Theo1060

Bonjour Lien Rag, Voilà le rapport SDFix: SDFix: Version 1.228 Run by Claudius on 24.09.2008 at 10:24 Microsoft Windows XP [version 5.1.2600] Running From: C:\Documents and Settings\Claudius\Bureau\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Restoring Default HomePage Value Restoring Default Desktop Components Value Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\system32\drivers\TDSSserv.sys - Deleted C:\WINDOWS\vmgspntbvlw.dll - Deleted C:\WINDOWS\mgxfebsq.dll - Deleted C:\WINDOWS\mqgldfvo.exe - Deleted C:\WINDOWS\system32\drivers\tdssserv.sys - Deleted C:\WINDOWS\system32\tdssadw.dll - Deleted C:\WINDOWS\system32\tdssinit.dll - Deleted C:\WINDOWS\system32\tdssl.dll - Deleted C:\WINDOWS\system32\tdsslog.dll - Deleted C:\WINDOWS\system32\tdssmain.dll - Deleted C:\WINDOWS\system32\tdssserf.dll - Deleted C:\WINDOWS\system32\tdssservers.dat - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-24 10:38:51 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"="C:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe:*:Enabled:Dell Network Assistant" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger" "C:\\Program Files\\Cossacks - Back To War\\DMCR.EXE"="C:\\Program Files\\Cossacks - Back To War\\DMCR.EXE:*:Enabled:dmcr" "C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper" "C:\\Program Files\\Activision\\Call To Power 2\\ctp2_program\\ctp\\ctp2.exe"="C:\\Program Files\\Activision\\Call To Power 2\\ctp2_program\\ctp\\ctp2.exe:*:Enabled:Call to Power 2" "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" Remaining Files : File Backups: - C:\DOCUME~1\Claudius\Bureau\SDFix\backups\backups.zip Files with Hidden Attributes : Thu 4 Jan 2007 168 A.SHR --- "C:\i386\0EF28D81E9.sys" Thu 4 Jan 2007 5,018 A.SH. --- "C:\i386\KGyGaAvL.sys" Mon 18 Aug 2008 1,832,272 A.SHR --- "C:\Program Files\TeaTimer (Spybot - Search & Destroy)\TeaTimer.exe" Fri 19 Sep 2008 168 ..SHR --- "C:\WINDOWS\system32\0EF28D81E9.sys" Fri 19 Sep 2008 5,174 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Fri 5 Jan 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Wed 24 Sep 2008 3,024,255 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4d3a282431da673543805c0f4fac6765\BIT17.tmp" Wed 24 Sep 2008 6,321,327 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\83e78f78de649dcc1fe8dd492dc7d60b\BIT16.tmp" Wed 24 Sep 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ae0c12f212b28eb17a20bd1691d735bd\BIT18.tmp" Wed 27 Feb 2008 52,736 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL0004.tmp" Tue 4 Mar 2008 62,976 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL0052.tmp" Tue 4 Mar 2008 68,096 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL0647.tmp" Tue 4 Mar 2008 66,048 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL0770.tmp" Tue 4 Mar 2008 59,904 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL1007.tmp" Tue 4 Mar 2008 68,096 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL1460.tmp" Tue 4 Mar 2008 62,464 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL1846.tmp" Tue 4 Mar 2008 68,096 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL1910.tmp" Tue 4 Mar 2008 58,880 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL2116.tmp" Tue 4 Mar 2008 62,976 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL2829.tmp" Tue 4 Mar 2008 68,096 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL3166.tmp" Tue 4 Mar 2008 68,096 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL3202.tmp" Tue 4 Mar 2008 80,896 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL3536.tmp" Tue 4 Mar 2008 65,536 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\~WRL4012.tmp" Tue 6 Sep 2005 25,600 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Documents\~WRL4015.tmp" Tue 18 Nov 2003 146,432 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\~WRL3936.tmp" Wed 3 Jan 2007 9,506 A.SH. --- "C:\Documents and Settings\Claudius\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak" Sun 29 Jan 2006 118,272 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0004.tmp" Thu 6 Jul 2006 7,953,920 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0190.tmp" Sat 28 Jan 2006 127,488 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0255.tmp" Sat 28 Jan 2006 126,464 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0419.tmp" Sat 15 Apr 2006 8,240,128 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0513.tmp" Sat 28 Jan 2006 120,832 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0515.tmp" Sat 28 Jan 2006 118,272 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0567.tmp" Thu 11 May 2006 8,278,016 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL0921.tmp" Sat 28 Jan 2006 120,320 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL1370.tmp" Sat 28 Jan 2006 126,464 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL1460.tmp" Wed 5 Jul 2006 7,946,240 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL1830.tmp" Sat 28 Jan 2006 118,784 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL1974.tmp" Sat 28 Jan 2006 123,904 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL2058.tmp" Sat 28 Jan 2006 123,392 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL2201.tmp" Sat 28 Jan 2006 123,904 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL2869.tmp" Sat 28 Jan 2006 120,832 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL2892.tmp" Fri 14 Apr 2006 8,242,688 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL3909.tmp" Sat 28 Jan 2006 124,416 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL3923.tmp" Sat 28 Jan 2006 121,344 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Dipl“me\~WRL4013.tmp" Thu 22 Jun 2006 35,328 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Toxicologie et Ecotoxicologie\~WRL1423.tmp" Tue 27 Jun 2006 92,672 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Toxicologie et Ecotoxicologie\~WRL2118.tmp" Tue 27 Jun 2006 92,672 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Toxicologie et Ecotoxicologie\~WRL2261.tmp" Mon 26 Jun 2006 80,896 A..H. --- "C:\Documents and Settings\Claudius\Mes documents\Claudius\Uni\Toxicologie et Ecotoxicologie\~WRL3690.tmp" Wed 20 Feb 2008 36,352 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL1170.tmp" Wed 20 Feb 2008 59,904 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL1870.tmp" Wed 20 Feb 2008 31,232 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL2025.tmp" Wed 20 Feb 2008 30,720 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL2111.tmp" Wed 20 Feb 2008 59,904 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL2135.tmp" Wed 20 Feb 2008 54,272 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL2550.tmp" Wed 20 Feb 2008 54,272 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL2684.tmp" Wed 20 Feb 2008 339,456 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL3055.tmp" Wed 20 Feb 2008 36,864 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL3505.tmp" Wed 20 Feb 2008 30,720 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL3742.tmp" Wed 20 Feb 2008 59,904 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)\Biologie mol‚culaire\Manip2\~WRL3756.tmp" Wed 20 Feb 2008 36,352 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL1170.tmp" Wed 20 Feb 2008 59,904 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL1870.tmp" Wed 20 Feb 2008 31,232 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL2025.tmp" Wed 20 Feb 2008 30,720 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL2111.tmp" Wed 20 Feb 2008 59,904 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL2135.tmp" Wed 20 Feb 2008 54,272 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL2550.tmp" Wed 20 Feb 2008 54,272 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL2684.tmp" Wed 20 Feb 2008 339,456 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL3055.tmp" Wed 20 Feb 2008 36,864 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL3505.tmp" Wed 20 Feb 2008 30,720 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL3742.tmp" Wed 20 Feb 2008 59,904 A..H. --- "C:\Documents and Settings\Claudius\Bureau\Docs Kicku\Disque amovible (E)1\Biologie mol‚culaire\Manip2\~WRL3756.tmp" Fri 22 Dec 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp" Fri 22 Dec 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch2\lock.tmp" Fri 22 Dec 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch3\lock.tmp" Fri 22 Dec 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch4\lock.tmp" Fri 22 Dec 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\lock.tmp" Fri 22 Dec 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch6\lock.tmp" Finished! A tout bientôt!

Et bien justement, lorsque j'essaye d'accéder à ce lien internet (http://downloads.andymanchesta.com/RemovalTools/SDFix.exe), un message d'erreur de chargement de la page s'ouvre! Je peux télécharger SDFix depuis un autre ordinateur et le transférer ensuite. Mais n'y a-t-il pas un moyen de forcer l'accès?

Bonjour, Suite à une utilisation quelque peu irrésponsable de ma part, mon ordinateur a été infecté par toute une série de Malwares, Trojans, etc... Mon bureau et le menu "démarrer" ont subi des modifications (suppression de certains raccourcis et liens), l'explorateur Windows aussi (disparition du lien vers C:, impossibilité d'accéder aux fichiers cachés). Spybot a pu détecter plusieurs types de fichiers infectés et les a supprimés (Zlob.Downloader.vcd, Zlobdowloader.bs, ZlobDowloader.rid NNC.MGRS, Smitfraud-C., Smitfraud-C.gp, Smitfraud-C.SMVPS, ainsi que certains fichier fichiers Windows et Win32.Agent.frl et Win32.Rungubu.a). J'ai ensuite scanné mon PC avec Mcafee et Antivir qui ont supprimé des virus supplémentaires (PWS-Gamania.gen.a par exemple). Mais à chaque nouveau démarrage, Spybot a détecté à nouveau Win32.Agent.frl, Win32Rungubu.a et Smitfraud-C.MSVPS. Ceci lors des 6 premiers re-démarrage. Il ne les détecte plus maintenant, mais je les soupçonne d'être encore présents. D'autant plus que mon PC fonctionne au ralenti, qu'au bout d'un certain temps d'utilisation il bloque et que la redirection de certains liens sur internet se fait dans 60% des cas, soit sur une page qui n'a rien avoir avec le lien ou sur une page qui m'indique "La connexion a échoué, Firefox ne peut établir de connexion avec le serveur à l'adresse..., Bien que le site semble valide, le navigateur n'a pas pu établir de connexion." En plus il semble bien que la restauration de Windows ne fonctionne pas. Voilà, quelqu'un pourrait-il m'aider? D'avance merci beaucoup! Voici le rapport HiJackThis. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:10, on 23.09.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Dell Support\DSAgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Dell Network Assistant\ezi_hnm2.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN C:\WINDOWS\system32\dllhost.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ch/ig/dell?hl=fr&client=dell-row&channel=ch&ibd=0061222 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ch/ig/dell?hl=fr&client=dell-row&channel=ch&ibd=0061222 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ch/0SEFRCH/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ch/ig/dell?hl=fr&cli...amp;ibd=0061222 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll O2 - BHO: QXK Olive - {8B93A89B-7332-4B4B-830C-72EB6323D0DB} - C:\WINDOWS\vmgspntbvlw.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\ckvo.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe O4 - Global Startup: Dell Network Assistant.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/229?516062d33775479e8188a869eb7a836f O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-ch\msntabres.dll.mui/230?516062d33775479e8188a869eb7a836f O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: mgxfebsq - {C79FF45A-F665-4FE5-9D6F-97E74CD50CC8} - C:\WINDOWS\mgxfebsq.dll O21 - SSODL: dtseqrxk - {715E9C83-D140-4C88-8F7B-AA7E52DEAA37} - C:\WINDOWS\dtseqrxk.dll (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 12268 bytes