A voir également:
- Cheval de troie
- Antivirus cheval de troie gratuit - Télécharger - Antivirus & Antimalwares
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Qu'est ce que le cheval au poker - Forum Virus
- Comment se débarrasser d'un cheval de troie ✓ - Forum Virus
- Retrouver son cheval skyrim - Forum Jeux PC
129 réponses
Fix Navipromo version 4.0.4 commencé le 05/11/2009 17:09:40,40
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.11.2009 à 22h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ )
BIOS : Default System BIOS
USER : Lacaze ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.7.1043 [VPS 091105-0] 4.7.1043 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:259 Go)
D:\ (CD or DVD)
Recherche executée en mode normal
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.11.2009 à 22h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ )
BIOS : Default System BIOS
USER : Lacaze ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.7.1043 [VPS 091105-0] 4.7.1043 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:259 Go)
D:\ (CD or DVD)
Recherche executée en mode normal
un nouvreau RSIT stp, histoire de voir ce qu'il reste...
pour info, tu disais dans ton préambule: "j'ai attrapé un cheval de troie
c'était minimaliste
(sourire)
pour info, tu disais dans ton préambule: "j'ai attrapé un cheval de troie
c'était minimaliste
(sourire)
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lacaze at 2009-11-05 17:25:54
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 265 GB (87%) free of 305 GB
Total RAM: 2047 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:58, on 05/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\windows\RTHDCPL.EXE
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\windows\system32\spoolsv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\Lacaze\Bureau\RSIT.exe
C:\Program Files\trend micro\Lacaze.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - http://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
Run by Lacaze at 2009-11-05 17:25:54
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 265 GB (87%) free of 305 GB
Total RAM: 2047 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:58, on 05/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\windows\RTHDCPL.EXE
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\windows\system32\spoolsv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\Lacaze\Bureau\RSIT.exe
C:\Program Files\trend micro\Lacaze.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - http://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
c'était un troupeau...il en reste un peu
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe
Il ne nécessite pas d'installation
▶double clic (clic droit "exécuter en tant qu'administrateur" pour Vista) pour lancer le scan
choisis la langue puis choisis l'option 1 = Mode Recherche
▶laisse travailler l'outil
le rapport va s'afficher , une fois le scan fini
▶colle le contenu sur un forum spécialisé
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe
Il ne nécessite pas d'installation
▶double clic (clic droit "exécuter en tant qu'administrateur" pour Vista) pour lancer le scan
choisis la langue puis choisis l'option 1 = Mode Recherche
▶laisse travailler l'outil
le rapport va s'afficher , une fois le scan fini
▶colle le contenu sur un forum spécialisé
Oui celui d'XP.
que me conseillez comme parefeu ??
celui d'XP ne répond pas je ne peux pas ouvrir pour l'activer ou le désactiver.
Merci.
Je colle le rapport ici ensuite ??
que me conseillez comme parefeu ??
celui d'XP ne répond pas je ne peux pas ouvrir pour l'activer ou le désactiver.
Merci.
Je colle le rapport ici ensuite ??
celui d'XP ne répond pas je ne peux pas ouvrir pour l'activer ou le désactiver
??????
nous verrons à la fin pour un autre, sinon pour rappel, tu peux accéder au pare feu par le panneau de configuration
à priori il est désactivé, donc tu peux passer l'outil et poster ici
??????
nous verrons à la fin pour un autre, sinon pour rappel, tu peux accéder au pare feu par le panneau de configuration
à priori il est désactivé, donc tu peux passer l'outil et poster ici
List'em by g3n-h@ckm@n 1.0.4.8
Thx to Chiquitine29.....
