tiddjo

Voila j'ai trouvé. DiagHelp version v1.4 - http://www.malekal.com excute le 29/01/2008 à 18:25:34,34 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\FIREFOX.EXE-06188867.pf -->29/01/2008 18:21:01 C:\WINDOWS\prefetch\FLASHGOT.EXE-0331FC08.pf -->29/01/2008 18:21:00 C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->29/01/2008 18:20:18 C:\WINDOWS\prefetch\MSNMSGR.EXE-3744B6D8.pf -->29/01/2008 17:36:19 C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->29/01/2008 17:30:51 C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->29/01/2008 13:08:34 C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->29/01/2008 12:58:09 C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->29/01/2008 12:16:15 C:\WINDOWS\prefetch\NOTEPAD.EXE-2F2D61E1.pf -->29/01/2008 11:48:52 C:\WINDOWS\prefetch\USNSVC.EXE-0114DAF6.pf -->29/01/2008 10:55:17 C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54 C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:55 C:\WINDOWS\System32\drivers\mqac.sys -->06/07/2007 11:05:47 C:\WINDOWS\System32\drivers\ativvpxx.vp -->02/03/2007 22:32:36 C:\WINDOWS\System32\drivers\ati2mtag.sys -->02/03/2007 21:53:19 C:\WINDOWS\System32\drivers\ati2erec.dll -->02/03/2007 21:15:08 C:\WINDOWS\System32\drivers\ntfs.sys -->09/02/2007 12:10:35 C:\WINDOWS\System32\wpa.dbl -->29/01/2008 10:27:13 C:\WINDOWS\System32\MRT.exe -->02/01/2008 19:21:36 C:\WINDOWS\System32\TZLog.log -->12/12/2007 22:02:11 C:\WINDOWS\System32\jscript.dll -->14/11/2007 08:28:02 C:\WINDOWS\System32\tzchange.exe -->13/11/2007 12:31:11 C:\WINDOWS\System32\lsasrv.dll -->07/11/2007 10:28:31 C:\WINDOWS\System32\mshtml.dll -->30/10/2007 10:57:54 C:\WINDOWS\System32\quartz.dll -->29/10/2007 23:36:31 C:\WINDOWS\System32\xpsp3res.dll -->29/10/2007 16:07:16 C:\WINDOWS\System32\PerfStringBackup.INI -->28/10/2007 18:54:15 C:\WINDOWS\System32\perfh00C.dat -->28/10/2007 18:54:15 C:\WINDOWS\System32\perfh009.dat -->28/10/2007 18:54:15 C:\WINDOWS\System32\perfc00C.dat -->28/10/2007 18:54:15 C:\WINDOWS\System32\perfc009.dat -->28/10/2007 18:54:15 C:\WINDOWS\System32\shell32.dll -->25/10/2007 17:43:25 C:\WINDOWS\System32\wmasf.dll -->25/10/2007 09:28:30 C:\WINDOWS\System32\wininet.dll -->11/10/2007 06:59:29 C:\WINDOWS\System32\urlmon.dll -->11/10/2007 06:59:29 C:\WINDOWS\System32\shlwapi.dll -->11/10/2007 06:59:28 C:\WINDOWS\System32\shdocvw.dll -->11/10/2007 06:59:28 C:\WINDOWS\System32\pngfilt.dll -->11/10/2007 06:59:27 C:\WINDOWS\System32\mstime.dll -->11/10/2007 06:59:27 C:\WINDOWS\System32\msrating.dll -->11/10/2007 06:59:26 C:\WINDOWS\System32\mshtmled.dll -->11/10/2007 06:59:26 C:\WINDOWS\System32\jsproxy.dll -->11/10/2007 06:59:22 C:\WINDOWS\WindowsUpdate.log -->29/01/2008 17:30:42 C:\WINDOWS\NeroDigital.ini -->29/01/2008 11:07:25 C:\WINDOWS\QTFont.qfn -->29/01/2008 10:15:28 C:\WINDOWS\wiadebug.log -->29/01/2008 10:14:22 C:\WINDOWS\wiaservc.log -->29/01/2008 10:14:10 C:\WINDOWS.log -->29/01/2008 10:13:49 C:\WINDOWS\bootstat.dat -->29/01/2008 10:13:43 C:\WINDOWS\SchedLgU.Txt -->29/01/2008 10:12:37 C:\WINDOWS\win.ini -->29/01/2008 09:47:49 C:\WINDOWS\wmsetup.log -->28/01/2008 17:01:52 C:\WINDOWS\system.ini -->17/01/2008 01:04:44 C:\WINDOWS\ModemLog_Nokia N70 USB Modem #2.txt -->14/01/2008 18:13:07 C:\WINDOWS\Thumbs.db -->18/12/2007 23:16:10 C:\WINDOWS\mozver.dat -->22/10/2007 10:29:34 C:\WINDOWS\QTFont.for -->24/07/2007 19:04:13 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 896 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x10000000 0x85000 6.81.0046.0001 C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll 0x01fd0000 0x8c000 6.81.0068.0000 C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll 0x01dc0000 0x3f000 6.81.0062.0000 C:\WINDOWS\system32\ConnAPI.DLL 0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x01ec0000 0xb000 6.81.0029.0000 C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr 0x02160000 0x8b000 6.81.0011.0000 C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x022f0000 0x10000 5.91.0210.0000 C:\Program Files\AntivirusFirewall\FWES\Program\fsdc.dll 0x00ca0000 0x5000 C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\MouseHook2.dll 0x73ce0000 0x27000 4.00.1183.0001 C:\WINDOWS\system32\CRTDLL.dll 0x00dc0000 0x8000 0.01.0000.0010 C:\Program Files\AntivirusFirewall\Spam Control\fsscoehk.dll 0x00e10000 0x11000 C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon.dll 0x00be0000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x04420000 0x4d000 2.00.0000.0000 C:\WINDOWS\system32\mcdvd_32.dll 0x03190000 0x2d5000 5.10.0001.8600 C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr2.dll 0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\wmvcore.dll 0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL 0x58640000 0x8a000 1.09.0000.0305 C:\WINDOWS\system32\l3codeca.acm 0x03080000 0x3000 6.81.0046.0001 C:\PROGRA~1\Nokia\NOKIAP~1\Lang\ConnectionManager_fre.nlr 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x03040000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x01430000 0x14000 2.06.0006.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll 0x02750000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x00e30000 0x9000 5.50.9200.0000 C:\Program Files\AntivirusFirewall\Common\fpshx.dll 0x17000000 0x16000 6.05.8452.0000 C:\Program Files\AntivirusFirewall\Common\FSMA32.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x18000000 0x11000 6.05.8452.0000 C:\Program Files\AntivirusFirewall\Common\FSPMAPI.dll 0x01d30000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x024c0000 0x19000 1.00.0201.0000 C:\WINDOWS\system32\CmdLineExt.dll 0x00e60000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll 0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 972 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x1d000 6.14.0010.4162 C:\WINDOWS\system32\Ati2evxx.dll 0x01f30000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x00cc0000 0x10000 5.91.0210.0000 C:\Program Files\AntivirusFirewall\FWES\Program\fsdc.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 440D-8949 Répertoire de C:\WINDOWS\system 24/12/1998 18:15 345 983 RCDsetup.exe 1 fichier(s) 345 983 octets 0 Rép(s) 48 220 676 096 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 440D-8949 Répertoire de C:\WINDOWS\system32 10/08/2004 21:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 48 220 676 096 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 440D-8949 Répertoire de C:\WINDOWS\Downloaded Program Files 04/11/2007 18:20 <REP> . 04/11/2007 18:20 <REP> .. 07/12/2004 17:07 32 bdcore.dll 25/05/2006 01:21 118 784 bdupd.dll 08/05/2006 09:31 65 desktop.ini 25/05/2006 01:21 53 248 ipsupd.dll 16/03/2005 12:34 7 407 lang.ini 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 14/03/2005 14:58 7 073 scanoptions.tsi 11 fichier(s) 659 148 octets Total des fichiers listés : 11 fichier(s) 659 148 octets 2 Rép(s) 48 220 676 096 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe:*:Enabled:Antivirus Firewall" "C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"="C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe:*:Enabled:tvprunner" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe:*:Enabled:Antivirus Firewall" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\ 63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\ 6d,73,73,74,79,6c,65,73,00 "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\ 73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 trial.updates.winsoftware.com ## added by CiD catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-29 18:25:53 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vax347s\Config\jdgg40] "ujdew"=hex:20,02,00,00,26,e2,2d,af,29,27,f6,76,e2,47,8c,ae,77,fd,a3,75,e1,.. "ljej40"=hex:3b,5b,2c,ca,5d,1b,9a,da,0d,a1,b4,01,72,1b,18,4f,72,28,70,c1,e4,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}] "DisplayName"="Alcohol 120% (Trial Version)" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:000003f4 scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 288 - fsguidll.exe 312 - svchost.exe 344 - IEXPLORE.EXE 404 - ehrecvr.exe 460 - RocketDock.exe 476 - msmsgs.exe 520 - ehSched.exe 596 - fsgk32.exe 672 - fsbwsys.exe 848 - FSMA32.EXE 888 - fspex.exe 896 - explorer.exe 912 - fssm32.exe 940 - csrss.exe 972 - winlogon.exe 1016 - services.exe 1032 - lsass.exe 1212 - svchost.exe 1244 - FSMB32.EXE 1284 - svchost.exe 1332 - svchost.exe 1460 - svchost.exe 1488 - ati2evxx.exe 1492 - hpqgalry.exe 1716 - GoogleUpdaterSe 1756 - FCH32.EXE 2000 - AppleMobileDevi 2080 - FAMEH32.EXE 2084 - fsqh.exe 2104 - NMIndexStoreSvr 2232 - mcrdsvc.exe 2236 - FSRW.exe 2668 - iPodService.exe 2772 - FSM32.EXE 2800 - IEXPLORE.EXE 2832 - dllhost.exe 2856 - iTunesHelper.ex 2880 - cmd.exe 2932 - fsdfwd.exe 3292 - ispnews.exe 3644 - FSAV32.exe 3656 - FSAW.exe 3748 - ZDWlan.exe 3908 - IEXPLORE.EXE 3948 - NMBgMonitor.exe 4032 - GoogleUpdater.e Total number of processes = 47 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll F7B10000 - \WINDOWS\system32\KDCOM.DLL F7A20000 - \WINDOWS\system32\BOOTVID.dll F74E8000 - vax347b.sys F74B9000 - ACPI.sys F7B12000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F74A8000 - pci.sys F7610000 - isapnp.sys F7620000 - ohci1394.sys F7630000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F7B14000 - avgarkt.sys F7BD8000 - pciide.sys F7890000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F7640000 - MountMgr.sys F7489000 - ftdisk.sys F7B16000 - dmload.sys F7463000 - dmio.sys F7450000 - nvraid.sys F7650000 - \WINDOWS\system32\drivers\CLASSPNP.SYS F7898000 - PartMgr.sys F7660000 - VolSnap.sys F7438000 - F741F000 - nvatabus.sys F7B18000 - vax347s.sys F7407000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS F7670000 - disk.sys F73E7000 - fltMgr.sys F73D5000 - sr.sys F7680000 - PxHelp20.sys F73BE000 - KSecDD.sys F7331000 - Ntfs.sys F731F000 - fsdfw.sys F72F2000 - \WINDOWS\System32\drivers\NDIS.SYS F7690000 - \WINDOWS\System32\drivers\fsndis5.sys F72DF000 - sfvfs02.sys F78A0000 - sfhlp02.sys F72CD000 - sfdrv01.sys F72B2000 - Mup.sys F76D0000 - \SystemRoot\system32\DRIVERS\AmdK8.sys F7030000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys F701C000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F7900000 - \SystemRoot\system32\DRIVERS\usbohci.sys F6FF9000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F7908000 - \SystemRoot\system32\DRIVERS\usbehci.sys F76E0000 - \SystemRoot\system32\DRIVERS\imapi.sys F76F0000 - \SystemRoot\system32\DRIVERS\cdrom.sys F7700000 - \SystemRoot\system32\DRIVERS\redbook.sys F6FD6000 - \SystemRoot\system32\DRIVERS\ks.sys F7B1A000 - \SystemRoot\system32\DRIVERS\NTIDrvr.sys F7920000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys F7710000 - \SystemRoot\system32\DRIVERS\nic1394.sys F6F34000 - \SystemRoot\system32\DRIVERS\LVHybrid.sys F7AEC000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS F6BA5000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F6B81000 - \SystemRoot\system32\drivers\portcls.sys F7720000 - \SystemRoot\system32\drivers\drmk.sys F7AF8000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys F6B36000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS F6AFF000 - \SystemRoot\system32\DRIVERS\NVSNPU.SYS F7950000 - \SystemRoot\system32\DRIVERS\fdc.sys F6AEE000 - \SystemRoot\system32\DRIVERS\serial.sys F7B04000 - \SystemRoot\system32\DRIVERS\serenum.sys F6ADA000 - \SystemRoot\system32\DRIVERS\parport.sys F7CEC000 - \SystemRoot\system32\DRIVERS\audstub.sys F7960000 - \SystemRoot\system32\DRIVERS\rasirda.sys F7970000 - \SystemRoot\system32\DRIVERS\TDI.SYS F7730000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F728E000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F6A9B000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F7740000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F7750000 - \SystemRoot\system32\DRIVERS\raspptp.sys F6A8A000 - \SystemRoot\system32\DRIVERS\psched.sys F7760000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7990000 - \SystemRoot\system32\DRIVERS\ptilink.sys F79A0000 - \SystemRoot\system32\DRIVERS\raspti.sys F69B9000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F7770000 - \SystemRoot\system32\DRIVERS\termdd.sys F79B0000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F79C0000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7B20000 - \SystemRoot\system32\DRIVERS\swenum.sys F6985000 - \SystemRoot\system32\DRIVERS\update.sys F726E000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F77A0000 - \SystemRoot\System32\Drivers\NDProxy.SYS F77B0000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7B26000 - \SystemRoot\system32\DRIVERS\USBD.SYS F77D0000 - \SystemRoot\system32\DRIVERS\NVENETFD.sys F7B2A000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7D33000 - \SystemRoot\System32\Drivers\Null.SYS F7B2E000 - \SystemRoot\System32\Drivers\Beep.SYS F7D36000 - \SystemRoot\System32\DRIVERS\AvgArCln.sys F79F0000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F79F8000 - \SystemRoot\System32\drivers\vga.sys F7B32000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B36000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F7A08000 - \SystemRoot\System32\Drivers\Msfs.SYS F7A18000 - \SystemRoot\System32\Drivers\Npfs.SYS F7AFC000 - \SystemRoot\system32\DRIVERS\rasacd.sys F28E2000 - \SystemRoot\system32\DRIVERS\ipsec.sys F288A000 - \SystemRoot\system32\DRIVERS\tcpip.sys F2862000 - \SystemRoot\system32\DRIVERS\netbt.sys F2841000 - \SystemRoot\system32\DRIVERS\ipnat.sys F77F0000 - \SystemRoot\system32\DRIVERS\wanarp.sys F281F000 - \SystemRoot\System32\drivers\afd.sys F7800000 - \SystemRoot\system32\DRIVERS\arp1394.sys F7810000 - \SystemRoot\system32\DRIVERS\netbios.sys F2754000 - \SystemRoot\system32\DRIVERS\rdbss.sys F26E5000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F7830000 - \SystemRoot\System32\Drivers\Fips.SYS F7B0C000 - \SystemRoot\system32\DRIVERS\hidusb.sys F7860000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F7930000 - \SystemRoot\system32\DRIVERS\usbccgp.sys F7940000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F2688000 - \SystemRoot\system32\DRIVERS\sis163u.sys F295D000 - \SystemRoot\system32\DRIVERS\mouhid.sys F2959000 - \SystemRoot\system32\DRIVERS\kbdhid.sys F7870000 - \SystemRoot\System32\Drivers\Cdfs.SYS F2951000 - \SystemRoot\system32\DRIVERS\usbscan.sys F7998000 - \SystemRoot\system32\DRIVERS\usbprint.sys F79B8000 - \SystemRoot\system32\DRIVERS\HPZius12.sys F7880000 - \SystemRoot\system32\DRIVERS\HPZid412.sys F294D000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys F2620000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7B3E000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F2935000 - \SystemRoot\System32\drivers\Dxapi.sys F79E8000 - \SystemRoot\System32\watchdog.sys BE000000 - \SystemRoot\System32\drivers\dxg.sys F7D59000 - \SystemRoot\System32\drivers\dxgthk.sys BE012000 - \SystemRoot\System32\ati2dvag.dll BE057000 - \SystemRoot\System32\ati2cqag.dll BE0AC000 - \SystemRoot\System32\atikvmag.dll BE0FC000 - \SystemRoot\System32\ati3duag.dll BE3AE000 - \SystemRoot\System32\ativvaxx.dll F01DA000 - \SystemRoot\system32\DRIVERS\irda.sys F02E8000 - \SystemRoot\system32\DRIVERS\ndisuio.sys EFFA5000 - \SystemRoot\system32\DRIVERS\mrxdav.sys EFE78000 - \SystemRoot\system32\drivers\wdmaud.sys EFFE2000 - \SystemRoot\system32\drivers\sysaudio.sys F2678000 - \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys EFAC9000 - \SystemRoot\System32\Drivers\HTTP.sys EF86D000 - \SystemRoot\system32\DRIVERS\srv.sys EFC9A000 - \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys EFBEA000 - \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSgk.sys F7B64000 - \SystemRoot\system32\drivers\MSPQM.sys BFFA0000 - \SystemRoot\System32\ATMFD.DLL F7968000 - \SystemRoot\System32\Drivers\ZDPSp50.sys F7D44000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys EE75C000 - \SystemRoot\system32\drivers\kmixer.sys Total number of drivers = 149 Liste des programmes installes 1310 1310_Help 1310Tour 1310Trb 802.11 USB Wireless LAN Adapter Acer WLAN 11g USB Dongle Acer WLAN 11g USB Dongle Adobe Flash Player ActiveX Adobe Reader 7.0.9 Adobe Shockwave Player AiO_Scan AiOSoftware AntiVirus Firewall Apple Mobile Device Support Apple Software Update Archiveur WinRAR Athlon 64 Processor Driver ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver AVG Anti-Rootkit Free AVS DVDMenu Editor 1.2.1.19 AVS Video Editor 3.5 BitTorrent 4.22.1 BSPlayer BufferChm Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common ccc-core-preinstall ccc-core-static ccc-utility CCC Help English CCleaner (remove only) Commande ECHO désactivée. Copy CreativeProjects CreativeProjectsTemplates CueTour Destinations Director DivX Content Uploader DivX Web Player DocProc DocumentViewer DVD Shrink 3.2 Fax FlashGet 1.8.2.1002 GemMaster Mystic Gestionnaire Internet Google Earth HijackThis 2.0.2 HP Diagnostic Assistant HP Image Zone 4.2 HP PSC & OfficeJet 4.2 HP Software Update HPSystemDiagnostics InstantShare iTunes J2SE Runtime Environment 5.0 Update 6 Joost Beta 1.0 Lecteur Windows Media 11 Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (2.0.0.11) MSN MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MX vs ATV Unleashed Nero 7 Ultra Edition Nokia Connectivity Cable Driver Nokia PC Connectivity Solution Nokia PC Suite NVIDIA Drivers OCA Client history tool install Otto Outil de mise à jour Google Overland Pack Crystal Clear 1.0 PartyPoker PhotoGallery Picasa 2 PrintScreen ProductContext QFolder QuickProjects QuickTime Readme Realtek AC'97 Audio Safecracker Scan Security Update pour Microsoft .NET Framework 2.0 (KB928365) Skins SkinsHP1 Sonic Encoders Spybot - Search & Destroy 1.4 TrayApp Unload VideoLAN VLC media player 0.8.5 WebFldrs XP WebReg Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21) Windows Genuine Advantage Notifications (KB905474) Windows Live Messenger Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 440D-8949 Répertoire de C:\Program Files 29/01/2008 11:48 <REP> . 29/01/2008 11:48 <REP> .. 15/01/2008 19:30 <REP> 32 Error Sixth 07/04/2007 09:03 <REP> Acer WLAN 11g USB Dongle 07/04/2007 09:03 <REP> Adobe 09/04/2007 17:58 <REP> Alcohol Soft 07/04/2007 09:03 <REP> AMD 09/04/2007 18:16 <REP> AntivirusFirewall 09/10/2007 19:03 <REP> Apple Software Update 09/04/2007 19:27 <REP> ATI Technologies 09/04/2007 17:37 <REP> Avira 07/04/2007 09:03 <REP> AvRack 08/07/2007 12:09 <REP> AVSMedia 11/07/2007 22:46 <REP> BitTorrent 04/11/2007 18:32 <REP> CCleaner 04/01/2008 21:24 <REP> Circle Developement 08/05/2006 09:30 <REP> ComPlus Applications 09/04/2007 17:36 <REP> CyberLink 05/06/2007 21:16 <REP> DIFX 18/12/2007 20:10 <REP> DivX 18/12/2007 20:35 <REP> DVD Shrink 28/01/2008 13:11 <REP> eChanblard 09/01/2008 20:11 <REP> Fichiers communs 10/01/2008 20:00 <REP> FlashGet 07/04/2007 09:03 <REP> FrenchOtto 07/11/2007 00:42 <REP> GameShadow 07/04/2007 09:03 <REP> GemMasterFrench 28/01/2008 10:25 <REP> Google 13/11/2007 19:16 <REP> GRISOFT 10/04/2007 19:13 <REP> Hewlett-Packard 29/01/2008 11:50 <REP> Hijackthis Version Française 10/04/2007 19:19 <REP> HP 12/12/2007 22:01 <REP> Internet Explorer 07/04/2007 10:34 <REP> Inventel 09/10/2007 19:06 <REP> iPod 09/10/2007 19:07 <REP> iTunes 07/04/2007 00:22 <REP> Java 30/12/2007 13:39 <REP> Joost 07/04/2007 09:03 <REP> Messenger 16/01/2008 20:03 <REP> Messenger Plus! Live 07/04/2007 09:03 <REP> microsoft frontpage 09/04/2007 18:08 <REP> Microsoft Office 09/04/2007 18:08 <REP> Microsoft Visual Studio 09/04/2007 18:08 <REP> Microsoft Works 09/04/2007 18:08 <REP> Microsoft.NET 09/04/2007 17:55 <REP> Movie Maker 29/01/2008 18:20 <REP> Mozilla Firefox 09/04/2007 18:08 <REP> MSBuild 26/01/2008 11:21 <REP> MSN 07/04/2007 09:04 <REP> MSN Gaming Zone 16/01/2008 20:03 <REP> MSN Messenger 08/04/2007 02:02 <REP> MSXML 4.0 12/06/2007 10:24 <REP> Multi_Media 09/04/2007 17:50 <REP> Nero 07/04/2007 09:04 <REP> NetMeeting 09/04/2007 17:30 <REP> NewTech Infosystems 05/06/2007 21:15 <REP> Nokia 07/04/2007 09:04 <REP> Oca History Tool 07/04/2007 09:04 <REP> Online Services 21/05/2007 22:07 <REP> Online_TV 12/06/2007 20:37 <REP> Outlook Express 07/01/2008 19:33 <REP> PartyGaming 28/01/2008 10:25 <REP> Picasa2 24/07/2007 19:00 <REP> QuickTime 07/04/2007 09:05 <REP> Realtek AC97 08/05/2006 09:46 <REP> Realtek Sound Manager 07/04/2007 00:34 <REP> Securitoo 07/04/2007 09:05 <REP> Services en ligne 03/11/2007 17:39 <REP> Spybot - Search & Destroy 07/05/2007 21:18 <REP> The Adventure Company 16/01/2008 20:52 <REP> THQ 29/01/2008 11:48 <REP> Trend Micro 07/04/2007 10:51 <REP> VideoLAN 06/05/2007 16:52 <REP> Wanadoo 27/05/2007 02:19 <REP> Webteh 18/06/2007 22:31 <REP> Windows Live 09/04/2007 18:20 <REP> Windows Media Connect 2 09/04/2007 18:20 <REP> Windows Media Player 07/04/2007 09:05 <REP> Windows NT 07/04/2007 09:05 <REP> Windows Plus 07/04/2007 10:54 <REP> WinRAR 07/04/2007 09:05 <REP> xerox 0 fichier(s) 0 octets 82 Rép(s) 48 220 397 568 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 440D-8949 Répertoire de C:\Program Files\fichiers communs 09/01/2008 20:11 <REP> . 09/01/2008 20:11 <REP> .. 09/01/2008 20:11 <REP> Adobe 09/04/2007 17:51 <REP> Ahead 03/07/2007 23:34 <REP> Apple 08/07/2007 12:10 <REP> AVSMedia 09/04/2007 18:08 <REP> DESIGNER 07/04/2007 00:35 278 528 FDEUnInstaller.exe 10/04/2007 19:11 <REP> Hewlett-Packard 10/04/2007 19:15 <REP> HP 09/04/2007 19:25 <REP> InstallShield 07/04/2007 00:21 <REP> Java 24/01/2008 00:22 <REP> Microsoft Shared 07/04/2007 09:03 <REP> MSSoap 07/04/2007 09:03 <REP> muvee Technologies 05/06/2007 21:15 <REP> Nokia 07/04/2007 09:03 <REP> ODBC 05/06/2007 21:15 <REP> PCSuite 07/04/2007 09:03 <REP> Services 07/04/2007 09:03 <REP> SpeechEngines 09/04/2007 17:44 <REP> Symantec Shared 12/06/2007 20:37 <REP> System 1 fichier(s) 278 528 octets 21 Rép(s) 48 220 397 568 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 440D-8949 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 09/04/2007 18:08 <REP> . 09/04/2007 18:08 <REP> .. 09/04/2007 18:06 <REP> 1036 26/10/2006 18:49 970 528 MSONSEXT.DLL 26/10/2006 19:12 40 256 MSOSV.DLL 03/06/1999 11:09 122 937 MSOWS409.DLL 07/03/2001 06:00 127 033 MSOWS40c.DLL 4 fichier(s) 1 260 754 octets 3 Rép(s) 48 220 393 472 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 440D-8949 Répertoire de C:\ 24/05/2001 11:59 162 304 UNWISE.EXE 1 fichier(s) 162 304 octets 0 Rép(s) 48 220 393 472 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.4.3.1\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Application Data\city about store file\Army Meet.exe c:\Documents and Settings\jo et sam\Application Data\32 Error Sixth\balm sign.exe c:\Documents and Settings\jo et sam\Application Data\32 Error Sixth\dybvwbxy.exe c:\Documents and Settings\jo et sam\Application Data\32 Error Sixth\Each trust inside multi.exe c:\Documents and Settings\jo et sam\Application Data\32 Error Sixth\MFCDGRIDDART.exe c:\Documents and Settings\jo et sam\Application Data\32 Error Sixth\sjvmocvn.exe c:\Documents and Settings\jo et sam\Application Data\32 Error Sixth\uafbroed.exe c:\Documents and Settings\jo et sam\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe c:\Documents and Settings\jo et sam\Application Data\Microsoft\Installer\{29C0E9C5-7718-D07B-633F-FD5BE27BBCE5}\ARPPRODUCTICON.exe c:\Documents and Settings\jo et sam\Application Data\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe c:\Documents and Settings\jo et sam\Application Data\Microsoft\Installer\{7A81A7E3-7391-ADFF-9014-F8F45F0337F6}\ARPPRODUCTICON.exe c:\Documents and Settings\jo et sam\Application Data\Microsoft\Installer\{C064F50C-4B08-3136-48F5-B92130A47267}\ARPPRODUCTICON.exe c:\Documents and Settings\jo et sam\Application Data\Mozilla\Firefox\Profiles\imbgcvvk.default\FlashGot.exe c:\Documents and Settings\jo et sam\Bureau\avgarkt-setup-1.1.0.42.exe c:\Documents and Settings\jo et sam\Bureau\HJTInstall.exe c:\Documents and Settings\jo et sam\Bureau\mx_vs_atv_unleashed_patch_v1.01_multi-langues_19313.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\diff.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\find2.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\grep.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\streams.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\jo et sam\Bureau\DiagHelp\tar.exe c:\Documents and Settings\jo et sam\Bureau\xp\WindowsXP-KB835935-SP2-FRA.exe c:\Documents and Settings\jo et sam\Bureau\XP Pro + SP2\WindowsXP-KB835935-SP2-FRA.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\AutoDL%3FBundleId=11026_b197d946.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\BitTorrent-5.0.7.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\BitTorrent-5.0.9.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\Install.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\MsgPlusUninstall.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NSIS_Install_WMP.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\ose00000.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\sta336.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\SetupX.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Redist\50comupd.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Redist\instmsia.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Redist\instmsiw.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Redist\ShFolder.Exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Redist\DirectX\dxsetup.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Setup\NeroDelTmp.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Setup\NiReg.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\NeroDemo11266\Setup\UninstallNero.exe c:\Documents and Settings\jo et sam\Local Settings\Temp\nsb283.tmp\DivXComponentInstaller.exe c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\Diagnostic Assistant\data\hprbevdb.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_ACER-A123EA0671.tar.gz a l'adresse http://upload.malekal.com

j'ai bien installé diaghelp, mais je n'ai pas eu de bloc note à la fin, simplement une fenêtre pour envoyer le fichier obtenu. Je n'ai peut etre pas fait la bonne action. (la 1)

J'ai bien fixé les lignes mais merci de m'éclairer pour diaghelp, je ne connais pas.

Merci Voici le nouveau rapport. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:48:42, on 29/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [store file readme bash] C:\Documents and Settings\All Users\Application Data\city about store file\Army Meet.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [settings2] C:\DOCUME~1\JOETSA~1\APPLIC~1\32ERRO~1\balm sign.exe O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 11359 bytes

Bonjour, Depuis quelques temps j'ai des fenêtres cid publicitaires qui s'ouvrent sous IE, j'ai vu que il fallait installer hijackthis ce qui est fait. Je vous fais donc part du rapport en comptant sur votre aide. Merci. Logfile of HijackThis v1.99.1 Scan saved at 11:30:27, on 29/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [store file readme bash] C:\Documents and Settings\All Users\Application Data\city about store file\Army Meet.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [settings2] C:\DOCUME~1\JOETSA~1\APPLIC~1\32ERRO~1\balm sign.exe O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe