search @hand

Thanos · le 22 juillet 2007

misère!! les lignes 017 sont elles revenues??

J'aimerai stp que tu passes cet utilitaire pour en voir plus (c'est rapide) >

Télécharge SRENG sur ton bureau.

1. Dézippe le fichier sur le bureau et double clique sur le fichier SREng.exe

2. Selectionne 'Smart Scan' .

3. Clique sur le bouton [scan]

4. Lorsque le scan est termliné, clique sur le bouton [save Reports] et sauvegarde le rapport sur ton bureau

5. Poste le rapport : il se nomme SRENG.log

number05 · le 23 juillet 2007

Bonjour Charles,

effectivement, les 017 apparaissent à nouveau, je suis entrain d'effectuer un scan. ci dessous le rapport sreng.

2007-07-23,09:50:03

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<MsmqIntCert><regsvr32 /s mqrt.dll>  [N/A]
<SoundMAX><C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray>  [Analog Devices, Inc.]
<PTHOSTTR><C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start>  [Hewlett-Packard Development Company, L.P.]
<HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
<DLA><C:\WINDOWS\System32\DLA\DLACTRLW.EXE>  [Sonic Solutions]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<hpWirelessAssistant><C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe>  [Hewlett-Packard Development Company, L.P.]
<CognizanceTS><rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule>  [Cognizance Corporation]
<QlbCtrl><%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start>  [ Hewlett-Packard Development Company, L.P.]
<Cpqset><C:\Program Files\HPQ\Default Settings\cpqset.exe>  []
<Recguard><C:\WINDOWS\Sminst\Recguard.exe>  []
<Reminder><C:\WINDOWS\Creator\Remind_XP.exe>  []
<Scheduler><C:\WINDOWS\SMINST\Scheduler.exe>  []
<WatchDog><C:\Program Files\InterVideo\DVD Check\DVDCheck.exe>  [InterVideo Inc.]
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe">  [(Verified)Kaspersky Lab]
<SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxtray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxpers><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Nero AG]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
<WinlogonNotify: OneCard><C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll>  [Cognizance Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
Startup Folders
[BTTray]
 <C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk --> C:\PROGRA~1\WIDCOMM\LOGICI~1\BTTray.exe [Broadcom Corporation.]><N>
[DVD Check]
 <C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DVD Check.lnk --> C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe [InterVideo Inc.]><N>
[Microsoft Office]
 <C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>

==================================
Services
[Canal de communication local / ASChannel][Running/Auto Start]
 <C:\WINDOWS\System32\svchost.exe -k Cognizance-->C:\Program Files\HPQ\IAM\Bin\ASChnl.dll><Cognizance Corporation>
[Kaspersky Internet Security 7.0 / AVP][Running/Auto Start]
 <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[Bluetooth Service / btwdins][Running/Auto Start]
 <C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe><Broadcom Corporation.>
[Google Updater Service / gusvc][Stopped/Manual Start]
 <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
 <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[hpqwmiex / hpqwmiex][Running/Auto Start]
 <C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe><Hewlett-Packard Development Company, L.P.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
 <"C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
 <"C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[LiveUpdate / LiveUpdate][Stopped/Manual Start]
 <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
[PC Angel / PCA][Stopped/Auto Start]
 <C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe><N/A>
[Planificateur LiveUpdate automatique / Planificateur LiveUpdate automatique][Running/Auto Start]
 <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation>
[Windows Media Connect (WMC) / WmcCds][Stopped/Manual Start]
 <c:\program files\windows media connect\mswmccds.exe><Microsoft Corporation>
[Aide de Windows Media Connect (WMC) / WmcCdsLs][Stopped/Manual Start]
 <C:\Program Files\Windows Media Connect\mswmcls.exe><Microsoft Corporation>

