICALDRIVE2 - SD1 Device

\\.\PHYSICALDRIVE0 - Hitachi HTS541616J9SA00 - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 8.92 GiB
\PARTITION1 (bootable) - Système de fichiers installable - 140.13 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: ZoneAlarm Pro Firewall v7.1.254.000 (Check Point, LTD.) [COLOR=RED]Disabled/COLOR
FW: Outpost Firewall Pro v6.0 (Agnitum) [COLOR=RED]Disabled/COLOR
AV: VirusKeeper 2008 Pro antivirus v8.5 (AxBx)
AV: Avira AntiVir PersonalEdition v 7.0.0.2
(Avira GmbH) [COLOR=RED]Outdated/COLOR
AV: avast! antivirus 4.8.1169 [VPS 080525-0] v4.8.1169 (ALWIL Software)
AS: VirusKeeper 2008 Pro antispyware v8.5 (AxBx)
AS: Avira AntiVir PersonalEdition v 7.0.0.2
(Avira GmbH) [COLOR=RED]Outdated/COLOR
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Outpost Firewall Pro vASWDB6, VB4.3, VDB9 (Agnitum) [COLOR=RED]Disabled/COLOR
AS: avast! antivirus 4.8.1169 [VPS 080525-0] v4.8.1169 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\laurence\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC-DE-LAURENCE
ComSpec=C:\Windows\system32\cmd.exe
configsetroot=C:\Windows\ConfigSetRoot
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\laurence
LOCALAPPDATA=C:\Users\laurence\AppData\Local
LOGONSERVER=\\PC-DE-LAURENCE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\laurence\AppData\Local\Temp
TMP=C:\Users\laurence\AppData\Local\Temp
tvdumpflags=8
USERDOMAIN=PC-de-laurence
USERNAME=laurence
USERPROFILE=C:\Users\laurence
windir=C:\Windows

