animowish

d'accord je vais le faire de suite , merci beaucoup pour l'aide

j'ai installer le logiciel et je n'ai rien vu de suspect je viens de faire le scan il me donne ceci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:22:01, on 16/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://download.gigabyte.com.tw/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [GEST] = O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- End of file - 9392 bytes

merci pour cette réponse et pour ce lien je viens d'en recevoir un autre à l'instant j'utilise outook express, je voudrais savoir si ce message veut dire que ma boîte mail à été pirater ou bien ce n'est pas le cas c un leurre? car je n'ai jamais répondu à ces messages merci

Bonjour j'ai un petit problème avec ma boîte mail je reçois ce message alors que je n'ai rien envoyer du tout à cette adresse c'est la deuxième fois que je reçois un message comme ça, quelqu'un serait t'il d'ou vient ce problème merci This is the mail system at host ems2smtp3.adistar.net. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <emailing@kredity.com>: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting

merci beaucoup pour ta réponse

moi j'ai antivir depuis quelques temps et j'en suis satisfait mais depuis quelques jour il à l'air de débloquer un peu; quand je vais sur le site allocine, il me donne ceci comme erreur HTML/Crypted.Gen, un genre de cheval de troie que antivir détecte à chaque page :-/, est ce que d'autre utilisateur qui ont antivir on des problèmes avec celui ci merci

je pense que c bon la, merci beaucoup pour l'aide

voila j'ai refait un test avec systemlook et il me donne ceci SystemLook v1.0 by jpshortstuff (24.04.09) Log created at 19:25 on 03/05/2009 by Animowish (Administrator - Elevation successful) ========== filefind ========== Searching for "*cfmon*" C:\Documents and Settings\Animowish\Favoris\cfmon - Forums Zebulon.fr.url --a--- 2763 bytes [10:47 03/05/2009] [17:25 03/05/2009] D9D8F5BA517B930C57FFF0122D00196F C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\9S0M05FB\cfmon-t162603[1].htm --a--- 208848 bytes [17:25 03/05/2009] [17:25 03/05/2009] 960DCE207EDD032FB639BD71D1161DF2 C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\TEX10GH1\cfmon-t162603[1].htm --a--- 62577 bytes [17:24 03/05/2009] [17:24 03/05/2009] F951742E8A656D2A7600F813E418931D C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\UQSG2Z8Y\cfmon-t162603[2].htm --a--- 208908 bytes [17:24 03/05/2009] [17:24 03/05/2009] B982878BC93D0D7846ADB794C7F53E2F C:\_OTMoveIt\MovedFiles\05032009_151443\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\Q1058QQM\cfmon-t162603[1].htm --a--- 90822 bytes [13:09 03/05/2009] [13:09 03/05/2009] 1765667AFB28B625E817A828DBF7636A C:\_OTMoveIt\MovedFiles\05032009_151443\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\VB14D38E\cfmon-t162603[2].htm --a--- 95276 bytes [12:58 03/05/2009] [12:58 03/05/2009] F737F40C1AE7CC0643F1FAA3653AD6FC C:\_OTMoveIt\MovedFiles\05032009_190919\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\cfmon-t162603[1].htm --a--- 191183 bytes [17:08 03/05/2009] [17:08 03/05/2009] DBFA022123ED3B59C56DFC340463D50C ========== regfind ========== Searching for "cfmon" No data found. -=End Of File=-

voila le rapport que j'ai obtenu ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder C:\Documents and Settings\Animowish\Favoris\cfmon not found. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603\\000 deleted successfully. Registry value HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603\\000 not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFF05E.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFF072.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFFA83.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFFA97.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\AP_ADV_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\AP_ADV_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\AP_CPL_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\cfmon-t162603[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\9CZBCFR5\index[3].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\01[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\ADSAdClient31[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\index[2].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\rectangle_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\ads[4].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\ban_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\hp[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\iframe[3].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot. User's Temporary Internet Files folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Network Service Temp folder emptied. Network Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_27c.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_2dc.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05032009_190919 Files moved on Reboot... C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\hpodvd09.log moved successfully. File C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFF05E.tmp not found! File C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFF072.tmp not found! File C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFFA83.tmp not found! File C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\~DFFA97.tmp not found! C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\AP_ADV_300x250[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\AP_ADV_728x90[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\AP_CPL_728x90[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\cfmon-t162603[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\9CZBCFR5\index[3].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\01[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\ADSAdClient31[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\index[2].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\2HOLNUOG\rectangle_300x250[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\ads[4].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\ban_728x90[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\hp[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\iframe[3].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_27c.dat not found! File C:\WINDOWS\temp\Perflib_Perfdata_2dc.dat not found!

voila ce que le rapport me donne SystemLook v1.0 by jpshortstuff (24.04.09) Log created at 16:49 on 03/05/2009 by Animowish (Administrator - Elevation successful) ========== filefind ========== Searching for "*cfmon*" C:\Documents and Settings\Animowish\Favoris\cfmon - Forums Zebulon.fr.url --a--- 2476 bytes [10:47 03/05/2009] [14:02 03/05/2009] 31432C21E0B1139347A7EA53D6940048 C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\cfmon-t162603[1].htm --a--- 149227 bytes [14:46 03/05/2009] [14:46 03/05/2009] 6ADCECCE1492005103975B360E33AB0B C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\09F1JNP9\cfmon-t162603[2].htm --a--- 128157 bytes [13:31 03/05/2009] [13:31 03/05/2009] 1428CCA8BD15BD16D582E0E5C0C2AB0C C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\cfmon-t162603[1].htm --a--- 134424 bytes [14:02 03/05/2009] [14:02 03/05/2009] 5B680B29B5FB7C6A8B8A17E0248BF44C C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\SXA8MY6H\cfmonexe-t141917[1].htm --a--- 96845 bytes [13:31 03/05/2009] [13:31 03/05/2009] 8DE510E42D2AE82933CA21390D0C9323 C:\_OTMoveIt\MovedFiles\05032009_151443\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\Q1058QQM\cfmon-t162603[1].htm --a--- 90822 bytes [13:09 03/05/2009] [13:09 03/05/2009] 1765667AFB28B625E817A828DBF7636A C:\_OTMoveIt\MovedFiles\05032009_151443\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\VB14D38E\cfmon-t162603[2].htm --a--- 95276 bytes [12:58 03/05/2009] [12:58 03/05/2009] F737F40C1AE7CC0643F1FAA3653AD6FC ========== regfind ========== Searching for "cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" [HKEY_USERS\S-1-5-21-842925246-1958367476-1801674531-1003\Software\Microsoft\Search Assistant\ACMru\5603] ""000""=="cfmon" -=End Of File=-

donc cela signifierait qu'il n'y aurait rien comme problème sur mon pc avec ce fichier?, pourtant j'ai bien vu hier soir ce nom :-/, en arrêtant mon pc juste avant avec le message que ce programme ne voulait pas s'arrêter avec cfmon :-/

voila je viens d'utiliser le programme et il me donne ceci ========== PROCESSES ========== Process explorer.exe killed successfully. Unable to kill process: Sound Sservice Driver ========== SERVICES/DRIVERS ========== Service\Driver Sound Sservice Driver not found. Service\Driver Sound Sservice Driver not found. ========== FILES ========== File/Folder C:\WINDOWS\System32\cfmon.exe not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\VB14D38E\AP_ADV_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\VB14D38E\cfmon-t162603[2].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\Q1058QQM\cfmon-t162603[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\FNG4TMBO\ads[11].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\FNG4TMBO\ban_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\FNG4TMBO\iframe[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\DCT65JO4\AP_ADV_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\B6OVCO7Z\AP_CPL_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\B6OVCO7Z\rectangle_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\8250ZBKQ\ECA7PAYKXCASPJ55GCAQ37KPBCAX4EO68CAYUBCNVCA672BMUCAMNUVUDCA167OEKCAEBGNDZCA CQQU9WCABQ53C0CAS9DX7LCAKSESJDCAOW0KDECA9ZKISLCAUSCCP8CANVY9DOCABFMGCDCAH5U7RO.ht m scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\1M29GUVB\hp[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot. User's Temporary Internet Files folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Network Service Temp folder emptied. Network Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6d4.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7a4.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05032009_151443 Files moved on Reboot... C:\DOCUME~1\ANIMOW~1\LOCALS~1\Temp\hpodvd09.log moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\VB14D38E\AP_ADV_300x250[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\VB14D38E\cfmon-t162603[2].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\Q1058QQM\cfmon-t162603[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\FNG4TMBO\ads[11].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\FNG4TMBO\ban_728x90[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\FNG4TMBO\iframe[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\DCT65JO4\AP_ADV_728x90[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\B6OVCO7Z\AP_CPL_728x90[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\B6OVCO7Z\rectangle_300x250[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\8250ZBKQ\ECA7PAYKXCASPJ55GCAQ37KPBCAX4EO68CAYUBCNVCA672BMUCAMNUVUDCA167OEKCAEBGNDZCA CQQU9WCABQ53C0CAS9DX7LCAKSESJDCAOW0KDECA9ZKISLCAUSCCP8CANVY9DOCABFMGCDCAH5U7RO.ht m moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\1M29GUVB\hp[1].htm moved successfully. C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_6d4.dat not found! File C:\WINDOWS\temp\Perflib_Perfdata_7a4.dat not found!

bonjour oui je suis sur pour l'orthographe utilisé, c'était bien cfmon que j'avais aperçu, et pas ctfmon

Bonjour j'ai un petit problème avec ce malware, je l'ai détecter sur mon ordi au moment de l'éteindre, il me disais que ce programme ne voulait pas s'arrêter, ensuite j'ai regarder sur les forum et il disait que c'était un malware, j'ai donc passé mon antivirus avira qui n'a rien détecté ainsi que le programme Malwarebytes qui ne l'a pas trouver non plus voila mon scan avec HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:42:24, on 03/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Animowish\Local Settings\Temporary Internet Files\Content.IE5\I0IUJ99S\HiJackThis[1].exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://download.gigabyte.com.tw/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [GEST] = O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe