Aller au contenu

Bricker

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    7

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Francais

Bricker's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Bricker
    Salut voila une autre rapport HijackThis StartupList report, 2006-09-25, 09:44:50 StartupList version: 1.52.2 Started from : C:\Program Files\HijackThis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\HijackThis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\La Famille\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Raccourci vers la page des propriétés de High Definition Audio = HDAudPropShortcut.exe Logitech Hardware Abstraction Layer = KHALMNPR.EXE zBrowser Launcher = C:\Program Files\Logitech\iTouch\iTouch.exe NWEReboot = Ulead AutoDetector v2 = C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe avgnt = "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min Zone Labs Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" !ewido = "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" MSKAGENTEXE = C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe swg = C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\INFOCL~1.SCR drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} (no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services ACEDRV07: \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys (autostart) Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) AntiVir PersonalEdition Classic Scheduler: C:\Program Files\AntiVir PersonalEdition Classic\sched.exe (autostart) AntiVir PersonalEdition Classic Guard: C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe (autostart) AnyDVD: System32\Drivers\AnyDVD.sys (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Service d'état ASP.NET: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart) ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) avgntflt: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys (manual start) bdfdll: \??\C:\Program Files\Softwin\BitDefender9\bdfdll.sys (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart) ElbyDelay: System32\Drivers\ElbyDelay.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) ewido anti-spyware 4.0 driver: \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys (system) ewido anti-spyware 4.0 guard: C:\Program Files\ewido anti-spyware 4.0\guard.exe (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start) Firebird Server - MAGIX Instance: C:\MAGIX\Common\Database\bin\fbserver.exe (manual start) Pilote de lecteur de disquettes: system32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Hardlock: \??\C:\WINDOWS\system32\drivers\hardlock.sys (autostart) Haspnt: \??\C:\WINDOWS\system32\drivers\Haspnt.sys (autostart) Hauppauge WinTV 848/9 WDM Video Driver: system32\drivers\HCWBT8XX.sys (manual start) Pilote de fonction Microsoft UAA pour Service High Definition Audio: system32\drivers\HdAudio.sys (manual start) Pilote de bus Microsoft UAA pour High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (disabled) Service for Realtek HD Audio (WDM): system32\drivers\RtkHDAud.sys (manual start) IntelIde: system32\DRIVERS\intelide.sys (system) Pilote de processeur Intel: system32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) iTouch Keyboard Filter: system32\DRIVERS\itchfltr.sys (manual start) ITERAID_Service_Install: system32\DRIVERS\iteraid.sys (system) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Logitech SetPoint Keyboard Driver: system32\DRIVERS\L8042Kbd.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Logitech SetPoint HID Mouse Filter Driver: system32\DRIVERS\LHidKE.Sys (manual start) Logitech SetPoint USB Receiver device driver: System32\Drivers\LHidUsbK.Sys (manual start) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Logitech SetPoint Mouse Filter Driver: system32\DRIVERS\LMouKE.Sys (manual start) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Pilote de port parallèle: system32\DRIVERS\parport.sys (manual start) Pilote de bus PCI: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) Low level access layer for CD devices: System32\Drivers\Pcouffin.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Pilote de redirecteur de périphérique Terminal Server: system32\DRIVERS\rdpdr.sys (manual start) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Cyberlink RichVideo Service(CRVS): "C:\Program Files\CyberLink\Shared files\RichVideo.exe" (autostart) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Sentinel: \SystemRoot\System32\Drivers\SENTINEL.SYS (autostart) Pilote de filtre Serenum: system32\DRIVERS\serenum.sys (manual start) Pilote de port série: system32\DRIVERS\serial.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) srescan: system32\ZoneLabs\srescan.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) StarWind iSCSI Service: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (autostart) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{4F0CA2AA-1AEE-41B4-B870-6BD26D6D7A5A} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: system32\DRIVERS\usbhub.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing USN Journal Reader: C:\WINDOWS\system32\svchost.exe -k usnsvc (manual start) Vax347b: system32\DRIVERS\Vax347b.sys (system) Vax347s: System32\Drivers\Vax347s.sys (system) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) vsdatant: System32\vsdatant.sys (system) TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service Windows Media Connect: C:\Program Files\Windows Media Connect 2\wmccds.exe (manual start) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: C:\Program Files\Windows Media Player\WMPNetwk.exe (manual start) WpdUsb: System32\Drivers\wpdusb.sys (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (system) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller: system32\DRIVERS\yk51x86.sys (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_4517dcfe\UPDENGVDFTEST||| -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 35 296 bytes Report generated in 0,140 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only
  2. Bricker
    Salut charles ingals voici les trois rapports Incident Status Location Potentially unwanted tool:Application/Pskill.K Not disinfected C:\Documents and Settings\La Famille\Bureau\clean\pskill.exe Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@2o7[1].txt Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@adtech[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@atdmt[2].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@bluestreak[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@doubleclick[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@hitbox[2].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@weborama[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\La Famille\Cookies\la famille@xiti[1].txt Potentially unwanted tool:Application/Pskill.K Not disinfected D:\Telechargements\clean.zip[clean/pskill.exe] StartupList report, 2006-09-25, 09:09:46 StartupList version: 1.52.2 Started from : C:\Program Files\HijackThis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\HijackThis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\La Famille\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Raccourci vers la page des propriétés de High Definition Audio = HDAudPropShortcut.exe Logitech Hardware Abstraction Layer = KHALMNPR.EXE zBrowser Launcher = C:\Program Files\Logitech\iTouch\iTouch.exe NWEReboot = Ulead AutoDetector v2 = C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe avgnt = "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min Zone Labs Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" !ewido = "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" MSKAGENTEXE = C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe swg = C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\INFOCL~1.SCR drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} (no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services ACEDRV07: \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys (autostart) Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) AntiVir PersonalEdition Classic Scheduler: C:\Program Files\AntiVir PersonalEdition Classic\sched.exe (autostart) AntiVir PersonalEdition Classic Guard: C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe (autostart) AnyDVD: System32\Drivers\AnyDVD.sys (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Service d'état ASP.NET: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart) ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) avgntflt: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys (manual start) bdfdll: \??\C:\Program Files\Softwin\BitDefender9\bdfdll.sys (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart) ElbyDelay: System32\Drivers\ElbyDelay.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) ewido anti-spyware 4.0 driver: \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys (system) ewido anti-spyware 4.0 guard: C:\Program Files\ewido anti-spyware 4.0\guard.exe (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start) FILESpy: \??\C:\Program Files\Softwin\BitDefender9\filespy.sys (manual start) Firebird Server - MAGIX Instance: C:\MAGIX\Common\Database\bin\fbserver.exe (manual start) Pilote de lecteur de disquettes: system32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Hardlock: \??\C:\WINDOWS\system32\drivers\hardlock.sys (autostart) Haspnt: \??\C:\WINDOWS\system32\drivers\Haspnt.sys (autostart) Hauppauge WinTV 848/9 WDM Video Driver: system32\drivers\HCWBT8XX.sys (manual start) Pilote de fonction Microsoft UAA pour Service High Definition Audio: system32\drivers\HdAudio.sys (manual start) Pilote de bus Microsoft UAA pour High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (disabled) Service for Realtek HD Audio (WDM): system32\drivers\RtkHDAud.sys (manual start) IntelIde: system32\DRIVERS\intelide.sys (system) Pilote de processeur Intel: system32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) iTouch Keyboard Filter: system32\DRIVERS\itchfltr.sys (manual start) ITERAID_Service_Install: system32\DRIVERS\iteraid.sys (system) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Logitech SetPoint Keyboard Driver: system32\DRIVERS\L8042Kbd.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Logitech SetPoint HID Mouse Filter Driver: system32\DRIVERS\LHidKE.Sys (manual start) Logitech SetPoint USB Receiver device driver: System32\Drivers\LHidUsbK.Sys (manual start) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Logitech SetPoint Mouse Filter Driver: system32\DRIVERS\LMouKE.Sys (manual start) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Pilote de port parallèle: system32\DRIVERS\parport.sys (manual start) Pilote de bus PCI: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) Low level access layer for CD devices: System32\Drivers\Pcouffin.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Pilote de redirecteur de périphérique Terminal Server: system32\DRIVERS\rdpdr.sys (manual start) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) REGSpy: \??\C:\Program Files\Softwin\BitDefender9\regspy.sys (manual start) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Cyberlink RichVideo Service(CRVS): "C:\Program Files\CyberLink\Shared files\RichVideo.exe" (autostart) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Sentinel: \SystemRoot\System32\Drivers\SENTINEL.SYS (autostart) Pilote de filtre Serenum: system32\DRIVERS\serenum.sys (manual start) Pilote de port série: system32\DRIVERS\serial.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) srescan: system32\ZoneLabs\srescan.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) StarWind iSCSI Service: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (autostart) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{4F0CA2AA-1AEE-41B4-B870-6BD26D6D7A5A} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: system32\DRIVERS\usbhub.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing USN Journal Reader: C:\WINDOWS\system32\svchost.exe -k usnsvc (manual start) Vax347b: system32\DRIVERS\Vax347b.sys (system) Vax347s: System32\Drivers\Vax347s.sys (system) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) vsdatant: System32\vsdatant.sys (system) TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service Windows Media Connect: C:\Program Files\Windows Media Connect 2\wmccds.exe (manual start) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: C:\Program Files\Windows Media Player\WMPNetwk.exe (manual start) WpdUsb: System32\Drivers\wpdusb.sys (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (system) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller: system32\DRIVERS\yk51x86.sys (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 35 320 bytes Report generated in 0,204 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only C:\WINDOWS\System32\asfiles.txt -->2006-09-25 08:42:17 C:\WINDOWS\System32\Uninstall.ico -->2006-09-25 08:34:36 C:\WINDOWS\System32\Help.ico -->2006-09-25 08:34:36 C:\WINDOWS\System32\pavas.ico -->2006-09-25 08:34:35 C:\WINDOWS\System32\vsconfig.xml -->2006-09-25 06:54:10 C:\WINDOWS\System32\zllictbl.dat -->2006-09-24 10:19:53 C:\WINDOWS\System32\getfile.dat -->2006-09-24 07:43:45 C:\WINDOWS\System32\wpa.dbl -->2006-09-23 12:31:02 C:\WINDOWS\System32\haspvdd.dll -->2006-09-22 22:25:02 C:\WINDOWS\System32\haspdos.sys -->2006-09-22 22:25:02 C:\WINDOWS\System32\CONFIG.NT -->2006-09-22 22:25:01 C:\WINDOWS\System32\FNTCACHE.DAT -->2006-09-14 03:36:24 C:\WINDOWS\System32\MRT.exe -->2006-09-11 13:37:21 C:\WINDOWS\System32\avsda.dll -->2006-09-07 12:56:35 C:\WINDOWS\System32\Status.MPF -->2006-08-31 21:09:34 C:\WINDOWS\System32\BASSMOD.dll -->2006-08-30 14:46:33 C:\WINDOWS\System32\TTACodecs-uninstall.exe -->2006-08-25 18:09:55 C:\WINDOWS\System32\vsutil_loc040c.dll -->2006-08-23 23:39:32 C:\WINDOWS\System32\vsdatant.sys -->2006-08-23 23:38:36 C:\WINDOWS\System32\zlcommdb.dll -->2006-08-23 23:38:06 C:\WINDOWS\System32\zlcomm.dll -->2006-08-23 23:38:06 C:\WINDOWS\System32\vsxml.dll -->2006-08-23 23:38:04 C:\WINDOWS\System32\vswmi.dll -->2006-08-23 23:38:04 C:\WINDOWS\System32\vsutil.dll -->2006-08-23 23:38:04 C:\WINDOWS\System32\vsregexp.dll -->2006-08-23 23:38:02 C:\WINDOWS\win.ini -->2006-09-25 08:37:05 C:\WINDOWS\setupapi.log -->2006-09-25 08:35:13 C:\WINDOWS\0.log -->2006-09-25 06:54:19 C:\WINDOWS\wiaservc.log -->2006-09-25 06:53:37 C:\WINDOWS\wiadebug.log -->2006-09-25 06:53:37 C:\WINDOWS\bootstat.dat -->2006-09-25 06:53:11 C:\WINDOWS\WindowsUpdate.log -->2006-09-25 06:51:49 C:\WINDOWS\ntbtlog.txt -->2006-09-25 06:21:12 C:\WINDOWS\setupact.log -->2006-09-24 21:17:03 C:\WINDOWS\NeroDigital.ini -->2006-09-24 19:59:41 C:\WINDOWS\mozver.dat -->2006-09-24 11:41:44 C:\WINDOWS\SchedLgU.Txt -->2006-09-24 09:39:44 C:\WINDOWS\setuperr.log -->2006-09-23 13:07:50 C:\WINDOWS\system.ini -->2006-09-22 11:10:09 C:\WINDOWS\Irremote.ini -->2006-09-20 19:23:37 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |16/07/2006 10:48:28 C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |23/07/2006 03:55:58 C:\WINDOWS\notepad.exe |16/07/2006 05:31:36 C:\WINDOWS\patchw32.dll |21/08/2006 14:19:31 C:\WINDOWS\system32\append.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\ati2sgag.exe |16/07/2006 10:15:38 C:\WINDOWS\system32\debug.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\DivXsm.exe |21/06/2006 06:43:08 C:\WINDOWS\system32\dosx.exe |03/08/2004 18:51:28 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 13:47:34 C:\WINDOWS\system32\edlin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\FlushCode.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\instlsp.exe |16/07/2006 10:15:02 C:\WINDOWS\system32\mem.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\notepad.exe |08/02/2006 15:05:11 C:\WINDOWS\system32\nw16.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\pxhpinst.exe |16/07/2006 16:47:36 C:\WINDOWS\system32\redir.exe |03/08/2004 18:48:48 C:\WINDOWS\system32\setver.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\Sherlock.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\sleep.exe |01/09/2005 21:53:02 C:\WINDOWS\system32\SMPSeesaw.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\TTACodecs-uninstall.exe |25/08/2006 18:09:55 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\amstream.dll |19/08/2004 12:09:20 C:\WINDOWS\system32\ATIDEMGR.dll |16/07/2006 10:15:31 C:\WINDOWS\system32\BASSMOD.dll |16/07/2006 21:55:20 C:\WINDOWS\system32\CNMVS49.DLL |16/07/2006 10:43:54 C:\WINDOWS\system32\compatUI.dll |19/08/2004 12:09:22 C:\WINDOWS\system32\DivXWMPExtType.dll |21/06/2006 06:33:40 C:\WINDOWS\system32\dmcrypto.dll |16/07/2006 11:01:06 C:\WINDOWS\system32\encdec.dll |19/08/2004 12:09:26 C:\WINDOWS\system32\gif89.dll |01/09/2006 18:36:38 C:\WINDOWS\system32\HCWxds.dll |16/07/2006 10:56:00 C:\WINDOWS\system32\ieencode.dll |19/08/2004 12:09:28 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\libeay32_0.9.6l.dll |24/09/2006 10:19:30 C:\WINDOWS\system32\msdmo.dll |19/08/2004 12:09:34 C:\WINDOWS\system32\msencode.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 13:47:16 C:\WINDOWS\system32\qedwipes.dll |19/08/2004 12:08:48 C:\WINDOWS\system32\qt-dx331.dll |21/06/2006 06:43:05 C:\WINDOWS\system32\RTLCPAPI.dll |16/07/2006 10:42:18 C:\WINDOWS\system32\sbe.dll |19/08/2004 12:09:40 C:\WINDOWS\system32\scriptpw.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\tsd32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\win87em.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\xvidcore.dll |25/08/2006 18:13:59 C:\WINDOWS\system32\xvidvfw.dll |25/08/2006 18:13:58 C:\WINDOWS\system32\ZLib.dll |30/08/2006 22:32:09 C:\WINDOWS\system32\ZPORT4AS.dll |25/09/2006 08:35:01 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |16/07/2006 10:48:28 C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |23/07/2006 03:55:58 C:\WINDOWS\patchw32.dll |21/08/2006 14:19:31 C:\WINDOWS\system32\append.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\debug.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\DivXsm.exe |21/06/2006 06:43:08 C:\WINDOWS\system32\dosx.exe |03/08/2004 18:51:28 C:\WINDOWS\system32\edlin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\instlsp.exe |16/07/2006 10:15:02 C:\WINDOWS\system32\mem.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\nw16.