==================================
Drivers
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
 <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AEAudio Service / AEAudioService][Running/Manual Start]
 <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
 <system32\DRIVERS\AGRSM.sys><Agere Systems>
[AliIde / AliIde][Running/Boot Start]
 <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AuthenTec TruePrint USB Driver (AES2500) / ATSWPDRV][Stopped/Manual Start]
 <system32\DRIVERS\ATSwpDrv.sys><AuthenTec, Inc.>
[Broadcom NetLink (TM) Gigabit Ethernet / b57w2k][Stopped/Manual Start]
 <system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Broadcom 440x 10/100 Integrated Controller / bcm4sbxp][Running/Manual Start]
 <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[Périphérique audio Bluetooth / btaudio][Running/Manual Start]
 <system32\drivers\btaudio.sys><Broadcom Corporation.>
[Pilote de communications virtuelles Bluetooth / BTDriver][Running/Manual Start]
 <system32\DRIVERS\btport.sys><Broadcom Corporation.>
[Enumérateur de bus Bluetooth / BTKRNL][Running/Manual Start]
 <system32\DRIVERS\btkrnl.sys><Broadcom Corporation.>
[Serveur d'accès au réseau local Bluetooth / BTWDNDIS][Running/Manual Start]
 <system32\DRIVERS\btwdndis.sys><Broadcom Corporation.>
[Modem Bluetooth / btwmodem][Running/Manual Start]
 <system32\DRIVERS\btwmodem.sys><Broadcom Corporation.>
[WIDCOMM USB Bluetooth Driver / BTWUSB][Running/Manual Start]
 <System32\Drivers\btwusb.sys><Broadcom Corporation.>
[DLABOIOM / DLABOIOM][Running/Auto Start]
 <System32\DLA\DLABOIOM.SYS><Sonic Solutions>
[DLACDBHM / DLACDBHM][Running/System Start]
 <System32\Drivers\DLACDBHM.SYS><Sonic Solutions>
[DLADResN / DLADResN][Running/Auto Start]
 <System32\DLA\DLADResN.SYS><Sonic Solutions>
[DLAIFS_M / DLAIFS_M][Running/Auto Start]
 <System32\DLA\DLAIFS_M.SYS><Sonic Solutions>
[DLAOPIOM / DLAOPIOM][Running/Auto Start]
 <System32\DLA\DLAOPIOM.SYS><Sonic Solutions>
[DLAPoolM / DLAPoolM][Running/Auto Start]
 <System32\DLA\DLAPoolM.SYS><Sonic Solutions>
[DLARTL_N / DLARTL_N][Running/System Start]
 <System32\Drivers\DLARTL_N.SYS><Sonic Solutions>
[DLAUDFAM / DLAUDFAM][Running/Auto Start]
 <System32\DLA\DLAUDFAM.SYS><Sonic Solutions>
[DLAUDF_M / DLAUDF_M][Running/Auto Start]
 <System32\DLA\DLAUDF_M.SYS><Sonic Solutions>
[DRVMCDB / DRVMCDB][Running/Boot Start]
 <\SystemRoot\System32\Drivers\DRVMCDB.SYS><Sonic Solutions>
[DRVNDDM / DRVNDDM][Running/Auto Start]
 <System32\Drivers\DRVNDDM.SYS><Sonic Solutions>
[eabfiltr / eabfiltr][Running/System Start]
 <system32\DRIVERS\eabfiltr.sys><Hewlett-Packard Development Company, L.P.>
[eabusb / eabusb][Stopped/Manual Start]
 <system32\DRIVERS\eabusb.sys><Hewlett-Packard Development Company, L.P.>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
 <\??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[GTIPCI21 / GTIPCI21][Stopped/Manual Start]
 <system32\DRIVERS\gtipci21.sys><N/A>
[HBtnKey / HBtnKey][Running/Manual Start]
 <system32\DRIVERS\cpqbttn.sys><Hewlett-Packard Development Company, L.P.>
[Pilote de bus Microsoft UAA pour High Definition Audio / HDAudBus][Running/Manual Start]
 <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ialm / ialm][Running/Manual Start]
 <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel AHCI Controller / iaStor][Running/Boot Start]
 <\SystemRoot\System32\DRIVERS\iaStor.sys><Intel Corporation>
[kl1 / kl1][Running/Boot Start]
 <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
 <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
 <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
 <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
 <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
 <system32\DRIVERS\secdrv.sys><N/A>
[Pilote de périphérique SMC IrCC Miniport / SMCIRDA][Stopped/Manual Start]
 <system32\DRIVERS\smcirda.sys><SMC>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
 <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[tifm21 / tifm21][Stopped/Manual Start]
 <system32\drivers\tifm21.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
 <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51][Running/Manual Start]
 <system32\DRIVERS\w39n51.sys><Intel® Corporation>

==================================
Browser Add-ons
[Aide pour le lien d'Adobe PDF Reader]
 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[DriveLetterAccess]
 {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions>
[SSVHelper Class]
 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
 {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[HP Credential Manager for ProtectTools]
 {DF21F1DB-80C6-11D3-9483-B03D0EC10000} <C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll, Infineon Technologies AG>
[Java Plug-in 1.6.0_01]
 {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Statistiques d’Anti-Virus Internet]
 {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, Kaspersky Lab>
[&Rechercher]
 {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[]
 {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
 {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
 {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Java Plug-in 1.6.0_01]
 {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[ActiveScan Installer Class]
 {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[Java Plug-in 1.6.0_01]
 {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_01]
 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll, Sun Microsystems, Inc.>
[Google Script Object]
 {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Aide pour le lien d'Adobe PDF Reader]
 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Genuine Advantage Validation Tool]
 {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[&Google]
 {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[HTML Document]
 {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
 {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
 {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[XML Document]
 {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[Reporte Class]
 {4A2A4430-3967-4461-94C7-BD95C419F3CF} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[DriveLetterAccess]
 {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions>
[WUWebControl Class]
 {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Microsoft Shell UI Helper]
 {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Windows Media Player]
 {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Seleccion Class]
 {6CEC0297-FAFB-41FB-97EA-77E3081B1DFE} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[ControlConexion Class]
 {6FDCDD41-6C97-4A3B-9E6D-0144B66A1CE4} <C:\WINDOWS\system32\ActiveScan\ascontrol.dll, Panda Software>
[Active Desktop Mover]
 {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[SSVHelper Class]
 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
 {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Panda ActiveScan]
 {96567F65-E04C-4611-AF29-7CDEA6FA6A84} <C:\WINDOWS\system32\ACTIVE~1\as.dll, Panda Software>
[ActiveScan Installer Class]
 {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[Google Toolbar Helper]
 {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[SearchAssistantOC]
 {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[VIDEO__AVI Moniker Class]
 {CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
 {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[]
 {D030BD04-F963-47E6-B897-D3E73EE187BB} <C:\WINDOWS\system32\jkkjj.dll, N/A>
[Shockwave Flash Object]
 {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[HP Credential Manager for ProtectTools]
 {DF21F1DB-80C6-11D3-9483-B03D0EC10000} <C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll, Infineon Technologies AG>
[XML HTTP Request]
 {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[]
 {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML DOM Document 3.0]
 {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP 3.0]
 {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[Ajouter à Kaspersky Anti-Bannière]
 <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A>
[E&xporter vers Microsoft Excel]
 <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[Envoyer à &Bluetooth]
 <C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm, N/A>

==================================
Running Processes
[PID: 1452 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1556 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1584 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll]  [Cognizance Corporation, 1.5.0.037]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.7.0018.5]
[C:\Program Files\HPQ\IAM\Bin\ASChnl.dll]  [Cognizance Corporation, 1.23.0.125]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\HPQ\IAM\Bin\ItMsg.dll]  [Cognizance Corporation, 1.18.0.305]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1628 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 1640 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\HPQ\IAM\bin\AsWlnPkg.dll]  [Cognizance Corporation, 1.5.0.037]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 1820 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 1904 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 1964 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 264 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 368 / SYSTEM][C:\WINDOWS\system32\DllHost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\HPQ\IAM\Bin\TrayIcon.dll]  [Cognizance Corporation, 1.5.0.102]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\HPQ\IAM\Bin\ItMsg.dll]  [Cognizance Corporation, 1.18.0.305]
[C:\Program Files\HPQ\IAM\bin\HPBrand.dll]  [Hewlett-Packard Company, 1.01.0.020]
[C:\Program Files\HPQ\IAM\bin\1036\HPBrand.dll]  [Hewlett-Packard Company, 1.01.0.021]
[C:\Program Files\HPQ\IAM\bin\1036\ItMsg.dll]  [Cognizance Corporation, 1.18.0.282]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\HPQ\IAM\Bin\ittal.dll]  [Cognizance Corporation, 1.5.0.141]
[C:\Program Files\HPQ\IAM\Bin\ItReports.DLL]  [Cognizance Corporation, 1.5.0.036]
[C:\Program Files\HPQ\IAM\bin\1036\ItReports.DLL]  [Cognizance Corporation, 1.5.0.032]
[C:\Program Files\HPQ\IAM\Bin\STEngine.dll]  [Cognizance Corporation, 1.5.0.025]
[PID: 400 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 872 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\HPBMMON.DLL]  [Hewlett-Packard, 10.00.16]
[C:\WINDOWS\system32\hpdomon.dll]  [Hewlett-Packard, 03.42.00]
[C:\WINDOWS\system32\HPBHealr.dll]  [N/A, ]
[C:\WINDOWS\system32\HPMPMW.DLL]  [Hewlett-Packard, 1, 0, 0, 0]
[C:\WINDOWS\system32\HPMystPM.DLL]  [Hewlett-Packard, 1, 0, 0, 0]
[C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\system32\bthcrp.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\WidcommSdk.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\wbtapi.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp041.dll]  [Hewlett-Packard Corporation, 60.041.41.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp35z.dll]  [Hewlett-Packard Corporation, 60.041.41.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 932 / SERVICE LOCAL][C:\WINDOWS\System32\SCardSvr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 1032 / SERVICE RÉSEAU][C:\WINDOWS\system32\msdtc.exe]  [Microsoft Corporation, 2001.12.4414.258]
[C:\Program Files\Fichiers communs\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.4.105.1]
[PID: 1484 / SYSTEM][C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe]  [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\1036\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 1520 / SYSTEM][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe]  [Symantec Corporation, 3.0.0.171]
[C:\Program Files\Symantec\LiveUpdate\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Symantec\LiveUpdate\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 172 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe]  [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 348 / SYSTEM][C:\WINDOWS\system32\mqsvc.exe]  [Microsoft Corporation, 5.01.1108]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 1252 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\WMPNetwk.exe]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\wmpmde.dll]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\MFPlat.DLL]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\wmpps.dll]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[PID: 2188 / SYSTEM][C:\WINDOWS\system32\mqtgsvc.exe]  [Microsoft Corporation, 5.01.1108]
[PID: 2836 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2308 / Administrateur][C:\Program Files\HPQ\IAM\bin\asghost.exe]  [Cognizance Corporation, 1.5.0.035]
[C:\Program Files\HPQ\IAM\bin\ItMsg.dll]  [Cognizance Corporation, 1.18.0.305]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\HPQ\IAM\Bin\Aswallet.dll]  [Cognizance Corporation, 1.09.0.079]
[C:\Program Files\HPQ\IAM\bin\1036\Aswallet.dll]  [Cognizance Corporation, 1.09.047]
[C:\Program Files\HPQ\IAM\Bin\ItSSO.dll]  [Cognizance Corporation, 1.50.3.319QC]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\HPQ\IAM\Bin\RasAdmin.dll]  [Cognizance Corporation, 1.5.0.024]
[C:\Program Files\HPQ\IAM\Bin\ItReports.DLL]  [Cognizance Corporation, 1.5.0.036]
[C:\Program Files\HPQ\IAM\bin\1036\ItReports.DLL]  [Cognizance Corporation, 1.5.0.032]
[C:\Program Files\HPQ\IAM\bin\1036\RasAdmin.dll]  [Cognizance Corporation, 1.5.0.021]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\HPQ\IAM\Bin\SFSShell.dll]  [Cognizance Corporation, 1.21.0.143]
[C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll]  [Cognizance Corporation, 1.18.0.111]
[C:\Program Files\HPQ\IAM\Bin\PkiAdmin.dll]  [Cognizance Corporation, 1.5.0.023]
[C:\Program Files\HPQ\IAM\bin\HPBrand.dll]  [Hewlett-Packard Company, 1.01.0.020]
[C:\Program Files\HPQ\IAM\bin\1036\HPBrand.dll]  [Hewlett-Packard Company, 1.01.0.021]
[C:\Program Files\HPQ\IAM\bin\1036\ItMsg.dll]  [Cognizance Corporation, 1.18.0.282]
[C:\Program Files\HPQ\IAM\bin\1036\PkiAdmin.dll]  [Cognizance Corporation, 1.5.0.020]
[C:\Program Files\HPQ\IAM\Bin\ITVCClient.dll]  [Cognizance Corporation, 1.5.1.122]
[C:\Program Files\HPQ\IAM\Bin\ItVCard.dll]  [Cognizance Corporation, 1.01.127]
[C:\Program Files\HPQ\IAM\Bin\TrayIcon.dll]  [Cognizance Corporation, 1.5.0.102]
[C:\Program Files\HPQ\IAM\Bin\NetAdmin.dll]  [Cognizance Corporation, 1.5.0.108]
[C:\Program Files\HPQ\IAM\bin\1036\NetAdmin.dll]  [Cognizance Corporation, 1.5.0.097]
[C:\Program Files\HPQ\IAM\Bin\SSOMngr.dll]  [Cognizance Corporation, 2.25.0.235b]
[C:\Program Files\HPQ\IAM\bin\1036\SSOMngr.dll]  [Cognizance Corporation, 2.25.0.232]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\HPQ\IAM\Bin\ASChnl.dll]  [Cognizance Corporation, 1.23.0.125]
[C:\Program Files\HPQ\IAM\Bin\ittal.dll]  [Cognizance Corporation, 1.5.0.141]
[C:\Program Files\HPQ\IAM\Bin\STEngine.dll]  [Cognizance Corporation, 1.5.0.025]
[C:\Program Files\HPQ\IAM\Bin\ItDAC.dll]  [Cognizance Corporation, 1.00.173w]
[C:\Program Files\HPQ\IAM\Bin\AuthWiz.dll]  [Cognizance Corporation, 1.5.0.267]
[C:\Program Files\HPQ\IAM\bin\1036\AuthWiz.dll]  [Cognizance Corporation, 1.5.0.254]
[PID: 2468 / Administrateur][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\HPQ\IAM\Bin\SFSShell.dll]  [Cognizance Corporation, 1.21.0.143]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\HPQ\IAM\bin\ItMsg.dll]  [Cognizance Corporation, 1.18.0.305]
[C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll]  [Cognizance Corporation, 1.18.0.111]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\btncopy.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA]  [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.1.0.0]
[C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4543]
[C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 8.0.0.2006102200]
[C:\WINDOWS\System32\DLA\DLASHX_W.DLL]  [Sonic Solutions, 5.20.07a]
[C:\WINDOWS\system32\DLAAPI_W.DLL]  [Sonic Solutions, 5.20.07a]
[C:\WINDOWS\System32\DLA\DLACResW.dll]  [Sonic Solutions, 5.20.07a]
[C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll]  [Infineon Technologies AG, 1.01.069]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 2088 / Administrateur][C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe]  [Hewlett-Packard Co., 50.0.146.000]
[PID: 2116 / Administrateur][C:\WINDOWS\System32\DLA\DLACTRLW.EXE]  [Sonic Solutions, 5.20.07a]
[C:\WINDOWS\system32\DLAAPI_W.DLL]  [Sonic Solutions, 5.20.07a]
[C:\WINDOWS\System32\DLA\DLACResW.dll]  [Sonic Solutions, 5.20.07a]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 2288 / Administrateur][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 8.2.16.4 03Mar06]
[C:\WINDOWS\system32\SynCOM.dll]  [Synaptics, Inc., 8.2.16.4 03Mar06]
[C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 8.2.16.4 03Mar06]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 1704 / Administrateur][C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe]  [Hewlett-Packard Development Company, L.P., 2, 0, 5, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 2412 / Administrateur][C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe]  [ Hewlett-Packard Development Company, L.P., 6, 0, 5, 1]
[C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll]  [Hewlett-Packard Development Company, L.P., 6, 0, 5, 1]
[C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll]  [Hewlett-Packard Company, 6, 0, 5, 1]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[PID: 700 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2528 / Administrateur][C:\WINDOWS\SMINST\Scheduler.exe]  [, 1, 0, 3, 6]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 2596 / Administrateur][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 6, 0, 0, 20]
[C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 6, 0, 4200, 014]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2972 / Administrateur][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4543]
[PID: 3088 / Administrateur][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4543]
[PID: 3092 / Administrateur][C:\WINDOWS\system32\igfxpers.exe]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4543]
[PID: 2352 / Administrateur][C:\WINDOWS\system32\igfxsrvc.exe]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4543]
[C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.4543]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 3416 / Administrateur][C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.10.6]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\Java\jre1.6.0_01\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 3544 / Administrateur][C:\Program Files\Picasa2\PicasaMediaDetector.exe]  [Google Inc., 2.7.36.60]
[PID: 4044 / Administrateur][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1472 / Administrateur][C:\Program Files\Windows Media Player\WMPNSCFG.exe]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Windows Media Player\wmpnssci.dll]  [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[PID: 2076 / Administrateur][C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\wbtapi.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btosif.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btwhidcs.DLL]  [Broadcom Corporation., 4.0.1.3300]
[C:\Program Files\WIDCOMM\Logiciel Bluetooth\BtBalloon.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\btrez.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\CSH.dll]  [Blue Sky Software Corporation, 2.00.039]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\WIDCOMM\Logiciel Bluetooth\btkeyind.dll]  [N/A, ]
[PID: 2436 / Administrateur][C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE]  [, 1, 0, 0, 7]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[PID: 2396 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3724 / Administrateur][C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btins.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btosif.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\BtAudioHelper.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btrez.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\CSH.dll]  [Blue Sky Software Corporation, 2.00.039]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3252 / Administrateur][C:\Program Files\BitLord\BitLord.exe]  [www.BitLord.com, 1.1.]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.0.119]
[PID: 3020 / Administrateur][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.8.1.5: 2007071317]
[C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll]  [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll]  [Mozilla Foundation, 1.8.1.5: 2007071317]
[C:\Program Files\Mozilla Firefox\plc4.dll]  [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\plds4.dll]  [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll]  [Mozilla Foundation, 1.8.1.5: 2007071317]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Mozilla Firefox\components\myspell.dll]  [Mozilla Foundation, 1.8.1.5: 2007071317]
[C:\Program Files\Mozilla Firefox\components\jar50.dll]  [Mozilla Foundation, 1.8.1.5: 2007071317]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.64]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll]  [Mozilla Foundation, 1.8.1.5: 2007071317]
[C:\Program Files\WIDCOMM\Logiciel Bluetooth\btkeyind.dll]  [N/A, ]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\HPQ\IAM\Bin\SFSShell.dll]  [Cognizance Corporation, 1.21.0.143]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\HPQ\IAM\bin\ItMsg.dll]  [Cognizance Corporation, 1.18.0.305]
[C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll]  [Cognizance Corporation, 1.18.0.111]
[PID: 424 / Administrateur][C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE]  [Microsoft Corporation, 11.0.5510]
[C:\PROGRA~1\MICROS~2\OFFICE11\OUTLLIB.dll]  [Microsoft Corporation, 11.0.5608]
[C:\Program Files\Fichiers communs\Microsoft Shared\office11\mso.dll]  [Microsoft Corporation, 11.0.5606]
[C:\PROGRA~1\MICROS~2\OFFICE11\1036\outllibr.dll]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Fichiers communs\System\MSMAPI\1036\msmapi32.dll]  [Microsoft Corporation, 11.0.5601]
[C:\Program Files\Fichiers communs\System\MSMAPI\1036\mapi32.dll]  [Microsoft Corporation, 1.0.2536.0]
[C:\Program Files\Fichiers communs\SYSTEM\MSMAPI\1036\MAPIR.DLL]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Fichiers communs\SYSTEM\MSMAPI\1036\contab32.dll]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\mcou.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\mapiedk.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Fichiers communs\SYSTEM\MSMAPI\1036\mspst32.dll]  [Microsoft Corporation, 11.0.5604]
[C:\Program Files\Fichiers communs\Microsoft Shared\office11\riched20.dll]  [Microsoft Corporation, 5.50.30.2002]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\Microsoft Office\OFFICE11\1036\outlwvw.dll]  [Microsoft Corporation, 11.0.5510]
[C:\PROGRA~1\MICROS~2\OFFICE11\OUTLRPC.dll]  [Microsoft Corporation, 11.0.5510]
[C:\PROGRA~1\MICROS~2\OFFICE11\exsec32.dll]  [Microsoft Corporation, 11.0.5523]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\mailmsg.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\hashmd5.ppl]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\btsendto_office.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btosif.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btsendto.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\WidcommSdk.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\wbtapi.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btosif_ol.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\CSH.dll]  [Blue Sky Software Corporation, 2.00.039]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\mcouas.dll]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\winreg.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\trainsup.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\mdb.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\msoe.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\thpimpl.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\FSSync.dll]  [Kaspersky Lab, 7.0.5.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\basegui.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\nfio.ppl]  [Kaspersky Lab, 7.0.0.119]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\fsdrvplg.ppl]  [Kaspersky Lab, 7.0.0.119]
[C:\PROGRA~1\MICROS~2\OFFICE11\OUTLCTL.DLL]  [, ]
[C:\Program Files\Microsoft Office\OFFICE11\outlph.dll]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Microsoft Office\OFFICE11\SENDTO.DLL]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\PROGRA~1\MICROS~2\OFFICE11\msostyle.dll]  [Microsoft Corporation, 11.0.5510]
[C:\PROGRA~1\MICROS~2\OFFICE11\OUTLMIME.DLL]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Microsoft Office\OFFICE11\RTFHTML.DLL]  [Microsoft Corporation, 11.0.5515]
[c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.0.119]
[PID: 3692 / Administrateur][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE]  [Microsoft Corporation, 11.0.5604]
[C:\Program Files\Fichiers communs\Microsoft Shared\office11\mso.dll]  [Microsoft Corporation, 11.0.5606]
[C:\Program Files\Fichiers communs\Microsoft Shared\office11\riched20.dll]  [Microsoft Corporation, 5.50.30.2002]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\btsendto_office.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btosif.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\btsendto.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\WidcommSdk.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\WINDOWS\system32\wbtapi.dll]  [Broadcom Corporation., 4.0.1.3300]
[C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\MSSP3FR.DLL]  [SYNAPSE Développement, Toulouse (France), 1, 7, 2, 28]
[C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\mslid.dll]  [Microsoft Corporation, 1.0.2305]
[C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\1036\MSGR3FR.DLL]  [Microsoft Corporation, 3.1.2303]
[C:\WINDOWS\system32\CSH.dll]  [Blue Sky Software Corporation, 2.00.039]
[C:\Program Files\HPQ\IAM\Bin\SFSShell.dll]  [Cognizance Corporation, 1.21.0.143]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\HPQ\IAM\bin\ItMsg.dll]  [Cognizance Corporation, 1.18.0.305]
[C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll]  [Cognizance Corporation, 1.18.0.111]
[C:\Program Files\Microsoft Office\OFFICE11\SENDTO.DLL]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Microsoft Office\OFFICE11\ENVELOPE.DLL]  [Microsoft Corporation, 11.0.5530]
[C:\Program Files\Microsoft Office\OFFICE11\1036\envelopr.dll]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Fichiers communs\Microsoft Shared\office11\usp10.DLL]  [Microsoft Corporation, 1.0471.4030.0 (main.030626-1414)]
[C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\METCONV.DLL]  [Microsoft Corporation, 11.0.5117]
[C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\INTLNAME.DLL]  [Microsoft Corporation, 11.0.5315]
[C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\FNAME.DLL]  [Microsoft Corporation, 11.0.5510]
[C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\1036\stintl.dll]  [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL]  [Microsoft Corporation, 5.2.3790.120 (srv03_qfe.031205-1652)]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL]  [Microsoft Corporation, 5.2.3790.184 (srv03_qfe.040410-1236)]
[PID: 2956 / Administrateur][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
[C:\Program Files\HPQ\IAM\Bin\SFSShell.dll]  [Cognizance Corporation, 1.21.0.143]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\HPQ\IAM\bin\ItMsg.dll]  [Cognizance Corporation, 1.18.0.305]
[C:\Program Files\HPQ\IAM\bin\1036\SFSShell.dll]  [Cognizance Corporation, 1.18.0.111]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll]  [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\system32\wpdshext.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[PID: 996 / Administrateur][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.250\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16473 (vista_gdr.070420-1500)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.250\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.0.119]
[C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.0.119]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
[E:\]
[autorun]
OPEN=setupSNK.exe
ICON=\SMRTNTKY\fcw.ico
ACTION=Assistant Réseau sans fil

==================================
HOSTS File
127.0.0.1  localhost

==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1136, C:\PROGRAM FILES\WIDCOMM\LOGICIEL BLUETOOTH\BIN\BTWDINS.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 172, C:\PROGRAM FILES\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2308, C:\PROGRAM FILES\HPQ\IAM\BIN\ASGHOST.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2088, C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2116, C:\WINDOWS\SYSTEM32\DLA\DLACTRLW.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1704, C:\PROGRAM FILES\HPQ\HP WIRELESS ASSISTANT\HP WIRELESS ASSISTANT.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2412, C:\PROGRAM FILES\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\QLBCTRL.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2528, C:\WINDOWS\SMINST\SCHEDULER.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2076, C:\PROGRAM FILES\WIDCOMM\LOGICIEL BLUETOOTH\BTTRAY.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2436, C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3724, C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3252, C:\PROGRAM FILES\BITLORD\BITLORD.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2956, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
RVA Error:  LoadLibraryA (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  LoadLibraryExA (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  LoadLibraryExW (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  LoadLibraryW (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA Error:  GetProcAddress (Dangerous Level: High,  Hooked by Module: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
Hidden Process
N/A

==================================

Thanos · le 23 juillet 2007

salut

Le rapport que tu postes ne montre qu'une trace de l'infection vundo.

J'ai l'impression qu'un des programmes de sécurité empêche les modifications dans la base de registre.

J'aimerai stp que tu fasses les étapes suivantes mais en mode sans échec >

1) Redémarre le PC, impérativement en mode sans échec,(au démarrage, tapoter immédiatement la touche F8,puis apparaitra un écran avec choix de démarrages : choisir "Mode sans échec" avec les flèches du clavier, puis valider avec "Entrée".

Choisir le compte usuel (et non Administrateur).

2) Lance hijackthis et coche les lignes 017 qui commencent par l'adresse 85.255... comme précédemment.

3) Lance FixWareOut comme précédemment puis une fois le scan terminé, accepte le redémarrage du pc.

En mode sans échec, il arrive parfois que l'on ne puisse pas voir tous les éléments du bureau : si c'est le cas, tu peux trouver FixWareOut.exe en passant par c:\Documents and Settings\Administrateur\Bureau

4) Le pc a redémarré, fais le scan en ligne suivant >

Fais un scan en ligne avec Panda :

http://www.pandasoftware.fr/Activescan/Activescan.html .

Et poste le rapport qu'il t'affichera à la fin, pour cela, assure toi que IE est correctement configuré pour le scan en ligne comme indiqué ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId898809 .

Si tu n'y arrives pas, le tuto est : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId237368

Tu n'es pas obligé de donner ton email, tu peux utiliser une adresse jetable si tu le souhaites : http://www.jetable.org/fr/index

Poste stp les rapports générés et dis moi si ces lignes 017 sont encore présentes.

Modifié le 23 juillet 2007 par charles ingals

number05 · le 23 juillet 2007

désolé charles, mais le problème persiste toujours.

number05 · le 23 juillet 2007

rapport fix ware out:

Username "Administrateur" - 2007-07-23 17:08:10 [Fixwareout edited 2007/07/05]

»»»»»Prerun check

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561}

"DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F16BD61-6270-4C3F-BF6E-797751A4F020}

"DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared.

System was rebooted successfully.

»»»»» Postrun check

HKLM\SOFTWARE\~\Winlogon\ "System"=""

....

»»»»» Misc files.

....

»»»»» Checking for older varients.

....

»»»»» Current runs (hklm hkcu "run" Keys Only)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

"MsmqIntCert"="regsvr32 /s mqrt.dll"

"SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray"

"PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start"

"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"

"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"

"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"

"CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule"

"QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\

74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\

68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\

61,72,74,00

"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"

"Recguard"="C:\\WINDOWS\\Sminst\\Recguard.exe"

"Reminder"="C:\\WINDOWS\\Creator\\Remind_XP.exe"

"Scheduler"="C:\\WINDOWS\\SMINST\\Scheduler.exe"

"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"

"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 7.0\\avp.exe\""

"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"

"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"

"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"

"igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe"

"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

....

Hosts file was reset, If you use a custom hosts file please replace it

rapport fix ware out:

Username "Administrateur" - 2007-07-23 17:08:10 [Fixwareout edited 2007/07/05]

»»»»»Prerun check

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{198BD5FF-5FB2-4AF7-8432-231E6EC0D561}

"DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F16BD61-6270-4C3F-BF6E-797751A4F020}

"DhcpNameServer"="85.255.116.66,85.255.112.80" <Value cleared.

System was rebooted successfully.

»»»»» Postrun check

HKLM\SOFTWARE\~\Winlogon\ "System"=""

....

»»»»» Misc files.

....

»»»»» Checking for older varients.

....

»»»»» Current runs (hklm hkcu "run" Keys Only)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

"MsmqIntCert"="regsvr32 /s mqrt.dll"

"SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray"

"PTHOSTTR"="C:\\Program Files\\HPQ\\HP ProtectTools Security Manager\\PTHOSTTR.EXE /Start"

"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"

"DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"

"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"

"CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule"

"QlbCtrl"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,48,65,77,6c,65,\

74,74,2d,50,61,63,6b,61,72,64,5c,48,50,20,51,75,69,63,6b,20,4c,61,75,6e,63,\

68,20,42,75,74,74,6f,6e,73,5c,51,6c,62,43,74,72,6c,2e,65,78,65,20,2f,53,74,\

61,72,74,00

"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"

"Recguard"="C:\\WINDOWS\\Sminst\\Recguard.exe"

"Reminder"="C:\\WINDOWS\\Creator\\Remind_XP.exe"

"Scheduler"="C:\\WINDOWS\\SMINST\\Scheduler.exe"

"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"

"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 7.0\\avp.exe\""

"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"

"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"

"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"

"igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe"

"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

....

Hosts file was reset, If you use a custom hosts file please replace it

Thanos · le 23 juillet 2007

salut

Est ce que tu as essayé de modifier les paramètres de la connexion comme indiqué plus haut ? Si ce n'est pas déjà fait, effectue les manipulations puis redémarre le pc >

Passe par Démarrer \ Connexions\ Afficher toutes les connexions.
Dans la fenêtre qui s'ouvre, repère ta connexion active , clique avec le bouton droit de ta souris sur son icône et choisis "Propriétés"
Dans la fenêtre qui vient de s'ouvrir , sous le champs "Cette connexion utilise les éléments suivants"
sélectionne "Protocole Internet( TCP/IP)" et clique sur le bouton "Propriétés".
La fenêtre qui vient de s'ouvrir est divisée en deux parties: dans la seconde partie, coche le bouton suivant: Obtenir les adresses des Serveurs DNS automatiquement .
Clique sur "OK" deux fois pour valider. Quitte les Connexions réseaux puis redémarre ton pc.

Poste moi un nouveau rapport hijackthis comme ceci stp >

Lance HijackThis.

Clique sur Open Misc Tools Section

Assure toi que les deux cases de droite sont bien cochées:

* List all minor sections(Full)

* List Empty Sections(Complete)

Clique sur Generate StartupList Log

Click sur "oui" lorsque l'on te le demande.

Cela va générer un rapport,copie le et poste le ici

Poste le rapport du scan en ligne stp .

J'aimerai aussi que tu me poste le contenu de ce fichier > C:\dnsbak.reg

Ne double clique pas dessus pour l'ouvrir!! Fais un clic droit sur ce fichier et dans la liste qui se déroule, choisis Modifier > un fichier texte va s'ouvrir, poste en le contenu puis ferme le.

Modifié le 24 juillet 2007 par charles ingals

number05 · le 24 juillet 2007

Bonjour charles,

je viens de refaire la manip' et ça ne donne rien!!

ci dessous le rapport HijackThis

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 15:55:01, on 24/07/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\Program Files\HPQ\IAM\bin\asghost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE

C:\WINDOWS\SMINST\Scheduler.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Downloads\number05.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe

O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe

O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe

O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80

O17 - HKLM\System\CCS\Services\Tcpip\..\{7F16BD61-6270-4C3F-BF6E-797751A4F020}: NameServer = 85.255.116.66,85.255.112.80

O17 - HKLM\System\CCS\Services\Tcpip\..\{B9525F88-4CD4-4AD2-80DE-0F6F8D698DFE}: NameServer = 85.255.116.66,85.255.112.80

O17 - HKLM\System\CCS\Services\Tcpip\..\{D91300FA-E7D6-495C-BE9D-7CF6A26FD158}: NameServer = 85.255.116.66,85.255.112.80

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80

O17 - HKLM\System\CS1\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80

O17 - HKLM\System\CS2\Services\Tcpip\..\{081CA721-E843-44FB-9D21-36A79FA85DE8}: NameServer = 85.255.116.66,85.255.112.80

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.66 85.255.112.80

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll

O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe

O23 - Service: PC Angel (PCA) - Unknown owner - C:\WINDOWS\TEMP\UPDATE\SMINST\PCAngel.exe (file missing)

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/03/clip_image002.gif

O24 - Desktop Component 1: (no name) - http://www.atlas-grup.com/yukle/resim/wresim%205.jpg

--

End of file - 11937 bytes

Thanos · le 24 juillet 2007

salut

Tu n'as pas pris le temps de lire!! >

Poste moi un nouveau rapport hijackthis comme ceci stp >

Lance HijackThis.

Clique sur Open Misc Tools Section

Assure toi que les deux cases de droite sont bien cochées:

* List all minor sections(Full)

* List Empty Sections(Complete)

Clique sur Generate StartupList Log

Click sur "oui" lorsque l'on te le demande.

Cela va générer un rapport,copie le et poste le ici

Poste le rapport du scan en ligne stp .

J'aimerai aussi que tu me poste le contenu de ce fichier > C:\dnsbak.reg

Ne double clique pas dessus pour l'ouvrir!! Fais un clic droit sur ce fichier et dans la liste qui se déroule, choisis Modifier > un fichier texte va s'ouvrir, poste en le contenu puis ferme le.

poste ces deux rapports stp ca va me permettre de voir certains éléments du registre

number05 · le 26 juillet 2007

bonjour charles,

voici le contenu de ce que tu m'as demandé de faire.

StartupList report, 26/07/2007, 10:53:08

StartupList version: 1.52.2

Started from : C:\Downloads\number05.EXE

Detected: Windows XP SP2 (WinNT 5.01.2600)

Detected: Internet Explorer v7.00 (7.00.6000.16473)

* Using default options

==================================================

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HPQ\IAM\bin\asghost.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\WINDOWS\SMINST\Scheduler.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\Program Files\BitLord\BitLord.exe

C:\Downloads\number05.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:

[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]

BTTray.lnk = ?

DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

MsmqIntCert = regsvr32 /s mqrt.dll

SoundMAX = C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray

PTHOSTTR = C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start

HP Software Update = C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

DLA = C:\WINDOWS\System32\DLA\DLACTRLW.EXE

SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

hpWirelessAssistant = C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

CognizanceTS = rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule

Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe

Recguard = C:\WINDOWS\Sminst\Recguard.exe

Reminder = C:\WINDOWS\Creator\Remind_XP.exe

Scheduler = C:\WINDOWS\SMINST\Scheduler.exe

WatchDog = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

AVP = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"

SoundMAXPnP = C:\Program Files\Analog Devices\Core\smax4pnp.exe

igfxtray = C:\WINDOWS\system32\igfxtray.exe

igfxhkcmd = C:\WINDOWS\system32\hkcmd.exe

igfxpers = C:\WINDOWS\system32\igfxpers.exe

Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe

SunJavaUpdateSched = C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

Picasa Media Detector = C:\Program Files\Picasa2\PicasaMediaDetector.exe

--------------------------------------------------

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe

swg = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe

--------------------------------------------------

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[optionalcomponents]

=

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*

run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*

HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*

HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*

HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*

HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*

HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*

HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*

HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*

HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*

SCRNSAVE.EXE=*INI section not found*

drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe

SCRNSAVE.EXE=C:\WINDOWS\system32\scrnsave.scr

drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*

HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

(no name) - C:\WINDOWS\System32\DLA\DLASHX_W.DLL - {5CA3D70E-1895-11CF-8E15-001234567890}

(no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

HP Credential Manager for ProtectTools - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll - {DF21F1DB-80C6-11D3-9483-B03D0EC10000}

--------------------------------------------------

Enumerating Download Program Files:

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]

CODEBASE = http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab

[ActiveScan Installer Class]

InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll

CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll

CDBurn: C:\WINDOWS\system32\SHELL32.dll

WebCheck: C:\WINDOWS\system32\webcheck.dll

SysTray: C:\WINDOWS\system32\stobject.dll

WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------

End of report, 8 656 bytes

Report generated in 0,312 seconds

Command line options:

/verbose - to add additional info on each section

/complete - to include empty sections and unsuspicious data

/full - to include several rarely-important sections

/force9x - to include Win9x-only startups even if running on WinNT

/forcent - to include WinNT-only startups even if running on Win9x

/forceall - to include all Win9x and WinNT startups, regardless of platform

/history - to list version history only

Hi jack This:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 10:55:06, on 26/07/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HPQ\IAM\bin\asghost.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\WINDOWS\SMINST\Scheduler.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\Program Files\BitLord\BitLord.exe

C:\Downloads\number05.exe

C:\WINDOWS\system32\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hosts