ORDIN INFECTE WIN 32 ET autres - Page 2

Précédent
  • 1
  • 2
  1. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    bon ok si sa revient alors c'est que findykill ne suffit pas

    telecharge combofix

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    installe la console de recuperation puis ensuite redemarre en mode sans echec comme expliqué par genproc et lance l'application puis tu ne touche + a rien meme pas à la souris sous peine de figer le PC.

    puis redemarre en mode normal et poste le rapport de combofix qui ce trouve dans C/combofix.txt

    et relance findykill choisit option 1 et poste le rapport
    0
  2. RICONET Messages postés 114 Date d'inscription   Statut Membre Dernière intervention  
     
    Je me trompe peut-être mais ça ma l'air d'être bon. Voilà les rapport.

    ComboFix 09-01-13.03 - FAMILLE 2009-01-13 21:19:14.1 - NTFSx86 MINIMAL
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1024.803 [GMT 1:00]
    Lancé depuis: c:\documents and settings\FAMILLE\Bureau\ComboFix.exe
    AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Outdated)

    [COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    c:\program files\Internet Explorer\2.exe
    c:\windows\system32\10306.dll
    c:\windows\system32\27601.dll
    c:\windows\system32\9052.dll
    c:\windows\system32\dumphive.exe
    c:\windows\system32\ipypwgfu.ini
    c:\windows\system32\pkqqpndo.ini
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\wechppht.ini
    c:\windows\system32\WS2Fix.exe
    c:\windows\winhelp.ini
    D:\resycled
    d:\resycled\boot.com
    F:\resycled
    f:\resycled\boot.com
    G:\resycled
    g:\resycled\boot.com
    L:\resycled
    l:\resycled\boot.com
    O:\resycled
    o:\resycled\boot.com
    P:\resycled
    p:\resycled\boot.com

    ----- BITS: Il y a peut-être des sites infectés -----

    hxxp://childhe.com
    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_ICF

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-13 au 2009-01-13 ))))))))))))))))))))))))))))))))))))
    .

    2009-01-13 18:00 . 2009-01-13 18:03 <REP> d-------- C:\ToolBar SD
    2009-01-13 17:29 . 2009-01-13 17:29 <REP> d-------- c:\program files\CCleaner
    2009-01-13 09:17 . 2009-01-13 09:27 <REP> d-------- c:\program files\Navilog1
    2009-01-12 21:17 . 2009-01-12 21:18 <REP> d-------- C:\rsit
    2009-01-12 21:17 . 2009-01-12 21:18 <REP> d-------- c:\program files\trend micro
    2009-01-12 21:10 . 2009-01-12 21:10 410,984 --a------ c:\windows\system32\deploytk.dll
    2009-01-12 21:07 . 2009-01-12 21:08 <REP> d-------- c:\program files\QuickTime
    2009-01-12 21:07 . 2009-01-12 21:07 <REP> d-------- c:\program files\Fichiers communs\Apple
    2009-01-12 21:05 . 2009-01-12 21:05 <REP> d-------- c:\program files\Apple Software Update
    2009-01-12 21:05 . 2009-01-12 21:05 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple
    2009-01-12 10:08 . 2009-01-12 12:31 <REP> d-------- c:\program files\FindyKill
    2009-01-12 10:05 . 2009-01-12 10:05 244 --ah----- C:\sqmnoopt07.sqm
    2009-01-12 10:05 . 2009-01-12 10:05 232 --ah----- C:\sqmdata07.sqm
    2009-01-11 17:22 . 2009-01-11 17:22 244 --ah----- C:\sqmnoopt06.sqm
    2009-01-11 17:22 . 2009-01-11 17:22 232 --ah----- C:\sqmdata06.sqm
    2009-01-11 13:55 . 2009-01-11 13:55 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2009-01-11 13:55 . 2009-01-11 13:55 <REP> d-------- c:\documents and settings\FAMILLE\Application Data\Malwarebytes
    2009-01-11 13:55 . 2009-01-11 13:55 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-01-11 13:55 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
    2009-01-11 13:55 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
    2009-01-11 11:29 . 2009-01-11 11:29 244 --ah----- C:\sqmnoopt05.sqm
    2009-01-11 11:29 . 2009-01-11 11:29 232 --ah----- C:\sqmdata05.sqm
    2009-01-11 11:27 . 2009-01-11 11:27 244 --ah----- C:\sqmnoopt04.sqm
    2009-01-11 11:27 . 2009-01-11 11:27 232 --ah----- C:\sqmdata04.sqm
    2009-01-11 11:22 . 2009-01-11 11:22 244 --ah----- C:\sqmnoopt03.sqm
    2009-01-11 11:22 . 2009-01-11 11:22 232 --ah----- C:\sqmdata03.sqm
    2009-01-08 13:03 . 2009-01-08 13:03 271,360 --a------ c:\windows\system32\drivers\atksgt.sys
    2009-01-08 13:03 . 2009-01-08 13:03 18,048 --a------ c:\windows\system32\drivers\lirsgt.sys
    2009-01-08 12:48 . 2009-01-08 18:56 <REP> d-------- c:\program files\Monte Cristo
    2008-12-27 12:23 . 2008-12-27 12:23 <REP> d-------- c:\windows\system32\IOSUBSYS
    2008-12-27 12:23 . 2008-12-27 12:23 <REP> d-------- c:\program files\Google
    2008-12-26 22:24 . 2008-04-14 04:34 20,992 --a------ c:\windows\system32\dshowext.ax
    2008-12-26 22:24 . 2008-04-14 04:34 20,992 --a--c--- c:\windows\system32\dllcache\dshowext.ax
    2008-12-26 21:40 . 2008-12-26 21:40 <REP> d-------- c:\documents and settings\FAMILLE\Application Data\ArcSoft
    2008-12-26 21:25 . 2008-12-26 21:25 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2008-12-26 21:25 . 2008-12-26 21:25 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_phaudlwr_01005.Wdf
    2008-12-26 21:20 . 2007-10-02 15:55 491,520 --a------ c:\windows\system32\vspc1300.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-01-13 17:06 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-01-13 16:22 --------- d-----w c:\program files\a-squared Free
    2009-01-12 20:13 --------- d-----w c:\program files\Skype
    2009-01-12 20:10 --------- d-----w c:\program files\Java
    2009-01-12 20:02 --------- d-----w c:\program files\Fichiers communs\Adobe
    2009-01-12 19:29 --------- d-----w c:\documents and settings\FAMILLE\Application Data\uTorrent
    2009-01-10 15:20 --------- d-----w c:\program files\Mozilla Thunderbird
    2009-01-10 15:11 --------- d-----w c:\documents and settings\FAMILLE\Application Data\MailWasherPro
    2008-12-26 21:25 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-12-10 17:46 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
    2008-11-30 11:36 --------- d-----w c:\program files\TKexeKalender
    2008-11-28 10:45 --------- d-----w c:\program files\Spybot - Search & Destroy
    2008-11-27 20:48 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
    2008-11-25 09:23 --------- d-----w c:\program files\Electronic Arts
    2008-11-23 16:52 --------- d-----w c:\program files\Windows Live
    2008-11-23 16:45 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
    2008-11-23 16:26 --------- d-----w c:\documents and settings\FAMILLE\Application Data\MSNInstaller
    2008-11-18 20:30 --------- d-----w c:\documents and settings\All Users\Application Data\SmartSound Software Inc
    2008-11-16 17:44 --------- d-----w c:\program files\DivX
    2008-11-15 16:47 --------- d-----w c:\documents and settings\FAMILLE\Application Data\Anuman Interactive
    2008-11-15 15:23 --------- d-----w c:\program files\dBpowerAMP
    2008-11-14 20:42 --------- d-----w c:\documents and settings\FAMILLE\Application Data\PCF-VLC
    2008-04-14 02:33 65,024 --sha-w c:\windows\system32\asycfilt.dll
    2004-08-05 12:00 3,584 --sha-w c:\windows\system32\comcat.dll
    1998-05-20 15:14 28,672 --sha-w c:\windows\system32\lfawd90n.dll
    1998-05-15 15:00 33,792 --sha-w c:\windows\system32\lfbmp90n.dll
    1998-05-18 15:50 27,136 --sha-w c:\windows\system32\lfcal90n.dll
    1998-05-15 14:59 64,512 --sha-w c:\windows\system32\lffax90n.dll
    1997-11-21 16:03 338,944 --sha-w c:\windows\system32\lffpx7.dll
    1998-05-20 15:14 88,576 --sha-w c:\windows\system32\lffpx90n.dll
    1998-05-15 15:02 39,936 --sha-w c:\windows\system32\lfgif90n.dll
    1998-05-15 15:03 31,232 --sha-w c:\windows\system32\lfpct90n.dll
    1998-04-04 18:25 30,720 --sha-w c:\windows\system32\lfpcx90n.dll
    1998-06-23 08:10 133,632 --sha-w c:\windows\system32\lfpng90n.dll
    1998-05-18 16:27 29,184 --sha-w c:\windows\system32\lfpsd90n.dll
    1998-05-15 15:05 118,272 --sha-w c:\windows\system32\lftif90n.dll
    1998-04-04 18:26 25,600 --sha-w c:\windows\system32\lfwfx90n.dll
    1998-05-15 15:05 28,672 --sha-w c:\windows\system32\lfwmf90n.dll
    1998-04-04 18:26 27,648 --sha-w c:\windows\system32\lfwpg90n.dll
    1998-05-15 14:27 238,592 --sha-w c:\windows\system32\ltann90n.dll
    1998-05-15 14:26 220,160 --sha-w c:\windows\system32\LTDIS90n.dll
    1998-04-04 18:22 146,432 --sha-w c:\windows\system32\ltefx90n.dll
    1998-05-20 15:13 104,448 --sha-w c:\windows\system32\ltimg90n.dll
    1998-05-20 15:14 38,400 --sha-w c:\windows\system32\ltisi90n.dll
    1998-06-19 13:44 290,304 --sha-w c:\windows\system32\ltkrn90n.dll
    1998-04-03 17:01 3,824 --sha-w c:\windows\system32\ltthk90w.dll
    1998-05-19 16:53 35,328 --sha-w c:\windows\system32\lttwn90n.dll
    1998-04-03 17:01 45,936 --sha-w c:\windows\system32\ltvdd90w.drv
    2008-04-14 02:33 1,028,096 --sha-w c:\windows\system32\mfc42.dll
    2008-04-14 02:33 343,040 --sha-w c:\windows\system32\msvcrt.dll
    1998-04-29 18:00 58,880 --sha-w c:\windows\system32\npplg90N.dll
    2008-04-14 02:33 551,936 --sha-w c:\windows\system32\oleaut32.dll
    2008-04-14 02:33 84,992 --sha-w c:\windows\system32\olepro32.dll
    .

    ------- Sigcheck -------

    2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\explorer.exe
    2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 c:\windows\$NtServicePackUninstall$\explorer.exe
    2004-08-05 13:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa c:\windows\$NtUninstallKB938828$\explorer.exe
    2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\ServicePackFiles\i386\explorer.exe
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-05-25 32768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016]
    "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-09 949376]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
    "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-01-27 1381376]
    "iTunesHelper"="f:\itunes2\iTunesHelper.exe" [2007-03-14 257088]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
    "nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 c:\windows\KHALMNPR.Exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

    c:\documents and settings\FAMILLE\Menu D‚marrer\Programmes\D‚marrage\
    RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
    TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 65536]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-04-24 110592]
    Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-05-25 450560]
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-05-25 450560]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=ftdotf.dll fdtsrv.dll lecbjl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.MJPG"= Pvmjpg30.dll
    "VIDC.PIM1"= pclepim1.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6qtxx.sys]
    @="Driver"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "f:\\iTunes2\\iTunes.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
    "c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
    "g:\\JEUX\\TrackMania Nations ESWC\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
    "c:\\Program Files\\uTorrent\\utorrent.exe"=
    "g:\\JEUX\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
    "c:\\Program Files\\Participatory Culture Foundation\\Miro\\xulrunner\\python\\Miro_Downloader.exe"=
    "g:\\Station ripper\\StationRipper\\StationRipperConsole.exe"=
    "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "c:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds\\Game\\Battlegrounds.exe"=
    "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
    "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
    "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
    "c:\\Program Files\\Magentic\\bin\\MgImp.exe"=
    "c:\\Program Files\\Magentic\\bin\\Magentic.exe"=
    "c:\\Program Files\\Magentic\\bin\\MgApp.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\IncrediMail\\bin\\ImLc.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2008-01-03 4064]
    R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-09 15424]
    R3 BENDER;Pinnacle DV/AV Capture;c:\windows\system32\drivers\bender.sys [2007-12-09 200320]
    R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [2008-10-11 402432]
    S0 ati6qtxx;ati6qtxx;c:\windows\system32\Drivers\ati6qtxx.sys --> c:\windows\system32\Drivers\ati6qtxx.sys [?]
    S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\DRIVERS\ntcdrdrv.sys --> c:\windows\system32\DRIVERS\ntcdrdrv.sys [?]
    S3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys --> c:\windows\system32\DRIVERS\phaudlwr.sys [?]
    S3 SPC1300;USB2.0 PC Camera (SPC1300);c:\windows\system32\DRIVERS\spc1300.sys --> c:\windows\system32\DRIVERS\spc1300.sys [?]
    S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?]

    --- Other Services/Drivers In Memory ---

    *Deregistered* - InCDrec

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E555}]
    p:\sauvegarde dvd\ANY DVD\SlySoft\AnyDVD 6.3.0.0\AnyDVD leftover killer 1.3.exe -M
    .
    Contenu du dossier 'Tâches planifiées'

    2009-01-12 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

    2009-01-13 c:\windows\Tasks\bcijdvrp.job
    - c:\windows\system32\rundll32.exe [2008-04-14 03:34]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-MSMSGS - c:\program files\Messenger\msmsgs.exe
    HKLM-Run-eCarteBleue-CDE-P3 - c:\program files\e-Carte Bleue\Caisse Epargne\Ma e-Carte Bleue\ECB-CDE.exe
    HKLM-Run-NoteBurner - c:\program files\NoteBurner\VTBurnerGUI.exe
    HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe

    .
    ------- Examen supplémentaire -------
    .
    uDefault_Search_URL = hxxp://www.google.com/ie
    mWindow Title =
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    LSP: c:\windows\system32\imon.dll
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    FF - ProfilePath - c:\documents and settings\FAMILLE\Application Data\Mozilla\Firefox\Profiles\qzw5sb25.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-fr&FORM=MIMWA1&q=
    FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
    FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-13 21:28:40
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
    "ImagePath"="\??\c:\docume~1\FAMILLE\LOCALS~1\Temp\ASFWHide"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-1004336348-515967899-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Electronic Arts\C*o*m*m*a*n*d* *&* *C*o*n*q*u*e*r* *3* *L*e*s* *g*u*e*r*r*e*s* *d*u* *T*i*b*e*r*i*u*m*"!\Assistance]
    "Order"=hex:08,00,00,00,02,00,00,00,ce,02,00,00,01,00,00,00,04,00,00,00,92,00,
    00,00,00,00,00,00,84,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,72,00,32,\

    [HKEY_USERS\S-1-5-21-1004336348-515967899-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:6e,1c,9e,fc,f9,41,cc,31,e9,87,14,b1,34,e4,3c,bf,55,bb,a6,a1,0f,83,c5,
    20,c0,ac,7d,82,b4,21,04,3d,e1,e2,66,31,57,6f,5a,cd,ff,9f,b8,72,ee,54,02,87,\
    "??"=hex:90,31,a4,3c,cf,6f,32,ee,dc,1d,eb,c6,97,6d,c0,36

    [HKEY_USERS\S-1-5-21-1004336348-515967899-725345543-1004\Software\SecuROM\License information*]
    "datasecu"=hex:3d,db,c8,87,75,a7,0d,29,ba,7f,fc,40,99,15,e1,2d,42,e9,5c,be,bd,
    31,5c,fa,a7,4d,4b,33,04,44,24,5c,b4,27,03,72,83,49,c8,e5,46,b1,7e,6b,14,2a,\
    "rkeysecu"=hex:eb,67,ac,a6,8b,d1,cd,5e,4c,12,bf,a6,5b,70,42,8d

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,dc,53,5c,79,9a,
    93,8c,40,e2,63,26,f1,3f,c8,ff,68,9a,9c,c9,13,92,b4,bb,b4,e2,63,26,f1,3f,c8,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,78,ee,2b,66,5d,
    c9,55,11,6a,9c,d6,61,af,45,84,18,fc,9b,1c,56,9c,f0,f1,89,6a,9c,d6,61,af,45,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,e5,a7,2a,73,6a,
    b1,86,e6,ff,7c,85,e0,43,d4,0e,fe,d1,a2,74,01,eb,ee,b9,87,ff,7c,85,e0,43,d4,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,d7,72,0e,3c,2e,
    35,cd,c3,86,8c,21,01,be,91,eb,e7,32,27,8f,b4,e0,db,07,37,86,8c,21,01,be,91,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,b2,8e,16,4d,22,
    7b,51,2e,f5,1d,4d,73,a8,13,5c,05,03,86,b7,72,be,a5,44,83,f5,1d,4d,73,a8,13,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,20,cd,e5,dd,6d,
    72,f9,a9,df,20,58,62,78,6b,cf,c8,60,2e,ff,8d,3c,d2,50,f5,df,20,58,62,78,6b,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,df,09,62,fe,9e,
    df,52,43,fb,a7,78,e6,12,2f,9a,ea,0a,b2,3f,a1,17,2f,2a,85,fb,a7,78,e6,12,2f,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,48,62,ea,45,e4,
    4a,1a,9f,01,3a,48,fc,e8,04,4a,f1,3b,74,30,95,ed,6c,d8,d4,01,3a,48,fc,e8,04,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,de,ed,d3,1a,6e,
    44,28,20,f6,0f,4e,58,98,5b,89,c9,7d,18,01,67,d3,f3,09,05,f6,0f,4e,58,98,5b,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,f3,2e,46,83,4d,
    8c,5a,be,3d,ce,ea,26,2d,45,aa,78,bb,ae,10,a3,a6,f0,f0,f1,3d,ce,ea,26,2d,45,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,e1,78,12,d7,a8,
    50,4d,49,2a,b7,cc,b5,b9,7f,41,e7,12,21,df,ea,14,04,62,ab,2a,b7,cc,b5,b9,7f,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
    "ThreadingModel"="Apartment"
    @="c:\\WINDOWS\\system32\\OLE32.DLL"
    "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,2e,c6,48,36,45,
    72,53,e1,6c,43,2d,1e,aa,22,2f,9c,ff,e5,b8,61,eb,0b,76,94,6c,43,2d,1e,aa,22,\
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'lsass.exe'(820)
    c:\windows\system32\scecli.dll
    c:\windows\system32\imon.dll
    c:\program files\Eset\pr_imon.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Ahead\InCD\InCDsrv.exe
    c:\program files\Lavasoft\Ad-Aware\aawservice.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\ESET\nod32krn.exe
    c:\windows\system32\nvsvc32.exe
    c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    c:\program files\SAGEM WiFi manager\WLANUTL.EXE
    .
    **************************************************************************
    .
    Heure de fin: 2009-01-13 21:33:02 - La machine a redémarré [FAMILLE]
    ComboFix-quarantined-files.txt 2009-01-13 20:32:57

    Avant-CF: 23 789 424 640 octets libres
    Après-CF: 22,634,115,072 octets libres

    361 --- E O F --- 2008-12-18 20:08:46

    * Emplacement : C:\Program Files\FindyKill
    * Outils Mis a jours le 05/01/09 par Chiquitine29
    * Recherche effectuée à 21:35:17 le 13/01/2009
    * Windows XP - Internet Explorer 6.0.2900.5512

    ((((((((((((((((( *** Recherche *** ))))))))))))))))))

    --------------- [ Processus actifs ] ----------------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    F:\iTunes2\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wuauclt.exe

    --------------- [ Fichiers/Dossiers infectieux ] ----------------

    »»»» Presence des fichiers dans C:

    »»»» Presence des fichiers dans C:\WINDOWS

    »»»» Presence des fichiers dans C:\WINDOWS\Prefetch

    Found ! - C:\WINDOWS\prefetch\13562.EXE-33B71DE2.pf
    Found ! - C:\WINDOWS\prefetch\1371.EXE-3B22235C.pf
    Found ! - C:\WINDOWS\prefetch\15817.EXE-2899E8EE.pf
    Found ! - C:\WINDOWS\prefetch\22101.EXE-29749CFE.pf
    Found ! - C:\WINDOWS\prefetch\3618.EXE-280C76C3.pf

    »»»» Presence des fichiers dans C:\WINDOWS\system32

    »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

    »»»» Presence des fichiers dans C:\Documents and Settings\FAMILLE\Application Data

    »»»» Presence des fichiers dans C:\DOCUME~1\FAMILLE\LOCALS~1\Temp

    »»»» Presence des fichiers dans C:\Documents and Settings\FAMILLE\Local Settings\Temporary Internet Files\Content.IE5

    Found ! [26/04/2000 17:41] - C:\Program Files\ScanButton 3.0\Web-ClubPhoto\UPLOAD\filelist.txt

    --------------- [ Registre / Startup ] ----------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
    CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
    LDM=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
    NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    nwiz=nwiz.exe /install
    NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    nod32kui="C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
    InCD=C:\Program Files\Ahead\InCD\InCD.exe
    iTunesHelper="F:\iTunes2\iTunesHelper.exe"
    SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
    Logitech Hardware Abstraction Layer=KHALMNPR.EXE
    Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
    NoChange=1
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
    Installed=1
    <NO NAME>=

    --------------- [ Registre / Clés infectieuses ] ----------------

    --------------- [ Etat / Services ] ----------------

    +- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

    Ndisuio - Type de démarrage = 3

    EapHost - Type de démarrage = 2

    Ip6Fw - Type de démarrage = 2

    SharedAccess - Type de démarrage = 2

    wuauserv - Type de démarrage = 2

    wscsvc - Type de démarrage = 2

    --------------- [ Recherche dans supports amovibles] ----------------

    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe

    F: - Lecteur fixe

    G: - Lecteur fixe

    L: - Lecteur fixe

    O: - Lecteur fixe

    P: - Lecteur fixe

    +- presence des fichiers :

    --------------- [ Registre / Mountpoint2 ] ----------------

    -> Not found !

    ------------------- ! Fin du rapport ! --------------------

    Merçi encore. Le logo jaune avec un point d'exclamation remplace le message d'alerte. J'attends d'avoir ton avis avant de faire quoique ce soit. Si tout est OK je pense faire un point de restauration (Je sais pas trop comment le faire mais je pense trouver))
    0
  3. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    Bonjour,

    repasse findykill en option 2 et poste le rapport

    puis clic sur le point d'exclamation sur fond jaune c'est les mise a jour windows, donc fait les..

    Puis Fais un scan RAPIDE avec malwarebyte pour supprimer d'eventuel traces

    puis reposte un hijackthis après tous sa

    As tu encore des problemes ?

    NON attends pour le point de restauration on finira par sa voyons deja si tu n'as plus de probleme
    0
  4. RICONET Messages postés 114 Date d'inscription   Statut Membre Dernière intervention  
     
    Salut,
    Alors voilà, je transmet les deux rapports et Malwarebytes' Anti-Malware n'a rien détecté.
    Pour info, la mise à jour de windows c'était faite automatiquement hier soir, à la fermeture de WINDOWS.

    * executed from : C:\Program Files\FindyKill
    * Update on 05/01/09 par Chiquitine29
    * Start at 12:39:27 the 14/01/2009
    * Windows XP - Internet Explorer 6.0.2900.5512

    ((((((((((((((( *** deleting *** ))))))))))))))))))

    --------------- [ Active Processes ] ----------------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\userinit.exe

    --------------- [ Infected files / folders ] ----------------

    »»»» Supression files in C:

    »»»» Supression files in C:\WINDOWS

    »»»» Supression files in C:\WINDOWS\Prefetch

    Deleted ! - C:\WINDOWS\prefetch\13562.EXE-33B71DE2.pf
    Deleted ! - C:\WINDOWS\prefetch\1371.EXE-3B22235C.pf
    Deleted ! - C:\WINDOWS\prefetch\15817.EXE-2899E8EE.pf
    Deleted ! - C:\WINDOWS\prefetch\22101.EXE-29749CFE.pf
    Deleted ! - C:\WINDOWS\prefetch\3618.EXE-280C76C3.pf

    »»»» Supression files in C:\WINDOWS\system32

    »»»» Supression files in C:\WINDOWS\system32\drivers

    »»»» Supression files in C:\Documents and Settings\FAMILLE\Application Data

    »»»» Supression files in C:\DOCUME~1\FAMILLE\LOCALS~1\Temp

    »»»» Supression files in C:\Documents and Settings\FAMILLE\Local Settings\Temporary Internet Files\Content.IE5

    --------------- [ Registry / Infected keys ] ----------------

    Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
    Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
    Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
    Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
    Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
    Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe

    --------------- [ States / Restarting of services ] ----------------

    +- Services : [ Auto=2 / Request=3 / Disable=4 ]

    Ndisuio - Type of startup = 3

    EapHost - Type of startup = 2

    Ip6Fw - Type of startup = 2

    SharedAccess - Type of startup = 2

    wuauserv - Type of startup = 2

    wscsvc - Type of startup = 2

    --------------- [ Cleaning removable drives ] ----------------

    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe

    F: - Lecteur fixe

    G: - Lecteur fixe

    L: - Lecteur fixe

    O: - Lecteur fixe

    P: - Lecteur fixe

    +- deleting files :

    --------------- [ Registry / Mountpoint2 ] ----------------

    -> Not found !

    --------------- [ Searching Other Infections ] ----------------

    --------------- [ Searching Cracks / Keygen ] ----------------

    C:\Documents and Settings\All Users\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw

    ---------------- ! End of report ! ------------------

    HIJACKTHIS:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:04:36, on 14/01/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\ESET\nod32kui.exe
    C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\FAMILLE\Mes documents\Mes fichiers reçus\RenomHiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [iTunesHelper] "F:\iTunes2\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Lotus Organizer EasyClip.lnk = C:\lotus\organize\easyclip.exe
    O4 - Global Startup: Mémento.lnk = Q:\quicken\billmind.exe
    O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O18 - Protocol: bw+0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {49C8FC5E-C90A-491C-B16D-3459B2A05006} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: ftdotf.dll fdtsrv.dll lecbjl.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    0
Précédent
  • 1
  • 2