Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[resolu]attaque en force dans le windows/system 32

doc charly

Par doc charly
dans Analyses et éradication malwares

 Partager

Messages recommandés

doc charly Member

doc charly

Posté(e)
  • Auteur
Posté(e)

voili, voilà le rapport demandé :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:32:27, on 20/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\System32\00THotkey.exe

C:\Program Files\wifi\WG511v210\Utility\WG511WLU.exe

C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE

C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe

C:\Program Files\DNA\btdna.exe

C:\Program Files\Startup Faster\sfAgent.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\TFNF5.exe

C:\WINDOWS\system32\TPWRTRAY.EXE

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe

C:\WINDOWS\system32\TDispVol.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\TOSHIBA\TouchED\TouchED.Exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\scan.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - D:\Dragon_Naturally_speaking_Preferred_XP_FR\Program\web_ie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [startupFaster] "C:\Program Files\Startup Faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: StartupFaster

O4 - Global Startup: StartupFaster

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: Yahoo! Backgammon - http://download2.games.yahoo.com/games/clients/y/at1_x.cab

O16 - DPF: Yahoo! Dominoes - http://download2.games.yahoo.com/games/clients/y/dot9_x.cab

O16 - DPF: Yahoo! Pyramids - http://download2.games.yahoo.com/games/clients/y/pyt1_x.cab

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/importer/MypixUploader.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199619111384

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.photostation.fr/aurigma/ImageUploader4.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...383/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{02F7DEAF-AEFB-4EF2-9C17-16F592ABB12B}: NameServer = 217.19.48.80

O17 - HKLM\System\CS1\Services\Tcpip\..\{02F7DEAF-AEFB-4EF2-9C17-16F592ABB12B}: NameServer = 217.19.48.80

O20 - AppInit_DLLs: hqnlyu.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - D:\IPod\bin\iPodService.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe

 

--

End of file - 8714 bytes

doc charly Member

doc charly

Posté(e)
  • Auteur
Posté(e)

bon j'ai viré ad aware pour mwb, keseko d'avast, tu me proposes un autre programme ? en freeware si possible

j'avais dejà CCleaner et spybot

un autres truc à mettre en route ?

 

merci de tes conseils

Le sioux Full Patch Member

Le sioux

Posté(e)
Posté(e)

Bonsoir doc charly

 

bon j'ai viré ad aware pour mwb, keseko d'avast, tu me proposes un autre programme ? en freeware si possible

 

Bien joué :P

 

* A propos d'avast! :

 

Sache qu'avec avast!, tu n es pas très bien protégé: il te l'a prouvé ...

 

Comparatif avast! VS Antivir : http://forum.malekal.com/ftopic3528.php

 

Si tu es d accord et que tu te décides à installer Antivir (plus efficace, plus léger, mais en anglais simple à utiliser et très prochainement en français !) , il va te falloir désinstaller avast! d abord, je t indiquerai comment procéder dans un prochain poste. :P

 

* Bon, sinon, toujours présence de cette ligne : O20 - AppInit_DLLs: hqnlyu.dll

On pourra essayer de la fixer/corriger via HijackThis en mode sans échec, mais auparavant, on va regarder de plus prêt au cas où autre chose empêcherait sa suppression :

 

Télécharge System Repair Engineer - SREng de Smallfrogs sur ton Bureau.

  • Extrais tout son contenu sur ton Bureau(Clic droit sur le fichier .zip >> "Extraire tout...")
  • Du dossier sreng2 qui se trouve maintenant sur ton Bureau, double-clique sur SREngPS.exe afin de lancer l'outil
  • Clique sur Smart Scan
  • Ensuite, clique sur le bouton [scan]. L'analyse durera quelques instants.
  • Lorsque le scan est terminé, clique sur le bouton [save Reports]
  • Sauvegarde le rapport sur ton Bureau.

--> Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse, s'il te plaît.

 

@ suivre

doc charly Member

doc charly

Posté(e)
  • Auteur
Posté(e)

salut le sioux, je te rebalances un truc indigeste pour le petit déjeuner :

 

2008-09-21,10:41:26

System Repair Engineer 2.6.12.1018
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<StartupFaster><"C:\Program Files\Startup Faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><hqnlyu.dll>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
Startup Folders
N/A

==================================
Services
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
 <"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
 <"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[Gestion d'applications / AppMgmt][Stopped/Manual Start]
 <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
 <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
 <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
 <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
 <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
 <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## / Bonjour Service][Running/Auto Start]
 <"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Computer, Inc.>
[Canon Camera Access Library 8 / CCALib8][Running/Auto Start]
 <C:\Program Files\Canon\CAL\CALMAIN.exe><Canon Inc.>
[DVD-RAM_Service / DVD-RAM_Service][Running/Auto Start]
 <C:\WINDOWS\system32\DVDRAMSV.exe><Matsushita Electric Industrial Co., Ltd.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
 <"C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Google Updater Service / gusvc][Stopped/Manual Start]
 <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
 <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
 <"C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Service de l'iPod / iPod Service][Stopped/Manual Start]
 <D:\IPod\bin\iPodService.exe><(File is missing)>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
 <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Tmesbs32 / Tmesbs][Running/Auto Start]
 <"C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe" /Service><TOSHIBA Corporation>

==================================
Drivers
[Service d'installation du pilote audio Intel(r) 82801 (WDM) / ac97intc][Stopped/Manual Start]
 <system32\drivers\ac97intc.sys><Intel Corporation>
[Ad-Watch Connect Kernel Filter / Ad-Watch Connect Filter][Stopped/Manual Start]
 <\??\C:\WINDOWS\system32\drivers\NSDriver.sys><N/A>
[Atheros AR5001 Wireless Network Adapter Service / AR5211][Stopped/Manual Start]
 <System32\DRIVERS\ar5211.sys><Atheros Communications, Inc.>
[aswFsBlk / aswFsBlk][Running/Auto Start]
 <system32\DRIVERS\aswFsBlk.sys><ALWIL Software>
[aswRdr / aswRdr][Running/Manual Start]
 <\??\C:\WINDOWS\system32\drivers\aswRdr.sys><ALWIL Software>
[AWINDIS5 Protocol Driver / AWINDIS5][Running/Manual Start]
 <\??\C:\WINDOWS\system32\AWINDIS5.SYS><AMBIT Microsystems Corporation.>
[axsaki / axsaki][Running/Manual Start]
 <System32\DRIVERS\axsaki.sys><>
[axskbus / axskbus][Running/Manual Start]
 <System32\DRIVERS\axskbus.sys><>
[Belarc SMBios Access / BANTExt][Running/System Start]
 <\SystemRoot\System32\Drivers\BANTExt.sys><N/A>
[catchme / catchme][Stopped/Manual Start]
 <\??\C:\ComboFix\catchme.sys><N/A>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
 <System32\DRIVERS\e100b325.sys><Intel Corporation>
[Carte réseau virtuelle FreeBox USB / fbxusb][Stopped/Manual Start]
 <system32\DRIVERS\fbxusb32.sys><FreeBox SA>
[GEAR CDRom Filter / GEARAspiWDM][Running/Manual Start]
 <SYSTEM32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.>
[Logitech SetPoint HID Mouse Filter Driver / LHidKe][Running/Manual Start]
 <system32\DRIVERS\LHidKE.Sys><Logitech, Inc.>
[Logitech SetPoint USB Receiver device driver / LHidUsbK][Running/Manual Start]
 <System32\Drivers\LHidUsbK.Sys><Logitech, Inc.>
[Logitech SetPoint Mouse Filter Driver / LMouKE][Running/Manual Start]
