bauls

Bonsoir Regis56, voici le rapport d'hijacktis et Ewido. Logfile of HijackThis v1.99.1 Scan saved at 21:00:10, on 04.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe C:\Program Files\Logitech\Harmony Remote Client\RemoteCore.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\ups.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Opware15] "C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OpAgent] "C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C-CHANNEL OnlineUpdate.lnk = C:\Program Files\C-CHANNEL\OnlineUpdate\PeOnlineUpdate.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Logitech Harmony Remote V6.lnk = C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Start OpdiTracker.lnk = C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Open and Translate in Word - res://C:\Program Files\SYSTRAN\5.0\Premium\IEShellExt.dll /10 O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134668156125 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/Tra...ransferCtrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NetOp Helper ver. 8.00 (2005271) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE O23 - Service: Ray - Unknown owner - C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 16:56:00 04.08.2006 + Scan result: C:\RECYCLER\S-1-5-21-2000478354-1958367476-839522115-1003\Dc2724.zip/ewido.anti-spyware.v4.0.x.xxx.patch-icu/Patch.exe -> Not-A-Virus.Hacktool.Crack : Cleaned. P:\Drivers et Programmes\Spyware\Ewido\ewido.anti-spyware.v4.0.x.xxx.patch-icu\Patch.exe -> Not-A-Virus.Hacktool.Crack : Cleaned. P:\Drivers et Programmes\Spyware\Ewido\ewido.anti-spyware.v4.0.x.xxx.patch-icu\ewido.anti.spyware.v4.0.x.xxx.patch.icu.zip/ewido.anti-spyware.v4.0.x.xxx.patch-icu/Patch.exe -> Not-A-Virus.Hacktool.Crack : Cleaned. P:\Drivers et Programmes\Crack searcher\1\cracksearcher.zip/CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Cleaned. P:\Drivers et Programmes\Crack searcher\1\cracksearcher\CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Cleaned. P:\Drivers et Programmes\Crack searcher\cracksearcher.zip/CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Cleaned. P:\Drivers et Programmes\Crack searcher\cracksearcher\CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Cleaned. F:\EMULE\DECOMPACTER\Microsoft - Visual basic 6 Pro french + MSDN\visual basic 6 Pro french + MSDN\MSDN\Disk1\Samples\VC98\sdk\sdktools\spy\dll\hook.dll -> Not-A-Virus.Monitor.Win32.KeyLogger.30 : Cleaned. F:\EMULE\AUTOEXTRACTIBLE\Teleatlas DX 2004-2005 Patch.exe/dnetc.exe -> Not-A-Virus.NetTool.Win32.CalcDNet.m : Cleaned. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Cleaned. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Cleaned. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Cleaned. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Cleaned. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Cleaned. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Cleaned. ::Report end Question : quel sont les programmes qu'il faudrait pour avoir un pc bien protègé? Moi j'ai comme anti-virus AVG Plus Firewall. Est-ce qu'il faut acheter Ewido? Les trois programmes que tu ne connais pas sont : 1. Antidote est un correcteur d'orthographe vendu par Druide. 2. C-Channel est un programme de payement par internet. 3. Harmony Remote est programme de gestion de logitech pour une télécommande. Salutations Bauls

Bonjour Gof, je m'excuse mais je ne savais pas comment procèder pour recevoir la réponse. Maintenant je pense que je dois attendre la réponse de Regis56? Salutations Bauls

Bonjour, voilà le résultat des analyses --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 09:23:18 02.08.2006 + Scan result: HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Cleaned with backup (quarantined). P:\[netop] Cracks\NetOp Remote Control v8.00.2005061 FRENCH.zip/run.exe -> Downloader.Adload.j : Cleaned with backup (quarantined). P:\[netop] Cracks\NetOp Remote Control v8.00.2005061 FRENCH[1].zip/run.exe -> Downloader.Adload.j : Cleaned with backup (quarantined). D:\SATELLITE\Module\Dreambox\Bouquet_Wizard_v2.5\Bouquet_Wizard_v2.5.exe -> Downloader.Agent.aru : Cleaned with backup (quarantined). D:\SATELLITE\Module\Dreambox\Bouquet_Wizard_v2.5\Bouquet_Wizard_v2.5.rar/Bouquet_Wizard_v2.5.exe -> Downloader.Agent.aru : Cleaned with backup (quarantined). D:\SATELLITE\Module\Dreambox\Editeur\4065_Bouquet_Wizard_v2[1].5.zip/Bouquet_Wizard_v2.5/Bouquet_Wizard_v2.5.exe -> Downloader.Agent.aru : Cleaned with backup (quarantined). P:\Drivers et Programmes\Microsoft\Windows_Media_Center_2005 (www[1].crack.cd)\Windows_Media_Center_2005 (www[1].crack.cd).zip/vlw.exe -> Downloader.INService.eu : Cleaned with backup (quarantined). P:\Drivers et Programmes\P2P\WarezP2P_OTH.exe -> Downloader.Small : Cleaned with backup (quarantined). P:\Drivers et Programmes\Crack searcher\1\cracksearcher.zip/CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. P:\Drivers et Programmes\Crack searcher\1\cracksearcher\CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. P:\Drivers et Programmes\Crack searcher\cracksearcher.zip/CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. P:\Drivers et Programmes\Crack searcher\cracksearcher\CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. F:\EMULE\DECOMPACTER\Microsoft - Visual basic 6 Pro french + MSDN\visual basic 6 Pro french + MSDN\MSDN\Disk1\Samples\VC98\sdk\sdktools\spy\dll\hook.dll -> Not-A-Virus.Monitor.Win32.KeyLogger.30 : Ignored. F:\EMULE\AUTOEXTRACTIBLE\Teleatlas DX 2004-2005 Patch.exe/dnetc.exe -> Not-A-Virus.NetTool.Win32.CalcDNet.m : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. C:\Documents and Settings\Marcel\Cookies\marcel@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@adtech[1].txt -> TrackingCookie.Adtech : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@com[1].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@estat[1].txt -> TrackingCookie.Estat : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][2].txt -> TrackingCookie.Liveperson : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@weborama[1].txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned. P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please\duplicates\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1).zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1).zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1)\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1)\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!\duplicates\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). ::Report end 08/02/06 09:30:30 [info]: BlackLight Engine 1.0.42 initialized 08/02/06 09:30:30 [info]: OS: 5.1 build 2600 (Service Pack 2) 08/02/06 09:30:30 [Note]: 7019 4 08/02/06 09:30:30 [Note]: 7005 0 08/02/06 09:30:53 [Note]: 7006 0 08/02/06 09:30:53 [Note]: 7011 628 08/02/06 09:30:53 [Note]: 7026 0 08/02/06 09:30:53 [Note]: 7026 0 08/02/06 09:31:10 [Note]: FSRAW library version 1.7.1019 08/02/06 09:39:57 [Note]: 7007 0 Logfile of HijackThis v1.99.1 Scan saved at 09:46:46, on 02.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\devldr32.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe C:\Program Files\RegFreeze\regfreeze.exe C:\Program Files\Logitech\Harmony Remote Client\RemoteCore.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\ups.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Opware15] "C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OpAgent] "C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C-CHANNEL OnlineUpdate.lnk = C:\Program Files\C-CHANNEL\OnlineUpdate\PeOnlineUpdate.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Logitech Harmony Remote V6.lnk = C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Start OpdiTracker.lnk = C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Open and Translate in Word - res://C:\Program Files\SYSTRAN\5.0\Premium\IEShellExt.dll /10 O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O16 - DPF: {00060001-0000-1011-8002-0000C06B5161} (WkWebSet Class) - http://wibu.com/WkWebSetup.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134668156125 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/Tra...ransferCtrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NetOp Helper ver. 8.00 (2005271) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE O23 - Service: Ray - Unknown owner - C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe Merci d'avance Bauls

Bonjour, voilà le résultat des analyses --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 09:23:18 02.08.2006 + Scan result: HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Cleaned with backup (quarantined). P:\[netop] Cracks\NetOp Remote Control v8.00.2005061 FRENCH.zip/run.exe -> Downloader.Adload.j : Cleaned with backup (quarantined). P:\[netop] Cracks\NetOp Remote Control v8.00.2005061 FRENCH[1].zip/run.exe -> Downloader.Adload.j : Cleaned with backup (quarantined). D:\SATELLITE\Module\Dreambox\Bouquet_Wizard_v2.5\Bouquet_Wizard_v2.5.exe -> Downloader.Agent.aru : Cleaned with backup (quarantined). D:\SATELLITE\Module\Dreambox\Bouquet_Wizard_v2.5\Bouquet_Wizard_v2.5.rar/Bouquet_Wizard_v2.5.exe -> Downloader.Agent.aru : Cleaned with backup (quarantined). D:\SATELLITE\Module\Dreambox\Editeur\4065_Bouquet_Wizard_v2[1].5.zip/Bouquet_Wizard_v2.5/Bouquet_Wizard_v2.5.exe -> Downloader.Agent.aru : Cleaned with backup (quarantined). P:\Drivers et Programmes\Microsoft\Windows_Media_Center_2005 (www[1].crack.cd)\Windows_Media_Center_2005 (www[1].crack.cd).zip/vlw.exe -> Downloader.INService.eu : Cleaned with backup (quarantined). P:\Drivers et Programmes\P2P\WarezP2P_OTH.exe -> Downloader.Small : Cleaned with backup (quarantined). P:\Drivers et Programmes\Crack searcher\1\cracksearcher.zip/CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. P:\Drivers et Programmes\Crack searcher\1\cracksearcher\CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. P:\Drivers et Programmes\Crack searcher\cracksearcher.zip/CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. P:\Drivers et Programmes\Crack searcher\cracksearcher\CrackSearcher.exe -> Not-A-Virus.HackTool.Win32.CrackSearch.a : Ignored. F:\EMULE\DECOMPACTER\Microsoft - Visual basic 6 Pro french + MSDN\visual basic 6 Pro french + MSDN\MSDN\Disk1\Samples\VC98\sdk\sdktools\spy\dll\hook.dll -> Not-A-Virus.Monitor.Win32.KeyLogger.30 : Ignored. F:\EMULE\AUTOEXTRACTIBLE\Teleatlas DX 2004-2005 Patch.exe/dnetc.exe -> Not-A-Virus.NetTool.Win32.CalcDNet.m : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime.rar/all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. P:\Drivers et Programmes\Windows XP\CRACK\all windows cracks by maxime\all windows cracks by maxime\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignored. C:\Documents and Settings\Marcel\Cookies\marcel@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@adtech[1].txt -> TrackingCookie.Adtech : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@com[1].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@estat[1].txt -> TrackingCookie.Estat : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][2].txt -> TrackingCookie.Liveperson : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned. C:\Documents and Settings\Marcel\Cookies\marcel@weborama[1].txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Marcel\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned. P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto Emailing Fr\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please\duplicates\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1).zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1).zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1)\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\GOTO SARBACANE\Sarbacane Goto emailing fr(1)\Bonus\All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr.zip/Bonus/All My Keys and Serials!!, tons of em, 5-5-01,windows,adobe,norton,symantec,xp,adaptec,pass this on please.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!.zip/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!.zip/duplicates/Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). P:\Programmes\Sarbacane Goto emailing fr\Bonus\All My Keys and Serials!!\duplicates\Password Cracker.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Cleaned with backup (quarantined). ::Report end 08/02/06 09:30:30 [info]: BlackLight Engine 1.0.42 initialized 08/02/06 09:30:30 [info]: OS: 5.1 build 2600 (Service Pack 2) 08/02/06 09:30:30 [Note]: 7019 4 08/02/06 09:30:30 [Note]: 7005 0 08/02/06 09:30:53 [Note]: 7006 0 08/02/06 09:30:53 [Note]: 7011 628 08/02/06 09:30:53 [Note]: 7026 0 08/02/06 09:30:53 [Note]: 7026 0 08/02/06 09:31:10 [Note]: FSRAW library version 1.7.1019 08/02/06 09:39:57 [Note]: 7007 0 Logfile of HijackThis v1.99.1 Scan saved at 09:46:46, on 02.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\devldr32.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe C:\Program Files\RegFreeze\regfreeze.exe C:\Program Files\Logitech\Harmony Remote Client\RemoteCore.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\ups.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Opware15] "C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OpAgent] "C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C-CHANNEL OnlineUpdate.lnk = C:\Program Files\C-CHANNEL\OnlineUpdate\PeOnlineUpdate.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Logitech Harmony Remote V6.lnk = C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Start OpdiTracker.lnk = C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Open and Translate in Word - res://C:\Program Files\SYSTRAN\5.0\Premium\IEShellExt.dll /10 O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O16 - DPF: {00060001-0000-1011-8002-0000C06B5161} (WkWebSet Class) - http://wibu.com/WkWebSetup.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134668156125 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/Tra...ransferCtrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NetOp Helper ver. 8.00 (2005271) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE O23 - Service: Ray - Unknown owner - C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe Merci d'avance Bauls

Bonjour, voici le log d'Hijacktis et le rapport Antivir Logfile of HijackThis v1.99.1 Scan saved at 15:24:48, on 01.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\ups.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Opware15] "C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OpAgent] "C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C-CHANNEL OnlineUpdate.lnk = C:\Program Files\C-CHANNEL\OnlineUpdate\PeOnlineUpdate.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Logitech Harmony Remote V6.lnk = C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Start OpdiTracker.lnk = C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Open and Translate in Word - res://C:\Program Files\SYSTRAN\5.0\Premium\IEShellExt.dll /10 O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O16 - DPF: {00060001-0000-1011-8002-0000C06B5161} (WkWebSet Class) - http://wibu.com/WkWebSetup.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134668156125 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/Tra...ransferCtrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NetOp Helper ver. 8.00 (2005271) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE O23 - Service: Ray - Unknown owner - C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe AntiVir PersonalEdition Classic Report file date: mardi, 1. août 2006 12:26 Scanning for 466817 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Marcel Computer name: MR-06 Version informations: AVSCAN.EXE : 7.0.0.42 557096 30.07.2006 18:46:57 AVSCAN.DLL : 7.0.0.42 53288 30.07.2006 18:46:57 LUKE.DLL : 7.0.0.42 118824 30.07.2006 18:46:57 LUKERES.DLL : 7.0.0.42 25640 30.07.2006 18:46:57 ANTIVIR0.VDF : 6.35.0.1 7371264 30.07.2006 18:46:57 ANTIVIR1.VDF : 6.35.0.168 730112 30.07.2006 18:46:57 ANTIVIR2.VDF : 6.35.1.15 295936 30.07.2006 18:46:57 ANTIVIR3.VDF : 6.35.1.22 14336 30.07.2006 18:46:57 AVEWIN32.DLL : 7.1.1.0 1556992 30.07.2006 18:46:57 AVPREF.DLL : 7.0.0.1 49192 30.07.2006 18:46:57 AVREP.DLL : 6.35.1.1 733224 30.07.2006 18:46:57 AVRPBASE.DLL : 7.0.0.0 2162728 30.07.2006 18:46:57 AVPACK32.DLL : 7.1.0.1 335912 30.07.2006 18:46:57 AVREG.DLL : 6.31.0.90 27688 30.07.2006 18:46:57 NETNT.DLL : 6.32.0.0 6696 30.07.2006 18:46:57 NETNW.DLL : 6.32.0.0 9768 30.07.2006 18:46:57 RCIMAGE.DLL : 7.0.0.71 1642536 30.07.2006 18:46:57 RCTEXT.DLL : 7.0.0.75 77864 30.07.2006 18:46:57 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: C,D Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004, Macro heuristic...............: 1 File heuristic................: 2 Primary action................: 1 Secondary action..............: 0 Start of the scan: mardi, 1. août 2006 12:26 The scan over running processes will be started 17 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 43 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! The directory 'C:\ATI\' was excluded from scanning! C:\Documents and Settings\LocalService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WPI\Tools\cmdow.exe [DETECTION] Contains signature of the SPR/HideWindows.I program [iNFO] The file was deleted! D:\SATELLITE\Clé\CARTE SECA - GOLD\DIVERS\v2000[1].txt.exe [DETECTION] The file name contains an executable file extension disguised as a harmless one HEUR-DBLEXT/Crypted [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader\Downloader 2[1].3.zip [0] Archive type: ZIP --> Downloader 2.3/Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader\Downloader 2[1].3\Downloader 2.3\Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader 2.3\Downloader 2[1].3.zip [0] Archive type: ZIP --> Downloader 2.3/Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader 2.3\Downloader 2[1].3\Downloader 2.3\Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! End of the scan: mardi, 1. août 2006 14:39 Used time: 2:13:45 min The scan has been done completely. 37747 Scanning directories 1318080 Files were scanned 6 viruses and/or unwanted programs was found 6 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 13940 Archives were scanned 23 Warnings 9 Notes En faite le problème que j'ai c'est que le clic droit ne fonctionne plus, il lui faut un bon moment pour afficher. Le raccourci des touches Windows + E ne fonctionne plus non plus. Merci d'avance pour votre aide!

Bonjour, voici le log d'Hijacktis et le rapport Antivir Logfile of HijackThis v1.99.1 Scan saved at 15:24:48, on 01.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\ups.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Opware15] "C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OpAgent] "C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C-CHANNEL OnlineUpdate.lnk = C:\Program Files\C-CHANNEL\OnlineUpdate\PeOnlineUpdate.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Logitech Harmony Remote V6.lnk = C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Start OpdiTracker.lnk = C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Open and Translate in Word - res://C:\Program Files\SYSTRAN\5.0\Premium\IEShellExt.dll /10 O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O16 - DPF: {00060001-0000-1011-8002-0000C06B5161} (WkWebSet Class) - http://wibu.com/WkWebSetup.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134668156125 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/Tra...ransferCtrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NetOp Helper ver. 8.00 (2005271) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE O23 - Service: Ray - Unknown owner - C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe AntiVir PersonalEdition Classic Report file date: mardi, 1. août 2006 12:26 Scanning for 466817 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Marcel Computer name: MR-06 Version informations: AVSCAN.EXE : 7.0.0.42 557096 30.07.2006 18:46:57 AVSCAN.DLL : 7.0.0.42 53288 30.07.2006 18:46:57 LUKE.DLL : 7.0.0.42 118824 30.07.2006 18:46:57 LUKERES.DLL : 7.0.0.42 25640 30.07.2006 18:46:57 ANTIVIR0.VDF : 6.35.0.1 7371264 30.07.2006 18:46:57 ANTIVIR1.VDF : 6.35.0.168 730112 30.07.2006 18:46:57 ANTIVIR2.VDF : 6.35.1.15 295936 30.07.2006 18:46:57 ANTIVIR3.VDF : 6.35.1.22 14336 30.07.2006 18:46:57 AVEWIN32.DLL : 7.1.1.0 1556992 30.07.2006 18:46:57 AVPREF.DLL : 7.0.0.1 49192 30.07.2006 18:46:57 AVREP.DLL : 6.35.1.1 733224 30.07.2006 18:46:57 AVRPBASE.DLL : 7.0.0.0 2162728 30.07.2006 18:46:57 AVPACK32.DLL : 7.1.0.1 335912 30.07.2006 18:46:57 AVREG.DLL : 6.31.0.90 27688 30.07.2006 18:46:57 NETNT.DLL : 6.32.0.0 6696 30.07.2006 18:46:57 NETNW.DLL : 6.32.0.0 9768 30.07.2006 18:46:57 RCIMAGE.DLL : 7.0.0.71 1642536 30.07.2006 18:46:57 RCTEXT.DLL : 7.0.0.75 77864 30.07.2006 18:46:57 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: C,D Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004, Macro heuristic...............: 1 File heuristic................: 2 Primary action................: 1 Secondary action..............: 0 Start of the scan: mardi, 1. août 2006 12:26 The scan over running processes will be started 17 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 43 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! The directory 'C:\ATI\' was excluded from scanning! C:\Documents and Settings\LocalService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WPI\Tools\cmdow.exe [DETECTION] Contains signature of the SPR/HideWindows.I program [iNFO] The file was deleted! D:\SATELLITE\Clé\CARTE SECA - GOLD\DIVERS\v2000[1].txt.exe [DETECTION] The file name contains an executable file extension disguised as a harmless one HEUR-DBLEXT/Crypted [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader\Downloader 2[1].3.zip [0] Archive type: ZIP --> Downloader 2.3/Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader\Downloader 2[1].3\Downloader 2.3\Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader 2.3\Downloader 2[1].3.zip [0] Archive type: ZIP --> Downloader 2.3/Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader 2.3\Downloader 2[1].3\Downloader 2.3\Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! End of the scan: mardi, 1. août 2006 14:39 Used time: 2:13:45 min The scan has been done completely. 37747 Scanning directories 1318080 Files were scanned 6 viruses and/or unwanted programs was found 6 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 13940 Archives were scanned 23 Warnings 9 Notes En faite le problème que j'ai c'est que le clic droit ne fonctionne plus, il lui faut un bon moment pour afficher. Le raccourci des touches Windows + E ne fonctionne plus non plus. Merci d'avance pour votre aide!

Bonjour, voici le log d'Hijacktis et le rapport Antivir Logfile of HijackThis v1.99.1 Scan saved at 15:24:48, on 01.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\ups.exe C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Opware15] "C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OpAgent] "C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C-CHANNEL OnlineUpdate.lnk = C:\Program Files\C-CHANNEL\OnlineUpdate\PeOnlineUpdate.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Logitech Harmony Remote V6.lnk = C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Start OpdiTracker.lnk = C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Open and Translate in Word - res://C:\Program Files\SYSTRAN\5.0\Premium\IEShellExt.dll /10 O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O16 - DPF: {00060001-0000-1011-8002-0000C06B5161} (WkWebSet Class) - http://wibu.com/WkWebSetup.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134668156125 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/Tra...ransferCtrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NetOp Helper ver. 8.00 (2005271) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE O23 - Service: Ray - Unknown owner - C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe AntiVir PersonalEdition Classic Report file date: mardi, 1. août 2006 12:26 Scanning for 466817 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Marcel Computer name: MR-06 Version informations: AVSCAN.EXE : 7.0.0.42 557096 30.07.2006 18:46:57 AVSCAN.DLL : 7.0.0.42 53288 30.07.2006 18:46:57 LUKE.DLL : 7.0.0.42 118824 30.07.2006 18:46:57 LUKERES.DLL : 7.0.0.42 25640 30.07.2006 18:46:57 ANTIVIR0.VDF : 6.35.0.1 7371264 30.07.2006 18:46:57 ANTIVIR1.VDF : 6.35.0.168 730112 30.07.2006 18:46:57 ANTIVIR2.VDF : 6.35.1.15 295936 30.07.2006 18:46:57 ANTIVIR3.VDF : 6.35.1.22 14336 30.07.2006 18:46:57 AVEWIN32.DLL : 7.1.1.0 1556992 30.07.2006 18:46:57 AVPREF.DLL : 7.0.0.1 49192 30.07.2006 18:46:57 AVREP.DLL : 6.35.1.1 733224 30.07.2006 18:46:57 AVRPBASE.DLL : 7.0.0.0 2162728 30.07.2006 18:46:57 AVPACK32.DLL : 7.1.0.1 335912 30.07.2006 18:46:57 AVREG.DLL : 6.31.0.90 27688 30.07.2006 18:46:57 NETNT.DLL : 6.32.0.0 6696 30.07.2006 18:46:57 NETNW.DLL : 6.32.0.0 9768 30.07.2006 18:46:57 RCIMAGE.DLL : 7.0.0.71 1642536 30.07.2006 18:46:57 RCTEXT.DLL : 7.0.0.75 77864 30.07.2006 18:46:57 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: C,D Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004, Macro heuristic...............: 1 File heuristic................: 2 Primary action................: 1 Secondary action..............: 0 Start of the scan: mardi, 1. août 2006 12:26 The scan over running processes will be started 17 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 43 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! The directory 'C:\ATI\' was excluded from scanning! C:\Documents and Settings\LocalService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Marcel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WPI\Tools\cmdow.exe [DETECTION] Contains signature of the SPR/HideWindows.I program [iNFO] The file was deleted! D:\SATELLITE\Clé\CARTE SECA - GOLD\DIVERS\v2000[1].txt.exe [DETECTION] The file name contains an executable file extension disguised as a harmless one HEUR-DBLEXT/Crypted [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader\Downloader 2[1].3.zip [0] Archive type: ZIP --> Downloader 2.3/Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader\Downloader 2[1].3\Downloader 2.3\Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader 2.3\Downloader 2[1].3.zip [0] Archive type: ZIP --> Downloader 2.3/Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! D:\SATELLITE\Programme\TELECHARGER CODE\Downloader 2.3\Downloader 2[1].3\Downloader 2.3\Downloader.exe [DETECTION] Contains signature of the SPR/Pexer.A.7 program [iNFO] The file was deleted! End of the scan: mardi, 1. août 2006 14:39 Used time: 2:13:45 min The scan has been done completely. 37747 Scanning directories 1318080 Files were scanned 6 viruses and/or unwanted programs was found 6 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 13940 Archives were scanned 23 Warnings 9 Notes En faite le problème que j'ai c'est que le clic droit ne fonctionne plus, il lui faut un bon moment pour afficher. Le raccourci des touches Windows + E ne fonctionne plus non plus. Merci d'avance pour votre aide!

Bonjour pourriez-vous me dire si mon pc est infecté voici le rapport d'hijacktis . Logfile of HijackThis v1.99.1 Scan saved at 12:38:13, on 31.07.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe C:\Program Files\RegFreeze\regfreeze.exe C:\Program Files\Logitech\Harmony Remote Client\RemoteCore.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\ups.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Opware15] "C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OpAgent] "C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C-CHANNEL OnlineUpdate.lnk = C:\Program Files\C-CHANNEL\OnlineUpdate\PeOnlineUpdate.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Logitech Harmony Remote V6.lnk = C:\Program Files\Logitech\Harmony Remote Client\HarmonyRemote.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Start OpdiTracker.lnk = C:\Program Files\Opdicom\OpdiTracker\OptT3STA.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Open and Translate in Word - res://C:\Program Files\SYSTRAN\5.0\Premium\IEShellExt.dll /10 O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O16 - DPF: {00060001-0000-1011-8002-0000C06B5161} (WkWebSet Class) - http://wibu.com/WkWebSetup.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134668156125 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/Tra...ransferCtrl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NetOp Helper ver. 8.00 (2005271) (NetOp Host for NT Service) - Danware Data A/S - C:\Program Files\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE O23 - Service: Ray - Unknown owner - C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B15\rayserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe