Aller au contenu

number05

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    32

  • Inscription

  • Dernière visite

number05's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. number05
    -----------\\ ToolBar S&D 1.2.1 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.00GHz ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total : 18 Go Free : 7 Go D:\ (Local Disk) - NTFS - Total : 19 Go Free : 0 Go E:\ (CD or DVD) F:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 ) Option : [1] ( 03/10/2008| 2:35 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\DOCUME~1\ADMINI~1\Cookies\administrateur@msxml.webcrawler[1].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@webcrawler[1].txt C:\DOCUME~1\ADMINI~1\APPLIC~1\FunWebProducts C:\DOCUME~1\ADMINI~1\APPLIC~1\FunWebProducts\Data C:\Program Files\FunWebProducts C:\Program Files\FunWebProducts\ScreenSaver C:\Program Files\FunWebProducts\Shared C:\DOCUME~1\ADMINI~1\Cookies\administrateur@hotbar[1].txt C:\Program Files\MyWebSearch C:\Program Files\MyWebSearch\bar C:\Program Files\MyWebSearch\SrchAstt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@mywebsearch[2].txt C:\WINDOWS\iun6002.exe C:\WINDOWS\System32\f3PSSavr.scr C:\Program Files\Internet Explorer\msimg32.dll C:\Program Files\MSN Messenger\riched20.dll -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\windows\\system32\\blank.htm" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\windows\\system32\\blank.htm" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 03/10/2008| 2:38 - Option : [1] -----------\\ Fin du rapport a 2:38:43,78 merci pour votre aide
  2. number05
    Voici le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 17:20:15, on 25/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\MsiExec.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\WinRAR\WinRAR.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.640\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: DSLMON.lnk = ? O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZN O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?4a0f12091bbe4640a657e07b3e1007ac O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?4a0f12091bbe4640a657e07b3e1007ac O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{49325DED-6FE9-4CFC-AB2C-92ED0B69EA82}: NameServer = 41.221.20.4 208.67.222.222 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
  3. number05
    Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 14:40:58, on 29/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\HPQ\IAM\bin\asghost.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\BitLord\BitLord.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Downloads\number05.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: PC Angel (PCA) - Unknown owner - C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe (file missing) O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/03/clip_image002.gif O24 - Desktop Component 1: (no name) - http://www.atlas-grup.com/yukle/resim/wresim%205.jpg -- End of file - 11051 bytes
  4. number05
    hallilouahhh, ça marche!!!!! mission accomplie charles MERCI pour ton aide!!!!
  5. number05
    salut charles, ci dessous le rapport demandé SmitFraudFix v2.207 Rapport fait à 14:20:07,75, 28/07/2007 Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Broadcom 440x 10/100 Integrated Controller - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.66 DNS Server Search Order: 85.255.112.80 Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Intel® PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.66 DNS Server Search Order: 85.255.112.80 Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Pilote de serveur d'accès au réseau local Bluetooth - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.66 DNS Server Search Order: 85.255.112.80 HKLM\SYSTEM\CCS\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CCS\Services\Tcpip\..\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561}: DhcpNameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CCS\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: DhcpNameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CCS\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CCS\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CCS\Services\Tcpip\..\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS1\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS1\Services\Tcpip\..\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561}: DhcpNameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: DhcpNameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS1\Services\Tcpip\..\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS2\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS2\Services\Tcpip\..\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561}: DhcpNameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS2\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: DhcpNameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS2\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS2\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CS2\Services\Tcpip\..\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}: NameServer=85.255.116.66,85.255.112.80 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.66 85.255.112.80 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.66 85.255.112.80 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.116.66 85.255.112.80 »»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix
  6. number05
    bonjour charles, voici le contenu de ce que tu m'as demandé de faire. StartupList report, 26/07/2007, 10:53:08 StartupList version: 1.52.2 Started from : C:\Downloads\number05.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16473) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HPQ\IAM\bin\asghost.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\BitLord\BitLord.exe C:\Downloads\number05.exe -------------------------------------------------- Listing of startup folders: Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] BTTray.lnk = ? DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run MsmqIntCert = regsvr32 /s mqrt.dll SoundMAX = C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray PTHOSTTR = C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start HP Software Update = C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe DLA = C:\WINDOWS\System32\DLA\DLACTRLW.EXE SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe hpWirelessAssistant = C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe CognizanceTS = rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe Recguard = C:\WINDOWS\Sminst\Recguard.exe Reminder = C:\WINDOWS\Creator\Remind_XP.exe Scheduler = C:\WINDOWS\SMINST\Scheduler.exe WatchDog = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe AVP = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" SoundMAXPnP = C:\Program Files\Analog Devices\Core\smax4pnp.exe igfxtray = C:\WINDOWS\system32\igfxtray.exe igfxhkcmd = C:\WINDOWS\system32\hkcmd.exe igfxpers = C:\WINDOWS\system32\igfxpers.exe Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe SunJavaUpdateSched = C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe Picasa Media Detector = C:\Program Files\Picasa2\PicasaMediaDetector.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe swg = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [optionalcomponents] = -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\scrnsave.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\WINDOWS\System32\DLA\DLASHX_W.DLL - {5CA3D70E-1895-11CF-8E15-001234567890} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} HP Credential Manager for ProtectTools - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -------------------------------------------------- Enumerating Download Program Files: [{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}] CODEBASE = http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- End of report, 8 656 bytes Report generated in 0,312 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only Hi jack This: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 10:55:06, on 26/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HPQ\IAM\bin\asghost.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\BitLord\BitLord.exe C:\Downloads\number05.exe C:\WINDOWS\system32\notepad.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hosts O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O17 - HKLM\System\CS1\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O17 - HKLM\System\CS2\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: PC Angel (PCA) - Unknown owner - C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe (file missing) O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/03/clip_image002.gif O24 - Desktop Component 1: (no name) - http://www.atlas-grup.com/yukle/resim/wresim%205.jpg -- End of file - 12143 bytes DNSbak REGEDIT4 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters] "NV Hostname"="your-80aa632ef8" "DataBasePath"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\ 33,32,5c,64,72,69,76,65,72,73,5c,65,74,63,00 "NameServer"="85.255.116.66 85.255.112.80" "ForwardBroadcasts"=dword:00000000 "IPEnableRouter"=dword:00000000 "Domain"="" "Hostname"="your-80aa632ef8" "SearchList"="" "UseDomainNameDevolution"=dword:00000001 "EnableICMPRedirect"=dword:00000001 "DeadGWDetectDefault"=dword:00000001 "DontAddDefaultGatewayDefault"=dword:00000000 "EnableSecurityFilters"=dword:00000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Adapters] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Adapters\NdisWanIp] "LLInterface"="WANARP" "IpConfig"=hex(7):54,63,70,69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,\ 65,72,66,61,63,65,73,5c,7b,31,39,38,42,44,35,46,46,2d,35,46,42,32,2d,34,41,\ 46,37,2d,38,34,33,32,2d,32,33,31,45,36,45,43,30,44,35,36,31,7d,00,54,63,70,\ 69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,65,72,66,61,63,65,73,5c,\ 7b,30,46,35,34,43,38,41,36,2d,37,46,33,30,2d,34,33,42,30,2d,41,36,38,34,2d,\ 36,36,37,32,41,38,34,37,35,35,46,35,7d,00,00 "NumInterfaces"=dword:00000002 "IpInterfaces"=hex:ff,d5,8b,19,b2,5f,f7,4a,84,32,23,1e,6e,c0,d5,61,a6,c8,54,0f,\ 30,7f,b0,43,a6,84,66,72,a8,47,55,f5 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Adapters\{081CA721-E843-44FB-9D21-36A79FA85DE8}] "LLInterface"="" "IpConfig"=hex(7):54,63,70,69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,\ 65,72,66,61,63,65,73,5c,7b,30,38,31,43,41,37,32,31,2d,45,38,34,33,2d,34,34,\ 46,42,2d,39,44,32,31,2d,33,36,41,37,39,46,41,38,35,44,45,38,7d,00,00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Adapters\{7F16BD61-6270-4C3F-BF6E-797751A4F020}] "LLInterface"="ARP1394" "IpConfig"=hex(7):54,63,70,69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,\ 65,72,66,61,63,65,73,5c,7b,37,46,31,36,42,44,36,31,2d,36,32,37,30,2d,34,43,\ 33,46,2d,42,46,36,45,2d,37,39,37,37,35,31,41,34,46,30,32,30,7d,00,00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Adapters\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}] "LLInterface"="" "IpConfig"=hex(7):54,63,70,69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,\ 65,72,66,61,63,65,73,5c,7b,42,39,35,32,35,46,38,38,2d,34,43,44,34,2d,34,41,\ 44,32,2d,38,30,44,45,2d,30,46,36,46,38,44,36,39,38,44,46,45,7d,00,00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Adapters\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}] "LLInterface"="" "IpConfig"=hex(7):54,63,70,69,70,5c,50,61,72,61,6d,65,74,65,72,73,5c,49,6e,74,\ 65,72,66,61,63,65,73,5c,7b,44,39,31,33,30,30,46,41,2d,45,37,44,36,2d,34,39,\ 35,43,2d,42,45,39,44,2d,37,43,46,36,41,32,36,46,44,31,35,38,7d,00,00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\DNSRegisteredAdapters] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Interfaces] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Interfaces\{081CA721-E843-44FB-9D21-36A79FA85DE8}] "UseZeroBroadcast"=dword:00000000 "EnableDeadGWDetect"=dword:00000001 "EnableDHCP"=dword:00000001 "IPAddress"=hex(7):30,2e,30,2e,30,2e,30,00,00 "SubnetMask"=hex(7):30,2e,30,2e,30,2e,30,00,00 "DefaultGateway"=hex(7):00 "DefaultGatewayMetric"=hex(7):00 "NameServer"="85.255.116.66,85.255.112.80" "Domain"="" "RegistrationEnabled"=dword:00000001 "RegisterAdapterName"=dword:00000000 "TCPAllowedPorts"=hex(7):30,00,00 "UDPAllowedPorts"=hex(7):30,00,00 "RawIPAllowedProtocols"=hex(7):30,00,00 "NTEContextList"=hex(7):30,78,30,30,30,30,30,30,30,34,00,00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Interfaces\{0F54C8A6-7F30-43B0-A684-6672A84755F5}] "UseZeroBroadcast"=dword:00000000 "EnableDHCP"=dword:00000000 "IPAddress"=hex(7):30,2e,30,2e,30,2e,30,00,00 "SubnetMask"=hex(7):30,2e,30,2e,30,2e,30,00,00 "DefaultGateway"=hex(7):00 "EnableDeadGWDetect"=dword:00000001 "DontAddDefaultGateway"=dword:00000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Interfaces\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561}] "UseZeroBroadcast"=dword:00000000 "EnableDHCP"=dword:00000000 "IPAddress"=hex(7):30,2e,30,2e,30,2e,30,00,00 "SubnetMask"=hex(7):30,2e,30,2e,30,2e,30,00,00 "DefaultGateway"=hex(7):00 "EnableDeadGWDetect"=dword:00000001 "DontAddDefaultGateway"=dword:00000000 "NameServer"="" "DhcpNameServer"="85.255.116.66,85.255.112.80" "Domain"="" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Interfaces\{7F16BD61-6270-4C3F-BF6E-797751A4F020}] "UseZeroBroadcast"=dword:00000000 "EnableDHCP"=dword:00000001 "IPAddress"=hex(7):30,2e,30,2e,30,2e,30,00,00 "SubnetMask"=hex(7):30,2e,30,2e,30,2e,30,00,00 "DefaultGateway"=hex(7):00 "DefaultGatewayMetric"=hex(7):00 "NameServer"="85.255.116.66,85.255.112.80" "Domain"="" "RegistrationEnabled"=dword:00000001 "RegisterAdapterName"=dword:00000000 "TCPAllowedPorts"=hex(7):30,00,00 "UDPAllowedPorts"=hex(7):30,00,00 "RawIPAllowedProtocols"=hex(7):30,00,00 "DhcpNameServer"="85.255.116.66,85.255.112.80" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Interfaces\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}] "UseZeroBroadcast"=dword:00000000 "EnableDeadGWDetect"=dword:00000001 "EnableDHCP"=dword:00000000 "IPAddress"=hex(7):31,39,32,2e,31,36,38,2e,30,2e,31,31,38,00,00 "SubnetMask"=hex(7):32,35,35,2e,32,35,35,2e,32,35,35,2e,30,00,00 "DefaultGateway"=hex(7):31,39,32,2e,31,36,38,2e,30,2e,31,00,00 "DefaultGatewayMetric"=hex(7):30,00,00 "NameServer"="85.255.116.66,85.255.112.80" "Domain"="" "RegistrationEnabled"=dword:00000001 "RegisterAdapterName"=dword:00000000 "TCPAllowedPorts"=hex(7):30,00,00 "UDPAllowedPorts"=hex(7):30,00,00 "RawIPAllowedProtocols"=hex(7):30,00,00 "NTEContextList"=hex(7):30,78,30,30,30,30,30,30,30,32,00,00 "DhcpClassIdBin"=hex: "DhcpServer"="255.255.255.255" "Lease"=dword:00000e10 "LeaseObtainedTime"=dword:45c1cee2 "T1"=dword:45c1d5ea "T2"=dword:45c1db30 "LeaseTerminatesTime"=dword:45c1dcf2 "IPAutoconfigurationAddress"="0.0.0.0" "IPAutoconfigurationMask"="255.255.0.0" "IPAutoconfigurationSeed"=dword:00000000 "AddressType"=dword:00000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Interfaces\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}] "UseZeroBroadcast"=dword:00000000 "EnableDeadGWDetect"=dword:00000001 "EnableDHCP"=dword:00000001 "IPAddress"=hex(7):30,2e,30,2e,30,2e,30,00,00 "SubnetMask"=hex(7):30,2e,30,2e,30,2e,30,00,00 "DefaultGateway"=hex(7):00 "DefaultGatewayMetric"=hex(7):00 "NameServer"="85.255.116.66,85.255.112.80" "Domain"="" "RegistrationEnabled"=dword:00000001 "RegisterAdapterName"=dword:00000000 "TCPAllowedPorts"=hex(7):30,00,00 "UDPAllowedPorts"=hex(7):30,00,00 "RawIPAllowedProtocols"=hex(7):30,00,00 "NTEContextList"=hex(7):30,78,30,30,30,30,30,30,30,33,00,00 "DhcpClassIdBin"=hex: "DhcpIPAddress"="169.254.161.124" "DhcpSubnetMask"="255.255.0.0" "DhcpServer"="255.255.255.255" "Lease"=dword:00000000 "LeaseObtainedTime"=dword:465849c7 "T1"=dword:465849c7 "T2"=dword:465849c7 "LeaseTerminatesTime"=dword:7fffffff "IPAutoconfigurationAddress"="169.254.161.124" "IPAutoconfigurationMask"="255.255.0.0" "IPAutoconfigurationSeed"=dword:00000000 "AddressType"=dword:00000001 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\PersistentRoutes] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\Winsock] "UseDelayedAcceptance"=dword:00000000 "HelperDllName"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,\ 6d,33,32,5c,77,73,68,74,63,70,69,70,2e,64,6c,6c,00 "MaxSockAddrLength"=dword:00000010 "MinSockAddrLength"=dword:00000010 "Mapping"=hex:0b,00,00,00,03,00,00,00,02,00,00,00,01,00,00,00,06,00,00,00,02,\ 00,00,00,01,00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,06,00,00,00,00,00,\ 00,00,00,00,00,00,06,00,00,00,00,00,00,00,01,00,00,00,06,00,00,00,02,00,00,\ 00,02,00,00,00,11,00,00,00,02,00,00,00,02,00,00,00,00,00,00,00,02,00,00,00,\ 00,00,00,00,11,00,00,00,00,00,00,00,00,00,00,00,11,00,00,00,00,00,00,00,02,\ 00,00,00,11,00,00,00,02,00,00,00,03,00,00,00,00,00,00,00
  7. number05
    Bonjour charles, je viens de refaire la manip' et ça ne donne rien!! ci dessous le rapport HijackThis Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 15:55:01, on 24/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Program Files\HPQ\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Downloads\number05.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O17 - HKLM\System\CS1\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O17 - HKLM\System\CS2\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: PC Angel (PCA) - Unknown owner - C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe (file missing) O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/03/clip_image002.gif O24 - Desktop Component 1: (no name) - http://www.atlas-grup.com/yukle/resim/wresim%205.jpg -- End of file - 11937 bytes
  8. number05
    rapport fix ware out: Username "Administrateur" - 2007-07-23 17:08:10 [Fixwareout edited 2007/07/05] »»»»»Prerun check HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561} "DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F16BD61-6270-4C3F-BF6E-797751A4F020} "DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared. System was rebooted successfully. »»»»» Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... »»»»» Misc files. .... »»»»» Checking for older varients. .... »»»»» Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run] "MsmqIntCert"="regsvr32 /s mqrt.dll" "SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray" "PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start" "HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" "DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE" "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe" "CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule" "QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\ 74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\ 68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\ 61,72,74,00 "Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe" "Recguard"="C:\\WINDOWS\\Sminst\\Recguard.exe" "Reminder"="C:\\WINDOWS\\Creator\\Remind_XP.exe" "Scheduler"="C:\\WINDOWS\\SMINST\\Scheduler.exe" "WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe" "AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 7.0\\avp.exe\"" "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe" "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe" "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe" "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" .... Hosts file was reset, If you use a custom hosts file please replace it rapport fix ware out: Username "Administrateur" - 2007-07-23 17:08:10 [Fixwareout edited 2007/07/05] »»»»»Prerun check HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561} "DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F16BD61-6270-4C3F-BF6E-797751A4F020} "DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared. System was rebooted successfully. »»»»» Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... »»»»» Misc files. .... »»»»» Checking for older varients. .... »»»»» Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run] "MsmqIntCert"="regsvr32 /s mqrt.dll" "SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray" "PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start" "HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" "DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE" "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe" "CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule" "QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\ 74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\ 68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\ 61,72,74,00 "Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe" "Recguard"="C:\\WINDOWS\\Sminst\\Recguard.exe" "Reminder"="C:\\WINDOWS\\Creator\\Remind_XP.exe" "Scheduler"="C:\\WINDOWS\\SMINST\\Scheduler.exe" "WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe" "AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 7.0\\avp.exe\"" "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe" "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe" "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe" "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" .... Hosts file was reset, If you use a custom hosts file please replace it
  9. number05
    désolé charles, mais le problème persiste toujours.
  10. number05
    Bonjour Charles, effectivement, les 017 apparaissent à nouveau, je suis entrain d'effectuer un scan. ci dessous le rapport sreng. 2007-07-23,09:50:03 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been choosed: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Runing Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc] <WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <MsmqIntCert><regsvr32 /s mqrt.dll> [N/A] <SoundMAX><C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.] <PTHOSTTR><C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start> [Hewlett-Packard Development Company, L.P.] <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Co.] <DLA><C:\WINDOWS\System32\DLA\DLACTRLW.EXE> [Sonic Solutions] <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <hpWirelessAssistant><C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe> [Hewlett-Packard Development Company, L.P.] <CognizanceTS><rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule> [Cognizance Corporation] <QlbCtrl><%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start> [ Hewlett-Packard Development Company, L.P.] <Cpqset><C:\Program Files\HPQ\Default Settings\cpqset.exe> [] <Recguard><C:\WINDOWS\Sminst\Recguard.exe> [] <Reminder><C:\WINDOWS\Creator\Remind_XP.exe> [] <Scheduler><C:\WINDOWS\SMINST\Scheduler.exe> [] <WatchDog><C:\Program Files\InterVideo\DVD Check\DVDCheck.exe> [InterVideo Inc.] <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"> [(Verified)Kaspersky Lab] <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <igfxtray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <igfxpers><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"] <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Nero AG] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] <WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [(Verified)Kaspersky Lab] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard] <WinlogonNotify: OneCard><C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll> [Cognizance Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] <WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation] ================================== Startup Folders [BTTray] <C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk --> C:\PROGRA~1\WIDCOMM\LOGICI~1\BTTray.exe [Broadcom Corporation.]><N> [DVD Check] <C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DVD Check.lnk --> C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe [InterVideo Inc.]><N> [Microsoft Office] <C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N> ================================== Services [Canal de communication local / ASChannel][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k Cognizance-->C:\Program Files\HPQ\IAM\Bin\ASChnl.dll><Cognizance Corporation> [Kaspersky Internet Security 7.0 / AVP][Running/Auto Start] <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab> [Bluetooth Service / btwdins][Running/Auto Start] <C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe><Broadcom Corporation.> [Google Updater Service / gusvc][Stopped/Manual Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google> [Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [hpqwmiex / hpqwmiex][Running/Auto Start] <C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe><Hewlett-Packard Development Company, L.P.> [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation> [LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start] <"C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"><Hewlett-Packard Company> [LiveUpdate / LiveUpdate][Stopped/Manual Start] <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation> [PC Angel / PCA][Stopped/Auto Start] <C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe><N/A> [Planificateur LiveUpdate automatique / Planificateur LiveUpdate automatique][Running/Auto Start] <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation> [Windows Media Connect (WMC) / WmcCds][Stopped/Manual Start] <c:\program files\windows media connect\mswmccds.exe><Microsoft Corporation> [Aide de Windows Media Connect (WMC) / WmcCdsLs][Stopped/Manual Start] <C:\Program Files\Windows Media Connect\mswmcls.exe><Microsoft Corporation> ================================== Drivers [ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start] <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.> [AEAudio Service / AEAudioService][Running/Manual Start] <system32\drivers\AEAudio.sys><Andrea Electronics Corporation> [Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start] <system32\DRIVERS\AGRSM.sys><Agere Systems> [AliIde / AliIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.> [AuthenTec TruePrint USB Driver (AES2500) / ATSWPDRV][Stopped/Manual Start] <system32\DRIVERS\ATSwpDrv.sys><AuthenTec, Inc.> [Broadcom NetLink (TM) Gigabit Ethernet / b57w2k][Stopped/Manual Start] <system32\DRIVERS\b57xp32.sys><Broadcom Corporation> [Broadcom 440x 10/100 Integrated Controller / bcm4sbxp][Running/Manual Start] <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation> [Périphérique audio Bluetooth / btaudio][Running/Manual Start] <system32\drivers\btaudio.sys><Broadcom Corporation.> [Pilote de communications virtuelles Bluetooth / BTDriver][Running/Manual Start] <system32\DRIVERS\btport.sys><Broadcom Corporation.> [Enumérateur de bus Bluetooth / BTKRNL][Running/Manual Start] <system32\DRIVERS\btkrnl.sys><Broadcom Corporation.> [Serveur d'accès au réseau local Bluetooth / BTWDNDIS][Running/Manual Start] <system32\DRIVERS\btwdndis.sys><Broadcom Corporation.> [Modem Bluetooth / btwmodem][Running/Manual Start] <system32\DRIVERS\btwmodem.sys><Broadcom Corporation.> [WIDCOMM USB Bluetooth Driver / BTWUSB][Running/Manual Start] <System32\Drivers\btwusb.sys><Broadcom Corporation.> [DLABOIOM / DLABOIOM][Running/Auto Start] <System32\DLA\DLABOIOM.SYS><Sonic Solutions> [DLACDBHM / DLACDBHM][Running/System Start] <System32\Drivers\DLACDBHM.SYS><Sonic Solutions> [DLADResN / DLADResN][Running/Auto Start] <System32\DLA\DLADResN.SYS><Sonic Solutions> [DLAIFS_M / DLAIFS_M][Running/Auto Start] <System32\DLA\DLAIFS_M.SYS><Sonic Solutions> [DLAOPIOM / DLAOPIOM][Running/Auto Start] <System32\DLA\DLAOPIOM.SYS><Sonic Solutions> [DLAPoolM / DLAPoolM][Running/Auto Start] <System32\DLA\DLAPoolM.SYS><Sonic Solutions> [DLARTL_N / DLARTL_N][Running/System Start] <System32\Drivers\DLARTL_N.SYS><Sonic Solutions> [DLAUDFAM / DLAUDFAM][Running/Auto Start] <System32\DLA\DLAUDFAM.SYS><Sonic Solutions> [DLAUDF_M / DLAUDF_M][Running/Auto Start] <System32\DLA\DLAUDF_M.SYS><Sonic Solutions> [DRVMCDB / DRVMCDB][Running/Boot Start] <\SystemRoot\System32\Drivers\DRVMCDB.SYS><Sonic Solutions> [DRVNDDM / DRVNDDM][Running/Auto Start] <System32\Drivers\DRVNDDM.SYS><Sonic Solutions> [eabfiltr / eabfiltr][Running/System Start] <system32\DRIVERS\eabfiltr.sys><Hewlett-Packard Development Company, L.P.> [eabusb / eabusb][Stopped/Manual Start] <system32\DRIVERS\eabusb.sys><Hewlett-Packard Development Company, L.P.> [Symantec Eraser Control driver / eeCtrl][Running/System Start] <\??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation> [GTIPCI21 / GTIPCI21][Stopped/Manual Start] <system32\DRIVERS\gtipci21.sys><N/A> [HBtnKey / HBtnKey][Running/Manual Start] <system32\DRIVERS\cpqbttn.sys><Hewlett-Packard Development Company, L.P.> [Pilote de bus Microsoft UAA pour High Definition Audio / HDAudBus][Running/Manual Start] <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider> [ialm / ialm][Running/Manual Start] <system32\DRIVERS\ialmnt5.sys><Intel Corporation> [Intel AHCI Controller / iaStor][Running/Boot Start] <\SystemRoot\System32\DRIVERS\iaStor.sys><Intel Corporation> [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab> [klif / klif][Running/System Start] <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab> [Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start] <system32\DRIVERS\klim5.sys><Kaspersky Lab> [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [Pilote de périphérique SMC IrCC Miniport / SMCIRDA][Stopped/Manual Start] <system32\DRIVERS\smcirda.sys><SMC> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.> [tifm21 / tifm21][Stopped/Manual Start] <system32\drivers\tifm21.sys><N/A> [ViaIde / ViaIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation> [Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Running/Manual Start] <system32\DRIVERS\w39n51.sys><Intel® Corporation> ================================== Browser Add-ons [Aide pour le lien d'Adobe PDF Reader] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions> [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.> [Google Toolbar Helper] {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.> [HP Credential Manager for ProtectTools] {DF21F1DB-80C6-11D3-9483-B03D0EC10000} <C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll, Infineon Technologies AG> [Java Plug-in 1.6.0_01] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.> [Statistiques d’Anti-Virus Internet] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, Kaspersky Lab> [&Rechercher] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation> [&Google] {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.> [Java Plug-in 1.6.0_01] {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.> [ActiveScan Installer Class] {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software> [Java Plug-in 1.6.0_01] {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.> [Java Plug-in 1.6.0_01] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll, Sun Microsystems, Inc.> [Google Script Object] {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.> [Aide pour le lien d'Adobe PDF Reader] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation> [&Google] {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.> [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation> [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation> [HtmlDlgSafeHelper Class] {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation> [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A> [Reporte Class] {4A2A4430-3967-4461-94C7-BD95C419F3CF} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software> [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions> [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation> [Microsoft Shell UI Helper] {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation> [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [Seleccion Class] {6CEC0297-FAFB-41FB-97EA-77E3081B1DFE} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software> [ControlConexion Class] {6FDCDD41-6C97-4A3B-9E6D-0144B66A1CE4} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software> [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A> [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.> [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation> [Panda ActiveScan] {96567F65-E04C-4611-AF29-7CDEA6FA6A84} <C:\WINDOWS\system32\ACTIVE~1\as.dll, Panda Software> [ActiveScan Installer Class] {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software> [Google Toolbar Helper] {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [VIDEO__AVI Moniker Class] {CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [VIDEO__X_MS_ASF Moniker Class] {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [] {D030BD04-F963-47E6-B897-D3E73EE187BB} <C:\WINDOWS\system32\jkkjj.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.> [HP Credential Manager for ProtectTools] {DF21F1DB-80C6-11D3-9483-B03D0EC10000} <C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll, Infineon Technologies AG> [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A> [] {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation> [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A> [XML HTTP 3.0] {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A> [Ajouter à Kaspersky Anti-Bannière] <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A> [E&xporter vers Microsoft Excel] <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> [Envoyer à &Bluetooth] <C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm, N/A> ================================== Running Processes [PID: 1452 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1556 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1584 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll] [Cognizance Corporation, 1.5.0.037] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5] [C:\Program Files\HPQ\IAM\Bin\ASChnl.dll] [Cognizance Corporation, 1.23.0.125] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\HPQ\IAM\Bin\ItMsg.dll] [Cognizance Corporation, 1.18.0.305] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1628 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)] [PID: 1640 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\HPQ\IAM\bin\AsWlnPkg.dll] [Cognizance Corporation, 1.5.0.037] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 1820 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 1904 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 1964 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.119] [PID: 264 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 368 / SYSTEM][C:\WINDOWS\system32\DllHost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\HPQ\IAM\Bin\TrayIcon.dll] [Cognizance Corporation, 1.5.0.102] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\Program Files\HPQ\IAM\Bin\ItMsg.dll] [Cognizance Corporation, 1.18.0.305] [C:\Program Files\HPQ\IAM\bin\HPBrand.dll] [Hewlett-Packard Company, 1.01.0.020] [C:\Program Files\HPQ\IAM\bin\1036\HPBrand.dll] [Hewlett-Packard Company, 1.01.0.021] [C:\Program Files\HPQ\IAM\bin\1036\ItMsg.dll] [Cognizance Corporation, 1.18.0.282] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\HPQ\IAM\Bin\ittal.dll] [Cognizance Corporation, 1.5.0.141] [C:\Program Files\HPQ\IAM\Bin\ItReports.DLL] [Cognizance Corporation, 1.5.0.036] [C:\Program Files\HPQ\IAM\bin\1036\ItReports.DLL] [Cognizance Corporation, 1.5.0.032] [C:\Program Files\HPQ\IAM\Bin\STEngine.dll] [Cognizance Corporation, 1.5.0.025] [PID: 400 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [PID: 872 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\HPBMMON.DLL] [Hewlett-Packard, 10.00.16] [C:\WINDOWS\system32\hpdomon.dll] [Hewlett-Packard, 03.42.00] [C:\WINDOWS\system32\HPBHealr.dll] [N/A, ] [C:\WINDOWS\system32\HPMPMW.DLL] [Hewlett-Packard, 1, 0, 0, 0] [C:\WINDOWS\system32\HPMystPM.DLL] [Hewlett-Packard, 1, 0, 0, 0] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0] [C:\WINDOWS\system32\bthcrp.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\WidcommSdk.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp041.dll] [Hewlett-Packard Corporation, 60.041.41.00] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp35z.dll] [Hewlett-Packard Corporation, 60.041.41.00] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0] [PID: 932 / SERVICE LOCAL][C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 1032 / SERVICE RÉSEAU][C:\WINDOWS\system32\msdtc.exe] [Microsoft Corporation, 2001.12.4414.258] [C:\Program Files\Fichiers communs\LightScribe\LSLog.dll] [Hewlett-Packard Company, 1.4.105.1] [PID: 1484 / SYSTEM][C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\1036\mdmui.dll] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 1520 / SYSTEM][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe] [Symantec Corporation, 3.0.0.171] [C:\Program Files\Symantec\LiveUpdate\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Symantec\LiveUpdate\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [PID: 172 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe] [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 348 / SYSTEM][C:\WINDOWS\system32\mqsvc.exe] [Microsoft Corporation, 5.01.1108] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 1252 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\WMPNetwk.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\wmpmde.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\MFPlat.DLL] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\wmpps.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)] [PID: 2188 / SYSTEM][C:\WINDOWS\system32\mqtgsvc.exe] [Microsoft Corporation, 5.01.1108] [PID: 2836 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2308 / Administrateur][C:\Program Files\HPQ\IAM\bin\asghost.exe] [Cognizance Corporation, 1.5.0.035] [C:\Program Files\HPQ\IAM\bin\ItMsg.dll] [Cognizance Corporation, 1.18.0.305] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\Program Files\HPQ\IAM\Bin\Aswallet.dll] [Cognizance Corporation, 1.09.0.079] [C:\Program Files\HPQ\IAM\bin\1036\Aswallet.dll] [Cognizance Corporation, 1.09.047] [C:\Program Files\HPQ\IAM\Bin\ItSSO.dll] [Cognizance Corporation, 1.50.3.319QC] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\HPQ\IAM\Bin\RasAdmin.dll] [Cognizance Corporation, 1.5.0.024] [C:\Program Files\HPQ\IAM\Bin\ItReports.DLL] [Cognizance Corporation, 1.5.0.036] [C:\Program Files\HPQ\IAM\bin\1036\ItReports.DLL] [Cognizance Corporation, 1.5.0.032] [C:\Program Files\HPQ\IAM\bin\1036\RasAdmin.dll] [Cognizance Corporation, 1.5.0.021] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\HPQ\IAM\Bin\SFSShell.dll] [Cognizance Corporation, 1.21.0.143] [C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll] [Cognizance Corporation, 1.18.0.111] [C:\Program Files\HPQ\IAM\Bin\PkiAdmin.dll] [Cognizance Corporation, 1.5.0.023] [C:\Program Files\HPQ\IAM\bin\HPBrand.dll] [Hewlett-Packard Company, 1.01.0.020] [C:\Program Files\HPQ\IAM\bin\1036\HPBrand.dll] [Hewlett-Packard Company, 1.01.0.021] [C:\Program Files\HPQ\IAM\bin\1036\ItMsg.dll] [Cognizance Corporation, 1.18.0.282] [C:\Program Files\HPQ\IAM\bin\1036\PkiAdmin.dll] [Cognizance Corporation, 1.5.0.020] [C:\Program Files\HPQ\IAM\Bin\ITVCClient.dll] [Cognizance Corporation, 1.5.1.122] [C:\Program Files\HPQ\IAM\Bin\ItVCard.dll] [Cognizance Corporation, 1.01.127] [C:\Program Files\HPQ\IAM\Bin\TrayIcon.dll] [Cognizance Corporation, 1.5.0.102] [C:\Program Files\HPQ\IAM\Bin\NetAdmin.dll] [Cognizance Corporation, 1.5.0.108] [C:\Program Files\HPQ\IAM\bin\1036\NetAdmin.dll] [Cognizance Corporation, 1.5.0.097] [C:\Program Files\HPQ\IAM\Bin\SSOMngr.dll] [Cognizance Corporation, 2.25.0.235b] [C:\Program Files\HPQ\IAM\bin\1036\SSOMngr.dll] [Cognizance Corporation, 2.25.0.232] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\HPQ\IAM\Bin\ASChnl.dll] [Cognizance Corporation, 1.23.0.125] [C:\Program Files\HPQ\IAM\Bin\ittal.dll] [Cognizance Corporation, 1.5.0.141] [C:\Program Files\HPQ\IAM\Bin\STEngine.dll] [Cognizance Corporation, 1.5.0.025] [C:\Program Files\HPQ\IAM\Bin\ItDAC.dll] [Cognizance Corporation, 1.00.173w] [C:\Program Files\HPQ\IAM\Bin\AuthWiz.dll] [Cognizance Corporation, 1.5.0.267] [C:\Program Files\HPQ\IAM\bin\1036\AuthWiz.dll] [Cognizance Corporation, 1.5.0.254] [PID: 2468 / Administrateur][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\HPQ\IAM\Bin\SFSShell.dll] [Cognizance Corporation, 1.21.0.143] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\Program Files\HPQ\IAM\bin\ItMsg.dll] [Cognizance Corporation, 1.18.0.305] [C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll] [Cognizance Corporation, 1.18.0.111] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\btncopy.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0] [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0] [C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543] [C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200] [C:\WINDOWS\System32\DLA\DLASHX_W.DLL] [Sonic Solutions, 5.20.07a] [C:\WINDOWS\system32\DLAAPI_W.DLL] [Sonic Solutions, 5.20.07a] [C:\WINDOWS\System32\DLA\DLACResW.dll] [Sonic Solutions, 5.20.07a] [C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll] [Infineon Technologies AG, 1.01.069] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [PID: 2088 / Administrateur][C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe] [Hewlett-Packard Co., 50.0.146.000] [PID: 2116 / Administrateur][C:\WINDOWS\System32\DLA\DLACTRLW.EXE] [Sonic Solutions, 5.20.07a] [C:\WINDOWS\system32\DLAAPI_W.DLL] [Sonic Solutions, 5.20.07a] [C:\WINDOWS\System32\DLA\DLACResW.dll] [Sonic Solutions, 5.20.07a] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 2288 / Administrateur][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 8.2.16.4 03Mar06] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 8.2.16.4 03Mar06] [C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 8.2.16.4 03Mar06] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 1704 / Administrateur][C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe] [Hewlett-Packard Development Company, L.P., 2, 0, 5, 1] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 2412 / Administrateur][C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe] [ Hewlett-Packard Development Company, L.P., 6, 0, 5, 1] [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll] [Hewlett-Packard Development Company, L.P., 6, 0, 5, 1] [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll] [Hewlett-Packard Company, 6, 0, 5, 1] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [PID: 700 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2528 / Administrateur][C:\WINDOWS\SMINST\Scheduler.exe] [, 1, 0, 3, 6] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 2596 / Administrateur][C:\Program Files\Analog Devices\Core\smax4pnp.exe] [Analog Devices, Inc., 6, 0, 0, 20] [C:\Program Files\Analog Devices\Core\SMWDMIF.dll] [Analog Devices, Inc., 6, 0, 4200, 014] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 2972 / Administrateur][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4543] [PID: 3088 / Administrateur][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4543] [PID: 3092 / Administrateur][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543] [PID: 2352 / Administrateur][C:\WINDOWS\system32\igfxsrvc.exe] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4543] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 3416 / Administrateur][C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.10.6] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\Java\jre1.6.0_01\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [PID: 3544 / Administrateur][C:\Program Files\Picasa2\PicasaMediaDetector.exe] [Google Inc., 2.7.36.60] [PID: 4044 / Administrateur][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1472 / Administrateur][C:\Program Files\Windows Media Player\WMPNSCFG.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)] [C:\Program Files\Windows Media Player\wmpnssci.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)] [PID: 2076 / Administrateur][C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btwhidcs.DLL] [Broadcom Corporation., 4.0.1.3300] [C:\Program Files\WIDCOMM\Logiciel Bluetooth\BtBalloon.dll] [Broadcom Corporation., 4.0.1.3300] [C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\btrez.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\CSH.dll] [Blue Sky Software Corporation, 2.00.039] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\WIDCOMM\Logiciel Bluetooth\btkeyind.dll] [N/A, ] [PID: 2436 / Administrateur][C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE] [, 1, 0, 0, 7] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [PID: 2396 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3724 / Administrateur][C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btins.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\BtAudioHelper.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btrez.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\CSH.dll] [Blue Sky Software Corporation, 2.00.039] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 3252 / Administrateur][C:\Program Files\BitLord\BitLord.exe] [www.BitLord.com, 1.1.] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl] [Kaspersky Lab, 7.0.0.119] [PID: 3020 / Administrateur][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.5: 2007071317] [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.5: 2007071317] [C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.5: 2007071317] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.5: 2007071317] [C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.5: 2007071317] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.64] [C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.5: 2007071317] [C:\Program Files\WIDCOMM\Logiciel Bluetooth\btkeyind.dll] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\HPQ\IAM\Bin\SFSShell.dll] [Cognizance Corporation, 1.21.0.143] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\Program Files\HPQ\IAM\bin\ItMsg.dll] [Cognizance Corporation, 1.18.0.305] [C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll] [Cognizance Corporation, 1.18.0.111] [PID: 424 / Administrateur][C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE] [Microsoft Corporation, 11.0.5510] [C:\PROGRA~1\MICROS~2\OFFICE11\OUTLLIB.dll] [Microsoft Corporation, 11.0.5608] [C:\Program Files\Fichiers communs\Microsoft Shared\office11\mso.dll] [Microsoft Corporation, 11.0.5606] [C:\PROGRA~1\MICROS~2\OFFICE11\1036\outllibr.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Fichiers communs\System\MSMAPI\1036\msmapi32.dll] [Microsoft Corporation, 11.0.5601] [C:\Program Files\Fichiers communs\System\MSMAPI\1036\mapi32.dll] [Microsoft Corporation, 1.0.2536.0] [C:\Program Files\Fichiers communs\SYSTEM\MSMAPI\1036\MAPIR.DLL] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Fichiers communs\SYSTEM\MSMAPI\1036\contab32.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\mcou.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\mapiedk.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Fichiers communs\SYSTEM\MSMAPI\1036\mspst32.dll] [Microsoft Corporation, 11.0.5604] [C:\Program Files\Fichiers communs\Microsoft Shared\office11\riched20.dll] [Microsoft Corporation, 5.50.30.2002] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\Program Files\Microsoft Office\OFFICE11\1036\outlwvw.dll] [Microsoft Corporation, 11.0.5510] [C:\PROGRA~1\MICROS~2\OFFICE11\OUTLRPC.dll] [Microsoft Corporation, 11.0.5510] [C:\PROGRA~1\MICROS~2\OFFICE11\exsec32.dll] [Microsoft Corporation, 11.0.5523] [c:\program files\kaspersky lab\kaspersky internet security 7.0\mailmsg.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\hashmd5.ppl] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\btsendto_office.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btsendto.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\WidcommSdk.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btosif_ol.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\CSH.dll] [Blue Sky Software Corporation, 2.00.039] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\mcouas.dll] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\winreg.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\trainsup.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\mdb.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\msoe.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\thpimpl.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\FSSync.dll] [Kaspersky Lab, 7.0.5.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\basegui.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\nfio.ppl] [Kaspersky Lab, 7.0.0.119] [c:\program files\kaspersky lab\kaspersky internet security 7.0\fsdrvplg.ppl] [Kaspersky Lab, 7.0.0.119] [C:\PROGRA~1\MICROS~2\OFFICE11\OUTLCTL.DLL] [, ] [C:\Program Files\Microsoft Office\OFFICE11\outlph.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Microsoft Office\OFFICE11\SENDTO.DLL] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] [C:\PROGRA~1\MICROS~2\OFFICE11\msostyle.dll] [Microsoft Corporation, 11.0.5510] [C:\PROGRA~1\MICROS~2\OFFICE11\OUTLMIME.DLL] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Microsoft Office\OFFICE11\RTFHTML.DLL] [Microsoft Corporation, 11.0.5515] [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl] [Kaspersky Lab, 7.0.0.119] [PID: 3692 / Administrateur][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] [Microsoft Corporation, 11.0.5604] [C:\Program Files\Fichiers communs\Microsoft Shared\office11\mso.dll] [Microsoft Corporation, 11.0.5606] [C:\Program Files\Fichiers communs\Microsoft Shared\office11\riched20.dll] [Microsoft Corporation, 5.50.30.2002] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\btsendto_office.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\btsendto.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\WidcommSdk.dll] [Broadcom Corporation., 4.0.1.3300] [C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 4.0.1.3300] [C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\MSSP3FR.DLL] [SYNAPSE Développement, Toulouse (France), 1, 7, 2, 28] [C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\mslid.dll] [Microsoft Corporation, 1.0.2305] [C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\1036\MSGR3FR.DLL] [Microsoft Corporation, 3.1.2303] [C:\WINDOWS\system32\CSH.dll] [Blue Sky Software Corporation, 2.00.039] [C:\Program Files\HPQ\IAM\Bin\SFSShell.dll] [Cognizance Corporation, 1.21.0.143] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\Program Files\HPQ\IAM\bin\ItMsg.dll] [Cognizance Corporation, 1.18.0.305] [C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll] [Cognizance Corporation, 1.18.0.111] [C:\Program Files\Microsoft Office\OFFICE11\SENDTO.DLL] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Microsoft Office\OFFICE11\ENVELOPE.DLL] [Microsoft Corporation, 11.0.5530] [C:\Program Files\Microsoft Office\OFFICE11\1036\envelopr.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Fichiers communs\Microsoft Shared\office11\usp10.DLL] [Microsoft Corporation, 1.0471.4030.0 (main.030626-1414)] [C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\METCONV.DLL] [Microsoft Corporation, 11.0.5117] [C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\INTLNAME.DLL] [Microsoft Corporation, 11.0.5315] [C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\FNAME.DLL] [Microsoft Corporation, 11.0.5510] [C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\1036\stintl.dll] [Microsoft Corporation, 11.0.5510] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL] [Microsoft Corporation, 5.2.3790.120 (srv03_qfe.031205-1652)] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL] [Microsoft Corporation, 5.2.3790.184 (srv03_qfe.040410-1236)] [PID: 2956 / Administrateur][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ] [C:\Program Files\HPQ\IAM\Bin\SFSShell.dll] [Cognizance Corporation, 1.21.0.143] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0] [C:\Program Files\HPQ\IAM\bin\ItMsg.dll] [Cognizance Corporation, 1.18.0.305] [C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll] [Cognizance Corporation, 1.18.0.111] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00] [C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.119] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [PID: 996 / Administrateur][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.250\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.250\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll] [Kaspersky Lab, 7.0.0.119] [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.119] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf [E:\] [autorun] OPEN=setupSNK.exe ICON=\SMRTNTKY\fcw.ico ACTION=Assistant Réseau sans fil ================================== HOSTS File 127.0.0.1 localhost ================================== Process Privileges Scan Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1136, C:\PROGRAM FILES\WIDCOMM\LOGICIEL BLUETOOTH\BIN\BTWDINS.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 172, C:\PROGRAM FILES\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2308, C:\PROGRAM FILES\HPQ\IAM\BIN\ASGHOST.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2088, C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2116, C:\WINDOWS\SYSTEM32\DLA\DLACTRLW.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1704, C:\PROGRAM FILES\HPQ\HP WIRELESS ASSISTANT\HP WIRELESS ASSISTANT.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2412, C:\PROGRAM FILES\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\QLBCTRL.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2528, C:\WINDOWS\SMINST\SCHEDULER.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2076, C:\PROGRAM FILES\WIDCOMM\LOGICIEL BLUETOOTH\BTTRAY.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2436, C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3724, C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3252, C:\PROGRAM FILES\BITLORD\BITLORD.EXE] Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2956, C:\PROGRAM FILES\WINRAR\WINRAR.EXE] ================================== API HOOK RVA Error: LoadLibraryA (Dangerous Level: High, Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA Error: LoadLibraryExA (Dangerous Level: High, Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA Error: LoadLibraryExW (Dangerous Level: High, Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA Error: LoadLibraryW (Dangerous Level: High, Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA Error: GetProcAddress (Dangerous Level: High, Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys) ================================== Hidden Process N/A ==================================
  11. number05
    fausse alerte c'est revenu!!! ahhhhhhhhhh
  12. number05
    MERCI Charles tout est rentré dans l'ordre, MERCI, MERCI, Merci. tout marche nickel désormais, je n'ai plus de redirections.
  13. number05
    cela dit , kasper les bloque du premier coup
  14. number05
    les lignes 017 ne sont pas apparues mais j'ai toujours les redirections qui sont bloquées désormais par Kasper: Kaspersky Internet Security 7.0 The requested URL http://64.28.181.146/index.php is forbidden Ci dessous le rapport Hijack This: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 19:17:09, on 22/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Program Files\HPQ\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\notepad.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\BitLord\BitLord.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Downloads\number05.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: PC Angel (PCA) - Unknown owner - C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe (file missing) O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/03/clip_image002.gif O24 - Desktop Component 1: (no name) - http://www.atlas-grup.com/yukle/resim/wresim%205.jpg -- End of file - 10914 bytes Fixwareout: Username "Administrateur" - 2007-07-22 19:04:50 [Fixwareout edited 2007/07/05] »»»»»Prerun check HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters "nameserver"="85.255.116.66 85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{081CA721-E843-44FB-9D21-36A79FA85DE8} "nameserver"="85.255.116.66,85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F16BD61-6270-4C3F-BF6E-797751A4F020} "nameserver"="85.255.116.66,85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE} "nameserver"="85.255.116.66,85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158} "nameserver"="85.255.116.66,85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561} "DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F16BD61-6270-4C3F-BF6E-797751A4F020} "DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared. Cache de résolution DNS vidé. System was rebooted successfully. »»»»» Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... »»»»» Misc files. .... »»»»» Checking for older varients. .... »»»»» Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run] "MsmqIntCert"="regsvr32 /s mqrt.dll" "SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray" "PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start" "HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" "DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE" "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe" "CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule" "QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\ 74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\ 68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\ 61,72,74,00 "Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe" "Recguard"="C:\\WINDOWS\\Sminst\\Recguard.exe" "Reminder"="C:\\WINDOWS\\Creator\\Remind_XP.exe" "Scheduler"="C:\\WINDOWS\\SMINST\\Scheduler.exe" "WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe" "AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 7.0\\avp.exe\"" "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe" "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe" "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe" "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" .... Hosts file was reset, If you use a custom hosts file please replace it »»»»» End report »»»»»
  15. number05
    salut charles, voici le rapport à priori rien n'a changé, mais Kaspersky est entrain de bloquer les redirections l'adresse IP est la suivante 195.225.177.18.. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 14:27:44, on 22/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Program Files\HPQ\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\WINDOWS\SMINST\Scheduler.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\BitLord\BitLord.exe C:\Downloads\number05.exe C:\Program Files\Symantec\LiveUpdate\AUpdate.exe C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\..\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O17 - HKLM\System\CS1\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O17 - HKLM\System\CS2\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: PC Angel (PCA) - Unknown owner - C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe (file missing) O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/03/clip_image002.gif O24 - Desktop Component 1: (no name) - http://www.atlas-grup.com/yukle/resim/wresim%205.jpg -- End of file - 12165 bytes
×
×
  • Créer...