Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Infecté Trojan Win32.TDSS.rtk/Vitumonde et autres [résolu]

 

1 utilisateur anonyme
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Infecté Trojan Win32.TDSS.rtk/Vitumonde et autres [résolu]

Prévenir les modérateurs en cas d'abus 
Shimbya
shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/05/2010 à 21:33:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir c'est avec beaucoup d'espoir que je reviens sur ce site, je voudrais que quelqu'un m'aide a me débarrasser de ces bestioles:

 J'ai fait des scan avec Antivir qui ma ôter certains virus mais pas totalement puisque voici ce que j'ai a chaque fin de scan de spybot.


 Win32.TDSS.rtk
 vitumonde.sci
 Fraud.MalwareDefense
 Fraude.PaladinAntivirus
 Microsoft.Windows.diableSystem​Restore
 Microsoft.Windows.SecurityCent​er.Disabled

 Merci de s'intéresser a mon cas.

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/05/2010 à 21:37:05  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Fais un scan HijackThis et poste le rapport.

(Publicité)
shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/05/2010 à 21:39:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci.

 Alors voila le rapport

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 22:38:43, on 06/05/2010
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\WINDOWS\Explorer.EXE
 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
 C:\PROGRA~1\Sony\SONICS~1\SsAA​D.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 C:\Program Files\Sony\HotKey Utility\HKserv.exe
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
 D:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Messenger\msmsgs.exe
 C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.ex​e
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
 C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
 C:\Program Files\DAP\DAP.EXE
 C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe
 C:\Program Files\SFR\Kit\9props.exe
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 C:\Program Files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe
 C:\PROGRA~1\MICROS~2\rapimgr.e​xe
 C:\WINDOWS\system32\CTsvcCDA.e​xe
 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
 C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 C:\Program Files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Avira\AntiVir Desktop\avscan.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\HiJackThis.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - (no file)
 O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF​26AB263} - D:\Program Files\veoh\Plugins\reg\VeohToo​lbar.dll
 O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B1​0099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIET​oolbar.dll
 O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D​9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
 O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
 O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAA​D.exe
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\AlertEng.d​ll"
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
 O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
 O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKLM\..\RunOnce: [SpybotDeletingA4284] command.com /c del "C:\WINDOWS\system32\pragmabbr​.dll_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC6586] cmd.exe /c del "C:\WINDOWS\system32\pragmabbr​.dll_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingA439] command.com /c del "C:\WINDOWS\system32\pragmabbr​.dll"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC9409] cmd.exe /c del "C:\WINDOWS\system32\pragmabbr​.dll"
 O4 - HKLM\..\RunOnce: [SpybotDeletingA1267] command.com /c del "C:\WINDOWS\system32\pragmaser​f.dll_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC6259] cmd.exe /c del "C:\WINDOWS\system32\pragmaser​f.dll_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingA918] command.com /c del "C:\WINDOWS\system32\pragmaser​f.dll"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC7789] cmd.exe /c del "C:\WINDOWS\system32\pragmaser​f.dll"
 O4 - HKLM\..\RunOnce: [SpybotDeletingA3501] command.com /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC2716] cmd.exe /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingA60] command.com /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC2485] cmd.exe /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat"
 O4 - HKLM\..\RunOnce: [SpybotDeletingA8967] command.com /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC3859] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll_old"
 O4 - HKLM\..\RunOnce: [SpybotDeletingA1485] command.com /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll"
 O4 - HKLM\..\RunOnce: [SpybotDeletingC7509] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll"
 O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
 O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-​84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.ex​e"
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
 O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
 O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
 O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe"
 O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\​YahooMessenger.exe" -quiet
 O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKCU\..\RunOnce: [SpybotDeletingB5039] command.com /c del "C:\WINDOWS\system32\pragmabbr​.dll_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD336] cmd.exe /c del "C:\WINDOWS\system32\pragmabbr​.dll_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingB5664] command.com /c del "C:\WINDOWS\system32\pragmabbr​.dll"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD110] cmd.exe /c del "C:\WINDOWS\system32\pragmabbr​.dll"
 O4 - HKCU\..\RunOnce: [SpybotDeletingB2724] command.com /c del "C:\WINDOWS\system32\pragmaser​f.dll_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD9342] cmd.exe /c del "C:\WINDOWS\system32\pragmaser​f.dll_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingB4080] command.com /c del "C:\WINDOWS\system32\pragmaser​f.dll"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD1959] cmd.exe /c del "C:\WINDOWS\system32\pragmaser​f.dll"
 O4 - HKCU\..\RunOnce: [SpybotDeletingB789] command.com /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD3110] cmd.exe /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingB9067] command.com /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD6151] cmd.exe /c del "C:\WINDOWS\system32\PRAGMAsrc​r.dat"
 O4 - HKCU\..\RunOnce: [SpybotDeletingB1483] command.com /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD1480] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll_old"
 O4 - HKCU\..\RunOnce: [SpybotDeletingB8481] command.com /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll"
 O4 - HKCU\..\RunOnce: [SpybotDeletingD3612] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll"
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - S-1-5-18 Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'SYSTEM')
 O4 - S-1-5-18 Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'SYSTEM')
 O4 - .DEFAULT Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'Default user')
 O4 - .DEFAULT Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
 O4 - .DEFAULT User Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'Default user')
 O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
 O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe
 O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
 O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
 O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Envoyer à &Bluetooth - D:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npj​pi150_03.dll
 O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npj​pi150_03.dll
 O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.d​ll
 O14 - IERESET.INF: START_PAGE_URL=http://home.fre​e.fr/
 O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB​903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {6A344D34-5231-452A-8A57-D064A​C9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
 O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
 O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
 O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
 O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
 O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
 O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
 O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.​exe
 O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResour​ceManager\VzHardwareResourceMa​nager.exe
 O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedS​erver-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
 O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedS​erver-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedS​erver-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe
 O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gate​way) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
 O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe

 --
 End of file - 17327 bytes

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/05/2010 à 21:52:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Norton/Symantec n' est pas totalement désinstallé !

 Utilise cet outil pour le virer :

 http://service1.symantec.com/S [...] 4110429924

 -----
 Ensuite, ...

 Ouvre le bloc-notes et fais un copier coller de ce qui est en gras,
 ci-dessous (copie tout d'un trait) :

 REGEDIT4

 [Hkey_Local_Machine\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "net"=-
 


 Puis "fichier"/"enregistrer sous" :
 dans : sur le bureau
 Nom du fichier : fix.reg
 Type de fichier : "tous les fichiers"
 clique sur "enregistrer"

 L'icône de fix.reg doit ressembler à cela http://www.hiboox.com/images/4​905/avnoztv.jpg

 (si ce n’ est déjà fait) Télécharge CCleaner  …
 ("Download Latest Version", sur la droite) et laisse-toi guider.
 A un moment, il te sera demandé de cocher :
 "Ajouter la barre d' outils Yahoo". Refuse et …
 Laisse-le s’ installer tel que …

 Redémarre le PC en  mode sans échec  …
 -> méthode F8 (ou F5/F11 sur certains PC) de préférence

 ------------------------------​--------------
 Tu n' auras pas accès à Internet pendant le "mode sans échec".
 Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
 sur le "bureau" pour l' avoir à ta disposition.
 ------------------------------​--------------

 Ferme toutes les fenêtres et applications.
 Relance HijackThis et clique sur > Do a system scan only puis, coche
 les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :

 O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"

 Ensuite, clique sur > Fix checked et valide par "Yes".
 Referme HijackThis.

 Puis, via > Démarrer > Poste de travail > C:\

 et supprime le(s) fichier(s) en gras, ci-dessous, si tu le(s) trouves.

 C:\WINDOWS\system32\net.net <--

 Sur le bureau, double-clique sur fix2.reg => tu dois obligatoirement avoir un message
 "Voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
 Si c'est le cas, clique sur "oui"

 Remet les fichiers et dossiers cachés comme tu les as trouvés !

 Lance CCleaner ...
 Clique sur > Analyser > Nettoyer, puis sur OK dans la fenêtre qui s' affiche.
 (re)Lance le nettoyage et (re)confirme par OK.

 Redémarre le PC en mode normal ...

 Enfin, ...

 Clique droit sur ComboFix (par sUBs).  

 Choisis "Enregistrer sous" (dans IE c'est "Enregistrer la cible/le lien sous.." ) et sauvegarde-le (Enregistrer dans) sur le Bureau (et pas ailleurs).

 Important : dans "Nom du fichier" enregistre (renomme) "combofix" en Shimbya

 Prends connaissance de ce tutoriel : http://www.bleepingcomputer.co [...] r-combofix

 Ferme toutes les fenêtres et applications, déconnecte-toi du net et désactive tes protections résidentes (antivirus, antispy, etc ...) :
 http://forum.pcastuces.com/des [...] -f31s4.htm

 Sur le bureau, double-clique sur Shimbya.
 Tape sur la touche Y (Yes) pour démarrer le scan.

 Important : si l’ installation de la Console de récupération est demandé, accepte.

 ComboFix redémarrera ton PC.
 Lorsque le scan sera complété, un rapport apparaîtra.
 Copie/colle ce rapport dans ta prochaine réponse et nouveau rapport hijackthis.

 PS : le rapport se trouve également ici : C:\Combofix.txt

 Autres liens si celui donné d' entrée ne fonctionne pas :
 ComboFix 2 ou ComboFix 3

 [:lolo 1:7] Ne clique pas dans la fenêtre de Combofix durant l’analyse : cela pourrait provoquer le gel du programme.

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/05/2010 à 22:40:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Alors j'ai effectuer tous ce que tu m'a demander mais je n'ai pas de fichier fix2.reg tu veux dire fix.reg bref quand j'ai cliquer dessus il m'a demander si je voulais le mettre dans le registre et j'ai dit oui mais il m'a envoyer un message d'erreur c'est normal???

 Mais je dois continuer ???

(Publicité)
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/05/2010 à 22:46:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Continue.

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/05/2010 à 22:51:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok merci je vais commencer le scan de comboFix et je te met le rapport a plus  :super:

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/05/2010 à 23:28:34  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Alors les scans sont termines

 ComboFix

 ComboFix 10-05-05.0D - ABDULSALAM.M.Z 07/05/2010   0:06.4.1 - x86
 Microsoft Windows XP Professionnel  5.1.2600.3.1252.33.1033.18.101​4.613 [GMT 2:00]
 Lancé depuis: c:\documents and settings\ABDULSALAM.M.Z\Deskto​p\Shimbya.exe
 AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD33​50758C7}
 .

 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .

 c:\documents and settings\All Users\Favorites\_favdata.dat
 c:\program files\Digital Protection
 c:\recycler\S-1-5-21-264639410​-265606739-1297347644-500
 c:\recycler\S-1-5-21-62183826-​3627914722-3814040509-500
 c:\windows\PRAGMAirftbcvfvi
 c:\windows\PRAGMAirftbcvfvi\PR​AGMAc.dll
 c:\windows\PRAGMAirftbcvfvi\PR​AGMAcfg.ini
 c:\windows\system32\drivers\kw​vrb.sys
 c:\windows\system32\driVERs\pj​pjss.sys
 c:\windows\system32\drivers\Rk​PavProc.sys
 c:\windows\Sysvxd.exe

 Une copie infectée de c:\windows\system32\drivers\te​rmdd.sys a été trouvée et désinfectée
 Copie restaurée à partir de - Kitty had a snack :p
 .
 ((((((((((((((((((((((((((((((​(((((((((   Pilotes/Services   ))))))))))))))))))))))))))))))​)))))))))))))))))))
 .

 -------\Legacy_PRAGMAIRFTBCVFV​I
 -------\Legacy_SSHNAS
 -------\Service_PRAGMAirftbcvf​vi
 -------\Legacy_pjpjss
 -------\Legacy_RkPavProc
 -------\Legacy_veppcq
 -------\Service_pjpjss
 -------\Service_RkPavProc
 -------\Service_veppcq


 (((((((((((((((((((((((((((((   Fichiers créés du 2010-04-06 au 2010-05-06  ))))))))))))))))))))))))))))))​))))))
 .

 2010-05-06 21:05 . 2010-05-06 21:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
 2010-05-06 21:04 . 2010-05-06 21:05 -------- d-----w- c:\program files\CCleaner
 2010-05-06 19:54 . 2010-05-06 19:54 -------- d-----w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Malwarebytes
 2010-05-06 19:54 . 2010-05-06 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
 2010-05-06 19:54 . 2010-05-06 22:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
 2010-05-02 16:36 . 2010-05-02 22:10 56816 ----a-w- c:\windows\system32\drivers\av​gntflt.sys
 2010-05-02 16:36 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\av​ipbb.sys
 2010-05-02 16:36 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\av​gntmgr.sys
 2010-05-02 16:36 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\av​gntdd.sys
 2010-05-02 16:36 . 2010-05-02 16:36 -------- d-----w- c:\program files\Avira
 2010-05-02 16:36 . 2010-05-02 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
 2010-05-02 13:42 . 2010-05-02 14:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Yahoo
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-----w- c:\windows\system32\config\sys​temprofile\Application Data\Yahoo!
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-----w- c:\documents and settings\LocalService\Applicat​ion Data\Yahoo!
 2010-05-02 13:32 . 2010-05-02 13:32 -------- d-sh--w- c:\documents and settings\LocalService\IETldCac​he
 2010-04-26 18:06 . 2010-04-26 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
 2010-04-11 15:57 . 2010-04-11 15:57 -------- d-----w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\ViiKiiDesktopPlugin.5E22E​A0FF243470AB5EDDF282C0A5B52E99​09C36.1
 2010-04-11 15:57 . 2010-04-11 15:57 -------- d-----w- c:\program files\ViiKiiDesktopPlugin
 2010-04-11 15:57 . 2010-04-11 15:57 -------- d-----w- c:\program files\Common Files\Adobe AIR
 2010-04-07 13:30 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\a​clayers.dll
 2010-04-07 13:27 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\m​oviemk.exe
 2010-04-07 13:22 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browsercho​ice.exe

