virus embarqué en nav internet

lauz · le 04 Oct 2010 13:03

Bonjour, Moi aussi j'ai embarqué le virus lié à l'antivirus IS. il me bloque Msconfig, Mwab, internet...quelle m...
Avez-vous une idée de la manière dont je vais pouvoir me débarrasser de cette arnaque ? merci xx

jeanmimigab · le 04 Oct 2010 16:36

Salut et bienvenu sur PCinfopratique :wink:

Tu te sert d'un autre pc pour te connecter au forum ?

SI oui, est ce que tu as une clef USB sous la main ?

lauz · le 04 Oct 2010 18:52

bonsoir, oui en effet j'ai une clé. j'y ai mis Mwb mais impossible de demmarer celui-ci. J'ai fais un scan Mwb en sans echec, il n'a rien trouvé... je suis au plus mal !!

jeanmimigab · le 04 Oct 2010 19:09

re,

je suppose que mwb est malwarebytes ?

Par précaution on va vacciner ton pc sain et ta clef USB pour éviter tout risque de transfert d'infections d'un pc à l'autre.

Sur le pc sain fais cela....

Télécharge USBFix sur ton bureau.
Branche ta clef USB, lance USBFix et fais le choix N°3 (Vacciner), cliques sur "OK" autant de fois que nécessaire.
Fermes USBFix

On va tenter quelques chose, tu télécharge sur ta clef USB ces deux tools et tu les transfères sur le pc infecté au moyen de ta clef USB

Le premier:
RogueKiller (par tigzy)
Le deuxième:
>> OTL <<(d'OldTimer).

Une fois ces deux tools transférés sur le bureau du PC infecté...

Lance RogueKiller et sauvegarde le rapport qui s'ouvre sur ton bureau
>>>>> Immédiatement après...passe à la suite

Fais un double-clic sur l'icône d'OTL pour le lancer
Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.
Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".
Cliques sur l'icône "Analyse" (en haut à gauche) .
Laisse le scan aller à son terme sans te servir du PC
A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
Copie et colle le ou les rapports dans ta réponse stp...ainsi que le rapport de RogueKiller
Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Si cela ne va pas, ne te fais pas de bile et expliques moi si tu rencontre des difficultés :wink:

@++

lauz · le 04 Oct 2010 20:22

Merci pour le cp de main.

voici le rapport
Dans OTL je fais la correction ?

Code: Tout sélectionner: OTL Extras logfile created on: 04/10/2010 21:09:21 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = H:\ Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 014,00 Mb Total Physical Memory | 547,00 Mb Available Physical Memory | 54,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): D:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 46,57 Gb Total Space | 15,82 Gb Free Space | 33,98% Space Free | Partition Type: NTFS Drive D: | 38,67 Gb Total Space | 26,49 Gb Free Space | 68,49% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 1,92 Gb Total Space | 1,92 Gb Free Space | 99,96% Space Free | Partition Type: FAT I: Drive not present or media not loaded Computer Name: NOM-DD1C58CE1B2 Current User Name: Laurent Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP "427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP "427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation) "F:\setup\hpznui01.exe" = F:\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe" = C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server -- () "C:\Documents and Settings\Laurent\Local Settings\Temp\7zS7.tmp\SymNRT.exe" = C:\Documents and Settings\Laurent\Local Settings\Temp\7zS7.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation) "F:\setup\hpznui01.exe" = F:\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- File not found "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\Metaversum\Twinity\bin\Twinity.exe" = C:\Program Files\Metaversum\Twinity\bin\Twinity.exe:*:Enabled:Twinity -- (Metaversum) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0003040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business "{0004040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 CD-ROM 2 "{00F8608F-BA6A-4B32-843A-1A568ACD1198}" = VAIO Sea Wallpaper "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library "{04605217-DD32-4090-9D9A-E5345222B9E1}" = "{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0 "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00 "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}" = VAIO Information FLOW "{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter "{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01 "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant "{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2 "{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1 "{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500 "{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0 "{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0 "{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series "{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility "{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter "{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR "{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0 "{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0 "{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management "{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.0 "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio "{ABBD2A2E-2424-4078-966F-F319A88D5F21}" = VAIO Starfish Wallpaper "{AC76BA86-7AD7-1036-7B44-A70000000000}" = Adobe Reader 7.0 - Français "{AC76BA86-7AD7-1036-7B44-A70500000002}" = Adobe Reader 7.0.5 - Français "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = Outil VAIO Media Registration 5.0 "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy "{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite "{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E5E6E687-1036-0000-0000-000000000002}" = Adobe Acrobat 7.0 Elements - Français "{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.5.30 "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0 "{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents "{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN "7-Zip" = 7-Zip 9.08 alpha "Adobe Acrobat 7.0 Elements - Français" = Adobe Acrobat 7.0 Elements - Français "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0 "CCleaner" = CCleaner "CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_104D1700" = Soft Data Fax Modem with SmartCP "Defraggler" = Defraggler "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "ie8" = Windows Internet Explorer 8 "InstallShield_{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00 "InstallShield_{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01 "InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = Inscription en ligne VAIO (Français) "InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = Enquête sur les produits VAIO "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MouseSuite98" = Sony USB Mouse "My Club VAIO Media Center Edition_is1" = My Club VAIO MCE (French) 1.0.1 "NVIDIA Drivers" = NVIDIA Drivers "OpenMG HotFix4.5-06-05-10-01" = OpenMG Limited Patch 4.5-06-05-12-01 "Picasa2" = Picasa 2 "ProInst" = Logiciel Intel(R) PROSet/Wireless "RealPlayer 12.0" = RealPlayer "Shop for HP Supplies" = Shop for HP Supplies "Twinity" = Twinity (remove only) "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 21/06/2010 06:07:13 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs 01889186. Error - 21/06/2010 06:07:16 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée OUTLOOK.EXE, version 9.0.0.2416, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 21/06/2010 06:07:24 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée OUTLOOK.EXE, version 9.0.0.2416, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 21/06/2010 06:07:46 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée OUTLOOK.EXE, version 9.0.0.2416, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 21/06/2010 10:10:23 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée AcroRd32.exe, version 7.0.5.172, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 22/06/2010 12:36:07 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée OUTLOOK.EXE, version 9.0.0.2416, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 22/06/2010 12:52:11 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée OUTLOOK.EXE, version 9.0.0.2416, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 22/06/2010 12:52:18 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée OUTLOOK.EXE, version 9.0.0.2416, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 22/06/2010 12:52:27 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée OUTLOOK.EXE, version 9.0.0.2416, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 12/07/2010 07:03:45 | Computer Name = NOM-DD1C58CE1B2 | Source = Application Hang | ID = 1002 Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. [ System Events ] Error - 04/10/2010 10:17:32 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 04/10/2010 11:33:43 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 04/10/2010 11:58:55 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 04/10/2010 11:59:37 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 04/10/2010 12:33:26 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1068" lors de la mise en route du service VzCdbSvc avec les arguments "" pour démarrer le serveur : {14918656-7B3C-4528-933B-47CB4EDEE8CA} Error - 04/10/2010 12:50:31 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1068" lors de la mise en route du service VzCdbSvc avec les arguments "" pour démarrer le serveur : {14918656-7B3C-4528-933B-47CB4EDEE8CA} Error - 04/10/2010 13:08:48 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1068" lors de la mise en route du service VzCdbSvc avec les arguments "" pour démarrer le serveur : {14918656-7B3C-4528-933B-47CB4EDEE8CA} Error - 04/10/2010 13:41:32 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 04/10/2010 13:43:06 | Computer Name = NOM-DD1C58CE1B2 | Source = sr | ID = 1 Description = Le filtre de restauration du système à rencontré l'erreur inattendue '0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume2'. Ceci a entraîné l'arrêt de la surveillance du volume. Error - 04/10/2010 13:45:41 | Computer Name = NOM-DD1C58CE1B2 | Source = DCOM | ID = 10010 Description = Le serveur {641B9FB0-C2B1-41BD-8563-5F484E3BE84A} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. < End of report >

Code: Tout sélectionner: OTL logfile created on: 04/10/2010 21:09:21 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = H:\ Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 014,00 Mb Total Physical Memory | 547,00 Mb Available Physical Memory | 54,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): D:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 46,57 Gb Total Space | 15,82 Gb Free Space | 33,98% Space Free | Partition Type: NTFS Drive D: | 38,67 Gb Total Space | 26,49 Gb Free Space | 68,49% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 1,92 Gb Total Space | 1,92 Gb Free Space | 99,96% Space Free | Partition Type: FAT I: Drive not present or media not loaded Computer Name: NOM-DD1C58CE1B2 Current User Name: Laurent Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - H:\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\SonicStage\SSAAD.exe () PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation) PRC - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\system32\gearsec.exe (GEAR Software) PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - H:\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (SSScsiSV) -- C:\Program Files\Fichiers communs\Sony Shared\Avlib\SSScsiSV.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (Vcsw) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VzFw) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (GEARSecurity) -- C:\WINDOWS\system32\gearsec.exe (GEAR Software) SRV - (AdobeActiveFileMonitor4.0) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation) SRV - (VCI) -- C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (NETw3x32) Pilote de carte réseau Intel(R) -- C:\WINDOWS\system32\drivers\NETw3x32.sys (Intel® Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell) DRV - (Tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION) DRV - (Tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation) DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\WINDOWS\system32\drivers\tosrfsnd.sys (TOSHIBA Corporation) DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) DRV - (ti21sony) -- C:\WINDOWS\system32\drivers\ti21sony.sys (Texas Instruments) DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation) DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\tosrfhid.sys (TOSHIBA Corporation.) DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation) DRV - (toshidpt) -- C:\WINDOWS\system32\drivers\toshidpt.sys (TOSHIBA Corporation.) DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation) DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:27811 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/28 17:23:01 | 000,000,000 | ---D | M] O1 HOSTS File: ([2004/08/10 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Traduire à partir de l'anglais - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html () O8 - Extra context menu item: Pages liées - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Pages similaires - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Recherche &Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.) O9 - Extra Button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Intranet local) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Sites de confiance) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Intranet local) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Sites de confiance) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Intranet local) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Sites de confiance) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Intranet local) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Sites de confiance) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Intranet local) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Sites de confiance) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Intranet local) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Sites de confiance) O15 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..Trusted Domains: sony-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..Trusted Domains: vaio-link.com ([]* in Trusted sites) O16 - DPF: {0533AC04-11E3-48CA-A167-40D782C6BD1C} http://193.108.197.85/advitium/ActiveX/FileTransfer2.cab (FileTransferControl2 Class) O16 - DPF: {493EBD8D-8D67-4A2D-8CF9-B8FC992DCFF6} http://193.108.197.85/advitium/ActiveX/ProcessViewer.cab (ProcessViewer Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274539090171 (WUWebControl Class) O16 - DPF: {6A5C26E3-5A0C-436D-B417-CB4735EC63A6} http://193.108.197.85/advitium/ActiveX/RemoteServerControl.cab (FilePreparationControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1274539347578 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\VAIO Sea Wallpaper TrueColor 1280x800.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO C Wallpaper White TrueColor 1280x800.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/04 13:09:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2007/10/14 18:12:37 | 000,000,086 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ] O32 - AutoRun File - [2010/10/04 21:06:20 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT ] O33 - MountPoints2\{9f855ec2-9eda-11df-8b60-0018dead334d}\Shell - "" = AutoRun O33 - MountPoints2\{9f855ec2-9eda-11df-8b60-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found O33 - MountPoints2\{9f855ec3-9eda-11df-8b60-0018dead334d}\Shell - "" = AutoRun O33 - MountPoints2\{9f855ec3-9eda-11df-8b60-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found O33 - MountPoints2\{fdddad0a-a135-11df-8b63-0018dead334d}\Shell - "" = AutoRun O33 - MountPoints2\{fdddad0a-a135-11df-8b63-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found O33 - MountPoints2\{fdddad0b-a135-11df-8b63-0018dead334d}\Shell - "" = AutoRun O33 - MountPoints2\{fdddad0b-a135-11df-8b63-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2004/08/04 00:55:02 | 000,028,672 | ---- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/10/04 13:40:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010/10/04 13:29:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Application Data\Malwarebytes [2010/10/04 13:29:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/10/04 13:29:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/10/04 13:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/10/04 13:29:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/10/04 13:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\temp [2010/10/04 13:01:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ClamWin Portable [2010/10/03 10:09:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010/10/03 10:09:56 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010/09/27 17:53:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Laurent\Recent [2010/09/15 10:16:07 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010/09/15 10:15:58 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010/09/15 10:15:58 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010/09/15 10:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\xing shared [2010/09/15 10:15:19 