-- User Profiles ---------------------------------------------------------------

laurence

-- Add/Remove Programs ---------------------------------------------------------

-->
-->
-->
-->
-->
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\Program Files\InstallShield Installation Information\{AFBA0609-EB70-43CB-B11C-294EDADFA101}\setup.exe -runfromtemp -l0x040c -removeonly
--> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
--> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
--> MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
--> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
--> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
--> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
--> MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
--> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
7-Zip 4.57 --> "C:\Users\laurence\Desktop\Nouveau dossier\7-Zip\Uninstall.exe"
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Active WebCam --> "C:\Program Files\Active WebCam\PY_UNINSTAL.EXE" SOFTWARE\PySoft\Act_WebCam
ActiveX Graphic & Chart Components --> MsiExec.exe /I{09F9FC56-D303-4099-94F0-D25B84112C4B}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.1 --> MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop Elements 5.0 --> msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 8.1.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Agnitum Outpost Firewall Pro --> "C:\Program Files\Agnitum\Outpost Firewall Pro\unins000.exe"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AppMon Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09A84598-E18A-4E7B-A49A-E19BB8D5C648}\setup.exe" -l0x40c -removeonly
ArcSoft Magic-i Visual Effects --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56345504-DE57-4528-A18B-A567D1E52928}\Setup.exe" -l0x40c
ArcSoft Magic-i Visual Effects Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}\Setup.exe" -l0x40c
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
AtomixMP3 v2.3 Trial --> C:\PROGRA~1\ATOMIX~1\UNWISE.EXE C:\PROGRA~1\ATOMIX~1\INSTALL.LOG
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
Big City Adventure - San Francisco Deluxe --> C:\Program Files\Big City Adventure - San Francisco Deluxe\Uninstal.exe
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CamStudio 2.0 Fr --> "C:\Program Files\CamStudio\unins000.exe"
Click to DVD 2.0.05 Menu Data --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x40c -removeonly
Click to DVD 2.6.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x40c -removeonly
Crawler Toolbar with Web Security Guard --> C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe uninst
DesktopEarth --> MsiExec.exe /I{D87176E9-ECD0-48C6-8E8B-B0054781DFB4}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DJ Mix Lite --> C:\Program Files\DJ Mix Lite\uninstall.exe
DSD Direct --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x40c -removeonly
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Favorit --> c:\users\laurence\appdata\local\aafic.bat
Favorit --> c:\users\laurence\appdata\local\xbmwadm.bat
FlashGet 1.9.0.1012 --> C:\Program Files\FlashGet\uninst.exe
Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GamesBar 1.1.0.5 --> C:\Program Files\GamesBar\uninst.exe
GearDrvs --> MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Half-Life --> C:\Sierra\HALF-L~1\UNWISE.EXE C:\Sierra\HALF-L~1\INSTALL.LOG
HDAUDIO SoftV92 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf
IDT Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}\setup.exe" -l0x40c -remove -removeonly
Intel(R) Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe
IsoBuster 2.2 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
L'Ile Noyée --> "C:\Program Files\Micro Application\L'Ile Noyée\unins000.exe"
Lecteur CANALPLAY 2.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E9E37358-E3E1-47BA-9E21-375EF3616BC9}\setup.exe" -l0x40c -removeonly
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live & Sponsor (CiD) --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Couleur --> MsiExec.exe /I{21D6DDEC-88CC-43AF-BD8C-44ED5F25D5D3}
MSNServersX --> "C:\Program Files\MSNServersX\unins000.exe"
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NeoTrace Express 3.25 --> C:\PROGRA~1\NEOTRA~1\UNWISE.EXE C:\PROGRA~1\NEOTRA~1\INSTALL.LOG
Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenMG Limited Patch 4.7-07-15-19-01 --> C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
OpenOffice.org 2.4 --> MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
Outil de restauration de données VAIO --> C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x040c -removeonly
Outil VAIO Media Registration 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x40c UNINSTALL -removeonly
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Player Metaboli --> "C:\Program Files\Player Metaboli\Uninstall.exe"
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
Reverse & Upper 1.0 --> "C:\Program Files\Reverse & Upper\unins000.exe"
Roxio Easy Media Creator Home --> MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
SC Net Speed Booster 4.5.0.2 --> "C:\Program Files\SoftwareClub.ws\SC Net Speed Booster\unins000.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Setting Utility Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -l0x40c -removeonly
Skype 3.2 --> "C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
SonicStage Mastering Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Audio Filter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Audio Filter Custom Preset --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Plugins --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}\setup.exe" -l0x40c -removeonly
Sony Video Shared Library --> C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x040c -removeonly
Spyware Terminator --> "C:\Program Files\Spyware Terminator\unins000.exe"
Steam Platform 1.1.2.5 i6 --> deltree "c:\Valve"
Surligneur (Windows Live Toolbar) --> MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ubi.com --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x40c UNINSTALL-L0x40c -uninst
VAIO Aqua Breeze Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97BCD719-6ECB-458F-97D6-F38D2E07375E}\setup.exe" -l0x9 -removeonly
VAIO Azure Float Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0312BD0D-A1FE-4E1A-9208-D436F566D867}\setup.exe" -l0x9 -removeonly
VAIO Camera Capture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -l0x40c -removeonly
VAIO Content Folder Setting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -l0x40c -removeonly
VAIO Content Importer / VAIO Content Exporter --> C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Intelligent Analyzing Manager --> C:\Program Files\InstallShield Installation Information\{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Manager Setting --> C:\Program Files\InstallShield Installation Information\{69351E9E-23ED-41D5-B146-EDBF83C63B66}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata XML Interface Library --> C:\Program Files\InstallShield Installation Information\{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -l0x40c -removeonly
VAIO Cozy Orange Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}\setup.exe" -l0x9 -removeonly
VAIO Entertainment Platform --> C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Event Service --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x40c -removeonly
VAIO Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -l0x40c -removeonly
VAIO Media 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media AC3 Decoder 1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x40c UNINSTALL
VAIO Media Content Collection 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460A-BAFD-895AAE48C532}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Integrated Server 6.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Redistribution 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Movie Story --> C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Movie Story Template Data --> C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO MusicBox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -l0x40c -removeonly
VAIO MusicBox Sample Music --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -l0x40c -removeonly
VAIO Original Function Setting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -l0x40c -removeonly
VAIO Original Screen Saver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}\Setup.exe" -l0x40c
VAIO Power Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -l0x40c -removeonly
VAIO Tender Green Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934A3213-1CB6-4264-84A2-EE080C017BCA}\setup.exe" -l0x9 -removeonly
VAIO Update 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x40c -removeonly
VAIO Xblack Contents -->
WIDCOMM Bluetooth Software 6.1.0.1205 --> MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Windows Live Favorites pour Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar --> MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Writer --> MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
WinDVD for VAIO --> C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
Wireless Switch Setting Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x40c -removeonly
ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type15995 / Error
Event Submitted/Written: 05/25/2008 03:28:26 PM
Event ID/Source: 7 / VzCdbSvc
Event Description:
Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019)