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\pxhpinst.exe |16/07/2006 16:47:36 C:\WINDOWS\system32\redir.exe |03/08/2004 18:48:48 C:\WINDOWS\system32\setver.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\Sherlock.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\sleep.exe |01/09/2005 21:53:02 C:\WINDOWS\system32\SMPSeesaw.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\TTACodecs-uninstall.exe |25/08/2006 18:09:55 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\amstream.dll |19/08/2004 12:09:20 C:\WINDOWS\system32\BASSMOD.dll |16/07/2006 21:55:20 C:\WINDOWS\system32\CNMVS49.DLL |16/07/2006 10:43:54 C:\WINDOWS\system32\DivXWMPExtType.dll |21/06/2006 06:33:40 C:\WINDOWS\system32\dmcrypto.dll |16/07/2006 11:01:06 C:\WINDOWS\system32\encdec.dll |19/08/2004 12:09:26 C:\WINDOWS\system32\ieencode.dll |19/08/2004 12:09:28 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\libeay32_0.9.6l.dll |24/09/2006 10:19:30 C:\WINDOWS\system32\msdmo.dll |19/08/2004 12:09:34 C:\WINDOWS\system32\msencode.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\qedwipes.dll |19/08/2004 12:08:48 C:\WINDOWS\system32\qt-dx331.dll |21/06/2006 06:43:05 C:\WINDOWS\system32\sbe.dll |19/08/2004 12:09:40 C:\WINDOWS\system32\tsd32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\win87em.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\xvidcore.dll |25/08/2006 18:13:59 C:\WINDOWS\system32\xvidvfw.dll |25/08/2006 18:13:58 C:\WINDOWS\system32\ZPORT4AS.dll |25/09/2006 08:35:01 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2031-2F29 Répertoire de C:\WINDOWS\system32 2004-08-19 12:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 37 593 178 112 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2031-2F29 Répertoire de C:\WINDOWS\Downloaded Program Files 2006-09-25 09:02 <REP> . 2006-09-25 09:02 <REP> .. 2006-08-24 08:28 141 424 asinst.dll 2006-08-22 09:06 537 asinst.inf 2006-07-16 09:42 65 desktop.ini 3 fichier(s) 142 026 octets Total des fichiers listés : 3 fichier(s) 142 026 octets 2 Rép(s) 37 593 174 016 octets libres Liste des programmes installes AC3Filter (remove only) Adobe Acrobat 5.0 Adobe Reader 7.0.8 - Français AnyDVD Archiveur WinRAR AsusUpdate ATI - Utilitaire de désinstallation du logiciel ATI Catalyst Control Center ATI Control Panel ATI Display Driver ATI HYDRAVISION µTorrent AutoUpdate Avira AntiVir PersonalEdition Classic Canon i550 CloneDVD2 Codeur Windows Media Série 9 Codeur Windows Media Série 9 Commande ECHO désactivée. ConvertXtoDVD 2.0.14 Correctif Windows XP - KB867282 Correctif Windows XP - KB885894 DivX DivX Player DivX Web Player ewido anti-spyware 4.0 Firebird SQL Server - MAGIX Edition (F) Google Toolbar for Firefox Google Toolbar for Internet Explorer Haali Media Splitter Hauppauge French Help Files and Resources Hauppauge WinTV Infrared Remote Hauppauge WinTV IR Blaster Hauppauge WinTV Scheduler Hauppauge WinTV Soft PVR Hauppauge WinTV Source Selector Hauppauge WinTV2000 High Definition Audio Driver Package - KB835221 HijackThis 1.99.1 Hotfix for Windows Media Format SDK (KB902344) IKEA HomePlanner Kitchen InfoClock Screensaver 1.5.3 ITE IT8212 ATA RAID Controller J2SE Runtime Environment 5.0 Update 7 Lame ACM MP3 Codec Lecteur Windows Media 11 Les Indispensables Éducation pour Microsoft Office Logiciel iTouch de Logitech Logitech Desktop Messenger Logitech SetPoint Macromedia Flash Player 8 Macromedia Flash Player 8 Plugin Macromedia Shockwave Player Marvell Miniport Driver Matroska Pack Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft Encarta 2007 - Études Microsoft Encarta Maths Microsoft Office PowerPoint Viewer 2003 Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft Windows Media Video 9 VCM Microsoft XML Parser mIRC Mise à jour de logiciel pour les Dossiers Web Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Windows XP (KB913433) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour Encarta_Les Indispensables Éducation Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Mozilla Firefox (1.5.0.7) Mozilla Thunderbird (1.5) MSXML 6.0 Parser Nero 7 Premium NewsBin Pro 4.3 Panda ActiveScan Photorécit 3 pour Windows PowerDVD QuickPar 0.9 QuickSFV (Remove only) QuickTime Alternative 1.70 RCT3 Soaked Real Alternative 1.49 Realtek High Definition Audio Driver RollerCoaster Tycoon 3 Security Update pour Microsoft .NET Framework 2.0 (KB917283) Sentinel Protection Installer 7.0.0 SolSuite TMPGEnc 3.0 XPress TMPGEnc DVD Author 1.5 True Audio DirectShow Codecs Suite (remove only) Ulead COOL 360 1.0 Ulead Photo Explorer 8.6 Ulead PhotoImpact 11 Virtual Cable Tester Visionneuse Journal Windows Microsoft WebFldrs XP Winamp (remove only) WinAVI Video Converter 7.6 Windows Genuine Advantage Notifications (KB905474) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Connect Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 10 Hotfix - KB888656 Windows Media Player 11 Windows Messenger 5.1 WinISO 5.3 XviD 1.1 final uninstall ZoneAlarm Pro Zoo Tycoon 2 - African Adventure Zoo Tycoon 2 - African Adventure Zoo Tycoon 2 Espèces en danger Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2031-2F29 Répertoire de C:\Program Files 2006-09-24 21:15 <REP> . 2006-09-24 21:15 <REP> .. 2006-07-16 16:46 <REP> AC3Filter 2006-07-19 20:29 <REP> Adobe 2006-07-16 22:01 <REP> Alcohol Soft 2006-09-25 08:45 <REP> AntiVir PersonalEdition Classic 2006-09-22 21:39 <REP> ART Inc 2006-07-16 10:40 <REP> ASUS 2006-08-21 14:17 <REP> Atari 2006-07-16 10:16 <REP> ATI Technologies 2006-07-16 09:40 <REP> ComPlus Applications 2006-07-16 21:54 <REP> CyberLink 2006-08-13 07:14 <REP> DivX 2006-07-29 00:00 <REP> Elaborate Bytes 2006-09-25 08:47 <REP> ewido anti-spyware 4.0 2006-09-24 21:14 <REP> Fichiers communs 2006-09-25 08:48 <REP> Google 2006-09-25 09:09 <REP> HijackThis 2006-09-22 18:54 <REP> IKEA HomePlanner 2006-08-15 16:56 <REP> InfoClock Screensaver 2006-09-07 09:
  3. Bricker
    Merci charles ingals pour ton aide voici les trois rapports --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 06:49:34 2006-09-25 + Scan result: C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc101.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc102.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc114.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc127.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc13.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc24.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc27.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc46.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc51.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc70.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc73.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc78.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc96.exe -> Proxy.Horst.jb : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc10.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc100.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc103.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc106.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc107.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc109.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc111.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc113.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc115.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc116.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc12.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc120.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc122.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc124.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc126.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc129.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc15.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc18.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc20.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc21.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc23.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc25.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc28.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc31.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc32.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc36.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc38.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc39.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc40.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc43.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc47.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc53.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc57.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc59.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc6.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc62.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc64.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc68.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc71.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc75.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc79.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc8.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc84.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc86.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc89.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc90.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc92.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc94.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc97.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). C:\RECYCLER\S-1-5-21-1614895754-1677128483-1177238915-500\Dc98.exe -> Proxy.Horst.jp : Cleaned with backup (quarantined). :mozilla.22:C:\Documents and Settings\La Famille\Application Data\Mozilla\Firefox\Profiles\44hw6f7u.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.23:C:\Documents and Settings\La Famille\Application Data\Mozilla\Firefox\Profiles\44hw6f7u.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.39:C:\Documents and Settings\La Famille\Application Data\Mozilla\Firefox\Profiles\44hw6f7u.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.38:C:\Documents and Settings\La Famille\Application Data\Mozilla\Firefox\Profiles\44hw6f7u.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). ::Report end Script clean par Malekal_morte - http://www.malekal.com Microsoft Windows XP [version 5.1.2600] Script execute en mode sans echec *** Suppression de fichiers sur C: *** Suppression des fichiers dans C:\WINDOWS\ C:\WINDOWS\win??????????????.exe FOUND *** Suppression des fichiers dans C:\WINDOWS\system32 C:\WINDOWS\system32\bdod.bin FOUND C:\WINDOWS\system32\nvsvcd.exe FOUND *** Suppression des clefs du registre effectuee.. Logfile of HijackThis v1.99.1 Scan saved at 06:50:36, on 2006-09-25 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/defaultf.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  4. Bricker
    Voila le fichier que tu m'as demande merci pour ton aide C:\WINDOWS\System32\vsconfig.xml -->2006-09-24 17:18:07 C:\WINDOWS\System32\zllictbl.dat -->2006-09-24 10:19:53 C:\WINDOWS\System32\bdod.bin -->2006-09-24 08:12:19 C:\WINDOWS\System32\getfile.dat -->2006-09-24 07:43:45 C:\WINDOWS\System32\wpa.dbl -->2006-09-23 12:31:02 C:\WINDOWS\System32\haspvdd.dll -->2006-09-22 22:25:02 C:\WINDOWS\System32\haspdos.sys -->2006-09-22 22:25:02 C:\WINDOWS\System32\CONFIG.NT -->2006-09-22 22:25:01 C:\WINDOWS\System32\FNTCACHE.DAT -->2006-09-14 03:36:24 C:\WINDOWS\System32\MRT.exe -->2006-09-11 13:37:21 C:\WINDOWS\System32\avsda.dll -->2006-09-07 12:56:35 C:\WINDOWS\System32\nvsvcd.exe -->2006-09-01 07:18:28 C:\WINDOWS\System32\Status.MPF -->2006-08-31 21:09:34 C:\WINDOWS\System32\BASSMOD.dll -->2006-08-30 14:46:33 C:\WINDOWS\System32\TTACodecs-uninstall.exe -->2006-08-25 18:09:55 C:\WINDOWS\System32\vsutil_loc040c.dll -->2006-08-23 23:39:32 C:\WINDOWS\System32\vsdatant.sys -->2006-08-23 23:38:36 C:\WINDOWS\System32\zlcommdb.dll -->2006-08-23 23:38:06 C:\WINDOWS\System32\zlcomm.dll -->2006-08-23 23:38:06 C:\WINDOWS\System32\vsxml.dll -->2006-08-23 23:38:04 C:\WINDOWS\System32\vswmi.dll -->2006-08-23 23:38:04 C:\WINDOWS\System32\vsutil.dll -->2006-08-23 23:38:04 C:\WINDOWS\System32\vsregexp.dll -->2006-08-23 23:38:02 C:\WINDOWS\System32\vspubapi.dll -->2006-08-23 23:38:02 C:\WINDOWS\System32\vsmonapi.dll -->2006-08-23 23:38:00 C:\WINDOWS\NeroDigital.ini -->2006-09-24 17:19:40 C:\WINDOWS\0.log -->2006-09-24 17:18:46 C:\WINDOWS\wiadebug.log -->2006-09-24 17:17:52 C:\WINDOWS\wiaservc.log -->2006-09-24 17:17:51 C:\WINDOWS\bootstat.dat -->2006-09-24 17:17:47 C:\WINDOWS\WindowsUpdate.log -->2006-09-24 17:16:26 C:\WINDOWS\mozver.dat -->2006-09-24 11:41:44 C:\WINDOWS\win.ini -->2006-09-24 11:41:43 C:\WINDOWS\setupapi.log -->2006-09-24 11:20:27 C:\WINDOWS\SchedLgU.Txt -->2006-09-24 09:39:44 C:\WINDOWS\ntbtlog.txt -->2006-09-23 18:31:51 C:\WINDOWS\setuperr.log -->2006-09-23 13:07:50 C:\WINDOWS\setupact.log -->2006-09-23 13:07:50 C:\WINDOWS\system.ini -->2006-09-22 11:10:09 C:\WINDOWS\Irremote.ini -->2006-09-20 19:23:37 C:\WINDOWS\system32\append.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\ati2sgag.exe |16/07/2006 10:15:38 C:\WINDOWS\system32\debug.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\DivXsm.exe |21/06/2006 06:43:08 C:\WINDOWS\system32\dosx.exe |03/08/2004 18:51:28 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 13:47:34 C:\WINDOWS\system32\edlin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\FlushCode.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\instlsp.exe |16/07/2006 10:15:02 C:\WINDOWS\system32\mem.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\notepad.exe |08/02/2006 15:05:11 C:\WINDOWS\system32\nvsvcd.exe |01/09/2006 07:18:29 C:\WINDOWS\system32\nw16.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\pxhpinst.exe |16/07/2006 16:47:36 C:\WINDOWS\system32\redir.exe |03/08/2004 18:48:48 C:\WINDOWS\system32\setver.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\Sherlock.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\sleep.exe |01/09/2005 21:53:02 C:\WINDOWS\system32\SMPSeesaw.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\TTACodecs-uninstall.exe |25/08/2006 18:09:55 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\amstream.dll |19/08/2004 12:09:20 C:\WINDOWS\system32\ATIDEMGR.dll |16/07/2006 10:15:31 C:\WINDOWS\system32\BASSMOD.dll |16/07/2006 21:55:20 C:\WINDOWS\system32\CNMVS49.DLL |16/07/2006 10:43:54 C:\WINDOWS\system32\compatUI.dll |19/08/2004 12:09:22 C:\WINDOWS\system32\DivXWMPExtType.dll |21/06/2006 06:33:40 C:\WINDOWS\system32\dmcrypto.dll |16/07/2006 11:01:06 C:\WINDOWS\system32\encdec.dll |19/08/2004 12:09:26 C:\WINDOWS\system32\gif89.dll |01/09/2006 18:36:38 C:\WINDOWS\system32\HCWxds.dll |16/07/2006 10:56:00 C:\WINDOWS\system32\ieencode.dll |19/08/2004 12:09:28 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\msdmo.dll |19/08/2004 12:09:34 C:\WINDOWS\system32\msencode.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 13:47:16 C:\WINDOWS\system32\qedwipes.dll |19/08/2004 12:08:48 C:\WINDOWS\system32\qt-dx331.dll |21/06/2006 06:43:05 C:\WINDOWS\system32\RTLCPAPI.dll |16/07/2006 10:42:18 C:\WINDOWS\system32\sbe.dll |19/08/2004 12:09:40 C:\WINDOWS\system32\scriptpw.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\sockspy.dll |02/09/2005 14:48:40 C:\WINDOWS\system32\tsd32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\win87em.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\xreglib.dll |06/12/2002 17:37:06 C:\WINDOWS\system32\xvidcore.dll |25/08/2006 18:13:59 C:\WINDOWS\system32\xvidvfw.dll |25/08/2006 18:13:58 C:\WINDOWS\system32\ZLib.dll |30/08/2006 22:32:09 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |16/07/2006 10:48:28 C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |23/07/2006 03:55:58 C:\WINDOWS\notepad.exe |16/07/2006 05:31:36 C:\WINDOWS\patchw32.dll |21/08/2006 14:19:31 C:\WINDOWS\system32\append.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\ati2sgag.exe |16/07/2006 10:15:38 C:\WINDOWS\system32\debug.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\DivXsm.exe |21/06/2006 06:43:08 C:\WINDOWS\system32\dosx.exe |03/08/2004 18:51:28 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 13:47:34 C:\WINDOWS\system32\edlin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\FlushCode.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\instlsp.exe |16/07/2006 10:15:02 C:\WINDOWS\system32\mem.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\notepad.exe |08/02/2006 15:05:11 C:\WINDOWS\system32\nvsvcd.exe |01/09/2006 07:18:29 C:\WINDOWS\system32\nw16.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\pxhpinst.exe |16/07/2006 16:47:36 C:\WINDOWS\system32\redir.exe |03/08/2004 18:48:48 C:\WINDOWS\system32\setver.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\Sherlock.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\sleep.exe |01/09/2005 21:53:02 C:\WINDOWS\system32\SMPSeesaw.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\TTACodecs-uninstall.exe |25/08/2006 18:09:55 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\amstream.dll |19/08/2004 12:09:20 C:\WINDOWS\system32\ATIDEMGR.dll |16/07/2006 10:15:31 C:\WINDOWS\system32\BASSMOD.dll |16/07/2006 21:55:20 C:\WINDOWS\system32\CNMVS49.DLL |16/07/2006 10:43:54 C:\WINDOWS\system32\compatUI.dll |19/08/2004 12:09:22 C:\WINDOWS\system32\DivXWMPExtType.dll |21/06/2006 06:33:40 C:\WINDOWS\system32\dmcrypto.dll |16/07/2006 11:01:06 C:\WINDOWS\system32\encdec.dll |19/08/2004 12:09:26 C:\WINDOWS\system32\gif89.dll |01/09/2006 18:36:38 C:\WINDOWS\system32\HCWxds.dll |16/07/2006 10:56:00 C:\WINDOWS\system32\ieencode.dll |19/08/2004 12:09:28 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\libeay32_0.9.6l.dll |24/09/2006 10:19:30 C:\WINDOWS\system32\msdmo.dll |19/08/2004 12:09:34 C:\WINDOWS\system32\msencode.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 13:47:16 C:\WINDOWS\system32\qedwipes.dll |19/08/2004 12:08:48 C:\WINDOWS\system32\qt-dx331.dll |21/06/2006 06:43:05 C:\WINDOWS\system32\RTLCPAPI.dll |16/07/2006 10:42:18 C:\WINDOWS\system32\sbe.dll |19/08/2004 12:09:40 C:\WINDOWS\system32\scriptpw.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\tsd32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\win87em.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\xvidcore.dll |25/08/2006 18:13:59 C:\WINDOWS\system32\xvidvfw.dll |25/08/2006 18:13:58 C:\WINDOWS\system32\ZLib.dll |30/08/2006 22:32:09 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |16/07/2006 10:48:28 C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |23/07/2006 03:55:58 C:\WINDOWS\patchw32.dll |21/08/2006 14:19:31 C:\WINDOWS\system32\append.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\debug.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\DivXsm.exe |21/06/2006 06:43:08 C:\WINDOWS\system32\dosx.exe |03/08/2004 18:51:28 C:\WINDOWS\system32\edlin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\instlsp.exe |16/07/2006 10:15:02 C:\WINDOWS\system32\mem.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\nvsvcd.exe |01/09/2006 07:18:29 C:\WINDOWS\system32\nw16.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\pxhpinst.exe |16/07/2006 16:47:36 C:\WINDOWS\system32\redir.exe |03/08/2004 18:48:48 C:\WINDOWS\system32\setver.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\Sherlock.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\sleep.exe |01/09/2005 21:53:02 C:\WINDOWS\system32\SMPSeesaw.exe |16/07/2006 09:55:43 C:\WINDOWS\system32\TTACodecs-uninstall.exe |25/08/2006 18:09:55 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 10:00:00 C:\WINDOWS\system32\amstream.dll |19/08/2004 12:09:20 C:\WINDOWS\system32\BASSMOD.dll |16/07/2006 21:55:20 C:\WINDOWS\system32\CNMVS49.DLL |16/07/2006 10:43:54 C:\WINDOWS\system32\DivXWMPExtType.dll |21/06/2006 06:33:40 C:\WINDOWS\system32\dmcrypto.dll |16/07/2006 11:01:06 C:\WINDOWS\system32\encdec.dll |19/08/2004 12:09:26 C:\WINDOWS\system32\ieencode.dll |19/08/2004 12:09:28 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\libeay32_0.9.6l.dll |24/09/2006 10:19:30 C:\WINDOWS\system32\msdmo.dll |19/08/2004 12:09:34 C:\WINDOWS\system32\msencode.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\qedwipes.dll |19/08/2004 12:08:48 C:\WINDOWS\system32\qt-dx331.dll |21/06/2006 06:43:05 C:\WINDOWS\system32\sbe.dll |19/08/2004 12:09:40 C:\WINDOWS\system32\tsd32.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\win87em.dll |28/08/2001 10:00:00 C:\WINDOWS\system32\xvidcore.dll |25/08/2006 18:13:59 C:\WINDOWS\system32\xvidvfw.dll |25/08/2006 18:13:58 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2031-2F29 Répertoire de C:\WINDOWS\system32 2004-08-19 12:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 37 623 754 752 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2031-2F29 Répertoire de C:\WINDOWS\Downloaded Program Files 2006-07-16 09:42 <REP> . 2006-07-16 09:42 <REP> .. 2006-07-16 09:42 65 desktop.ini 1 fichier(s) 65 octets Total des fichiers listés : 1 fichier(s) 65 octets 2 Rép(s) 37 623 754 752 octets libres Liste des programmes installes AC3Filter (remove only) Adobe Acrobat 5.0 Adobe Reader 7.0.8 - Français AnyDVD Archiveur WinRAR AsusUpdate ATI - Utilitaire de désinstallation du logiciel ATI Catalyst Control Center ATI Control Panel ATI Display Driver ATI HYDRAVISION µTorrent AutoUpdate Avira AntiVir PersonalEdition Classic Canon i550 CloneDVD2 Codeur Windows Media Série 9 Codeur Windows Media Série 9 Commande ECHO désactivée. ConvertXtoDVD 2.0.14 Correctif Windows XP - KB867282 Correctif Windows XP - KB885894 DivX DivX Player DivX Web Player Firebird SQL Server - MAGIX Edition (F) Google Toolbar for Firefox Google Toolbar for Internet Explorer Haali Media Splitter Hauppauge French Help Files and Resources Hauppauge WinTV Infrared Remote Hauppauge WinTV IR Blaster Hauppauge WinTV Scheduler Hauppauge WinTV Soft PVR Hauppauge WinTV Source Selector Hauppauge WinTV2000 High Definition Audio Driver Package - KB835221 HijackThis 1.99.1 Hotfix for Windows Media Format SDK (KB902344) IKEA HomePlanner Kitchen InfoClock Screensaver 1.5.3 ITE IT8212 ATA RAID Controller J2SE Runtime Environment 5.0 Update 7 Lame ACM MP3 Codec Lecteur Windows Media 11 Les Indispensables Éducation pour Microsoft Office Logiciel iTouch de Logitech Logitech Desktop Messenger Logitech SetPoint Macromedia Flash Player 8 Macromedia Flash Player 8 Plugin Macromedia Shockwave Player Marvell Miniport Driver Matroska Pack Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft Encarta 2007 - Études Microsoft Encarta Maths Microsoft Office PowerPoint Viewer 2003 Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft Windows Media Video 9 VCM Microsoft XML Parser mIRC Mise à jour de logiciel pour les Dossiers Web Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Windows XP (KB913433) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour Encarta_Les Indispensables Éducation Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Mozilla Firefox (1.5.0.7) Mozilla Thunderbird (1.5) MSXML 6.0 Parser Nero 7 Premium NewsBin Pro 4.3 Photorécit 3 pour Windows PowerDVD QuickPar 0.9 QuickSFV (Remove only) QuickTime Alternative 1.70 RCT3 Soaked Real Alternative 1.49 Realtek High Definition Audio Driver RollerCoaster Tycoon 3 Security Update pour Microsoft .NET Framework 2.0 (KB917283) Sentinel Protection Installer 7.0.0 SolSuite TMPGEnc 3.0 XPress TMPGEnc DVD Author 1.5 True Audio DirectShow Codecs Suite (remove only) Ulead COOL 360 1.0 Ulead Photo Explorer 8.6 Ulead PhotoImpact 11 Virtual Cable Tester Visionneuse Journal Windows Microsoft WebFldrs XP Winamp (remove only) WinAVI Video Converter 7.6 Windows Genuine Advantage Notifications (KB905474) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Connect Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 10 Hotfix - KB888656 Windows Media Player 11 Windows Messenger 5.1 WinISO 5.3 XviD 1.1 final uninstall ZoneAlarm Pro Zoo Tycoon 2 - African Adventure Zoo Tycoon 2 - African Adventure Zoo Tycoon 2 Espèces en danger Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2031-2F29 Répertoire de C:\Program Files 2006-09-24 11:41 <REP> . 2006-09-24 11:41 <REP> .. 2006-07-16 16:46 <REP> AC3Filter 2006-07-19 20:29 <REP> Adobe 2006-07-16 22:01 <REP> Alcohol Soft 2006-09-24 09:43 <REP> AntiVir PersonalEdition Classic 2006-09-22 21:39 <REP> ART Inc 2006-07-16 10:40 <REP> ASUS 2006-08-21 14:17 <REP> Atari 2006-07-16 10:16 <REP> ATI Technologies 2006-07-16 09:40 <REP> ComPlus Applications 2006-07-16 21:54 <REP> CyberLink 2006-08-13 07:14 <REP> DivX 2006-07-29 00:00 <REP> Elaborate Bytes 2006-09-22 22:09 <REP> Fichiers communs 2006-09-09 23:06 <REP> Google 2006-09-24 17:28 <REP> HijackThis 2006-09-22 18:54 <REP> IKEA HomePlanner 2006-09-24 08:38 <REP> IncrediMail 2006-08-15 16:56 <REP> InfoClock Screensaver 2006-09-07 09:31 1 000 INSTALL.LOG 2006-07-16 10:41 <REP> Intel 2006-08-12 12:33 <REP> Internet Explorer 2006-07-16 10:41 <REP> ITE 2006-07-16 10:06 <REP> Java 2006-07-16 09:55 <REP> JEUX 2006-09-03 08:25 <REP> Learning Essentials 2006-07-16 10:53 <REP> Logitech 2006-07-16 10:40 <REP> Marvell 2006-07-16 16:51 <REP> Matroska Pack 2006-09-24 11:23 <REP> McAfee 2006-07-16 16:51 <REP> Media Player Classic 2006-07-16 10:03 <REP> Messenger 2006-09-03 08:29 <REP> Microsoft Etudes 2006-07-16 09:44 <REP> microsoft frontpage 2006-08-24 21:38 <REP> Microsoft Games 2006-07-16 11:10 <REP> Microsoft Office 2006-07-16 11:09 <REP> Microsoft.NET 2006-07-16 09:41 <REP> Movie Maker 2006-09-24 11:43 <REP> Mozilla Firefox 2006-09-24 11:47 <REP> Mozilla Thunderbird 2006-07-16 09:40 <REP> MSN Gaming Zone 2006-08-28 23:36 <REP> MSN Messenger 2006-07-16 16:52 <REP> MétéoMédia 2006-09-22 17:42 <REP> nbpro 2006-07-20 18:40 <REP> Nero 2006-07-16 09:41 <REP> NetMeeting 2006-07-16 09:41 <REP> Outlook Express 2006-08-04 01:35 <REP> Pegasys Inc 2006-07-16 10:03 <REP> Photo Story 3 for Windows 2006-07-31 18:27 <REP> QuickPar 2006-07-31 17:38 <REP> QuickSFV 2006-07-16 16:51 <REP> QuickTime Alternative 2006-07-16 16:52 <REP> Real Alternative 2006-07-16 10:42 <REP> Realtek 2006-09-22 22:09 <REP> SafeNet Sentinel 2006-09-01 18:35 <REP> Sierra On-Line 2006-07-28 23:58 <REP> SlySoft 2006-08-15 12:32 <REP> SolSuite 2006-09-24 08:39 <REP> Spybot - Search & Destroy 2006-07-29 14:47 <REP> Ulead Systems 2006-07-16 09:55 <REP> UTILS 2006-07-16 17:33 <REP> uTorrent 2006-08-13 07:47 <REP> vso 2006-08-29 13:01 <REP> Winamp 2006-08-31 11:57 <REP> WinAVI Video Converter 2006-07-16 10:01 <REP> Windows Journal Viewer 2006-07-16 10:02 <REP> Windows Media Components 2006-07-16 09:43 <REP> Windows Media Connect 2 2006-07-24 22:52 <REP> Windows Media Player 2006-07-16 09:39 <REP> Windows NT 2006-09-06 14:37 <REP> WinISO 2006-08-30 15:06 <REP> WinRAR 2006-07-16 11:05 <REP> WinTV 2006-07-16 10:02 <REP> WMV9_VCM 2006-07-16 09:44 <REP> xerox 2006-08-25 18:13 <REP> XviD 2006-09-24 08:39 <REP> Yahoo! 2006-09-24 09:26 <REP> Zone Labs 1 fichier(s) 1 000 octets 78 Rép(s) 37 623 349 248 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2031-2F29 Répertoire de C:\Program Files\fichiers communs 2006-09-22 22:09 <REP> . 2006-09-22 22:09 <REP> .. 2006-07-16 10:05 <REP> Adobe 2006-07-20 18:49 <REP> Ahead 2006-07-16 11:10 <REP> DESIGNER 2006-07-16 10:46 <REP> InstallShield 2006-07-16 10:05 <REP> Java 2006-07-16 10:53 <REP> Logitech 2006-09-04 14:49 <REP> MAGIX Shared 2006-09-03 08:29 <REP> Microsoft Shared 2006-07-16 09:41 <REP> MSSoap 2006-07-16 05:32 <REP> ODBC 2006-08-21 14:19 <REP> PocketSoft 2006-09-22 22:09 <REP> SafeNet Sentinel 2006-07-16 09:41 <REP> Services 2006-09-24 08:27 <REP> Softwin 2006-07-16 05:32 <REP> SpeechEngines 2006-09-07 09:24 <REP> Symantec Shared 2006-07-16 11:10 <REP> System 2006-07-29 14:46 <REP> Ulead Systems 2006-09-22 18:54 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 21 Rép(s) 37 623 345 152 octets libres c:\Documents and Settings\La Famille\Application Data\ezpinst.exe c:\Documents and Settings\La Famille\Application Data\LimeWire\.NetworkShare\Incomplete\T-2873448-LimeWireWin4.12.4.exe c:\Documents and Settings\La Famille\Application Data\Microsoft\Installer\{E3D278BD-FC97-4F87-BB1F-689AE0CB9122}\ARPPRODUCTICON.exe c:\Documents and Settings\La Famille\Mes documents\Documents de Christine\themes pour le bureau\BarbieBedTimeStories.exe c:\Documents and Settings\La Famille\Mes documents\Documents de Christine\themes pour le bureau\Star_Child.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\MVT\atl.dll c:\Documents and Settings\All Users\Application Data\MVT\msvcp60.dll c:\Documents and Settings\All Users\Application Data\MVT\MVT.dll c:\Documents and Settings\All Users\Application Data\MVT\unicows.dll c:\Documents and Settings\All Users\Application Data\MVTLogs\detect.dll c:\Documents and Settings\La Famille\Application Data\Mozilla\Firefox\Profiles\44hw6f7u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\La Famille\Application Data\Mozilla\Firefox\Profiles\44hw6f7u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
  5. Bricker
    Bonjour j'ai fait un pré-nettoyage comme indiqué mes problemes avec les mawares me semble resolu mais mon ordi est tjrs tres lent je vous envoie mon rapport de HijackThis Merci à l'avance de m'aider Logfile of HijackThis v1.99.1 Scan saved at 17:29:02, on 2006-09-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\uTorrent\utorrent.exe D:\emule\emule.exe C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/defaultf.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunServices: [schedulingAgent] C:\WINDOWS\system32\mstask.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [L07FXLRD_12614484] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: RAID Manager.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll O18 - Protocol: bw+0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  6. Bricker
    Bonjour a tous je recherche un bon anti-spam si qqn pourrait m'en conseiller stp
  7. Bricker
    Logfile of HijackThis v1.99.1 Scan saved at 19:24:06, on 2006-09-23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/defaultf.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\RunServices: [schedulingAgent] C:\WINDOWS\system32\mstask.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [L07FXLRD_12614484] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: RAID Manager.lnk = ? O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll O18 - Protocol: bw+0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {26D86075-FDD9-44BA-A4CB-1E423F0D5578} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
×
×
  • Créer...