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010/09/15 10:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2010/09/15 10:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Real [2010/09/15 10:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real [2010/09/15 10:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Application Data\Real [2010/09/15 10:13:41 | 027,190,768 | ---- | C] (RealNetworks, Inc.) -- C:\Documents and Settings\Laurent\Bureau\RealPlayerSPGold_fr.exe [2010/09/10 11:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Bureau\Valentin [2010/09/08 10:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Application Data\Metaversum [2010/09/08 10:27:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2010/09/08 10:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2010/09/08 10:21:41 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2010/09/08 10:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Metaversum [2 C:\Documents and Settings\Laurent\Bureau\*.tmp files -> C:\Documents and Settings\Laurent\Bureau\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/10/04 20:32:01 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/04 19:43:05 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/04 19:43:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/10/04 19:43:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/10/04 19:42:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/10/04 19:41:34 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Laurent\NTUSER.DAT [2010/10/04 19:41:34 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Laurent\ntuser.ini [2010/10/04 15:43:49 | 004,844,822 | -H-- | M] () -- C:\Documents and Settings\Laurent\Local Settings\Application Data\IconCache.db [2010/10/04 13:29:11 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\l.lnk [2010/10/04 12:44:09 | 000,716,288 | ---- | M] () -- C:\Documents and Settings\Laurent\Local Settings\Application Data\syssvc.exe [2010/10/04 12:30:33 | 002,335,270 | ---- | M] () -- C:\WINDOWS\System32\76d167.mht [2010/10/04 12:30:04 | 002,335,270 | ---- | M] () -- C:\WINDOWS\System32\07b166.mht [2010/10/04 10:42:47 | 001,038,848 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\ACCREDITATIONS SIAL 2010.doc [2010/09/29 10:20:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/09/25 14:35:48 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk [2010/09/24 08:32:55 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk [2010/09/17 16:52:29 | 000,019,527 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\Impression de la page entière.pdf [2010/09/15 14:50:30 | 000,026,641 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\wanna juice.pdf [2010/09/15 10:16:07 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010/09/15 10:15:58 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010/09/15 10:15:58 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010/09/15 10:15:19 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010/09/15 10:13:55 | 027,190,768 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Laurent\Bureau\RealPlayerSPGold_fr.exe [2010/09/15 10:06:07 | 000,000,078 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\play_aod.php [2010/09/13 10:07:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/09/08 10:27:13 | 000,000,861 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\Twinity.lnk [2010/09/08 10:18:55 | 000,533,904 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\TwinitySetup.exe [2 C:\Documents and Settings\Laurent\Bureau\*.tmp files -> C:\Documents and Settings\Laurent\Bureau\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/10/04 13:29:11 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\l.lnk [2010/10/04 12:44:08 | 000,716,288 | ---- | C] () -- C:\Documents and Settings\Laurent\Local Settings\Application Data\syssvc.exe [2010/10/04 12:30:33 | 002,335,270 | ---- | C] () -- C:\WINDOWS\System32\76d167.mht [2010/10/04 12:30:04 | 002,335,270 | ---- | C] () -- C:\WINDOWS\System32\07b166.mht [2010/10/04 10:42:46 | 001,038,848 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\ACCREDITATIONS SIAL 2010.doc [2010/09/25 14:35:48 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk [2010/09/17 16:52:29 | 000,019,527 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\Impression de la page entière.pdf [2010/09/15 14:50:30 | 000,026,641 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\wanna juice.pdf [2010/09/15 10:16:20 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/09/15 10:16:18 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/09/15 10:06:05 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\play_aod.php [2010/09/08 10:27:13 | 000,000,861 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\Twinity.lnk [2010/09/08 10:18:50 | 000,533,904 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\TwinitySetup.exe [2010/05/28 17:02:59 | 000,001,190 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2010/05/22 15:32:23 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/05/22 15:26:29 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll [2010/05/22 15:25:07 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll [2010/05/22 15:23:31 | 000,000,058 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010/05/22 15:18:09 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Laurent\Local Settings\Application Data\fusioncache.dat [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2006/09/05 10:53:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/09/04 18:12:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006/09/04 18:12:05 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006/09/04 18:12:05 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006/09/04 18:12:05 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006/09/04 18:12:05 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006/09/04 18:12:05 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006/09/04 18:05:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI [2006/09/04 14:59:28 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL [2006/09/04 14:43:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006/09/04 05:53:13 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006/09/04 05:53:00 | 000,004,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006/07/05 03:07:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/08/05 15:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010/05/25 13:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT [2010/06/03 16:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurent\Application Data\Leadertech [2010/09/08 10:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurent\Application Data\Metaversum [2010/08/18 19:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\sony [color=#E56717]========== Purity Check ==========[/color] ------------ RogueKiller V1.1.0 by Tigzy --------------- ------------ contact at www.sur-la-toile.com --------------- ------------- mail: tigzy44<at>hotmail<dot>com ------------- Remontées: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html Bad processes: Deregistred: Finished < End of report >

jeanmimigab · le 04 Oct 2010 20:41

je regarde tes rapports, ne fais rien sans que je ne te le dise avec les outils que l'on utilise !!!

lauz · le 04 Oct 2010 20:43

jeanmimigab · le 04 Oct 2010 21:07

hello,

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files
C:\Documents and Settings\All Users\Bureau\l.lnk
C:\Documents and Settings\Laurent\Local Settings\Application Data\syssvc.exe
C:\WINDOWS\System32\76d167.mht
C:\WINDOWS\System32\07b166.mht

:OTL
IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:27811
O33 - MountPoints2\{9f855ec2-9eda-11df-8b60-0018dead334d}\Shell - "" = AutoRun
O33 - MountPoints2\{9f855ec2-9eda-11df-8b60-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{9f855ec3-9eda-11df-8b60-0018dead334d}\Shell - "" = AutoRun
O33 - MountPoints2\{9f855ec3-9eda-11df-8b60-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{fdddad0a-a135-11df-8b63-0018dead334d}\Shell - "" = AutoRun
O33 - MountPoints2\{fdddad0a-a135-11df-8b63-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\{fdddad0b-a135-11df-8b63-0018dead334d}\Shell - "" = AutoRun
O33 - MountPoints2\{fdddad0b-a135-11df-8b63-0018dead334d}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe -- File not found
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2004/08/04 00:55:02 | 000,028,672 | ---- | M] (Microsoft Corporation)
[2 C:\Documents and Settings\Laurent\Bureau\*.tmp files -> C:\Documents and Settings\Laurent\Bureau\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:Commands
[emptytemp]
[EMPTYFLASH]
[PURITY]
[RESETHOSTS]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir "OTL.Txt"
* Copie et colle le rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

lauz · le 04 Oct 2010 21:24

Effectué selon tes conseils. Je n'arrive pas à récuperer le rapport que j'ai ouvert une fois en cq sur l'icone OTL, qui disait qqch comme ttes tâches effectuées. Veux-tu que je refasse la correction ?
Pour l'antivir ... il est des comportements bizarres que la raison ignore...j'étais sans antivirus depuis 1 semaine... je pose un avast en attendant mieux. Dois-je faire autre chose ( mwb,...) ?

lauz · le 04 Oct 2010 21:33

Tout marche à priori. xxxx merci pour ton temps et la facilité/concision de ta prose.

jeanmimigab · le 04 Oct 2010 21:37

t'inquiète pas, tu te débrouilles bien :wink:

* Fait un double-clic sur l'icône d'OTL pour le lancer
* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.
* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".
* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

type C:\Documents and Settings\Laurent\Bureau\OTL.txt /c

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport OTL;txt va s'ouvrir, poste son contenu
NOTE: cette fois ci tu n'auras pas de rapport "extrat.txt"

@++ :wink:

lauz · le 04 Oct 2010 21:48

Voici le résultat du scan otl :

Code: Tout sélectionner: OTL logfile created on: 04/10/2010 22:44:28 - Run 2 OTL by OldTimer - Version 3.2.14.1 Folder = H:\ Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 014,00 Mb Total Physical Memory | 566,00 Mb Available Physical Memory | 56,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): D:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 46,57 Gb Total Space | 16,23 Gb Free Space | 34,85% Space Free | Partition Type: NTFS Drive D: | 38,67 Gb Total Space | 26,45 Gb Free Space | 68,39% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 1,92 Gb Total Space | 1,92 Gb Free Space | 99,66% Space Free | Partition Type: FAT I: Drive not present or media not loaded Computer Name: NOM-DD1C58CE1B2 Current User Name: Laurent Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - H:\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\SonicStage\SSAAD.exe () PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation) PRC - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\system32\gearsec.exe (GEAR Software) PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - H:\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (SSScsiSV) -- C:\Program Files\Fichiers communs\Sony Shared\Avlib\SSScsiSV.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (Vcsw) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VzFw) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (GEARSecurity) -- C:\WINDOWS\system32\gearsec.exe (GEAR Software) SRV - (AdobeActiveFileMonitor4.0) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation) SRV - (VCI) -- C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (NETw3x32) Pilote de carte réseau Intel(R) -- C:\WINDOWS\system32\drivers\NETw3x32.sys (Intel® Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell) DRV - (Tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION) DRV - (Tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation) DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\WINDOWS\system32\drivers\tosrfsnd.sys (TOSHIBA Corporation) DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) DRV - (ti21sony) -- C:\WINDOWS\system32\drivers\ti21sony.sys (Texas Instruments) DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation) DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\tosrfhid.sys (TOSHIBA Corporation.) DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation) DRV - (toshidpt) -- C:\WINDOWS\system32\drivers\toshidpt.sys (TOSHIBA Corporation.) DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation) DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/fr/ IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ IE - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/28 17:23:01 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010/10/04 22:16:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Traduire à partir de l'anglais - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html () O8 - Extra context menu item: Pages liées - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Pages similaires - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Recherche &Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.) O9 - Extra Button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Intranet local) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Sites de confiance) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Intranet local) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Sites de confiance) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Intranet local) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Sites de confiance) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Intranet local) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Sites de confiance) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Intranet local) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Sites de confiance) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Intranet local) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Sites de confiance) O15 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..Trusted Domains: sony-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2446773844-1747217617-3290457396-1006\..Trusted Domains: vaio-link.com ([]* in Trusted sites) O16 - DPF: {0533AC04-11E3-48CA-A167-40D782C6BD1C} http://193.108.197.85/advitium/ActiveX/FileTransfer2.cab (FileTransferControl2 Class) O16 - DPF: {493EBD8D-8D67-4A2D-8CF9-B8FC992DCFF6} http://193.108.197.85/advitium/ActiveX/ProcessViewer.cab (ProcessViewer Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274539090171 (WUWebControl Class) O16 - DPF: {6A5C26E3-5A0C-436D-B417-CB4735EC63A6} http://193.108.197.85/advitium/ActiveX/RemoteServerControl.cab (FilePreparationControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1274539347578 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\VAIO Sea Wallpaper TrueColor 1280x800.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO C Wallpaper White TrueColor 1280x800.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/04 13:09:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2007/10/14 18:12:37 | 000,000,086 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ] O32 - AutoRun File - [2010/10/04 21:06:20 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/10/04 13:40:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010/10/04 13:29:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Application Data\Malwarebytes [2010/10/04 13:29:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/10/04 13:29:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/10/04 13:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/10/04 13:29:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/10/04 13:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\temp [2010/10/04 13:01:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ClamWin Portable [2010/10/03 10:09:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010/10/03 10:09:56 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010/09/27 17:53:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Laurent\Recent [2010/09/15 10:16:07 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010/09/15 10:15:58 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010/09/15 10:15:58 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010/09/15 10:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\xing shared [2010/09/15 10:15:19 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010/09/15 10:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2010/09/15 10:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Real [2010/09/15 10:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real [2010/09/15 10:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Application Data\Real [2010/09/15 10:13:41 | 027,190,768 | ---- | C] (RealNetworks, Inc.) -- C:\Documents and Settings\Laurent\Bureau\RealPlayerSPGold_fr.exe [2010/09/10 11:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Bureau\Valentin [2010/09/08 10:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laurent\Application Data\Metaversum [2010/09/08 10:27:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2010/09/08 10:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2010/09/08 10:21:41 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2010/09/08 10:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\Metaversum [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/10/04 22:32:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/04 22:18:20 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/04 22:18:20 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/10/04 22:18:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/10/04 22:18:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/10/04 22:17:27 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\Laurent\NTUSER.DAT [2010/10/04 22:17:27 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Laurent\ntuser.ini [2010/10/04 22:16:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2010/10/04 15:43:49 | 004,844,822 | -H-- | M] () -- C:\Documents and Settings\Laurent\Local Settings\Application Data\IconCache.db [2010/10/04 10:42:47 | 001,038,848 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\ACCREDITATIONS SIAL 2010.doc [2010/09/29 10:20:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/09/25 14:35:48 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk [2010/09/24 08:32:55 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk [2010/09/17 16:52:29 | 000,019,527 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\Impression de la page entière.pdf [2010/09/15 14:50:30 | 000,026,641 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\wanna juice.pdf [2010/09/15 10:16:07 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010/09/15 10:15:58 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010/09/15 10:15:58 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010/09/15 10:15:19 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010/09/15 10:13:55 | 027,190,768 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Laurent\Bureau\RealPlayerSPGold_fr.exe [2010/09/15 10:06:07 | 000,000,078 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\play_aod.php [2010/09/13 10:07:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/09/08 10:27:13 | 000,000,861 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\Twinity.lnk [2010/09/08 10:18:55 | 000,533,904 | ---- | M] () -- C:\Documents and Settings\Laurent\Bureau\TwinitySetup.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/10/04 10:42:46 | 001,038,848 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\ACCREDITATIONS SIAL 2010.doc [2010/09/25 14:35:48 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk [2010/09/17 16:52:29 | 000,019,527 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\Impression de la page entière.pdf [2010/09/15 14:50:30 | 000,026,641 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\wanna juice.pdf [2010/09/15 10:16:20 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/09/15 10:16:18 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2446773844-1747217617-3290457396-1006.job [2010/09/15 10:06:05 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\play_aod.php [2010/09/08 10:27:13 | 000,000,861 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\Twinity.lnk [2010/09/08 10:18:50 | 000,533,904 | ---- | C] () -- C:\Documents and Settings\Laurent\Bureau\TwinitySetup.exe [2010/05/28 17:02:59 | 000,001,190 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2010/05/22 15:32:23 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/05/22 15:26:29 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll [2010/05/22 15:25:07 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll [2010/05/22 15:23:31 | 000,000,058 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010/05/22 15:18:09 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Laurent\Local Settings\Application Data\fusioncache.dat [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2006/09/05 10:53:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/09/04 18:12:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006/09/04 18:12:05 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006/09/04 18:12:05 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006/09/04 18:12:05 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006/09/04 18:12:05 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006/09/04 18:12:05 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006/09/04 18:05:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI [2006/09/04 14:59:28 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL [2006/09/04 14:43:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006/09/04 05:53:13 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006/09/04 05:53:00 | 000,004,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006/07/05 03:07:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/08/05 15:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010/05/25 13:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT [2010/06/03 16:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurent\Application Data\Leadertech [2010/09/08 10:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laurent\Application Data\Metaversum [2010/08/18 19:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\sony [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< type C:\Documents and Settings\Laurent\Bureau\OTL.txt /c >[/color] < End of report >

jeanmimigab · le 04 Oct 2010 21:58

hello,

Même si ton PC va mieux, suis ma procédure jusqu'au bout

Je regarde ça...

En attendant désinstalle ton Anti virus et redémarre ton pc
Installes Antivir...
Tu as tout ce qu'il faut chez mon Ami Bobette Marlow pour télécharger et configurer Antivir
http://b.marlow.free.fr/antivir_de_avira.html

une fois installé et configurer fais un scan Antivir (laisse le tourné cette nuit) et poste le rapport :wink:

Je te dit à demain, je file au dodo car je me lève tôt demain :wink:

Mais je ne te laisse pas tombé

bonne nuit

lauz · le 04 Oct 2010 22:01

Merci, c'est clair ! a demain

lauz · le 05 Oct 2010 07:21

bJr,

Voici le rapport antivir. Merci !!

Code: Tout sélectionner: Avira AntiVir Personal Date de création du fichier de rapport : lundi 4 octobre 2010 23:20 La recherche porte sur 2901008 souches de virus. Détenteur de la licence :Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :NOM-DD1C58CE1B2 Informations de version : BUILD.DAT : 8.2.0.62 17752 Bytes 23/10/2009 13:16:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:27 ANTIVIR0.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 21:15:16 ANTIVIR1.VDF : 7.10.11.137 20185456 Bytes 13/09/2010 21:15:37 ANTIVIR2.VDF : 7.10.12.110 1009056 Bytes 01/10/2010 21:15:39 ANTIVIR3.VDF : 7.10.12.118 91648 Bytes 04/10/2010 21:15:40 Version du moteur: 8.2.4.72 AEVDF.DLL : 8.1.2.1 106868 Bytes 04/10/2010 21:15:55 AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 04/10/2010 21:15:53 AESCN.DLL : 8.1.6.1 127347 Bytes 04/10/2010 21:15:51 AESBX.DLL : 8.1.3.1 254324 Bytes 04/10/2010 21:15:51 AERDL.DLL : 8.1.9.2 635252 Bytes 04/10/2010 21:15:50 AEPACK.DLL : 8.2.3.7 471413 Bytes 04/10/2010 21:15:50 AEOFFICE.DLL : 8.1.1.8 201081 Bytes 04/10/2010 21:15:49 AEHEUR.DLL : 8.1.2.30 2941303 Bytes 04/10/2010 21:15:48 AEHELP.DLL : 8.1.13.4 242038 Bytes 04/10/2010 21:15:45 AEGEN.DLL : 8.1.3.23 401779 Bytes 04/10/2010 21:15:44 AEEMU.DLL : 8.1.2.0 393588 Bytes 04/10/2010 21:15:42 AECORE.DLL : 8.1.17.0 196982 Bytes 04/10/2010 21:15:41 AEBB.DLL : 8.1.1.0 53618 Bytes 04/10/2010 21:15:41 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:27:58 AVREP.DLL : 8.0.0.7 159784 Bytes 04/10/2010 21:15:40 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Sélection de fichiers intelligente Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : lundi 4 octobre 2010 23:20 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'skypePM.exe' - '1' module(s) sont contrôlés Processus de recherche 'SSAAD.exe' - '1' module(s) sont contrôlés Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés Processus de recherche 'Skype.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'ApntEx.exe' - '1' module(s) sont contrôlés Processus de recherche 'ISBMgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'SPMgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'Apoint.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'VzFw.exe' - '1' module(s) sont contrôlés Processus de recherche 'VzCdbSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'mcrdsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'VCSW.exe' - '1' module(s) sont contrôlés Processus de recherche 'igfxsrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'igfxext.exe' - '1' module(s) sont contrôlés Processus de recherche 'VESMgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'gearsec.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehSched.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehrecvr.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'PhotoshopElementsFileAgent.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '57' processus ont été contrôlés avec '57' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [INFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [INFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD2 [INFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [INFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [INFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '59' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <VAIO> C:\Documents and Settings\Laurent\Bureau\chartre graphique\Liberty foo1.mht [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/MHT.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4d0cabf7.qua' ! Recherche débutant dans 'D:\' <VAIO> D:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! D:\Laurent\Mes documents\LimeWire\Saved\Tristan Garner - Give Love.wma [RESULTAT] Contient le modèle de détection de l'exploit EXP/ASF.GetCodec.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4d13ba58.qua' ! Fin de la recherche : mardi 5 octobre 2010 07:40 Temps nécessaire: 8:20:08 Heure(s) La recherche a été effectuée intégralement 6775 Les répertoires ont été contrôlés 249906 Des fichiers ont été contrôlés 2 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 2 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 1 Impossible de contrôler des fichiers 249903 Fichiers non infectés 7827 Les archives ont été contrôlées 3 Avertissements 2 Consignes

virus embarqué en nav internet

virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Re: virus embarqué en nav internet

Sujets similaires

Qui est en ligne