Event Record #/Type15994 / Success
Event Submitted/Written: 05/25/2008 03:28:25 PM
Event ID/Source: 5617 / WinMgmt
Event Description:

Event Record #/Type15992 / Success
Event Submitted/Written: 05/25/2008 03:28:24 PM
Event ID/Source: 5615 / WinMgmt
Event Description:

Event Record #/Type15987 / Success
Event Submitted/Written: 05/25/2008 03:28:21 PM
Event ID/Source: 2570 / Adobe Active File Monitor 5.0
Event Description:
Le service Adobe Active File Monitor a démarré.

Event Record #/Type15983 / Success
Event Submitted/Written: 05/25/2008 03:28:10 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Le service de gestion des licences du logiciel a démarré.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

No Errors/Warnings found.

-- End of Deckard's System Scanner: finished at 2008-05-25 15:34:51 ------------

voila ;)
ps: c'etait pas si lent que sa lol =)
a moin que il y a quelque chose que je n'ai pas fait normalement en 5 minutes c'etait fini =)

Réponse 11 / 16

Over-lOoukiNGg

desoler je me suis tromper je te fait parvenir tout ( main et extra )

main:

Deckard's System Scanner v20071014.68
Run by laurence on 2008-05-25 15:32:20
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
11: 2008-05-24 21:45:04 UTC - RP231 - ComboFix created restore point
10: 2008-05-24 21:22:32 UTC - RP230 - ComboFix created restore point
9: 2008-05-24 21:15:43 UTC - RP229 - Spyware Terminator - restore point
8: 2008-05-24 21:08:57 UTC - RP227 - Spyware Terminator - restore point
7: 2008-05-24 17:26:08 UTC - RP225 - ComboFix created restore point

-- First Restore Point --
1: 2008-05-21 22:46:10 UTC - RP236 - Installed Java(TM) 6 Update 6

Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-25 15:33:34
Platform: Windows Vista Service Pack 1 (6.00.6001)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\System32\taskeng.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\DesktopEarth\DesktopEarth.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
C:\Windows\System32\conime.exe
C:\Users\laurence\Desktop\dss.exe
C:\Windows\System32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/?tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {E738884B-E75D-4AC3-B03F-62F7E7DD853E} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Startup: DesktopEarth AutoStart.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: Magic-i Visual Effects.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O15 - Trusted Zone: *.canalplay.com (HKCU)
O15 - Trusted Zone: *.canalplusactive.com (HKCU)
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\System32\PnkBstrA.exe
O23 - Service: L Ile Noyee Drivers Auto Removal (pr2ajbeb) (pr2ajbeb) - Micro Application - C:\Windows\System32\pr2ajbeb.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\stacsv.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\System32\drivers\XAudio.exe

Réponse 12 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

oui post l´autre partie

tu sais tu as vraiment "déconné" avec les protections il y en a dans tout les sens...

Réponse 13 / 16

Over-lOoukiNGg

j'ai deja poster les deux partie mais je les reposte tien

main:

Deckard's System Scanner v20071014.68
Run by laurence on 2008-05-25 15:32:20
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
11: 2008-05-24 21:45:04 UTC - RP231 - ComboFix created restore point
10: 2008-05-24 21:22:32 UTC - RP230 - ComboFix created restore point
9: 2008-05-24 21:15:43 UTC - RP229 - Spyware Terminator - restore point
8: 2008-05-24 21:08:57 UTC - RP227 - Spyware Terminator - restore point
7: 2008-05-24 17:26:08 UTC - RP225 - ComboFix created restore point

-- First Restore Point --
1: 2008-05-21 22:46:10 UTC - RP236 - Installed Java(TM) 6 Update 6

Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-25 15:33:34
Platform: Windows Vista Service Pack 1 (6.00.6001)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\System32\taskeng.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\DesktopEarth\DesktopEarth.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
C:\Windows\System32\conime.exe
C:\Users\laurence\Desktop\dss.exe
C:\Windows\System32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/?tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {E738884B-E75D-4AC3-B03F-62F7E7DD853E} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Startup: DesktopEarth AutoStart.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: Magic-i Visual Effects.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O15 - Trusted Zone: *.canalplay.com (HKCU)
O15 - Trusted Zone: *.canalplusactive.com (HKCU)
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\System32\PnkBstrA.exe
O23 - Service: L Ile Noyee Drivers Auto Removal (pr2ajbeb) (pr2ajbeb) - Micro Application - C:\Windows\System32\pr2ajbeb.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\stacsv.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\System32\drivers\XAudio.exe

Réponse 14 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

passe ceci

Ccleaner:

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner

-> L´installer.

-> Une fois installé et lancé :

Dans la colonne de gauche, click sur :

->"registre" :

Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

->"nettoyeur"

quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

-> Tutoriel en image :

https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :

http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

et

telecharge et instal regcleaner:

http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html

tutorial :

https://forums.cnetfrance.fr

http://www.softastuces.com/tuto/maint/regcleaner/

@+

Réponse 15 / 16

Over-lOoukiNGg

salut g!rly

donc voila j'ai fait tout se qu'il y avait a faire avec Ccleaner, mais il y a toujours les memes probleme " mozzilla firefox ne repond pas" et sa avec tout les programmes quand un prgramme ne repond plus tout les programmes beug =(

alors qu'est ce que je doit faire maintenant ?

merci

Réponse 16 / 16

g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention 406

salut,

fais du menage dans tes programmes

tu as tout ca :

FW: ZoneAlarm Pro Firewall v7.1.254.000 (Check Point, LTD.) [COLOR=RED]Disabled
FW: Outpost Firewall Pro v6.0 (Agnitum) [COLOR=RED]Disabled
AV: VirusKeeper 2008 Pro antivirus v8.5 (AxBx) celui ci on l´a supprimé
AV: Avira AntiVir PersonalEdition v 7.0.0.2
(Avira GmbH) [COLOR=RED]Outdated
AV: avast! antivirus 4.8.1169 [VPS 080525-0] v4.8.1169 (ALWIL Software)
AS: VirusKeeper 2008 Pro antispyware v8.5 (AxBx)
AS: Avira AntiVir PersonalEdition v 7.0.0.2
(Avira GmbH) [COLOR=RED]Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Outpost Firewall Pro vASWDB6, VB4.3, VDB9 (Agnitum) [COLOR=RED]Disabled
AS: avast! antivirus 4.8.1169 [VPS 080525-0] v4.8.1169 (ALWIL Software)

tu veux garder que avast, et zone alarm, le reste tu supprime

@+

Discussions similaires

Softonic,est-ce un virus ?

message de postmaster incessant !

Désinstaller Softonic

Message Apple virus !!

4 virus en raison d’un porno ????

Votre réponse

Discussions similaires