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2010-05-06 22:17 . 2007-04-08 13:17 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
 2010-05-06 21:44 . 2008-01-26 02:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
 2010-05-06 21:12 . 2006-01-05 03:45 -------- d-----w- c:\program files\Common Files\Symantec Shared
 2010-05-06 21:05 . 2009-12-16 16:51 -------- d-----w- c:\program files\Yahoo!
 2010-05-03 16:07 . 2010-05-03 16:07 0 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\ntuser​.tmp
 2010-05-03 15:32 . 2008-01-26 02:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
 2010-05-02 13:42 . 2008-01-27 14:12 -------- d-----w- c:\program files\Alwil Software
 2010-04-26 19:11 . 2010-04-26 19:11 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERP​ROCESS.dll
 2010-04-26 19:11 . 2010-04-26 19:11 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Un​installer.exe
 2010-04-26 19:11 . 2008-05-11 12:59 -------- d-----w- c:\program files\DivX
 2010-04-26 19:11 . 2010-04-26 19:11 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstalle​r.exe
 2010-04-26 19:11 . 2010-04-26 19:11 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninsta​ller.exe
 2010-04-26 19:11 . 2010-04-26 19:11 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.e​xe
 2010-04-26 19:11 . 2010-04-26 19:11 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Unin​staller.exe
 2010-04-26 19:10 . 2010-04-26 19:10 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.ex​e
 2010-04-26 19:10 . 2009-06-05 17:47 -------- d-----w- c:\program files\Common Files\DivX Shared
 2010-04-26 18:08 . 2010-04-26 18:08 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERP​ROCESS.exe
 2010-04-26 18:08 . 2010-04-26 19:11 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
 2010-04-26 18:06 . 2010-04-26 19:11 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
 2010-04-18 21:54 . 2006-02-04 12:49 -------- d-----w- c:\documents and settings\LocalService\Applicat​ion Data\Sony Corporation
 2010-04-11 15:56 . 2010-04-11 15:57 38784 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Macromedia\Flash Player\www.macromedia.com\bin\​airappinstaller\airappinstalle​r.exe
 2010-03-26 08:33 . 2010-04-28 23:16 1496064 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\components\frozen.dll
 2010-03-26 08:33 . 2010-04-28 23:16 43008 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\components\googletoolba​rloader.dll
 2010-03-26 08:33 . 2010-04-28 23:16 339456 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\libraries\googletoolbar​-ff2.dll
 2010-03-26 08:32 . 2010-04-28 23:16 346112 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\libraries\googletoolbar​-ff3.dll
 2010-03-10 06:15 . 2005-08-31 08:56 420352 ----a-w- c:\windows\system32\vbscript.d​ll
 2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- c:\windows\system32\dpl100.dll
 2010-02-25 06:24 . 2005-08-31 08:56 916480 ----a-w- c:\windows\system32\wininet.dl​l
 2010-02-24 13:11 . 2005-08-31 08:56 455680 ----a-w- c:\windows\system32\drivers\mr​xsmb.sys
 2010-02-17 07:10 . 2005-08-31 08:56 2189952 ----a-w- c:\windows\system32\ntoskrnl.e​xe
 2010-02-16 13:25 . 2004-08-03 22:59 2066816 ----a-w- c:\windows\system32\ntkrnlpa.e​xe
 2010-02-12 04:33 . 2005-08-31 08:56 100864 ----a-w- c:\windows\system32\6to4svc.dl​l
 2010-02-11 12:02 . 2005-08-31 08:56 226880 ----a-w- c:\windows\system32\drivers\tc​pip6.sys
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "BgMonitor_{79662E04-7C6C-4d9f​-84C7-88D8A56B10AA}"="c:\progr​am files\Common Files\Ahead\lib\NMBgMonitor.ex​e" [2005-09-25 94208]
 "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-19 247144]
 "DownloadAccelerator"="c:\prog​ram files\DAP\DAP.EXE" [2009-04-05 2811392]
 "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohweb​player.exe" [2010-02-22 2633976]
 "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\​Messenger\YahooMessenger.exe" [2009-11-10 5244216]
 "Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
 "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-05-15 184320]
 "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
 "VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2006-07-31 151552]
 "SsAAD.exe"="c:\progra~1\Sony\​SONICS~1\SsAAD.exe" [2005-06-03 81920]
 "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched​.exe" [2006-05-20 180269]
 "NeroFilterCheck"="c:\windows\​system32\NeroCheck.exe" [2005-09-25 155648]
 "HKSERV.EXE"="c:\program files\Sony\HotKey Utility\HKserv.exe" [2002-07-31 475136]
 "QuickTime Task"="d:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-06-29 286720]
 "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]
 "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="c:\windows\syste​m32\CTFMON.EXE" [2008-04-14 15360]

 c:\documents and settings\Default User\Start Menu\Programs\Startup\
 E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2005-9-1 491520]
 VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-11-4 778240]

 c:\documents and settings\Administrator\Start Menu\Programs\Startup\
 E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2005-9-1 491520]

 c:\documents and settings\ABDULSALAM.M.Z\Start Menu\Programs\Startup\
 ViiKiiDesktopPlugin.lnk - c:\program files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe [2010-4-11 95232]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
 2005-05-21 00:42 73728 ----a-w- c:\windows\system32\VESWinlogo​n.dll

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BTTray.l​nk
 backup=c:\windows\pss\BTTray.l​nkCommon Startup

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^Prayer Times.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Prayer Times.lnk
 backup=c:\windows\pss\Prayer Times.lnkCommon Startup

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Alcmtr]
 2005-05-03 09:43 69632 ----a-w- c:\windows\ALCMTR.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Apoint]
 2004-11-17 11:47 118784 ----a-w- c:\program files\Apoint\Apoint.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AzMixerSel]
 2005-06-11 10:51 53248 ----a-w- c:\program files\Realtek\InstallShield\Az​MixerSel.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ctfmon.exe]
 2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\DownloadAccelerator]
 2009-04-05 18:20 2811392 ----a-w- c:\program files\DAP\DAP.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
 2006-11-13 12:07 1289000 ----a-w- c:\progra~1\MICROS~2\wcescomm.​exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxhkcmd]
 2005-08-05 01:56 77824 ----a-w- c:\windows\system32\hkcmd.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxpers]
 2005-08-05 01:56 114688 ----a-w- c:\windows\system32\igfxpers.e​xe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxtray]
 2005-08-05 01:57 94208 ----a-w- c:\windows\system32\igfxtray.e​xe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
 2004-08-04 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig​.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Mous​e Suite 98 Daemon]
 2002-03-14 23:46 45056 ----a-w- c:\windows\system32\ico.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSPY2002]
 2004-08-04 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLG​NT\IMSCINST.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PHIME2002A]
 2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLG​NT\TINTSETP.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PHIME2002ASync]
 2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLG​NT\TINTSETP.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RTHDCPL]
 2005-08-09 06:17 14743552 ----a-w- c:\windows\RTHDCPL.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecFirewall]
 "DisableMonitoring"=dword:0000​0001

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "c:\\WINDOWS\\system32\\grdmgr​.exe"=
 "d:\\Program Files\\veoh\\VeohClient.exe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "%windir%\\system32\\sessmgr.e​xe"=
 "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync RAPI Manager
 "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.25​4.2.0/255.255.255.0:Enabled:Ac​tiveSync Connection Manager
 "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync Application
 "c:\\Program Files\\GigaTribe\\gigatribe.ex​e"=
 "c:\\Program Files\\DAP\\DAP.exe"=
 "c:\\Program Files\\Yahoo!\\Messenger\\Yaho​oMessenger.exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
 "c:\\Program Files\\Messenger\\msmsgs.exe"=
 "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohw​ebplayer.exe"=

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "26675:TCP"= 26675:TCP:169.254.2.0/255.255.​255.0:Enabled:ActiveSync Service

 R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [02/05/2010 18:36 108289]
 R2 TomTomHOMEService;TomTomHOMESe​rvice;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [19/08/2009 17:37 92008]
 S3 AIR555;Sierra Wireless AirCard 555 NIC + Modem (NIC Interface);c:\windows\system32​\drivers\air555.sys [17/06/2006 12:44 125608]
 S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\DR​IVERS\fbxusb.sys --> c:\windows\system32\DRIVERS\fb​xusb.sys [?]
 S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;c:\windows\system32\driv​ers\ewusbmdm.sys [16/06/2006 18:08 65152]
 S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;c:\windows\system32\​drivers\ewusbser.sys [16/06/2006 18:08 65152]
 .
 Contenu du dossier 'Tâches planifiées'
 .
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://www.google.fr/
 IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
 IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
 IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\​EXCEL.EXE/3000
 IE: Envoyer à &Bluetooth - d:\program files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classe​s/xmldso.cab
 DPF: {072039AB-2117-4ED5-A85F-9B9EB​903E021} - hxxp://www.clubbox.co.kr/neo.f​ld/NowStarter.cab
 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} - hxxp://www.bitdefender.fr/scan​_fr/scan8/oscan8.cab
 FF - ProfilePath - c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\
 FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?l​r=&ie=UTF-8&oe=UTF-8&q=
 FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q​=
 FF - component: c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\components\frozen.dll
 FF - component: c:\program files\DAP\DAPFireFox\component​s\DAPFireFox.dll
 FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
 FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJ​PI150_03.dll
 FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPl​ayerVideoPluginATL.dll
 FF - plugin: d:\program files\DivX\DivX Player\npDivxPlayerPlugin.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin2.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin3.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin4.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin5.dll
 FF - plugin: d:\program files\veoh\Plugins\noreg\NPVeo​hVersion.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 FF - user.js: general.useragent.extra.zencas​t - Creative ZENcast v1.02.10);user_pref(yahoo.ytff​.general.dontshowhpoffer, true
 FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q​=
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_wind​ows", false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_ima​ge_resizing", true);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewith​caret_shortcut.enabled", true);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.h​igh_water_mark", 32);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.g​c_frequency",   1600);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-gener​ic-ntlm", false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabl​ed", -1);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWei​ght",       2);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketS​ize",       1);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTime​Groupings", 25);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGro​upingSize", 604800);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundar​yWeight",   25);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixW​eight",     5);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.allow_unres​tricted_renego_everywhere__tem​porarily_available_pref", true);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.renego_unre​stricted_hosts", "" );
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.treat_unsaf​e_negotiation_as_broken", false);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.require_saf​e_negotiation",  false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox-​branding.js - pref("app.update.download.back​groundInterval", 600);
 c:\program files\Mozilla Firefox\defaults\pref\firefox-​branding.js - pref("app.update.url.manual", "http://www.firefox.com" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox-​branding.js - pref("browser.search.param.yah​oo-fr-ja", "mozff" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("extensions.{972ce4c6-7e0​8-4474-a285-3208198ce6fd}.name​", "chrome://browser/locale/brows​er.properties" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("extensions.{972ce4c6-7e0​8-4474-a285-3208198ce6fd}.desc​ription", "chrome://browser/locale/brows​er.properties" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("xpinstall.whitelist.add"​, "addons.mozilla.org" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("xpinstall.whitelist.add.​36", "getpersonas.com" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("lightweightThemes.update​.enabled", true);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.allTabs.previews​", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("plugins.hide_infobar_for​_outdated_plugin", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("plugins.update.notifyUse​r", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("toolbar.customization.us​esheet", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.taskbar.previews​.enable", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.taskbar.previews​.max", 20);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.taskbar.previews​.cachetime", 20);
 .
 - - - - ORPHELINS SUPPRIMES - - - -

 HKLM-Run-Malwarebytes Anti-Malware (rootkit-scan) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
 MSConfigStartUp-AirCardEnabler - c:\program files\Sierra Wireless Inc\Network Adapter Manager\Network Adapter Manager.exe
 MSConfigStartUp-HUAWEI Data Card - d:\program files\Huawei technologies\HUAWEI Mobile Connect\HuaWeiDataCard.exe
 MSConfigStartUp-iTunesHelper - d:\program files\iTunes\iTunesHelper.exe
 MSConfigStartUp-WorldMateDeskt​op - c:\program files\MobiMate\WorldMate Desktop Companion\WMDesktop.exe



 ******************************​******************************​**************

 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2010-05-07 00:16
 Windows 5.1.2600 Service Pack 3 NTFS

 Recherche de processus cachés ...

 Recherche d'éléments en démarrage automatique cachés ...

 Recherche de fichiers cachés ...

 Scan terminé avec succès
 Fichiers cachés: 0

 ******************************​******************************​**************
 .
 --------------------- CLES DE REGISTRE BLOQUEES ---------------------

 [HKEY_LOCAL_MACHINE\software\Mi​crosoft\Windows\CurrentVersion​\Installer\UserData\LocalSyste​m\Components\€–€|ÿÿÿ​ÿÀ•€|ù•A~*]
 "C040110900063D11C8EF100540383​89C"="C?\\WINDOWS\\system32\\F​M20ENU.DLL"
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------

 - - - - - - - > 'winlogon.exe'(760)
 c:\windows\system32\VESWinlogo​n.dll

 - - - - - - - > 'explorer.exe'(3888)
 c:\windows\system32\WININET.dl​l
 c:\progra~1\WINDOW~2\wmpband.d​ll
 c:\windows\system32\ieframe.dl​l
 c:\windows\system32\webcheck.d​ll
 c:\windows\system32\WPDShServi​ceObj.dll
 c:\windows\system32\btncopy.dl​l
 c:\windows\system32\PortableDe​viceTypes.dll
 c:\windows\system32\PortableDe​viceApi.dll
 .
 ------------------------ Autres processus actifs ------------------------
 .
 c:\program files\Avira\AntiVir Desktop\avguard.exe
 d:\program files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
 c:\windows\system32\CTsvcCDA.e​xe
 c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
 c:\program files\Sony\VAIO Event Service\VESMgr.exe
 c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 c:\program files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe
 c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 c:\windows\system32\igfxext.ex​e
 c:\windows\system32\igfxsrvc.e​xe
 c:\program files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 c:\program files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 c:\program files\Microsoft ActiveSync\wcescomm.exe
 c:\progra~1\MICROS~2\rapimgr.e​xe
 .
 ******************************​******************************​**************
 .
 Heure de fin: 2010-05-07  00:24:13 - La machine a redémarré
 ComboFix-quarantined-files.txt  2010-05-06 22:24
 ComboFix2.txt  2008-01-30 17:36

 Avant-CF: 4 282 888 192 bytes free
 Après-CF: 4 299 198 464 octets libres

 WindowsXP-KB310994-SP2-Pro-Boo​tDisk-FRA.exe
 [boot loader]
 timeout=2
 default=multi(0)disk(0)rdisk(0​)partition(2)\WINDOWS
 [operating systems]
 c:\cmdcons\BOOTSECT.DAT="Micro​soft Windows Recovery Console" /cmdcons
 multi(0)disk(0)rdisk(0)partiti​on(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 - - End Of File - - 1B7C417FEB3BAE304F6C8AA7C1F08A​3B

 et Hijack


 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 00:25:03, on 07/05/2010
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 D:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
 C:\WINDOWS\system32\CTsvcCDA.e​xe
 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
 C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 C:\Program Files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Sony\HotKey Utility\HKserv.exe
 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
 C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.ex​e
 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
 C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
 C:\Program Files\DAP\DAP.EXE
 C:\PROGRA~1\MICROS~2\rapimgr.e​xe
 C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe
 C:\PROGRA~1\Yahoo!\Messenger\Y​ahooMessenger.exe
 C:\Program Files\SFR\Kit\9props.exe
 C:\Program Files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe
 C:\WINDOWS\explorer.exe
 C:\WINDOWS\system32\notepad.ex​e
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\HiJackThis.exe
 C:\Program Files\Mozilla Firefox\firefox.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7A​C245081} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\YTSingleInstance.dll
 O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF​26AB263} - D:\Program Files\veoh\Plugins\reg\VeohToo​lbar.dll
 O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B1​0099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIET​oolbar.dll
 O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D​9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
 O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
 O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAA​D.exe
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
 O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-​84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.ex​e"
 O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
 O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
 O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
 O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe"
 O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\​YahooMessenger.exe" -quiet
 O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - S-1-5-18 Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'SYSTEM')
 O4 - S-1-5-18 Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'SYSTEM')
 O4 - .DEFAULT Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'Default user')
 O4 - .DEFAULT Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
 O4 - .DEFAULT User Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'Default user')
 O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
 O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe
 O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
 O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
 O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Envoyer à &Bluetooth - D:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npj​pi150_03.dll
 O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npj​pi150_03.dll
 O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.d​ll
 O14 - IERESET.INF: START_PAGE_URL=http://home.fre​e.fr/
 O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB​903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {6A344D34-5231-452A-8A57-D064A​C9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
 O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
 O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
 O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
 O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
 O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
 O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.​exe
 O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResour​ceManager\VzHardwareResourceMa​nager.exe
 O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedS​erver-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
 O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedS​erver-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedS​erver-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe
 O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gate​way) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
 O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe

 --
 End of file - 12809 bytes



 Alors votre diagnostic Docteur??