 <system32\DRIVERS\LMouKE.Sys><Logitech, Inc.>
[Driver for MagicISO SCSI Host Controller / mcdbus][Stopped/Manual Start]
 <system32\DRIVERS\mcdbus.sys><N/A>
[meiudf / meiudf][Running/System Start]
 <System32\Drivers\meiudf.sys><Matsushita Electric Industrial Co.,Ltd.>
[nv / nv][Running/Manual Start]
 <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[pciSd / pciSd][Stopped/Manual Start]
 <System32\DRIVERS\tossdpci.sys><TOSHIBA>
[NETGEAR WG511 Wireless LAN Driver / PRISM_ICB][Running/Manual Start]
 <System32\DRIVERS\WG511ICB.sys><GlobespanVirata, Inc.>
[StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
 <\SystemRoot\System32\drivers\prodrv06.sys><StarForce Technologies, Inc.>
[StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
 <\SystemRoot\System32\drivers\prohlp02.sys><StarForce Technologies, Inc.>
[StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start]
 <\SystemRoot\System32\drivers\prosync1.sys><StarForce Technologies, Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
 <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
 <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Running/Auto Start]
 <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
 <\SystemRoot\System32\drivers\sfhlp01.sys><StarForce Technologies, Inc.>
[SMC IrCC Miniport Device Driver / SMCIRDA][Running/Manual Start]
 <System32\DRIVERS\smcirda.sys><SMC>
[ColorVision Spyder2 / Spyder2][Stopped/Manual Start]
 <system32\DRIVERS\Spyder2.sys><>
[Spy Emergency Driver / SpyEmrg][Stopped/System Start]
 <System32\Drivers\spyemrg.sys><N/A>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
 <System32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[D-Link WLAN USB Boot Device / TIAcxubt][Stopped/Manual Start]
 <System32\Drivers\tiacxubt.sys><Texas Instruments>
[D-Link AirPlus DWL-120+ Wireless USB Adapter / TIACXUSB][Stopped/Manual Start]
 <System32\Drivers\tiacxusb.sys><D-Link>
[TOSHIBA Software Modem / TOSHIBASoftModem][Running/Manual Start]
 <System32\DRIVERS\LTSM.sys><LT>
[Bluetooth Port Driver from Toshiba / tosporte][Running/Manual Start]
 <System32\DRIVERS\tosporte.sys><TOSHIBA Corporation>
[Bluetooth RFBUS from TOSHIBA / Tosrfbd][Stopped/Manual Start]
 <System32\Drivers\tosrfbd.sys><TOSHIBA CORPORATION>
[Bluetooth RFCOMM from TOSHIBA / Tosrfcom][Running/System Start]
 <System32\Drivers\tosrfcom.sys><TOSHIBA Corporation>
[Bluetooth ACPI from TOSHIBA / tosrfec][Running/Manual Start]
 <System32\DRIVERS\tosrfec.sys><TOSHIBA Corporation>
[Bluetooth RFHID from TOSHIBA / Tosrfhid][Stopped/Manual Start]
 <System32\DRIVERS\Tosrfhid.sys><TOSHIBA Corporation.>
[Bluetooth USB Controller / Tosrfusb][Stopped/Manual Start]
 <System32\Drivers\tosrfusb.sys><TOSHIBA CORPORATION>
[TOSHIBA SD Card Host Controller Driver / tsdhd][Running/Manual Start]
 <System32\DRIVERS\tsdhd.sys><TOSHIBA Corporation>
[Toshiba ACPI-Based Value Added Logical Device Driver / TVALD][Running/Boot Start]
 <\SystemRoot\System32\DRIVERS\TVALD.SYS><Toshiba Corporation>
[Toshiba ACPI-Based Value Added Logical Device Extension Driver / TVALDX][Running/Boot Start]
 <\SystemRoot\System32\DRIVERS\TVALDX.SYS><Toshiba Corporation>
[Toshiba Value Added Logical and General Purpose Device Driver / TVALG][Running/Boot Start]
 <\SystemRoot\System32\DRIVERS\TVALG.SYS><TOSHIBA Corporation>
[YAMAHA AC-XG Audio Device / WDM_YAMAHAAC97][Running/Manual Start]
 <system32\drivers\yacxgc.sys><YAMAHA CORPORATION>

==================================
Browser Add-ons
[]
 {243B17DE-77C7-46BF-B94B-0B5F309A0E64} <C:\Program Files\Microsoft Money\System\mnyside.dll, Microsoft Corporation>
[DgnWebIE]
 {2843DAC1-05EF-11D2-95BA-0060083493D6} <D:\Dragon_Naturally_speaking_Preferred_XP_FR\Program\web_ie.dll, Dragon Systems>
[Spybot-S&D IE Protection]
 {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, (Signed) Safer Networking Limited>
[Google Toolbar Helper]
 {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[]
 {85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
[Spybot-S&D IE Protection]
 {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, (Signed) Safer Networking Limited>
[]
 {E023F504-0C5A-4750-A1E7-A9046DEA8A21} <C:\Program Files\Microsoft Money\System\mnyside.dll, Microsoft Corporation>
[Messenger]
 {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[&Google]
 {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[Image Uploader 3.0 Control]
 {1F83CD9E-505E-4F87-BECE-0832A763E36F} <C:\WINDOWS\Downloaded Program Files\MypixUploader.ocx, (Signed) Fotovista SA>
[BDSCANONLINE Control]
 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\oscan8.ocx, SOFTWIN>
[MUWebControl Class]
 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
 {80DD2229-B8E4-4C77-B72F-F22972D723EA} <, >
[]
 {9F1C11AA-197B-4942-BA54-47A8489BB47F} <, >
[F-Secure Online Scanner 3.3]
 {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} <C:\WINDOWS\Downloaded Program Files\fscax.dll, F-Secure Corporation>
[Zylom Games Player]
 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} <C:\WINDOWS\Downloaded Program Files\zylomgamesplayer.dll, (Signed) Zylom Games>
[PB_Uploader Class]
 {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} <C:\WINDOWS\Downloaded Program Files\uploader_uni.ocx, Lateral Arts Limited>
[get_atlcom Class]
 {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} <C:\WINDOWS\Downloaded Program Files\gp.ocx, (Signed) NOS Microsystems Ltd.>
[Shockwave Flash Object]
 {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[Image Uploader Control]
 {EDFCB7CB-942C-4822-AF14-F0B687409848} <C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx, (Signed) Aurigma, Inc.>
[McFreeScan Class]
 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} <C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll, (Signed) McAfee, Inc.>
[]
 {00000000-0000-0000-0000-000000000000} <, >
[Microsoft Outlook 8.0 Object Library]
 {0006F033-0000-0000-C000-000000000046} <, >
[Microsoft Outlook]
 {0006F03A-0000-0000-C000-000000000046} <, >
[Google Script Object]
 {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[QuickTime Object]
 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Adobe PDF Reader Link Helper]
 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Web Browser Applet Control]
 {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[]
 {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <, >
[Shockwave ActiveX Control]
 {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Macromedia, Inc.>
[Windows Genuine Advantage Validation Tool]
 {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[]
 {1928D47B-892D-41BB-849B-9B36CA6540BF} <, >
[Windows Media Player]
 {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[&Google]
 {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[]
 {23BBF25F-58D4-4117-9459-FFC87611046C} <, >
[]
 {243B17DE-77C7-46BF-B94B-0B5F309A0E64} <C:\Program Files\Microsoft Money\System\mnyside.dll, Microsoft Corporation>
[HTML Document]
 {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[DgnWebIE]
 {2843DAC1-05EF-11D2-95BA-0060083493D6} <D:\Dragon_Naturally_speaking_Preferred_XP_FR\Program\web_ie.dll, Dragon Systems>
[XML DOM Document]
 {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
 {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
 {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <, >
[]
 {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <, >
[IETag Factory]
 {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[QuickTime Object]
 {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Microsoft Terminal Services Client Control (redist)]
 {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
 {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Spybot-S&D IE Protection]
 {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, (Signed) Safer Networking Limited>
[]
 {5BEE1A76-9B63-474D-B159-DAFF9A203AB1} <, >
[]
 {5D3DC08D-381D-42CE-8562-5F627626C2D9} <, >
[BDSCANONLINE Control]
 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\oscan8.ocx, SOFTWIN>
[]
 {6117669B-8C2D-41FA-A6D9-9E484B999CF0} <, >
[DAP Bar]
 {62999427-33FC-4BAF-9C9C-BCE6BD127F08} <C:\Program Files\internet\DAP\DAPIEBar.dll, N/A>
[WUWebControl Class]
 {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[]
 {669695BC-A811-4A9D-8CDF-BA8C795F261C} <, >
[Windows Media Player]
 {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
 {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
 {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[]
 {80DD2229-B8E4-4C77-B72F-F22972D723EA} <, >
[]
 {85D1F590-48F4-11D9-9669-0800200C9A66} <, >
[Microsoft Web Browser]
 {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 4.0]
 {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
 {88D969C1-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XSL Template 4.0]
 {88D969C3-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML HTTP 4.0]
 {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML DOM Document 6.0]
 {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 6.0]
 {88D96A06-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XSL Template 6.0]
 {88D96A08-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
 {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[]
 {8AD9C840-044E-11D1-B3E9-00805F499D93} <, >
[Microsoft Terminal Services Client Control (redist)]
 {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
 {96B631E1-A83B-4FE0-9F71-CD6655076269} <, >
[]
 {986C28D7-7DF4-48AA-8F79-31E29308A8CB} <, >
[Skype Detection Object]
 {9E385F0A-0BA2-430C-96AA-4399C5E40F6C} <, >
[Google Toolbar Helper]
 {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[RDS.DataSpace]
 {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[F-Secure Online Scanner 3.3]
 {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} <C:\WINDOWS\Downloaded Program Files\fscax.dll, F-Secure Corporation>
[Zylom Games Player]
 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} <C:\WINDOWS\Downloaded Program Files\zylomgamesplayer.dll, (Signed) Zylom Games>
[Adobe PDF Reader]
 {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[VIDEO__X_MS_ASF Moniker Class]
 {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
 {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[PB_Uploader Class]
 {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} <C:\WINDOWS\Downloaded Program Files\uploader_uni.ocx, Lateral Arts Limited>
[get_atlcom Class]
 {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} <C:\WINDOWS\Downloaded Program Files\gp.ocx, (Signed) NOS Microsystems Ltd.>
[Shockwave Flash Object]
 {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[iTunesDetector Class]
 {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} <D:\IPod\iTunes\ITDetector.ocx, (Signed) Apple Computer, Inc.>
[QuickTimeCheck Class]
 {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.>
[]
 {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <, >
[]
 {E023F504-0C5A-4750-A1E7-A9046DEA8A21} <, >
[]
 {E54BCA66-F468-48E9-8CAD-696DB6759A63} <, >
[WebViewFolderIcon Class]
 {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} <C:\WINDOWS\System32\webvw.dll, (Signed) Microsoft Corporation>
[XML HTTP Request]
 {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Image Uploader Control]
 {EDFCB7CB-942C-4822-AF14-F0B687409848} <C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx, (Signed) Aurigma, Inc.>
[]
 {EE503C07-4B3D-4EE6-B4EC-F4BA2D27DCF4} <, >
[McFreeScan Class]
 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} <C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll, (Signed) McAfee, Inc.>
[XML HTTP]
 {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
 {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[&Clean Traces]
 <C:\Program Files\internet\DAP\Privacy Package\dapcleanerie.htm, N/A>
[&Download with &DAP]
 <C:\Program Files\internet\DAP\dapextie.htm, N/A>
[Download &all with DAP]
 <C:\Program Files\internet\DAP\dapextie2.htm, N/A>

==================================
Running Processes
[PID: 560 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 632 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 660 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\WgaLogon.dll]  [Microsoft Corporation, 1.5.0540.0]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 704 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 716 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 872 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 940 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[PID: 1036 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\WINDOWS\system32\wups2.dll]  [Microsoft Corporation, 7.2.6001.784 (winmain_oob/wu_wsuswlc(wmbla).080718-1904)]
[PID: 1112 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1292 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID: 1736 / charly][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[C:\Program Files\Microsoft Money\System\mnyside.dll]  [Microsoft Corporation, 11.00.0716]
[C:\Program Files\Microsoft Money\System\misstub.dll]  [Microsoft Corporation, 11.00.0716]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll]  [Safer Networking Limited, 1, 6, 0, 12]
[C:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\system32\msdmo.dll]  [, ]
[C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll]  [Malwarebytes Corporation, 1, 1, 0, 0]
[C:\Program Files\compresseurs\WinAce111\win\arcext.dll]  [e-merge GmbH, 2.0.0.0]
[C:\Program Files\compresseurs\WinAce111\win\ace.dll]  [ACE Compression Software, 2.0.1.0]
[C:\PROGRA~1\internet\DAP\PRIVAC~1\DAPCTX~1.DLL]  [Speedbit Ltd., 8, 5, 0, 1]
[C:\Program Files\Alwil Software\Avast4\ashShell.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 1748 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 1808 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll]  [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResJs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[PID: 444 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\tbtmon.dll]  [Toshiba America Business Solutions, Inc., 1.14]
[C:\WINDOWS\system32\tbtmon98Language.dll]  [Toshiba, 1, 0, 0, 1]
[C:\WINDOWS\system32\TosBtAPI.dll]  [TOSHIBA CORPORATION., 2.03.3404a.0]
[C:\WINDOWS\system32\TosBdAPI.dll]  [TOSHIBA CORPORATION., 1, 0, 3, 0]
[C:\WINDOWS\system32\TosBtHcrpAPI.dll]  [N/A, ]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPDy2.DLL]  [CANON INC., 1.40.2.0]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[PID: 1960 / charly][C:\WINDOWS\system32\RAMASST.exe]  [Matsushita Electric Industrial Co., Ltd., 1, 0, 8, 0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 1972 / SYSTEM][C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe]  [Apple, Inc., 1, 14, 0, 0]
[PID: 1996 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe]  [Apple Computer, Inc., 1,0,3,1]
[PID: 1216 / SYSTEM][C:\WINDOWS\system32\DVDRAMSV.exe]  [Matsushita Electric Industrial Co., Ltd., 2, 0, 5, 0]
[PID: 536 / SYSTEM][C:\WINDOWS\System32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.01.4336]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 1008 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1180 / SYSTEM][C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe]  [TOSHIBA Corporation, 2, 1, 1, 11]
[C:\WINDOWS\system32\THCI.dll]  [Toshiba, 1.0.0.0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 1700 / SYSTEM][C:\Program Files\Canon\CAL\CALMAIN.exe]  [Canon Inc., 8, 1, 0, 14]
[PID: 1844 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll]  [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll]  [ALWIL Software, 4, 8, 1201, 0]
[C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Alwil Software\Avast4\French\langmai.dll]  [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 2028 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe]  [ALWIL Software, 4, 8, 1229, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll]  [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 2384 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 2484 / charly][C:\WINDOWS\System32\00THotkey.exe]  [TOSHIBA Corp., 1, 0, 0, 20]
[C:\WINDOWS\System32\Tdevdsp.dll]  [N/A, ]
[C:\WINDOWS\system32\TSCI.DLL]  [Toshiba, 1.0.0.0]
[C:\WINDOWS\system32\THCI.DLL]  [Toshiba, 1.0.0.0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2516 / charly][C:\Program Files\wifi\WG511v210\Utility\WG511WLU.exe]  [, 2, 9, 3, 1]
[C:\WINDOWS\system32\AW32N50.dll]  [AMBIT Microsystems Corporation., 5.00.13.50]
[C:\Program Files\wifi\WG511v210\Utility\UIResource.dll]  [, 2, 4, 1, 1]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[PID: 2528 / charly][C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE]  [TOSHIBA Corporation, 2, 1, 1, 11]
[C:\WINDOWS\system32\THCI.dll]  [Toshiba, 1.0.0.0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 2556 / charly][C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe]  [Synaptics, Inc, 2.1.4 21Apr03]
[PID: 3316 / charly][C:\Program Files\DNA\btdna.exe]  [BitTorrent, Inc., 2.0.2.12223]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[PID: 3352 / charly][C:\Program Files\Startup Faster\sfAgent.exe]  [URSoft,Inc, 3.0.4]
[C:\Program Files\Startup Faster\rtl70.bpl]  [Borland Software Corporation, 7.0.8.1]
[C:\Program Files\Startup Faster\vcl70.bpl]  [Borland Software Corporation, 7.0.8.1]
[C:\Program Files\Startup Faster\vclx70.bpl]  [Borland Software Corporation, 7.0.4.453]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 3512 / charly][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll]  [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll]  [ALWIL Software, 4, 8, 1201, 0]
[C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[c:\program files\alwil software\avast4\ahruimai.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll]  [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimes.dll]  [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruins.dll]  [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruiout.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MAPI32.dll]  [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
[c:\program files\alwil software\avast4\ahruip2p.dll]  [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruistd.dll]  [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruiws.dll]  [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruijs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 3696 / charly][C:\WINDOWS\system32\TFNF5.exe]  [TOSHIBA Corp., 2, 1, 0, 0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 3916 / charly][C:\WINDOWS\system32\TPWRTRAY.EXE]  [TOSHIBA Corporation, 4. 0. 0. 0]
[C:\WINDOWS\system32\TPwrReg.dll]  [TOSHIBA Corporation, 6.00.9]
[C:\WINDOWS\system32\Tdevdetect.dll]  [TOSHIBA Corporation, 6.00.21]
[C:\WINDOWS\system32\TSCI.DLL]  [Toshiba, 1.0.0.0]
[C:\WINDOWS\system32\THCI.DLL]  [Toshiba, 1.0.0.0]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 1316 / charly][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 1024 / charly][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[PID: 1272 / charly][C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe]  [Adobe Systems Incorporated, 3.0.0.66984]
[C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdboot.dll]  [Adobe Systems Incorporated, 3.0.0.66984]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[PID: 1304 / charly][C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe]  [TOSHIBA CORPORATION, 2, 1, 0, 1]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[PID: 2252 / charly][C:\WINDOWS\system32\TDispVol.exe]  [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\WINDOWS\system32\TCtrlCommon.dll]  [TOSHIBA Corporation, 2.05.00]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2260 / charly][C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe]  [Microsoft® Corporation, 7.00.0617.0]
[C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
[PID: 2572 / charly][C:\Program Files\TOSHIBA\TouchED\TouchED.Exe]  [TOSHIBA Corporation, 2, 5, 0, 0]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 2740 / charly][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[PID: 2964 / charly][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\WINDOWS\system32\IEFRAME.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[C:\WINDOWS\system32\IEUI.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\xmllite.dll]  [Microsoft Corporation, 1.00.1018.0]
[C:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
[C:\Program Files\Internet Explorer\ieproxy.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\Microsoft Money\System\mnyside.dll]  [Microsoft Corporation, 11.00.0716]
[C:\Program Files\Microsoft Money\System\misstub.dll]  [Microsoft Corporation, 11.00.0716]
[D:\Dragon_Naturally_speaking_Preferred_XP_FR\Program\DMFC6.DLL]  [Dragon Systems, Inc., 0.00.000.012]
[C:\WINDOWS\Speech\Dragon\dnstk10.dll]  [Dragon Systems, Inc., 5.00.400.067]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll]  [Safer Networking Limited, 1, 6, 0, 12]
[c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
[C:\PROGRA~1\internet\DAP\DAPIE.DLL]  [Speedbit Ltd., 8, 6, 7, 0]
[C:\PROGRA~1\internet\DAP\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
[C:\Program Files\internet\DAP\DAPIEEngine.dll]  [Speedbit Ltd., 8, 6, 7, 0]
[C:\Program Files\internet\DAP\DAPIEMonitor.dll]  [Speedbit Ltd., 8, 6, 7, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[C:\WINDOWS\system32\ieapfltr.dll]  [Microsoft Corporation, 7.0.6000.16461]
[C:\WINDOWS\system32\msfeeds.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
[C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll]  [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll]  [Microsoft Corporation, 1.1.4322.2407]
[PID: 3924 / charly][C:\Program Files\internet\DAP\DAP.EXE]  [Speedbit Ltd., 8, 7, 0, 5]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\Program Files\internet\DAP\zlib.dll]  [, 1.1.4.0]
[C:\Program Files\internet\DAP\dbghelp.dll]  [Microsoft Corporation, 6.2.0013.1 (DbgBuild.030619-2209)]
[C:\Program Files\internet\DAP\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\internet\DAP\dapres32.dll]  [SpeedBit Ltd., 8, 7, 0, 0]
[C:\Program Files\internet\DAP\MCMgr.dll]  [SpeedBit Ltd., 8, 6, 7, 0]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\Program Files\internet\DAP\DAPIEEngine.dll]  [Speedbit Ltd., 8, 6, 7, 0]
[C:\Program Files\internet\DAP\DAPIEMonitor.dll]  [Speedbit Ltd., 8, 6, 7, 0]
[C:\Program Files\internet\DAP\dapm_Context_search.dll]  [Speedbit Ltd., 8, 6, 7, 0]
[C:\Program Files\internet\DAP\dapm_ftp.dll]  [Speedbit Ltd., 8, 6, 7, 0]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
[C:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  [Macromedia, Inc., 8.5.1r102]
[PID: 3188 / charly][C:\Program Files\internet\GrabIt\GrabIt.exe]  [, 1.7.1.960]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[PID: 3280 / charly][C:\Documents and Settings\charly\Bureau\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.12.1018]
[PID: 2736 / charly][C:\Documents and Settings\charly\Bureau\SRE47a7c8ab.EXE]  [Smallfrogs Studio, 2.6.12.1018]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.3.0 12Mar03]
[C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll]  [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\TDispVol.dll]  [N/A, ]
[C:\Documents and Settings\charly\Bureau\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL]  [Microsoft Corporation, 10.0.6313]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1	   localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1960, C:\WINDOWS\SYSTEM32\RAMASST.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1972, C:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2484, C:\WINDOWS\SYSTEM32\00THOTKEY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2516, C:\PROGRAM FILES\WIFI\WG511V210\UTILITY\WG511WLU.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2528, C:\PROGRAM FILES\TOSHIBA\TME3\TMESBS32.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2556, C:\PROGRAM FILES\SYNAPTICS\SYNTP\CPAD\ALARMWATCHER.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3696, C:\WINDOWS\SYSTEM32\TFNF5.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3916, C:\WINDOWS\SYSTEM32\TPWRTRAY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1272, C:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP LIGHTROOM 1.1\APDPROXY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1304, C:\PROGRAM FILES\TOSHIBA\WIRELESS HOTKEY\TOSHKCW.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2252, C:\WINDOWS\SYSTEM32\TDISPVOL.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2260, C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\WORKS SHARED\WKUFIND.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2572, C:\PROGRAM FILES\TOSHIBA\TOUCHED\TOUCHED.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3188, C:\PROGRAM FILES\INTERNET\GRABIT\GRABIT.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3280, C:\DOCUMENTS AND SETTINGS\CHARLY\BUREAU\SRENGLDR.EXE]

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================

Le sioux Full Patch Member

Le sioux

Posté(e)
Posté(e)

Bonjour doc charly

 

salut le sioux, je te rebalances un truc indigeste pour le petit déjeuner :

:P Ouaips, pas sur que je le trempe dans mon café au lait :P

 

Je regarde cela et te dis quoi faire par la suite, mais pas avant un petit moment, sois patient le temps que je digère cela;)

 

@ plus.

Le sioux Full Patch Member

Le sioux

Posté(e)
Posté(e)

Re

 

Je ne vois rien de flagrant dans ce rapport, mais j'attends un autre avis. :P

 

Je viens par contre de réaliser que l'on ne voit plus avast! sur le démarrage, on va remédier à cela :

  • Ouvre le bloc-notes et fais un copier coller de ce qui est en citation ci-dessous (copie tout d'un trait) :
     
    Windows Registry Editor Version 5.00
     
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "avast"="\"C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe\""
    Puis "Fichier"/"Enregistrer sous" :
    Dans : sur le Bureau
    Nom du fichier : Avast.reg
    Type de fichier : "Tous les fichiers"
    Clique sur "Enregistrer"
     
  • Note:
    * Lors de l'enregistrement, il faut choisir pour le champ "Type": "Tous les fichiers"
    * Fait bien attention que Windows Registry Editor Version 5.00 soit sur la toute 1ere ligne, sinon le fix ne fonctionnera pas.
     
  • Quitte Internet et double clique sur Avast.reg sur ton Bureau.
    => Tu dois obligatoirement avoir un message "Voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre?"
  • Si c'est bien le cas, clique sur "Oui"
  • Fais redémarrer ton PC et re-poste un nouveau rapport HijackThis en réponse stp.

@ suivre.

doc charly Member

doc charly

Posté(e)
  • Auteur
Posté(e)

oki, comme demandé :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:17:24, on 21/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\RAMASST.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\00THotkey.exe

C:\Program Files\wifi\WG511v210\Utility\WG511WLU.exe

C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE

C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe

C:\Program Files\DNA\btdna.exe

C:\Program Files\Startup Faster\sfAgent.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\TFNF5.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\TPWRTRAY.EXE

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe

C:\WINDOWS\system32\TDispVol.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\TOSHIBA\TouchED\TouchED.Exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Trend Micro\HijackThis\scan.exe

C:\Program Files\Internet Explorer\iexplore.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - D:\Dragon_Naturally_speaking_Preferred_XP_FR\Program\web_ie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [startupFaster] "C:\Program Files\Startup Faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: StartupFaster

O4 - Global Startup: StartupFaster

O8 - Extra context menu item: &Clean Traces - C:\Program Files\internet\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\internet\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\internet\DAP\dapextie2.htm

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: Yahoo! Backgammon - http://download2.games.yahoo.com/games/clients/y/at1_x.cab

O16 - DPF: Yahoo! Dominoes - http://download2.games.yahoo.com/games/clients/y/dot9_x.cab

O16 - DPF: Yahoo! Pyramids - http://download2.games.yahoo.com/games/clients/y/pyt1_x.cab

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/importer/MypixUploader.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199619111384

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.photostation.fr/aurigma/ImageUploader4.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...383/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{02F7DEAF-AEFB-4EF2-9C17-16F592ABB12B}: NameServer = 217.19.48.80

O17 - HKLM\System\CS1\Services\Tcpip\..\{02F7DEAF-AEFB-4EF2-9C17-16F592ABB12B}: NameServer = 217.19.48.80

O20 - AppInit_DLLs: hqnlyu.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - D:\IPod\bin\iPodService.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe

 

--

End of file - 9035 bytes

Le sioux Full Patch Member

Le sioux

Posté(e)
Posté(e)

Re

 

Je suis fatigué et je fais des bêtises :P Je me suis trompé, excuse moi. Supprime le 1er avast.reg

  • Ouvre le bloc-notes et fais un copier coller de ce qui est en citation ci-dessous (copie tout d'un trait) :
     
    Windows Registry Editor Version 5.00
     
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="\"C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe\""
    Puis "Fichier"/"Enregistrer sous" :
    Dans : sur le Bureau
    Nom du fichier : Avast.reg
    Type de fichier : "Tous les fichiers"
    Clique sur "Enregistrer"
     
  • Note:
    * Lors de l'enregistrement, il faut choisir pour le champ "Type": "Tous les fichiers"
    * Fait bien attention que Windows Registry Editor Version 5.00 soit sur la toute 1ere ligne, sinon le fix ne fonctionnera pas.
     
  • Quitte Internet et double clique sur Avast.reg sur ton Bureau.
    => Tu dois obligatoirement avoir un message "Voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre?"
  • Si c'est bien le cas, clique sur "Oui"
  • Fais redémarrer ton PC et re-poste un nouveau rapport HijackThis en réponse stp, dis moi aussi si la boule bleue d'avast! a réapparue dans ta barre des tâches.

@ suivre.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...