(Publicité)
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/05/2010 à 07:38:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Commence par désactiver le TeaTimer de Spybot :

 http://www.commentcamarche.net [...] -de-spybot

 Ensuite, ...

 Télécharge, installe et mets à jour Malwarebytes Anti-malware ; puis, fais un scan complet et poste le rapport.

 Si MalwareByte's a détecté des infections, clique sur Afficher les résultats, puis sur Supprimer la sélection.

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/05/2010 à 17:46:24  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour voila le rapport scan demander

 Malwarebytes' Anti-Malware 1.46
 www.malwarebytes.org

 Version de la base de données: 4074

 Windows 5.1.2600 Service Pack 3
 Internet Explorer 8.0.6001.18702

 07/05/2010 18:40:28
 mbam-log-2010-05-07 (18-40-28).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 214850
 Temps écoulé: 1 heure(s), 15 minute(s), 29 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 9
 Valeur(s) du Registre infectée(s): 1
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 1

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_CLASSES_ROOT\nowstarter.n​owstarterctrl.1 (Adware.CWS) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{07203​9ab-2117-4ed5-a85f-9b9eb903e02​1} (Adware.CWS) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{072039ab-2117-4ed5-​a85f-9b9eb903e021} (Adware.CWS) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Code Store Database\Distribution Units\{072039ab-2117-4ed5-a85f​-9b9eb903e021} (Adware.CWS) -> No action taken.
 HKEY_CLASSES_ROOT\CLSID\{6f553​c18-15e6-4e5e-8f44-add50de754e​d} (Adware.CWS) -> No action taken.
 HKEY_CLASSES_ROOT\Interface\{4​0722371-e24c-4b36-8e76-010bb6c​7185b} (Adware.CWS) -> No action taken.
 HKEY_CLASSES_ROOT\Interface\{8​25c19d3-35ce-428f-876b-88e0804​66689} (Adware.CWS) -> No action taken.
 HKEY_CLASSES_ROOT\Typelib\{040​9743c-e5e3-4bdd-9ec7-eff622530​282} (Adware.CWS) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ModuleUsage\C:/WINDOWS/system​32/NowStarter.ocx (Adware.CWS) -> No action taken.

 Valeur(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\SharedDLLs\C:\WINDOWS\system3​2\NowStarter.ocx (Adware.CWS) -> No action taken.

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 C:\WINDOWS\system32\NowStarter​.ocx (Adware.CWS) -> No action taken.

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/05/2010 à 17:57:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Lance un scan Nod32 (il faut utiliser Internet Explorer)

 Coche toutes les cases à chaque fois ; une fois le scan achevé,
 colle le rapport :

 -> C:\Program Files\EsetOnlineScanner\log.txt <-- le rapport

 PS : désactive la protection résidente d' Avira le temps du scan ...

 Clic droit sur l'icône  -> clique sur "AntivirGuard enable" pour décocher :

 http://j.imagehost.org/t/0017/​D_sactiver_Antivir.jpg

(Publicité)
shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/05/2010 à 18:12:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
oh petit pepin!! a chaque fois que j'essais de mettre en route le scan mes fenetres Internet Explorer se ferment... Dois-je telecharger le logiciel ou dois-je faire un scan online??

 PS: j'ai desactiver Antivir et le tea timer de spybot

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/05/2010 à 18:30:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 C' est un scan on line !

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/05/2010 à 18:32:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ben le probleme c'est lorsque j'accepte les conditions et tape start il m'ouvre une nouvelle fenetre puis au bout de quelque seconde j'ai toute mes fenetres qui sont fermees.

 Que-faire?

(Publicité)
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/05/2010 à 18:36:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Mets à jour Avira et lance un scan ; puis, poste le rapport.

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/05/2010 à 19:41:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
terminer!!



 Avira AntiVir Personal
 Date de création du fichier de rapport : Friday, May 07, 2010  19:38

 La recherche porte sur 2081209 souches de virus.

 Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
 Numéro de série         : 0000149996-ADJIE-0000001
 Plateforme              : Windows XP
 Version de Windows      : (Service Pack 3)  [5.1.2600]
 Mode Boot               : Démarré normalement
 Identifiant             : SYSTEM
 Nom de l'ordinateur     : YOUR-050E312681

 Informations de version :
 BUILD.DAT               : 9.0.0.75      21698 Bytes  22/01/2010 23:14:00
 AVSCAN.EXE              : 9.0.3.10     466689 Bytes  02/05/2010 22:10:46
 AVSCAN.DLL              : 9.0.3.0       49409 Bytes  03/03/2009 09:21:02
 LUKE.DLL                : 9.0.3.2      209665 Bytes  20/02/2009 10:35:11
 LUKERES.DLL             : 9.0.2.0       13569 Bytes  03/03/2009 09:21:31
 VBASE000.VDF            : 7.10.0.0   19875328 Bytes  06/11/2009 22:10:40
 VBASE001.VDF            : 7.10.1.0    1372672 Bytes  19/11/2009 22:10:40
 VBASE002.VDF            : 7.10.3.1    3143680 Bytes  20/01/2010 22:10:41
 VBASE003.VDF            : 7.10.3.75    996864 Bytes  26/01/2010 22:10:41
 VBASE004.VDF            : 7.10.4.203   1579008 Bytes  05/03/2010 22:10:41
 VBASE005.VDF            : 7.10.6.82   2494464 Bytes  15/04/2010 22:10:42
 VBASE006.VDF            : 7.10.6.83      2048 Bytes  15/04/2010 22:10:42
 VBASE007.VDF            : 7.10.6.84      2048 Bytes  15/04/2010 22:10:42
 VBASE008.VDF            : 7.10.6.85      2048 Bytes  15/04/2010 22:10:42
 VBASE009.VDF            : 7.10.6.86      2048 Bytes  15/04/2010 22:10:42
 VBASE010.VDF            : 7.10.6.87      2048 Bytes  15/04/2010 22:10:42
 VBASE011.VDF            : 7.10.6.88      2048 Bytes  15/04/2010 22:10:42
 VBASE012.VDF            : 7.10.6.89      2048 Bytes  15/04/2010 22:10:42
 VBASE013.VDF            : 7.10.6.90      2048 Bytes  15/04/2010 22:10:42
 VBASE014.VDF            : 7.10.6.123    126464 Bytes  19/04/2010 22:10:42
 VBASE015.VDF            : 7.10.6.152    123392 Bytes  21/04/2010 22:10:42
 VBASE016.VDF            : 7.10.6.178    122880 Bytes  22/04/2010 22:10:42
 VBASE017.VDF            : 7.10.6.206    120320 Bytes  26/04/2010 22:10:42
 VBASE018.VDF            : 7.10.6.232     99328 Bytes  28/04/2010 22:10:42
 VBASE019.VDF            : 7.10.7.2     155648 Bytes  30/04/2010 22:10:42
 VBASE020.VDF            : 7.10.7.26    119808 Bytes  04/05/2010 12:06:05
 VBASE021.VDF            : 7.10.7.51    118272 Bytes  06/05/2010 13:55:03
 VBASE022.VDF            : 7.10.7.52      2048 Bytes  06/05/2010 13:55:03
 VBASE023.VDF            : 7.10.7.53      2048 Bytes  06/05/2010 13:55:03
 VBASE024.VDF            : 7.10.7.54      2048 Bytes  06/05/2010 13:55:03
 VBASE025.VDF            : 7.10.7.55      2048 Bytes  06/05/2010 13:55:03
 VBASE026.VDF            : 7.10.7.56      2048 Bytes  06/05/2010 13:55:03
 VBASE027.VDF            : 7.10.7.57      2048 Bytes  06/05/2010 13:55:03
 VBASE028.VDF            : 7.10.7.58      2048 Bytes  06/05/2010 13:55:03
 VBASE029.VDF            : 7.10.7.59      2048 Bytes  06/05/2010 13:55:03
 VBASE030.VDF            : 7.10.7.60      2048 Bytes  06/05/2010 13:55:03
 VBASE031.VDF            : 7.10.7.66     70656 Bytes  07/05/2010 13:55:10
 Version du moteur       : 8.2.1.236
 AEVDF.DLL               : 8.1.2.0      106868 Bytes  02/05/2010 22:10:45
 AESCRIPT.DLL            : 8.1.3.28    1298810 Bytes  05/05/2010 12:06:20
 AESCN.DLL               : 8.1.5.0      127347 Bytes  02/05/2010 22:10:44
 AESBX.DLL               : 8.1.3.1      254324 Bytes  02/05/2010 22:10:45
 AERDL.DLL               : 8.1.4.6      541043 Bytes  02/05/2010 22:10:44
 AEPACK.DLL              : 8.2.1.1      426358 Bytes  02/05/2010 22:10:44
 AEOFFICE.DLL            : 8.1.0.41     201083 Bytes  02/05/2010 22:10:44
 AEHEUR.DLL              : 8.1.1.27    2670967 Bytes  05/05/2010 12:06:17
 AEHELP.DLL              : 8.1.11.3     242039 Bytes  02/05/2010 22:10:43
 AEGEN.DLL               : 8.1.3.7      373106 Bytes  02/05/2010 22:10:43
 AEEMU.DLL               : 8.1.2.0      393588 Bytes  02/05/2010 22:10:43
 AECORE.DLL              : 8.1.15.1     192886 Bytes  05/05/2010 12:06:08
 AEBB.DLL                : 8.1.1.0       53618 Bytes  02/05/2010 22:10:42
 AVWINLL.DLL             : 9.0.0.3       18177 Bytes  12/12/2008 07:47:30
 AVPREF.DLL              : 9.0.3.0       44289 Bytes  02/05/2010 22:10:45
 AVREP.DLL               : 8.0.0.7      159784 Bytes  02/05/2010 22:10:46
 AVREG.DLL               : 9.0.0.0       36609 Bytes  07/11/2008 14:24:42
 AVARKT.DLL              : 9.0.0.3      292609 Bytes  24/03/2009 14:05:22
 AVEVTLOG.DLL            : 9.0.0.7      167169 Bytes  30/01/2009 09:36:37
 SQLITE3.DLL             : 3.6.1.0      326401 Bytes  28/01/2009 14:03:49
 SMTPLIB.DLL             : 9.2.0.25      28417 Bytes  02/02/2009 07:20:57
 NETNT.DLL               : 9.0.0.0       11521 Bytes  07/11/2008 14:40:59
 RCIMAGE.DLL             : 9.0.0.25    2438913 Bytes  02/05/2010 22:10:37
 RCTEXT.DLL              : 9.0.73.0      88321 Bytes  02/05/2010 22:10:37

 Configuration pour la recherche actuelle :
 Nom de la tâche.........................​......: Contrôle intégral du système
 Fichier de configuration.................​.....: c:\program files\avira\antivir desktop\sysscan.avp
 Documentation.................​................: bas
 Action principale....................​.........: interactif
 Action secondaire....................​.........: ignorer
 Recherche sur les secteurs d'amorçage maître..: marche
 Recherche sur les secteurs d'amorçage.........: marche
 Secteurs d'amorçage....................​.......: C:, D:,
 Recherche dans les programmes actifs..........: marche
 Recherche en cours sur l'enregistrement.......: marche
 Recherche de Rootkits......................​...: marche
 Contrôle d'intégrité de fichiers système......: arrêt
 Fichier mode de recherche.....................​: Tous les fichiers
 Recherche sur les archives....................: marche
 Limiter la profondeur de récursivité..........: 20
 Archive Smart Extensions....................​..: marche
 Heuristique de macrovirus....................​.: marche
 Heuristique fichier.......................​....: moyen
 Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR,

 Début de la recherche : Friday, May 07, 2010  19:38

 La recherche d'objets cachés commence.
 '70688' objets ont été contrôlés, '0' objets cachés ont été trouvés.

 La recherche sur les processus démarrés commence :
 Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'VzRs.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'SSScsiSV.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'igfxsrvc.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'igfxext.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'VzFw.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'VzCdbSvc.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'YahooAUService.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'VCSW.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'VESMgr.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'TomTomHOMEService.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'MDM.EXE' - '1' module(s) sont contrôlés
 Processus de recherche 'CTSVCCDA.EXE' - '1' module(s) sont contrôlés
 Processus de recherche 'btwdins.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'ViiKiiDesktopPlugin.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
 Processus de recherche '9props.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'rapimgr.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'DAP.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'wcescomm.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'NMBgMonitor.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'DivXUpdate.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'HKServ.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'SSAAD.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'ISBMgr.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'SPMgr.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
 Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
 '49' processus ont été contrôlés avec '49' modules

 La recherche sur les secteurs d'amorçage maître commence :
 Secteur d'amorçage maître HD0

[INFO]      Aucun virus trouvé !
 Secteur d'amorçage maître HD1

[INFO]      Aucun virus trouvé !

 La recherche sur les secteurs d'amorçage commence :
 Secteur d'amorçage 'C:\'

[INFO]      Aucun virus trouvé !
 Secteur d'amorçage 'D:\'

[INFO]      Aucun virus trouvé !

 La recherche sur les renvois aux fichiers exécutables (registre) commence :
 Le registre a été contrôlé ( '66' fichiers).


 La recherche sur les fichiers sélectionnés commence :

 Recherche débutant dans 'C:\' <VAIO>
 C:\hiberfil.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

[REMARQUE]  Ce fichier est un fichier système Windows.

[REMARQUE]  Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
 C:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

[REMARQUE]  Ce fichier est un fichier système Windows.

[REMARQUE]  Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
 Recherche débutant dans 'D:\' <VAIO>


 Fin de la recherche : Friday, May 07, 2010  20:40
 Temps nécessaire:  1:01:57 Heure(s)

 La recherche a été effectuée intégralement

9417 Les répertoires ont été contrôlés
 411252 Des fichiers ont été contrôlés

0 Des virus ou programmes indésirables ont été trouvés

0 Des fichiers ont été classés comme suspects

0 Des fichiers ont été supprimés

0 Des virus ou programmes indésirables ont été réparés

0 Les fichiers ont été déplacés dans la quarantaine

0 Les fichiers ont été renommés

2 Impossible de contrôler des fichiers
 411250 Fichiers non infectés

9518 Les archives ont été contrôlées

2 Avertissements

2 Consignes
  70688 Des objets ont été contrôlés lors du Rootkitscan

0 Des objets cachés ont été trouvés

 Alors bonne nouvelle??

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 08/05/2010 à 09:35:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 



Alors bonne nouvelle??



 Il me semble puisque Avira ne trouve rien  ;) !

 Et Spybot que dit-il si tu lances un scan après l' avoir mis à jour ?

 (ne poste pas de rapport)

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 08/05/2010 à 10:56:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Le SCan Spybot n'a rien trouver   :youpi:

 Donc c'est fini ??

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 08/05/2010 à 17:43:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 



Donc c'est fini ??



 Pas tout à fait ... mais presque  ;)

 Désinstalle ComboFix ...

 Par le menu Démarrer > Exécuter ... puis tape (ou copie/colle) :

 ComboFix /Uninstall et valide par OK.

 Ensuite, réinstalle-le selon procédure (voir plus haut) et lance un scan.

 Une fois le scan achevé, poste le rapport.

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 09/05/2010 à 00:11:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Coucou, le rapport du scan Combo

 ComboFix 10-05-08.01 - ABDULSALAM.M.Z 09/05/2010   0:58.5.1 - x86
 Microsoft Windows XP Professional  5.1.2600.3.1252.33.1033.18.101​4.371 [GMT 2:00]
 Lancé depuis: c:\documents and settings\ABDULSALAM.M.Z\Deskto​p\Shimbya.exe
 AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD33​50758C7}
 * Un nouveau point de restauration a été créé
 .

 (((((((((((((((((((((((((((((   Fichiers créés du 2010-04-08 au 2010-05-08  ))))))))))))))))))))))))))))))​))))))
 .

 2010-05-08 21:57 . 2010-05-08 21:57 -------- d-----w- C:\Shimbya16650S
 2010-05-08 09:18 . 2010-05-08 09:18 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Un​installer.exe
 2010-05-08 09:18 . 2010-05-08 09:18 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.e​xe
 2010-05-08 09:18 . 2010-05-08 09:18 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninsta​ller.exe
 2010-05-07 12:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mb​amswissarmy.sys
 2010-05-07 12:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mb​am.sys
 2010-05-06 21:56 . 2010-05-06 22:24 -------- d-----w- C:\Shimbya
 2010-05-06 21:05 . 2010-05-06 21:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
 2010-05-06 21:04 . 2010-05-06 21:05 -------- d-----w- c:\program files\CCleaner
 2010-05-06 19:54 . 2010-05-06 19:54 -------- d-----w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Malwarebytes
 2010-05-06 19:54 . 2010-05-06 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
 2010-05-06 19:54 . 2010-05-07 12:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
 2010-05-02 16:36 . 2010-05-02 22:10 56816 ----a-w- c:\windows\system32\drivers\av​gntflt.sys
 2010-05-02 16:36 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\av​ipbb.sys
 2010-05-02 16:36 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\av​gntmgr.sys
 2010-05-02 16:36 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\av​gntdd.sys
 2010-05-02 16:36 . 2010-05-02 16:36 -------- d-----w- c:\program files\Avira
 2010-05-02 16:36 . 2010-05-02 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
 2010-05-02 13:42 . 2010-05-02 14:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Yahoo
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-----w- c:\windows\system32\config\sys​temprofile\Application Data\Yahoo!
 2010-05-02 13:33 . 2010-05-02 13:33 -------- d-----w- c:\documents and settings\LocalService\Applicat​ion Data\Yahoo!
 2010-05-02 13:32 . 2010-05-02 13:32 -------- d-sh--w- c:\documents and settings\LocalService\IETldCac​he
 2010-04-28 23:16 . 2010-03-26 08:33 43008 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\components\googletoolba​rloader.dll
 2010-04-28 23:16 . 2010-03-26 08:33 339456 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\libraries\googletoolbar​-ff2.dll
 2010-04-28 23:16 . 2010-03-26 08:32 346112 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\libraries\googletoolbar​-ff3.dll
 2010-04-28 23:16 . 2010-03-26 08:33 1496064 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\components\frozen.dll
 2010-04-26 19:11 . 2010-05-08 09:18 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERP​ROCESS.dll
 2010-04-26 19:11 . 2010-05-08 09:11 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
 2010-04-26 19:11 . 2010-05-08 09:10 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
 2010-04-26 19:11 . 2009-06-05 17:48 529200 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Player\DivXPlayerUninstall.exe
 2010-04-26 19:11 . 2009-06-05 17:48 529200 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall​.exe
 2010-04-26 19:11 . 2009-06-05 17:47 529200 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninsta​ll.exe
 2010-04-26 19:11 . 2009-06-05 17:47 529200 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Codec\DivXCodecUninstall.exe
 2010-04-26 19:11 . 2010-04-26 19:11 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstalle​r.exe
 2010-04-26 19:11 . 2010-04-26 19:11 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Unin​staller.exe
 2010-04-26 19:10 . 2010-04-26 19:10 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.ex​e
 2010-04-26 18:08 . 2010-05-08 09:11 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERP​ROCESS.exe
 2010-04-26 18:06 . 2010-05-08 09:18 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
 2010-04-11 15:57 . 2010-04-11 15:57 -------- d-----w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\ViiKiiDesktopPlugin.5E22E​A0FF243470AB5EDDF282C0A5B52E99​09C36.1
 2010-04-11 15:57 . 2010-04-11 15:56 38784 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Macromedia\Flash Player\www.macromedia.com\bin\​airappinstaller\airappinstalle​r.exe
 2010-04-11 15:57 . 2010-04-11 15:57 -------- d-----w- c:\program files\ViiKiiDesktopPlugin
 2010-04-11 15:57 . 2010-04-11 15:57 -------- d-----w- c:\program files\Common Files\Adobe AIR

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2010-05-08 09:43 . 2007-04-08 13:17 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
 2010-05-08 09:18 . 2008-05-11 12:59 -------- d-----w- c:\program files\DivX
 2010-05-06 21:44 . 2008-01-26 02:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
 2010-05-06 21:12 . 2006-01-05 03:45 -------- d-----w- c:\program files\Common Files\Symantec Shared
 2010-05-06 21:05 . 2009-12-16 16:51 -------- d-----w- c:\program files\Yahoo!
 2010-05-03 16:07 . 2010-05-03 16:07 0 ----a-w- c:\documents and settings\ABDULSALAM.M.Z\ntuser​.tmp
 2010-05-03 15:32 . 2008-01-26 02:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
 2010-05-02 13:42 . 2008-01-27 14:12 -------- d-----w- c:\program files\Alwil Software
 2010-04-26 19:10 . 2009-06-05 17:47 -------- d-----w- c:\program files\Common Files\DivX Shared
 2010-04-18 21:54 . 2006-02-04 12:49 -------- d-----w- c:\documents and settings\LocalService\Applicat​ion Data\Sony Corporation
 2010-03-10 06:15 . 2005-08-31 08:56 420352 ----a-w- c:\windows\system32\vbscript.d​ll
 2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- c:\windows\system32\dpl100.dll
 2010-02-25 06:24 . 2005-08-31 08:56 916480 ----a-w- c:\windows\system32\wininet.dl​l
 2010-02-24 13:11 . 2005-08-31 08:56 455680 ----a-w- c:\windows\system32\drivers\mr​xsmb.sys
 2010-02-17 07:10 . 2005-08-31 08:56 2189952 ----a-w- c:\windows\system32\ntoskrnl.e​xe
 2010-02-16 13:25 . 2004-08-03 22:59 2066816 ----a-w- c:\windows\system32\ntkrnlpa.e​xe
 2010-02-12 10:03 . 2010-04-07 13:22 293376 ------w- c:\windows\system32\browsercho​ice.exe
 2010-02-12 04:33 . 2005-08-31 08:56 100864 ----a-w- c:\windows\system32\6to4svc.dl​l
 2010-02-11 12:02 . 2005-08-31 08:56 226880 ----a-w- c:\windows\system32\drivers\tc​pip6.sys
 .

 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "BgMonitor_{79662E04-7C6C-4d9f​-84C7-88D8A56B10AA}"="c:\progr​am files\Common Files\Ahead\lib\NMBgMonitor.ex​e" [2005-09-25 94208]
 "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-19 247144]
 "DownloadAccelerator"="c:\prog​ram files\DAP\DAP.EXE" [2009-04-05 2811392]
 "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohweb​player.exe" [2010-02-22 2633976]
 "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\​Messenger\YahooMessenger.exe" [2009-11-10 5244216]
 "Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-05-15 184320]
 "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
 "VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2006-07-31 151552]
 "SsAAD.exe"="c:\progra~1\Sony\​SONICS~1\SsAAD.exe" [2005-06-03 81920]
 "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched​.exe" [2006-05-20 180269]
 "NeroFilterCheck"="c:\windows\​system32\NeroCheck.exe" [2005-09-25 155648]
 "HKSERV.EXE"="c:\program files\Sony\HotKey Utility\HKserv.exe" [2002-07-31 475136]
 "QuickTime Task"="d:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-06-29 286720]
 "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
 "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="c:\windows\syste​m32\CTFMON.EXE" [2008-04-14 15360]

 c:\documents and settings\Default User\Start Menu\Programs\Startup\
 E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2005-9-1 491520]
 VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-11-4 778240]

 c:\documents and settings\Administrator\Start Menu\Programs\Startup\
 E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2005-9-1 491520]

 c:\documents and settings\ABDULSALAM.M.Z\Start Menu\Programs\Startup\
 ViiKiiDesktopPlugin.lnk - c:\program files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe [2010-4-11 95232]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
 2005-05-21 00:42 73728 ----a-w- c:\windows\system32\VESWinlogo​n.dll

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BTTray.l​nk
 backup=c:\windows\pss\BTTray.l​nkCommon Startup

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^Prayer Times.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Prayer Times.lnk
 backup=c:\windows\pss\Prayer Times.lnkCommon Startup

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Alcmtr]
 2005-05-03 09:43 69632 ----a-w- c:\windows\ALCMTR.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Apoint]
 2004-11-17 11:47 118784 ----a-w- c:\program files\Apoint\Apoint.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AzMixerSel]
 2005-06-11 10:51 53248 ----a-w- c:\program files\Realtek\InstallShield\Az​MixerSel.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ctfmon.exe]
 2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\DownloadAccelerator]
 2009-04-05 18:20 2811392 ----a-w- c:\program files\DAP\DAP.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
 2006-11-13 12:07 1289000 ----a-w- c:\progra~1\MICROS~2\wcescomm.​exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxhkcmd]
 2005-08-05 01:56 77824 ----a-w- c:\windows\system32\hkcmd.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxpers]
 2005-08-05 01:56 114688 ----a-w- c:\windows\system32\igfxpers.e​xe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxtray]
 2005-08-05 01:57 94208 ----a-w- c:\windows\system32\igfxtray.e​xe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
 2004-08-04 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig​.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Mous​e Suite 98 Daemon]
 2002-03-14 23:46 45056 ----a-w- c:\windows\system32\ico.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSPY2002]
 2004-08-04 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLG​NT\IMSCINST.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PHIME2002A]
 2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLG​NT\TINTSETP.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PHIME2002ASync]
 2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLG​NT\TINTSETP.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RTHDCPL]
 2005-08-09 06:17 14743552 ----a-w- c:\windows\RTHDCPL.EXE

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecFirewall]
 "DisableMonitoring"=dword:0000​0001

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "c:\\WINDOWS\\system32\\grdmgr​.exe"=
 "d:\\Program Files\\veoh\\VeohClient.exe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "%windir%\\system32\\sessmgr.e​xe"=
 "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync RAPI Manager
 "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.25​4.2.0/255.255.255.0:Enabled:Ac​tiveSync Connection Manager
 "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync Application
 "c:\\Program Files\\GigaTribe\\gigatribe.ex​e"=
 "c:\\Program Files\\DAP\\DAP.exe"=
 "c:\\Program Files\\Yahoo!\\Messenger\\Yaho​oMessenger.exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
 "c:\\Program Files\\Messenger\\msmsgs.exe"=
 "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohw​ebplayer.exe"=

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "26675:TCP"= 26675:TCP:169.254.2.0/255.255.​255.0:Enabled:ActiveSync Service

 R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [02/05/2010 18:36 108289]
 R2 TomTomHOMEService;TomTomHOMESe​rvice;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [19/08/2009 17:37 92008]
 S3 AIR555;Sierra Wireless AirCard 555 NIC + Modem (NIC Interface);c:\windows\system32​\drivers\air555.sys [17/06/2006 12:44 125608]
 S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\DR​IVERS\fbxusb.sys --> c:\windows\system32\DRIVERS\fb​xusb.sys [?]
 S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;c:\windows\system32\driv​ers\ewusbmdm.sys [16/06/2006 18:08 65152]
 S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;c:\windows\system32\​drivers\ewusbser.sys [16/06/2006 18:08 65152]
 .
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://www.google.fr/
 IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
 IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
 IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\​EXCEL.EXE/3000
 IE: Envoyer à &Bluetooth - d:\program files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classe​s/xmldso.cab
 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} - hxxp://www.bitdefender.fr/scan​_fr/scan8/oscan8.cab
 FF - ProfilePath - c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\
 FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?l​r=&ie=UTF-8&oe=UTF-8&q=
 FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q​=
 FF - component: c:\documents and settings\ABDULSALAM.M.Z\Applic​ation Data\Mozilla\Firefox\Profiles\​6nj00rm5.default\extensions\{3​112ca9c-de6d-4884-a869-9855de6​8056c}\components\frozen.dll
 FF - component: c:\program files\DAP\DAPFireFox\component​s\DAPFireFox.dll
 FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
 FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJ​PI150_03.dll
 FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPl​ayerVideoPluginATL.dll
 FF - plugin: d:\program files\DivX\DivX Player\npDivxPlayerPlugin.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin2.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin3.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin4.dll
 FF - plugin: d:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplu​gin5.dll
 FF - plugin: d:\program files\veoh\Plugins\noreg\NPVeo​hVersion.dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 FF - user.js: general.useragent.extra.zencas​t - Creative ZENcast v1.02.10);user_pref(yahoo.ytff​.general.dontshowhpoffer, true
 FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q​=
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_wind​ows", false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_ima​ge_resizing", true);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewith​caret_shortcut.enabled", true);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.h​igh_water_mark", 32);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.g​c_frequency",   1600);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-gener​ic-ntlm", false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabl​ed", -1);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWei​ght",       2);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketS​ize",       1);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTime​Groupings", 25);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGro​upingSize", 604800);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundar​yWeight",   25);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixW​eight",     5);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.allow_unres​tricted_renego_everywhere__tem​porarily_available_pref", true);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.renego_unre​stricted_hosts", "" );
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.treat_unsaf​e_negotiation_as_broken", false);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.require_saf​e_negotiation",  false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox-​branding.js - pref("app.update.download.back​groundInterval", 600);
 c:\program files\Mozilla Firefox\defaults\pref\firefox-​branding.js - pref("app.update.url.manual", "http://www.firefox.com" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox-​branding.js - pref("browser.search.param.yah​oo-fr-ja", "mozff" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("extensions.{972ce4c6-7e0​8-4474-a285-3208198ce6fd}.name​", "chrome://browser/locale/brows​er.properties" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("extensions.{972ce4c6-7e0​8-4474-a285-3208198ce6fd}.desc​ription", "chrome://browser/locale/brows​er.properties" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("xpinstall.whitelist.add"​, "addons.mozilla.org" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("xpinstall.whitelist.add.​36", "getpersonas.com" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("lightweightThemes.update​.enabled", true);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.allTabs.previews​", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("plugins.hide_infobar_for​_outdated_plugin", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("plugins.update.notifyUse​r", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("toolbar.customization.us​esheet", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.taskbar.previews​.enable", false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.taskbar.previews​.max", 20);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("browser.taskbar.previews​.cachetime", 20);
 .

 ******************************​******************************​**************

 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2010-05-09 01:03
 Windows 5.1.2600 Service Pack 3 NTFS

 Recherche de processus cachés ...

 Recherche d'éléments en démarrage automatique cachés ...

 Recherche de fichiers cachés ...

 Scan terminé avec succès
 Fichiers cachés: 0

 ******************************​******************************​**************
 .
 --------------------- CLES DE REGISTRE BLOQUEES ---------------------

 [HKEY_LOCAL_MACHINE\software\Mi​crosoft\Windows\CurrentVersion​\Installer\UserData\LocalSyste​m\Components\€–€|ÿÿÿ​ÿÀ•€|ù•A~*]
 "C040110900063D11C8EF100540383​89C"="C?\\WINDOWS\\system32\\F​M20ENU.DLL"
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------

 - - - - - - - > 'winlogon.exe'(756)
 c:\windows\system32\VESWinlogo​n.dll

 - - - - - - - > 'explorer.exe'(2236)
 c:\windows\system32\WININET.dl​l
 c:\progra~1\WINDOW~2\wmpband.d​ll
 c:\windows\system32\ieframe.dl​l
 c:\windows\system32\webcheck.d​ll
 c:\windows\system32\WPDShServi​ceObj.dll
 c:\windows\system32\PortableDe​viceTypes.dll
 c:\windows\system32\PortableDe​viceApi.dll
 .
 Heure de fin: 2010-05-09  01:07:10
 ComboFix-quarantined-files.txt  2010-05-08 23:07
 ComboFix2.txt  2010-05-06 22:24

 Avant-CF: 4 302 606 336 bytes free
 Après-CF: 4 303 048 704 bytes free

 - - End Of File - - 37B1AF84809E123103C3E100A77450​E7

 Ca fait plaisir d'avoir un pc en bonne sante :super: merci
 On attend vos ordres capitaine!

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 09/05/2010 à 14:48:30  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 Télécharge RSIT (de random/random) sur le bureau :

 - Sur le bureau, double clique sur RSIT.exe ;
 - Clique sur Continue (Disclaimer) dans la fenêtre ;

 Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.

 Lorsque l’ analyse sera achevée, 2 fichiers texte s’ ouvriront (avec le bloc-notes).

 Poste le contenu de log.txt (celui qui apparaît à l’ écran) ainsi que info.txt (que tu verras dans la Barre des tâches).

 Tutoriel ->  ici

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 09/05/2010 à 19:35:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Coucou,

 le scan log:

 Logfile of random's system information tool 1.07 (written by random/random)
 Run by ABDULSALAM.M.Z at 2010-05-09 20:30:48
 Microsoft Windows XP Professional Service Pack 3
 System drive C: has 4 GB (20%) free of 19 GB
 Total RAM: 1014 MB (21% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 20:31:25, on 09/05/2010
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\WINDOWS\Explorer.EXE
 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
 C:\PROGRA~1\Sony\SONICS~1\SsAA​D.exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\Sony\HotKey Utility\HKserv.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
 C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.ex​e
 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
 C:\Program Files\DAP\DAP.EXE
 C:\Program Files\SFR\Kit\9props.exe
 C:\PROGRA~1\MICROS~2\rapimgr.e​xe
 C:\Program Files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 D:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
 C:\WINDOWS\system32\CTsvcCDA.e​xe
 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
 C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 C:\Program Files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\RSIT.exe
 C:\Program Files\trend micro\ABDULSALAM.M.Z.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7A​C245081} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\YTSingleInstance.dll
 O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF​26AB263} - D:\Program Files\veoh\Plugins\reg\VeohToo​lbar.dll
 O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B1​0099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIET​oolbar.dll
 O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D​9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
 O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
 O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAA​D.exe
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
 O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
 O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-​84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.ex​e"
 O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
 O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
 O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
 O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe"
 O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\​YahooMessenger.exe" -quiet
 O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - S-1-5-18 Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'SYSTEM')
 O4 - S-1-5-18 Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'SYSTEM')
 O4 - .DEFAULT Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'Default user')
 O4 - .DEFAULT Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
 O4 - .DEFAULT User Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'Default user')
 O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
 O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe
 O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
 O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
 O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Envoyer à &Bluetooth - D:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npj​pi150_03.dll
 O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npj​pi150_03.dll
 O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.​dll
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.d​ll
 O14 - IERESET.INF: START_PAGE_URL=http://home.fre​e.fr/
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
 O16 - DPF: {6A344D34-5231-452A-8A57-D064A​C9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
 O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C​90312E1} - C:\WINDOWS\system32\browseui.d​ll
 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\WINDOWS\system32\browseui.d​ll
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
 O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
 O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
 O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
 O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
 O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
 O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.​exe
 O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResour​ceManager\VzHardwareResourceMa​nager.exe
 O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedS​erver-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
 O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedS​erver-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedS​erver-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe
 O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gate​way) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
 O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe

 --
 End of file - 12897 bytes

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
 &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2008-07-28 882416]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
 Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll [2009-01-26 1879896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
 SingleInstance Class - C:\Program Files\Yahoo!\Companion\Install​s\cpn\YTSingleInstance.dll [2008-07-28 160496]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {D0943516-5076-4020-A3B5-AEFAF​26AB263} - Veoh Browser Plug-in - D:\Program Files\veoh\Plugins\reg\VeohToo​lbar.dll [2008-04-01 352256]
 {0FBB9689-D3D7-4f7a-A2E2-585B1​0099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIET​oolbar.dll [2009-04-03 429816]
 {52836EB0-631A-47B1-94A6-61F9D​9112DAE} - Veoh Video Compass - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll [2009-05-20 456440]
 {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2008-07-28 882416]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2005-05-15 184320]
 "ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
 "VAIO Update 2"=C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [2006-07-31 151552]
 "SsAAD.exe"=C:\PROGRA~1\Sony\S​ONICS~1\SsAAD.exe [2005-06-03 81920]
 "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched​.exe [2006-05-20 180269]
 "NeroFilterCheck"=C:\WINDOWS\s​ystem32\NeroCheck.exe [2005-09-25 155648]
 "HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe [2002-07-31 475136]
 "QuickTime Task"=D:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2007-06-29 286720]
 "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
 "DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-04-13 1135912]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "BgMonitor_{79662E04-7C6C-4d9f​-84C7-88D8A56B10AA}"=C:\Progra​m Files\Common Files\Ahead\lib\NMBgMonitor.ex​e [2005-09-25 94208]
 "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
 "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-08-19 247144]
 "DownloadAccelerator"=C:\Progr​am Files\DAP\DAP.EXE [2009-04-05 2811392]
 "VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe [2010-02-23 2633976]
 "Messenger (Yahoo!)"=C:\PROGRA~1\Yahoo!\M​essenger\YahooMessenger.exe [2009-11-10 5244216]
 "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-10-15 959808]
 "ctfmon.exe"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Alcmtr]
 C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Apoint]
 C:\Program Files\Apoint\Apoint.exe [2004-11-17 118784]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AzMixerSel]
 C:\Program Files\Realtek\InstallShield\Az​MixerSel.exe [2005-06-11 53248]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ctfmon.exe]
 C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\DownloadAccelerator]
 C:\Program Files\DAP\DAP.EXE [2009-04-05 2811392]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
 C:\PROGRA~1\MICROS~2\wcescomm.​exe [2006-11-13 1289000]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxhkcmd]
 C:\WINDOWS\system32\hkcmd.exe [2005-08-05 77824]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxpers]
 C:\WINDOWS\system32\igfxpers.e​xe [2005-08-05 114688]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igfxtray]
 C:\WINDOWS\system32\igfxtray.e​xe [2005-08-05 94208]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
 C:\WINDOWS\IME\imjp8_1\IMJPMIG​.EXE [2004-08-04 208952]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Mous​e Suite 98 Daemon]
 C:\WINDOWS\system32\ICO.EXE [2002-03-15 45056]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MSPY2002]
 C:\WINDOWS\system32\IME\PINTLG​NT\ImScInst.exe [2004-08-04 59392]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PHIME2002A]
 C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE [2004-08-04 455168]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PHIME2002ASync]
 C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE [2004-08-04 455168]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RTHDCPL]
 C:\WINDOWS\RTHDCPL.EXE [2005-08-09 14743552]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
 D:\PROGRA~1\WIDCOMM\LOGICI~1\B​TTray.exe [2005-01-01 569405]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^All Users^Start Menu^Programs^Startup^Prayer Times.lnk]
 C:\HAD\PTW.EXE  []

 C:\Documents and Settings\ABDULSALAM.M.Z\Start Menu\Programs\Startup
 ViiKiiDesktopPlugin.lnk - C:\Program Files\ViiKiiDesktopPlugin\ViiK​iiDesktopPlugin.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\WINDOWS\system32\igfxdev.dl​l [2005-08-05 135168]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
 C:\WINDOWS\system32\VESWinlogo​n.dll [2005-05-21 73728]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
 C:\WINDOWS\system32\WgaLogon.d​ll [2008-09-06 241704]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad]
 UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de​9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
 WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll [2006-10-18 133632]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=323
 "NoDriveAutoRun"=67108863
 "NoDrives"=0

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "NoDriveAutoRun"=
 "NoDriveTypeAutoRun"=
 "HonorAutoRunSetting"=
 "NoDrives"=

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "C:\WINDOWS\system32\grdmgr.ex​e"="C:\WINDOWS\system32\grdmgr​.exe:*:Enabled:CDN ???? ??"
 "D:\Program Files\veoh\VeohClient.exe"="D:​\Program Files\veoh\VeohClient.exe:*:En​abled:Veoh Client"
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Pr​ogram Files\Microsoft ActiveSync\rapimgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync RAPI Manager"
 "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\P​rogram Files\Microsoft ActiveSync\wcescomm.exe:169.25​4.2.0/255.255.255.0:Enabled:Ac​tiveSync Connection Manager"
 "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Pr​ogram Files\Microsoft ActiveSync\WCESMgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync Application"
 "C:\Program Files\GigaTribe\gigatribe.exe"​="C:\Program Files\GigaTribe\gigatribe.exe:​*:Enabled:gigatribe"
 "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Do​wnload Accelerator Plus (DAP)"
 "C:\Program Files\Yahoo!\Messenger\YahooMe​ssenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMe​ssenger.exe:*:Enabled:Yahoo! Messenger"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Messenger\msmsgs.exe"="C​:\Program Files\Messenger\msmsgs.exe:*:E​nabled:Windows Messenger"
 "C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohweb​player.exe:*:Enabled:Veoh Web Player "

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Pr​ogram Files\Microsoft ActiveSync\rapimgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync RAPI Manager"
 "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\P​rogram Files\Microsoft ActiveSync\wcescomm.exe:169.25​4.2.0/255.255.255.0:Enabled:Ac​tiveSync Connection Manager"
 "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Pr​ogram Files\Microsoft ActiveSync\WCESMgr.exe:169.254​.2.0/255.255.255.0:Enabled:Act​iveSync Application"
 "C:\Program Files\MSN Messenger\livecall.exe"="C:\Pr​ogram Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone)"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"

 ======List of files/folders created in the last 1 months======

 2010-05-09 20:30:48 ----D---- C:\rsit
 2010-05-09 01:07:11 ----A---- C:\ComboFix.txt
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\zip.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\SWXCACLS.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\SWSC.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\SWREG.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\sed.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\PEV.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\NIRCMD.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\MBR.exe
 2010-05-09 00:55:30 ----A---- C:\WINDOWS\grep.exe
 2010-05-09 00:55:02 ----D---- C:\Qoobox
 2010-05-08 23:57:14 ----D---- C:\Shimbya16650S
 2010-05-06 23:59:22 ----A---- C:\Boot.bak
 2010-05-06 23:59:14 ----RASHD---- C:\cmdcons
 2010-05-06 23:56:42 ----D---- C:\Shimbya
 2010-05-06 23:31:27 ----A---- C:\WINDOWS\SchedLgU.Txt
 2010-05-06 23:05:21 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
 2010-05-06 23:04:51 ----D---- C:\Program Files\CCleaner
 2010-05-06 21:54:53 ----D---- C:\Documents and Settings\ABDULSALAM.M.Z\Applic​ation Data\Malwarebytes
 2010-05-06 21:54:29 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
 2010-05-06 21:54:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
 2010-05-02 18:36:20 ----D---- C:\Program Files\Avira
 2010-05-02 18:36:20 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
 2010-05-02 15:42:18 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
 2010-04-26 20:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
 2010-04-15 00:10:28 ----HDC---- C:\WINDOWS\$NtUninstallKB97968​3$
 2010-04-15 00:10:15 ----HDC---- C:\WINDOWS\$NtUninstallKB98023​2$
 2010-04-15 00:07:39 ----HDC---- C:\WINDOWS\$NtUninstallKB97833​8$
 2010-04-15 00:07:28 ----HDC---- C:\WINDOWS\$NtUninstallKB97781​6$
 2010-04-15 00:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB97860​1$
 2010-04-15 00:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB97930​9$
 2010-04-11 17:57:09 ----D---- C:\Documents and Settings\ABDULSALAM.M.Z\Applic​ation Data\ViiKiiDesktopPlugin.5E22E​A0FF243470AB5EDDF282C0A5B52E99​09C36.1
 2010-04-11 17:57:05 ----D---- C:\Program Files\ViiKiiDesktopPlugin
 2010-04-11 17:57:00 ----D---- C:\Program Files\Common Files\Adobe AIR

 ======List of files/folders modified in the last 1 months======

 2010-05-09 20:31:24 ----D---- C:\Program Files\Trend Micro
 2010-05-09 20:30:53 ----D---- C:\WINDOWS\Prefetch
 2010-05-09 12:57:00 ----D---- C:\WINDOWS\TEMP
 2010-05-09 12:56:56 ----D---- C:\WINDOWS\system32\CatRoot2
 2010-05-09 12:56:25 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
 2010-05-09 01:04:02 ----D---- C:\WINDOWS
 2010-05-09 01:04:02 ----A---- C:\WINDOWS\system.ini
 2010-05-09 01:01:58 ----D---- C:\WINDOWS\system32\drivers
 2010-05-09 01:01:58 ----D---- C:\WINDOWS\system32
 2010-05-09 01:01:58 ----D---- C:\WINDOWS\AppPatch
 2010-05-09 01:01:55 ----D---- C:\Program Files\Common Files
 2010-05-09 00:55:29 ----SHD---- C:\System Volume Information
 2010-05-09 00:55:29 ----D---- C:\WINDOWS\system32\Restore
 2010-05-09 00:55:17 ----D---- C:\WINDOWS\erdnt
 2010-05-08 11:18:02 ----D---- C:\Program Files\DivX
 2010-05-07 18:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB97556​1$
 2010-05-07 00:22:48 ----SD---- C:\WINDOWS\Tasks
 2010-05-07 00:13:37 ----D---- C:\WINDOWS\system32\config
 2010-05-07 00:12:37 ----RD---- C:\Program Files
 2010-05-06 23:59:22 ----RASH---- C:\boot.ini
 2010-05-06 23:44:38 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
 2010-05-06 23:29:12 ----D---- C:\WINDOWS\Minidump
 2010-05-06 23:29:12 ----D---- C:\WINDOWS\Debug
 2010-05-06 23:18:02 ----HDC---- C:\WINDOWS\$NtUninstallKB89305​6$
 2010-05-06 23:12:30 ----D---- C:\Program Files\Common Files\Symantec Shared
 2010-05-06 23:11:59 ----SHD---- C:\WINDOWS\Installer
 2010-05-06 23:05:29 ----D---- C:\Program Files\Yahoo!
 2010-05-06 22:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB94664​8_0$
 2010-05-06 21:42:00 ----AC---- C:\WINDOWS\WININIT.INI
 2010-05-03 17:32:08 ----D---- C:\Program Files\Spybot - Search & Destroy
 2010-05-02 18:37:24 ----HD---- C:\WINDOWS\inf
 2010-05-02 15:43:05 ----D---- C:\WINDOWS\WinSxS
 2010-05-02 15:42:18 ----D---- C:\Program Files\Alwil Software
 2010-05-02 15:31:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
 2010-04-26 21:10:38 ----D---- C:\Program Files\Common Files\DivX Shared
 2010-04-24 20:14:44 ----A---- C:\Documents and Settings\ABDULSALAM.M.Z\Applic​ation Data\QuickZip45.ini
 2010-04-15 00:10:21 ----HD---- C:\WINDOWS\$hf_mig$
 2010-04-15 00:06:49 ----D---- C:\WINDOWS\ie8updates
 2010-04-11 17:57:09 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
 2010-04-11 17:56:23 ----D---- C:\Documents and Settings\ABDULSALAM.M.Z\Applic​ation Data\Adobe
 2010-04-11 13:20:54 ----D---- C:\Program Files\Mozilla Firefox

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
 R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\av​ipbb.sys [2009-03-30 96104]
 R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DM​ICall.sys [2000-12-06 3952]
 R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-13 36352]
 R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ss​mdrv.sys [2010-05-03 28520]
 R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\St​arOpen.sys [2006-07-24 5632]
 R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\Ae​gisP.sys [2005-09-01 17801]
 R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\av​gntflt.sys [2010-05-03 56816]
 R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\driver​s\btserial.sys []
 R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\driver​s\btslbcsp.sys []
 R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\md​mxsdk.sys [2004-03-17 13059]
 R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nw​lnkipx.sys [2008-04-13 88320]
 R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nw​lnknb.sys [2004-08-04 63232]
 R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nw​lnkspx.sys [2004-08-04 55936]
 R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s2​4trans.sys [2005-05-03 11354]
 R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Ap​filtr.sys [2004-11-22 108767]
 R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\ar​p1394.sys [2008-04-13 60800]
 R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\bt​krnl.sys [2004-11-29 1337850]
 R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\Cm​Batt.sys [2008-04-13 13952]
 R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2008-04-13 144384]
 R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HS​F_DPV.sys [2005-05-23 1034752]
 R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HS​FHWAZL.sys [2005-05-23 178048]
 R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ia​lmnt5.sys [2005-08-05 1049180]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2005-08-09 3855360]
 R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\ni​c1394.sys [2008-04-13 61824]
 R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nw​rdr.sys [2008-04-13 163584]
 R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​lnicxp.sys [2005-03-04 74496]
 R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\So​nyNC.sys [2000-11-09 48896]
 R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\ti​fmsony.sys [2005-08-11 77312]
 R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\us​behci.sys [2008-04-13 30208]
 R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\us​bhub.sys [2008-04-13 59520]
 R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w2​9n51.sys [2005-05-01 3281408]
 R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HS​F_CNXT.sys [2005-05-23 716288]
 S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\In​CDPass.sys []
 S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\In​CDRm.sys []
 S3 AIR555;Sierra Wireless AirCard 555 NIC + Modem (NIC Interface); C:\WINDOWS\system32\DRIVERS\ai​r555.sys [2003-01-07 125608]
 S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\bt​audio.sys [2004-11-29 399616]
 S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\bt​port.sys [2004-11-29 30299]
 S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\bt​wusb.sys [2004-11-29 55320]
 S3 catchme;catchme; \??\C:\DOCUME~1\ABDULS~1.Z\LOC​ALS~1\Temp\catchme.sys []
 S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 fbxusb;FreeBox USB Network Adapter; C:\WINDOWS\system32\DRIVERS\fb​xusb.sys []
 S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem; C:\WINDOWS\system32\DRIVERS\ew​usbmdm.sys [2005-07-26 65152]
 S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface; C:\WINDOWS\system32\DRIVERS\ew​usbser.sys [2005-07-26 65152]
 S3 LEX_AS_NIC_SERVICE_YNOS;LAN-Ex​press AS IEEE 802.11g Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\Ex​pasAG.sys [2005-02-11 456448]
 S3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf​.sys [2008-04-13 63744]
 S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2001-08-17 12160]
 S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 NOWMEMDF;NOWMEMDF; \??\C:\WINDOWS\system32\NOWMEM​DF.sys []
 S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\Pa​lmUSBD.sys [2001-05-31 12270]
 S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv​2kux.sys [2001-08-17 3328]
 S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se​59bus.sys [2006-09-05 61536]
 S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se​59mdfl.sys [2006-09-05 9360]
 S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se​59mdm.sys [2006-09-05 97088]
 S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se​59mgmt.sys [2006-09-05 88624]
 S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se​59obex.sys [2006-09-05 86432]
 S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se​59unic.sys [2006-09-05 90800]
 S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 SoC PC-Camera Service;SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\pf​c027.sys [2003-10-17 123052]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\us​b8023x.sys [2008-04-13 12800]
 S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\us​bohci.sys [2008-04-13 17152]
 S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\us​bscan.sys [2008-04-13 15104]
 S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 S3 usbvm321;Sony Visual Communication Camera VGP-VCC1; C:\WINDOWS\System32\Drivers\us​bvm321.sys [2005-08-12 231936]
 S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wc​eusbsh.sys [2005-06-14 104576]
 S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wp​dusb.sys [2006-10-18 38528]
 S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]
 S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\In​CDFs.sys []

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-05-03 108289]
 R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-05-03 185089]
 R2 btwdins;Bluetooth Service; D:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2004-11-29 254007]
 R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.e​xe [1999-12-12 44032]
 R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
 R2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 TomTomHOMEService;TomTomHOMESe​rvice; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-08-19 92008]
 R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2005-05-21 153600]
 R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2005-06-15 131072]
 R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2005-06-15 118784]
 R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\Ya​hooAUService.exe [2008-11-09 602392]
 R3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2005-06-03 69632]
 R3 VAIO Entertainment Aggregation and Control Service;VAIO Entertainment Aggregation and Control Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [2005-02-09 143360]
 R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2005-06-15 270336]
 S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe [2005-04-03 69632]
 S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-06-07 53337]
 S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
 S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-06-07 53337]
 S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-02-08 212480]
 S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-06-07 69718]
 S3 VAIO Entertainment Task Scheduler;VAIO Entertainment Task Scheduler; C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.​exe [2005-02-10 397312]
 S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResour​ceManager\VzHardwareResourceMa​nager.exe [2005-06-15 73728]
 S3 VAIOMediaPlatform-IntegratedSe​rver-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2005-06-07 1851392]
 S3 VAIOMediaPlatform-IntegratedSe​rver-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2005-06-07 57344]
 S3 VAIOMediaPlatform-IntegratedSe​rver-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe [2005-06-07 770048]
 S3 VAIOMediaPlatform-Mobile-Gatew​ay;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2005-06-07 188416]
 S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
 S3 xyidreccjyvs;xyidreccjyvs; C:\WINDOWS\system32\drivers\xy​idreccjyvs.sys []
 S4 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEn​g.exe [2005-06-03 86016]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
 S4 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSr​vc.exe [2005-06-03 139264]
 S4 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24Ev​Mon.exe [2005-06-03 372809]

 -----------------EOF----------​-------

shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 09/05/2010 à 19:43:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
et le scan Info

 info.txt logfile of random's system information tool 1.06 2010-05-09 20:31:34

 ======Uninstall list======

 -->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOUR​CE_U\Setup.exe" /remove /l0x040c
 -->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTE​NT_U\Setup.exe" /remove /l0x040c
 -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CD​BURNER_U\Setup.exe" /remove /l0x040c
 -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MT​P_U\Setup.exe" /remove /l0x040c
 -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ON​LINESTORE_U\Setup.exe" /remove /l0x040c
 -->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER​_SKINPACK_U\Setup.exe" /remove /l0x040c
 -->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninsta​ll.exe /CONVERTER
 -->C:\PROGRA~1\Yahoo!\Common\U​NYT_W~1.EXE
 -->C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
 -->C:\WINDOWS\system32\\MSIEXE​C.EXE /x {075473F5-846A-448B-BCB3-104AA​1760205}
 -->C:\WINDOWS\system32\\MSIEXE​C.EXE /x {AB708C9B-97C8-4AC9-899B-DBF22​6AC9382}
 -->C:\WINDOWS\system32\\MSIEXE​C.EXE /x {B12665F4-4E93-4AB4-B7FC-37053​B524629}
 -->Dummy
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{FD836E74-7923-417​4-A055-F97CD0F3BB46}\Setup.exe​" -l0x9
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-422​1-B1D0-1C3B8A06BE60}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-422​1-B1D0-1C3B8A06BE60}\setup.exe​" -l0x40c  /remove
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417​D-87BC-0186D6CB7A44}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43F​C-848A-9FE4A53B29CE}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-487​8-82A2-96054622A1F7}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-487​8-82A2-96054622A1F7}\setup.exe​" -l0x40c  /remove
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C9F6AF4-E9D9-47F​E-BE4B-E637C2FCB410}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C9F6AF4-E9D9-47F​E-BE4B-E637C2FCB410}\setup.exe​" -l0x40c  /remove
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-428​0-9B56-452FF877D5B9}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-428​0-9B56-452FF877D5B9}\setup.exe​" -l0x40c  /remove
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D7​2-B3FE-71AAA693A8E2}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D7​2-B3FE-71AAA693A8E2}\setup.exe​" -l0x40c  /remove
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D0​2-A763-D32204D2563D}\setup.exe​" -l0x40c
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D0​2-A763-D32204D2563D}\setup.exe​" -l0x40c  /remove
 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417​A-90F8-88FD5B2C4AE7}\setup.exe​" -l0x40c
 -->rundll32.exe setupapi.dll,InstallHinfSectio​n DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
 7-Zip 4.32-->"C:\Program Files\7-Zip\Uninstall.exe"
 Adobe Acrobat 7.0.2 and Reader 7.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000​000000703}
 Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Ado​be AIR Updater.exe -arp:uninstall
 Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FD​C93386723}
 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\​Macromed\Flash\uninstall_activ​eX.exe
 Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\M​acromed\Flash\uninstall_plugin​.exe
 Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70​000000000}
 Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18​E473546C7}
 AudibleManager-->D:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
 AvantGo Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A90DCEC1-22DE-11D​4-B8A9-0050DAB648C6}\setup.exe​" -l0x9 CP
 Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
 CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
 Ciel eSauvegarde V2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{CBF7A3DA-880B-474​7-AB57-D74A4EBAC69E}\install.e​xe" UNINSTALL
 Click to DVD 2.0.03 Menu Data-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F3​9-9490-9ED45294073D}\setup.exe​" -l0x9  -removeonly
 Click to DVD 2.4.10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-426​9-8984-D1EB742F2151}\setup.exe​" -l0x9  -removeonly
 Configuration DivX-->C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
 Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B​3-AFAA-55D3533FDEDD}\SETUP.EXE​" -l0x40c  /remove
 Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43F​C-848A-9FE4A53B29CE}\setup.exe​" -l0x40c  /remove
 Creative ZEN V Series (R2)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9862E0CB-4727-4FF​C-963A-E22A9E9EC10C}\SETUP.EXE​" -l0x40c  /remove
 Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUn​installKB959772_WM11$\spuninst​\spuninst.exe"
 Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-174​3E51E01E9}
 DivX Codec-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Codec\DivXCodecUninstall.exe /CODEC
 DivX Converter-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninsta​ll.exe /CONVERTER
 DivX Player-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Player\DivXPlayerUninstall.exe /PLAYER
 DivX Plus DirectShow Filters-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall​.exe /DSFILTERS
 Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREM​OVE.EXE
 DVgate Plus-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{685BCC47-B8EC-45E​C-BBCE-77DF2451502C}\setup.exe​" -l0x9
 ESET Online Scanner-->C:\WINDOWS\system32\​OnlineScannerUninstaller.exe
 GAPI for HPCs-->C:\Program Files\Microsoft ActiveSync\GAPI for HPCs\Uninstall.exe GAPI for HPCs
 Gestionnaire de disques amovible Creative-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417​D-87BC-0186D6CB7A44}\setup.exe​" -l0x40c  /remove
 GigaTribe 2.46-->"C:\Program Files\GigaTribe\unins000.exe"
 HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAU​DIO_VEN_14F1&DEV_2BFA&SUBSYS_1​04D0600\HXFSETUP.EXE -U -ISnyHDAk.inf
 High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUnins​tallKB835221WXP$\spuninst\spun​inst.exe
 HijackThis 2.0.2-->"C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\HijackThis.exe" /uninstall
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A​786E658} /qb+ REBOOTPROMPT=""
 Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7up​dates\KB947864-IE7\spuninst\sp​uninst.exe"
 Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUn​installKB929399$\spuninst\spun​inst.exe"
 Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUn​installKB939683$\spuninst\spun​inst.exe"
 Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUn​installKB952287$\spuninst\spun​inst.exe"
 Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUn​installKB961118$\spuninst\spun​inst.exe"
 Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$N​tUninstallKB970653-v3$\spunins​t\spuninst.exe"
 Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$N​tUninstallKB976098-v2$\spunins​t\spuninst.exe"
 Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUn​installKB979306$\spuninst\spun​inst.exe"
 HotKey Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B36C3DFD-BAB0-451​3-BD27-FA4906A738FD}\Setup.exe​"
 Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
 Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C​063A63F31}
 Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dl​l,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
 Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installe​r\iProInst.exe
 InterVideo WinDVD for VAIO-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EB​A-A5AA-B198BBC81144}\setup.exe​" REMOVEALL
 InterVideo WinDVDX-->"C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-455​6-9878-5C61059A19B2}\setup.exe​" REMOVEALL
 J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B​0D0150030}
 K-Lite Mega Codec Pack 1.49-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
 LAN-Express AS IEEE 802.11 Wireless LAN-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{FCCB0B43-7A6D-49A​4-A5B3-B10F592F4EB6}\Setup.exe​" -l0x9
 Macromedia Flash Player-->MsiExec.exe /X{27579b3c-5470-4496-be6c-0c8​72674f19f}
 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
 Manuel de l'appareil Windows Mobile®-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
 mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A​19FE2E55A}
 mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A​198157A2A}
 Memory Stick Formatter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{27337663-2619-11D​4-99DC-0000F49094C7}\Setup.exe​" -l0x9 /UNINSTALL
 Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Micro​soft.NET\Framework\v1.1.4322\U​pdates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Fram​ework\v1.1.4322\Updates\M95329​7\M953297Uninstall.msp"
 Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52E​AE172A1}
 Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F5​2EAE172A1}
 Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1​D67F2073F}
 Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8D​CCDE8F8C7}
 Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET​\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
 Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4​DCF5C5BD9}
 Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-541​7BBAD48EE}
 Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C​8A0C4D570}
 Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallM​SCompPackV1$\spuninst\spuninst​.exe"
 Microsoft GB18030 Support Package-->MsiExec.exe /I{DEBACE7E-5DD1-42DB-AFE7-2B6​0E7CC80A8}
 Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallIDNMitigationAPIs$​\spuninst\spuninst.exe"
 Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallNLSDownlevelMappin​g$\spuninst\spuninst.exe"
 Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-015​0048383C9}
 Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-015​0048383C9}
 Microsoft Reader for Pocket PC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{AEFD48FE-2A76-11D​3-928B-00C04FB90523}\Setup.exe​" UninstReg
 Microsoft Text To Speech Engine-->MsiExec.exe /X{647B6F8B-645C-4992-99D8-492​02C689C05}
 Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstall​Wudf01005$\spuninst\spuninst.e​xe"
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0​f04e2912c}
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725​134ADF989}
 mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158​884CD87C5}
 Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
 mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD8​3026C36F5}
 mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B8​3ECBE3D83}
 MSN-->C:\Program Files\MSN\MsnInstaller\msninst​.exe /Action:ARP
 MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5​E3257BD94}
 MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAF​C6BCFF99F}
 MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-696​9D703A9EF}
 MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5​DCDC52A71}
 MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C1​1F044BDEC}
 mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D8​7D6914CC4}
 mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E​66EBEF401}
 Nero 7 Ultra Edition-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF​444441031}
 OpenMG Secure Module 4.2.00-->C:\PROGRA~1\COMMON~1\​INSTAL~1\Driver\9\INTEL3~1\IDr​iver.exe /M{849ABF1A-6AE3-45E1-B260-D54​47B2F29F5} UNINSTALL
 Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A0​93F35A238}
 Palm Desktop-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{BA0F44C2-A883-11D​1-AD0A-006097D15E2C}\setup.exe​" Uninstall
 PC Connectivity Solution-->MsiExec.exe /I{C9BBA7C4-39F2-45B9-876F-26A​6783833E7}
 Photohands 1.0F-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{544FB392-069D-4BA​5-9DC7-FFD47230AEE5}\Setup.exe​"
 PictureGear Studio 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{88DA0A52-3372-480​3-971A-ADFB961707E8}\setup.exe​"
 Quick Zip 4.60.013-->"C:\Program Files\QuickZip4\unins000.exe"
 QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F​7AB3EE7FC}
 RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst​.exe RealNetworks|RealPlayer|6.0
 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4ED​E-8A7C-958108FE7DBC}\Setup.exe​" -l0x9  -removeonly
 Roxio DigitalMedia Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF​226AC9382}
 Roxio DigitalMedia Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-370​53B524629}
 Roxio DigitalMedia Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104​AA1760205}
 Samsung S5230 Wallpaper Creator-->MsiExec.exe /I{88BFE745-3D1F-4B80-8C40-E62​6E5A8E613}
 Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUn​installKB898458$\spuninst\spun​inst.exe"
 Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUn​installKB923723$\spuninst\spun​inst.exe"
 Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7up​dates\KB938127-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7up​dates\KB942615-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7up​dates\KB944533-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7up​dates\KB950759-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7up​dates\KB953838-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7up​dates\KB956390-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7up​dates\KB958215-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7up​dates\KB960714-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7up​dates\KB961260-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7up​dates\KB963027-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7up​dates\KB969897-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8up​dates\KB969897-IE8\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8up​dates\KB971961-IE8\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8up​dates\KB972260-IE8\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8up​dates\KB974455-IE8\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8up​dates\KB976325-IE8\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8up​dates\KB981332-IE8\spuninst\sp​uninst.exe"
 Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUn​installKB952069_WM9$\spuninst\​spuninst.exe"
 Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUn​installKB954155_WM9$\spuninst\​spuninst.exe"
 Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUn​installKB968816_WM9$\spuninst\​spuninst.exe"
 Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUn​installKB973540_WM9$\spuninst\​spuninst.exe"
 Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUn​installKB911565$\spuninst\spun​inst.exe"
 Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUn​installKB917734_WMP10$\spunins​t\spuninst.exe"
 Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUn​installKB936782_WMP11$\spunins​t\spuninst.exe"
 Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUn​installKB954154_WM11$\spuninst​\spuninst.exe"
 Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUn​installKB923561$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUn​installKB938464$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$N​tUninstallKB938464-v2$\spunins​t\spuninst.exe"
 Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUn​installKB941569$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUn​installKB946648$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUn​installKB950760$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUn​installKB950762$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUn​installKB950974$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUn​installKB951066$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUn​installKB951376$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$N​tUninstallKB951376-v2$\spunins​t\spuninst.exe"
 Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUn​installKB951698$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUn​installKB951748$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUn​installKB952004$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUn​installKB952954$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUn​installKB953839$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUn​installKB954211$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUn​installKB954459$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUn​installKB954600$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUn​installKB955069$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUn​installKB956391$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUn​installKB956572$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUn​installKB956744$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUn​installKB956802$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUn​installKB956803$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUn​installKB956841$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUn​installKB956844$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUn​installKB957095$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUn​installKB957097$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUn​installKB958644$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUn​installKB958687$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUn​installKB958690$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUn​installKB958869$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUn​installKB959426$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUn​installKB960225$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUn​installKB960715$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUn​installKB960803$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUn​installKB960859$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUn​installKB961371$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUn​installKB961373$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUn​installKB961501$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUn​installKB968537$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUn​installKB969059$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUn​installKB969898$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUn​installKB969947$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUn​installKB970238$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUn​installKB970430$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUn​installKB971468$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUn​installKB971486$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUn​installKB971557$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUn​installKB971633$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUn​installKB971657$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUn​installKB972270$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUn​installKB973346$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUn​installKB973354$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUn​installKB973507$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUn​installKB973525$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUn​installKB973869$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUn​installKB973904$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUn​installKB974112$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUn​installKB974318$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUn​installKB974392$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUn​installKB974571$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUn​installKB975025$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUn​installKB975467$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUn​installKB975560$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUn​installKB975561$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUn​installKB975713$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB977165-v2)-->"C:\WINDOWS\$N​tUninstallKB977165-v2$\spunins​t\spuninst.exe"
 Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUn​installKB977816$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUn​installKB977914$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUn​installKB978037$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUn​installKB978251$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUn​installKB978262$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUn​installKB978338$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUn​installKB978601$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUn​installKB978706$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUn​installKB979309$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUn​installKB979683$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUn​installKB980232$\spuninst\spun​inst.exe"
 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F​8D1E69FB7}
 Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{59452470-A902-477​F-9338-9B88101681BD}\setup.exe​" -l0x9 UNINSTALL
 SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
 Sierra Wireless AirCard® 555 for Pocket PC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{BF213938-B428-47F​4-BA44-52448BA5F408}\Setup.exe​"
 SoC PC-Camera-->C:\PROGRA~1\COMMON​~1\INSTAL~1\Driver\8\INTEL3~1\​IDriver.exe /M{AF14C7FB-BEE3-4249-8879-CED​AC54EEC1A}
 SonicStage 3.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E​6-879D-33D4B2102610}\setup.exe​" -l0x9 UNINSTALL -removeonly
 SonicStage Mastering Studio 1.4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{BF3B304B-8A18-452​D-A19F-6012CA8418D7}\setup.exe​" -l0x9
 SonicStage Mastering Studio Audio Filter Custom Preset-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{013E1BA8-C815-4E2​7-BCB9-D6B1B2E24094}\Setup.exe​" -l0x9
 SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{AB467B85-4F52-48C​2-AEED-0673D00417B0}\Setup.exe​" -l0x9
 SonicStage Mastering Studio Plugins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{EE7EB179-5AA2-4B2​8-AC92-5CBAAF82BA7F}\Setup.exe​" -l0x9
 Sony MP4 Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB​0-ACD1-D3E8E1D52902}\setup.exe​" -l0x9  -removeonly
 Sony USB Mouse-->Pmuninst.exe MouseSuite98
 Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-400​8-88EA-492E7744A9DF}\setup.exe​" -l0x9
 Sony Video Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE56FEF0-1A0F-471​9-B3AD-34B5087AFA6D}\setup.exe​" -l0x9  -removeonly
 Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
 TCPMP-->C:\Program Files\Microsoft ActiveSync\TCPMP\Uninstall.exe TCPMP
 TomTom HOME 2.7.1.1812-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
 TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-712​90A7AD533}
 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275​C4F3607} /qb+ REBOOTPROMPT=""
 Update for Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8up​dates\KB971930-IE8\spuninst\sp​uninst.exe"
 Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8up​dates\KB976662-IE8\spuninst\sp​uninst.exe"
 Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8up​dates\KB980182-IE8\spuninst\sp​uninst.exe"
 Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$N​tUninstallKB951072-v2$\spunins​t\spuninst.exe"
 Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUn​installKB951978$\spuninst\spun​inst.exe"
 Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUn​installKB955759$\spuninst\spun​inst.exe"
 Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUn​installKB955839$\spuninst\spun​inst.exe"
 Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUn​installKB961503$\spuninst\spun​inst.exe"
 Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUn​installKB967715$\spuninst\spun​inst.exe"
 Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUn​installKB968389$\spuninst\spun​inst.exe"
 Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUn​installKB971737$\spuninst\spun​inst.exe"
 Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUn​installKB973687$\spuninst\spun​inst.exe"
 Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUn​installKB973815$\spuninst\spun​inst.exe"
 VAIO CameraVJ Screen Saver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{582C5C46-399D-4A9​D-AB9F-C36F6FEC85EA}\setup.exe​" -l0x9
 VAIO Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{FC37C108-821D-4ED​E-8F40-D5B497586805}\Setup.exe​" -l0x9
 VAIO Edit Components-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01AE599F-7B72-413​5-8C56-9191F4ACBA88}\setup.exe​" -l0x9  -removeonly
 VAIO Entertainment Platform-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D917FD82-6CE5-489​A-AAF8-C701AAC85C4D}\setup.exe​" -l0x9
 VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B4​3-87A0-6DA52A211A8B}\setup.exe​" -l0x9
 VAIO Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{A43F939E-A863-433​D-AC78-0897E44CFEB2}\setup.exe​" -l0x9
 VAIO Long Battery Life Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{BBFFB027-7D53-4E1​B-95BC-35A2216D1D60}\Setup.exe​" -l0x9
 VAIO Manual-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{AA171A69-F942-40D​A-AE3A-EA91026A1CAE}\Setup.exe​" -l0x9
 VAIO Media 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{1EB317D8-8945-4FD​6-B37F-DF470317C6AB}\Setup.exe​" -l0x9 UNINSTALL
 VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BB​D-9998-6610F80C1DD4}\Setup.exe​" -l0x9 UNINSTALL
 VAIO Media Integrated Server 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A79D11B-FD82-4A5​E-834F-20173515DD14}\setup.exe​" -l0x9 UNINSTALL -removeonly
 VAIO Media Redistribution 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{7128C69B-8F7E-433​6-8698-3FD3CDD955EC}\Setup.exe​" -l0x9 UNINSTALL
 VAIO Media Registration Tool 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41D​E-9EDE-4AB9BB2B71B6}\setup.exe​" -l0x9 UNINSTALL
 VAIO Original Screen Saver VAIO Motion SD Wide Contents-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{51735133-A296-4EB​0-BF16-AD93B55BD000}\Setup.exe​" -l0x9
 VAIO Original Screen Saver VAIO Scene SD Wide Contents-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{E365AAB7-F160-4E2​F-ACAC-28D487ACF47D}\Setup.exe​" -l0x9
 VAIO Original Screen Saver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426​B-A5F1-5836B95C7EB1}\setup.exe​" -l0x9
 VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B0​1-9775-C521A1869A25}\setup.exe​" -l0x9 UNINSTALL
 VAIO Sea Glitter Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{9D2E2F2A-204E-4B2​7-8020-3438294229CA}\Setup.exe​" -l0x9
 VAIO SLIT on Snaps Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{C4D18F80-8527-44F​2-81BA-BFADA6A103C1}\Setup.exe​" -l0x9
 VAIO SLIT Scene Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{A17456ED-3432-49F​F-A14D-E0F00A96A2AA}\Setup.exe​" -l0x9
 VAIO Sparkle Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{0F7C2DC0-3BC5-463​8-BD48-5FC4679834F4}\Setup.exe​" -l0x9
 VAIO Update 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424​B-890C-9A82EF00656D}\setup.exe​" -l0x9  -removeonly
 VAIO Zone-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{ED8D39F2-7FFA-45E​C-B148-EF2472955BB4}\Setup.exe​" -l0x9
 VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F​432EC0421}
 Veoh Video Compass-->C:\Program Files\Veoh Networks\Veoh Video Compass\uninst.exe
 VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-420​7-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
 VideoLAN VLC media player 0.8.6c-->D:\Program Files\VideoLAN VLC\VLC\uninstall.exe
 ViiKii Desktop Plug-in-->msiexec /qb /x {475CEB7F-F373-743A-AC19-7CE00​D01A74A}
 ViiKii Desktop Plug-in-->MsiExec.exe /I{475CEB7F-F373-743A-AC19-7CE​00D01A74A}
 WIDCOMM Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B​25D4E9679}
 WinCESoft PocketMVP for HPCs-->"C:\WINDOWS\psuninst2.e​xe" "C:\Program Files\Microsoft ActiveSync\PocketMVP for HPCs\uninst.dat"
 WinCESoft PocketMVP for WM2003-->"C:\WINDOWS\psuninst2​.exe" "C:\Program Files\Microsoft ActiveSync\PocketMVP for WM2003\uninst.dat"
 Windows Driver Package - Nokia (WUDFRd) WPD  (11/03/2006 6.82.26.2)-->C:\PROGRA~1\DIFX\​D6ACC4BE676423A2B130B78A4B627F​C457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\p​ccswpddri_6B630EE2E66584353C6C​D8683D447072872F34D8\pccswpddr​iver.inf
 Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D​4D93ACF91}
 Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\s​puninst.exe"
 Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD​3A3F9DF41}
 Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04​F21F23956}
 Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8​525FFA3B1}
 Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
 Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUnins​tallWMFDist11$\spuninst\spunin​st.exe"
 Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUnin​stallKB894476$\spuninst\spunin​st.exe"
 Windows Media Player 10 Hotfix - KB895316-->"C:\WINDOWS\$NtUnin​stallKB895316$\spuninst\spunin​st.exe"
 Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
 Windows Media Player 11-->"C:\WINDOWS\$NtUninstallw​mp11$\spuninst\spuninst.exe"
 Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePack​Uninstall$\spuninst\spuninst.e​xe"
 WinVibe for PocketPC-->C:\Program Files\Microsoft ActiveSync\WinVibe for PocketPC\Uninstall.exe WinVibe for PocketPC
 Wireless LAN Starter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{61D6E4FB-1A62-4EB​1-BE56-929B00C155CF}\setup.exe​" -l0x9
 WorldMate® Professional Edition for Palm-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0D0EA13-7B50-488​5-BF1C-9CCFC4A336F2}\Setup.exe​" -l0x9
 Yahoo! Messenger-->C:\PROGRA~1\Yahoo!​\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\IN​STALL.LOG
 Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SO​FTWA~1\UNINST~1.EXE
 Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\C​ommon\UNYT_W~1.EXE
 ZENcast Organizer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417​A-90F8-88FD5B2C4AE7}\setup.exe​" -l0x40c  /remove

 ======Security center information======

 AV: AntiVir Desktop

 ======System event log======

 Computer Name: YOUR-050E312681
 Event Code: 30013
 Message: The DHCP allocator has disabled itself on IP address 192.168.1.92,
 since the IP address is outside the 192.168.0.0/255.255.255.0 scope
 from which addresses are being allocated to DHCP clients.
 To enable the DHCP allocator on this IP address,
 please change the scope to include the IP address,
 or change the IP address to fall within the scope.

 Record Number: 45876
 Source Name: ipnathlp
 Time Written: 20100408141303.000000+120
 Event Type: erreur
 User:

 Computer Name: YOUR-050E312681
 Event Code: 7036
 Message: The HTTP SSL service entered the en cours d'exécution state.

 Record Number: 45875
 Source Name: Service Control Manager
 Time Written: 20100408141303.000000+120
 Event Type: Informations
 User:

 Computer Name: YOUR-050E312681
 Event Code: 7035
 Message: The HTTP SSL service was successfully sent a Démarrer control.

 Record Number: 45874
 Source Name: Service Control Manager
 Time Written: 20100408141303.000000+120
 Event Type: Informations
 User: AUTORITE NT\SERVICE LOCAL

 Computer Name: YOUR-050E312681
 Event Code: 7036
 Message: The Universal Plug and Play Device Host service entered the en cours d'exécution state.

 Record Number: 45873
 Source Name: Service Control Manager
 Time Written: 20100408141302.000000+120
 Event Type: Informations
 User:

 Computer Name: YOUR-050E312681
 Event Code: 7035
 Message: The Universal Plug and Play Device Host service was successfully sent a Démarrer control.

 Record Number: 45872
 Source Name: Service Control Manager
 Time Written: 20100408141301.000000+120
 Event Type: Informations
 User: AUTORITE NT\SYSTEM

 =====Application event log=====

 Computer Name: YOUR-050E312681
 Event Code: 202
 Message: Échec de l'enregistrement des données du fichier/dossier.
 Le format n'est pas reconnu.
 C:\Documents and Settings\ABDULSALAM.M.Z\My Documents\My Videos\Veoh\WatchNow\398d4b512​ee2684e7adc9bcb770a9467977169c​4

 Record Number: 62325
 Source Name: VzFw
 Time Written: 20100425191924.000000+120
 Event Type: Avertissement
 User:

 Computer Name: YOUR-050E312681
 Event Code: 202
 Message: Échec de l'enregistrement des données du fichier/dossier.
 Le format n'est pas reconnu.
 C:\Documents and Settings\ABDULSALAM.M.Z\My Documents\My Videos\Veoh\WatchNow\398d4b512​ee2684e7adc9bcb770a9467977169c​4

 Record Number: 62324
 Source Name: VzFw
 Time Written: 20100425191923.000000+120
 Event Type: Avertissement
 User:

 Computer Name: YOUR-050E312681
 Event Code: 202
 Message: Échec de l'enregistrement des données du fichier/dossier.
 Le format n'est pas reconnu.
 C:\Documents and Settings\ABDULSALAM.M.Z\My Documents\My Videos\Veoh\WatchNow\398d4b512​ee2684e7adc9bcb770a9467977169c​4

 Record Number: 62323
 Source Name: VzFw
 Time Written: 20100425191914.000000+120
 Event Type: Avertissement
 User:

 Computer Name: YOUR-050E312681
 Event Code: 202
 Message: Échec de l'enregistrement des données du fichier/dossier.
 Le format n'est pas reconnu.
 C:\Documents and Settings\ABDULSALAM.M.Z\My Documents\My Videos\Veoh\WatchNow\398d4b512​ee2684e7adc9bcb770a9467977169c​4

 Record Number: 62322
 Source Name: VzFw
 Time Written: 20100425191911.000000+120
 Event Type: Avertissement
 User:

 Computer Name: YOUR-050E312681
 Event Code: 202
 Message: Échec de l'enregistrement des données du fichier/dossier.
 Le format n'est pas reconnu.
 C:\Documents and Settings\ABDULSALAM.M.Z\My Documents\My Videos\Veoh\WatchNow\398d4b512​ee2684e7adc9bcb770a9467977169c​4

 Record Number: 62321
 Source Name: VzFw
 Time Written: 20100425191909.000000+120
 Event Type: Avertissement
 User:

 ======Environment variables======

 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "Path"=%SystemRoot%\system32;%​SystemRoot%;%SystemRoot%\syste​m32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Intel\Wireless\Bin;C:\Pr​ogram Files\Common Files\Teleca Shared;D:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem;D:\Pro​gram Files\Samsung\Samsung PC Studio 3;C:\Program Files\Common Files\DivX Shared
 "windir"=%SystemRoot%
 "FP_NO_HOST_CHECK"=NO
 "OS"=Windows_NT
 "PROCESSOR_ARCHITECTURE"=x86
 "PROCESSOR_LEVEL"=6
 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
 "PROCESSOR_REVISION"=0d08
 "NUMBER_OF_PROCESSORS"=1
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP
 "SNY_LANGUAGE"=ENG
 "SNY_OS"=WINXP_HOME
 "SNYSPLST"=C:\Windows\System32​\Snysplst.oem
 "SNYRES"=C:\Windows\System32\S​nyres.oem
 "SNYERROR"=C:\Windows\Temp\Sny​err.log
 "SNY_LOGONUSER"=Administrator
 "SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
 "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_03\lib\ext​\QTJava.zip
 "QTJAVA"=C:\Program Files\Java\jre1.5.0_03\lib\ext​\QTJava.zip

 -----------------EOF----------​-------

 Alors c'est bon?

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 09/05/2010 à 21:04:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 Télécharge ToolsCleaner (par A.Rothstein et dj QUIOU) sur ton bureau.

 1. Clique sur Recherche et laisse le scan agir ...
 2. Clique sur Suppression pour finaliser.
 -> Tu peux, si tu le souhaites, te servir des Options facultatives.
 3. Clique sur Quitter pour obtenir le rapport.
 4. Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

 ******
 Puis, si tu estimes que ton problème est réglé, replaces-toi
 sur ton 1er message et clique sur le bouton "éditer".
 Une fois dans le message, inscris (copie/colle) en titre,
 ce qui est « cadré » ci-dessous …

 



Infecté Trojan Win332.TDSS.rtk/Vitumonde et autres [résolu]



 … et clique sur > Envoyer.

 ******
 Je te conseille ces quelques lectures :

 http://www.malekal.com/securiser_ordinateur.html
 et aussi ...
 http://www.malekal.com/securis [...] lorer.html

 Idées reçues en matière de sécurité
 http://www.libellules.ch/idees_recues_securite.php

 Optimiser la protection de son PC :
 http://speedweb1.free.fr/frame [...] =securite1
 http://www.adaptique.com/secuinternet.pdf

 Celui-ci aussi pour mettre les programmes à jour :

 http://forum.malekal.com/logic [...] 15960.html

 Et enfin, ce tout dernier fraichement sorti :

 http://forum.malekal.com/antis [...] 25480.html





shimbya
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 09/05/2010 à 21:51:43  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 le rapport du TCleaner

 [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

 --> Recherche:

 C:\VundoFix.txt: trouvé !
 C:\Combofix.txt: trouvé !
 C:\Qoobox: trouvé !
 C:\Rsit: trouvé !
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\HijackThis.exe: trouvé !
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\hijackthis.log: trouvé !
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\Rsit.exe: trouvé !
 C:\Program Files\Hijackthis Version Française\hijackthis.log: trouvé !
 C:\Program Files\Trend Micro\HijackThis.exe: trouvé !
 C:\Program Files\Trend Micro\hijackthis.log: trouvé !
 C:\Program Files\Trend Micro\Scanner\hijackthis.log: trouvé !
 C:\Qoobox\Quarantine\catchme.l​og: trouvé !
 C:\WINDOWS\mbr.exe: trouvé !

 ------------------------------​---
 --> Suppression:

 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\HijackThis.exe: supprimé !
 C:\Program Files\Trend Micro\HijackThis.exe: supprimé !
 C:\VundoFix.txt: supprimé !
 C:\Combofix.txt: supprimé !
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\hijackthis.log: supprimé !
 C:\Documents and Settings\ABDULSALAM.M.Z\Deskto​p\Rsit.exe: supprimé !
 C:\Program Files\Hijackthis Version Française\hijackthis.log: supprimé !
 C:\Program Files\Trend Micro\hijackthis.log: supprimé !
 C:\Program Files\Trend Micro\Scanner\hijackthis.log: supprimé !
 C:\Qoobox\Quarantine\catchme.l​og: supprimé !
 C:\WINDOWS\mbr.exe: supprimé !
 C:\Qoobox: supprimé !
 C:\Rsit: supprimé !

 :jap:

 MERCI de ton aide (kamsamida) :youpi:

Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 09/05/2010 à 21:55:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
...

 [:wildbof:9] ...

 Bon surf  ;)

 Page :
1

Aller à :
 

Sujets relatifs
eee pc infecté,security tool bloque tout Infecté par Adware Gibmedia et Ecobar [résolu]
Trojan.tdss détecté mais impossible à enlever. trojan vitumonde et system startup global
trojan ... Avast.exe n'est une application Win32 valide... disque dur infecté par un virus
pc infecte par un virus que je n'arrive pas a supprimer SVP DE L'AIDE!!! infecté par CHEVAL DE TROIE
Plus de sujets relatifs à : Infecté Trojan Win32.TDSS.rtk/Vitumonde et autres [résolu]

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
PC qui freeze et plante 3
je n'arrives pas à supprimer Antimalware Doctor 34
Virus Win32/Nuqel.E et bankerfox.A comment les supprimer? 1
installation d'un antiviirus toujours rejeté (avast, antivir 2
TR/Agennt.APMC et TR/Spy agentAPMC et TR/SpyagentOEV 0