User : Lacaze (Administrateurs) # LACAZE-5B32A5D9
Update on 29/10/2009 by g3n-h@ckm@n ::::: 18.30
Start at: 17:54:23 | 05/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.7.1043 [VPS 091105-0] 4.7.1043 [ (!) Disabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 298,08 Go (259,04 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\windows\System32\smss.exe 596
C:\windows\system32\csrss.exe 644
C:\windows\system32\winlogon.exe 668
C:\windows\system32\services.exe 716
C:\windows\system32\lsass.exe 728
C:\windows\system32\svchost.exe 908
C:\windows\system32\svchost.exe 988
C:\windows\System32\svchost.exe 1088
C:\windows\system32\svchost.exe 1208
C:\windows\system32\svchost.exe 1288
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1392
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1488
C:\windows\Explorer.EXE 1640
C:\windows\RTHDCPL.EXE 1756
C:\windows\system32\RUNDLL32.EXE 1796
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe 1832
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 1864
C:\Program Files\Winamp\winampa.exe 1904
C:\Program Files\iTunes\iTunesHelper.exe 1924
C:\WINDOWS\system32\LVCOMSX.EXE 1932
C:\Program Files\Logitech\Video\LogiTray.exe 1968
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe 2000
C:\windows\system32\ctfmon.exe 2028
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe 2040
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 136
C:\Program Files\Microsoft ActiveSync\wcescomm.exe 144
C:\Program Files\Messenger\msmsgs.exe 156
C:\PROGRA~1\MICROS~4\rapimgr.exe 272
C:\Program Files\OpenOffice.org 3\program\soffice.exe 372
C:\Program Files\OpenOffice.org 3\program\soffice.bin 408
C:\windows\system32\spoolsv.exe 1056
C:\Program Files\Logitech\Video\FxSvr2.exe 1204
C:\windows\system32\svchost.exe 2548
C:\Program Files\a-squared Free\a2service.exe 2580
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2624
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 2656
C:\Program Files\Bonjour\mDNSResponder.exe 2684
C:\windows\system32\nvsvc32.exe 2748
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2816
C:\windows\system32\svchost.exe 3080
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe 3456
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe 3552
C:\Program Files\iPod\bin\iPodService.exe 3784
C:\windows\System32\svchost.exe 2068
C:\windows\system32\wuauclt.exe 2728
C:\Program Files\Mozilla Firefox\firefox.exe 2896
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe 972
C:\Program Files\Windows Live\Contacts\wlcomm.exe 4040
C:\Documents and Settings\Lacaze\Bureau\List_Killem.exe 3992
C:\windows\system32\cmd.exe 3932
C:\WINDOWS\system32\wbem\wmiprvse.exe 1740
C:\Documents and Settings\Lacaze\Local Settings\Temp\5C.tmp\pv.exe 1592
======================
Cles de demarrage "Run"
======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\windows\\system32\\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NMBgMonitor.exe\""
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
"uTorrent"="\"C:\\Program Files\\uTorrent\\uTorrent.exe\""
"H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"Alcmtr"="ALCMTR.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"WinSys2"="C:\\WINDOWS\\system32\\winsys2.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\jusched.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb03.exe"
"WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"Malwarebytes Anti-Malware (reboot)"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""
=====================
cles additionnelles
=====================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
===============
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000
===============
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
======
BHO :
======
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
@="AcroIEHelperStub"
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
@="Winamp Toolbar Loader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]
@=""
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
@="Search Helper"
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
"NoExplorer"=dword:00000001
==========================
===============
Path : C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\Fichiers communs\Ahead\Lib\
===============
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\windows\System32\SET152.tmp
C:\windows\System32\SET154.tmp
C:\windows\System32\SET159.tmp
C:\windows\System32\SET160.tmp
C:\windows\System32\SET46.tmp
C:\windows\System32\SET4F.tmp
C:\windows\System32\SET51.tmp
C:\windows\System32\SET5D.tmp
C:\windows\System32\SET6E.tmp
C:\windows\System32\SET70.tmp
C:\windows\System32\SET7F.tmp
C:\windows\System32\SETA3.tmp
C:\windows\System32\winsys2.exe
C:\Documents and Settings\Lacaze\Application Data\inst.exe
C:\Documents and Settings\Lacaze\Application Data\Simply Super Software
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
¤¤¤¤¤¤¤¤¤¤ C:\windows\Prefetch :
A2FREE.EXE-34CE1BFD.pf
A2FREESETUP_ 4.5.0.21..EXE-0C5C9F70.pf
A2FREESETUP_ 4.5.0.21..TMP-1FB24FFD.pf
A2SERVICE.EXE-084E756C.pf
ADOBE_UPDATER.EXE-32E1E9B7.pf
ALCMTR.EXE-235F9538.pf
ALG.EXE-0F138680.pf
ASHAVAST.EXE-12F63458.pf
ASHCHEST.EXE-0FED8209.pf
ASHMAISV.EXE-12E27032.pf
ASHSIMPL.EXE-14F851AB.pf
ASHWEBSV.EXE-0548EF0A.pf
ATTRIB.EXE-39EAFB02.pf
AU_.EXE-155E3E43.pf
AVAST.SETUP-032170A8.pf
AVGAS.EXE-27525987.pf
BONJOUR.EXE.EXE-2C64EFAF.pf
BYPASS.EXE-3A13827B.pf
CCLEANER.EXE-0BCE437C.pf
CLEANMGR.EXE-1F86EA8E.pf
CMD.EXE-087B4001.pf
CSCRIPT.EXE-1C26180C.pf
CTFMON.EXE-0E17969B.pf
DRWTSN32.EXE-2B4B52AC.pf
DUMPREP.EXE-1B46F901.pf
DWWIN.EXE-30875ADC.pf
ECHOX.EXE-0EC32D49.pf
EXPLORER.EXE-082F38A9.pf
FFMPEG.DLL-3B900178.pf
FIND.EXE-0EC32F1E.pf
FINDSTR.EXE-0CA6274B.pf
FIREFOX.EXE-28641590.pf
FXSVR2.EXE-14513BBA.pf
GUARD.EXE-0ED6BFA5.pf
HELPSVC.EXE-2878DDA2.pf
IE8-WINDOWSXP-X86-FRA.EXE-195E491C.pf
IEDW.EXE-1880380E.pf
IESETUP.EXE-1CFD7381.pf
IEXPLORE.EXE-27122324.pf
IMAPI.EXE-0BF740A4.pf
IPCONFIG.EXE-2395F30B.pf
IPODSERVICE.EXE-3192DE38.pf
JUCHECK.EXE-0276A1EC.pf
JUSCHED.EXE-27E1FBBB.pf
KILL.EXE-25FB2C73.pf
KILL_P.EXE-15C7A895.pf
LACAZE.EXE-096C3AF7.pf
Layout.ini
LOGONUI.EXE-0AF22957.pf
MDNSRESPONDER.EXE-02F30C6E.pf
MODE.COM-31685BAE.pf
MRT.EXE-1B4A8D49.pf
MSHEARTS.EXE-0D7FE295.pf
MSNMSGR.EXE-030AB647.pf
NEROCHECK.EXE-35AE1DFB.pf
NMINDEXINGSERVICE.EXE-01E84916.pf
NMINDEXSTORESVR.EXE-22A7DEEF.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
NTVDM.EXE-1A10A423.pf
NVSVC32.EXE-1F9EED18.pf
NWIZ.EXE-2D0F9FBC.pf
PHOTOSNAPVIEWER.EXE-2371ED62.pf
PWRISOVM.EXE-395F826A.pf
QTTASK.EXE-342507FB.pf
QUICKSTART.EXE-24C38DA1.pf
RAPIMGR.EXE-086AD32F.pf
READER_SL.EXE-2B4EA1CB.pf
REG.EXE-0D2A95F7.pf
REGSVR32.EXE-25EEFE2F.pf
RSIT.EXE-0C3EF389.pf
RTHDCPL.EXE-06918CFA.pf
RUNDLL32.EXE-153C04BE.pf
RUNDLL32.EXE-1714B23E.pf
RUNDLL32.EXE-1857459C.pf
RUNDLL32.EXE-18DA868B.pf
RUNDLL32.EXE-24A9B5A5.pf
RUNDLL32.EXE-2867A71F.pf
RUNDLL32.EXE-2A587683.pf
RUNDLL32.EXE-2A94BB85.pf
RUNDLL32.EXE-35A483DA.pf
RUNDLL32.EXE-3C23393C.pf
RUNDLL32.EXE-451FC2C0.pf
RUNDLL32.EXE-47D6BD60.pf
SDUPDATE.EXE-00420EF0.pf
SEAPORT.EXE-2D9D4167.pf
SED.EXE-2A032EBB.pf
SERV.EXE-0274A4C7.pf
SETPATH.EXE-2D3D2E76.pf
SETUP.OVR-154CE291.pf
SHOWTIME.EXE-058E333F.pf
SHUTDOWN.EXE-12DAD820.pf
SOFFICE.BIN-01E25E9C.pf
SOFFICE.EXE-358D937C.pf
SOFTONIC_FRANCE_FFTOOLBARHELP-147000FA.pf
SPUPDSVC.EXE-21B36524.pf
SPYBOTSD.EXE-1344276B.pf
SPYBOTSD162.EXE-1F10AA49.pf
SPYBOTSD162.TMP-26331A6F.pf
SPYBOTSD_INCLUDES.EXE-12525E7B.pf
SVCHOST.EXE-3530F672.pf
SWREG.EXE-2A961210.pf
TASKMGR.EXE-20256C55.pf
TEATIMER.EXE-1F57E47A.pf
TRUNINS.EXE-26A8666C.pf
UNINS000.EXE-2B9B5974.pf
UNINS000.EXE-306E13BF.pf
UNINSTAL.EXE-0690AAFC.pf
UNINSTALL.EXE-2C116F1D.pf
UNINSTALL.EXE-38E35753.pf
UNINSTALLER.EXE-093B5E6A.pf
UPDATE.EXE-11280B04.pf
UPDATE.EXE-33293ABC.pf
UPDATE.EXE-3B345F99.pf
USBFIX.EXE-04B532C1.pf
UTORRENT.EXE-3888D1B0.pf
VCW.EXE-05096EC6.pf
VERCLSID.EXE-3667BD89.pf
VLC.EXE-22DF01AA.pf
WINAMP.EXE-0D0189CA.pf
WINRAR.EXE-39C6DAD9.pf
WINSYS2.EXE-2876619B.pf
WLCOMM.EXE-04AE9009.pf
WLTUSER.EXE-05A5B196.pf
WLXQUICKTIMECONTROLHOST.EXE-271639BF.pf
WMIPRVSE.EXE-28F301A9.pf
WMPLAYER.EXE-18DDEF9D.pf
WUAUCLT.EXE-399A8E72.pf
ZIP.EXE-020FF746.pf
_IU14D2N.TMP-11364576.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Thx to Chiquitine29.....
User : Lacaze (Administrateurs) # LACAZE-5B32A5D9
Update on 29/10/2009 by g3n-h@ckm@n ::::: 18.30
Start at: 17:54:23 | 05/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.7.1043 [VPS 091105-0] 4.7.1043 [ (!) Disabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 298,08 Go (259,04 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\windows\System32\smss.exe 596
C:\windows\system32\csrss.exe 644
C:\windows\system32\winlogon.exe 668
C:\windows\system32\services.exe 716
C:\windows\system32\lsass.exe 728
C:\windows\system32\svchost.exe 908
C:\windows\system32\svchost.exe 988
C:\windows\System32\svchost.exe 1088
C:\windows\system32\svchost.exe 1208
C:\windows\system32\svchost.exe 1288
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1392
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1488
C:\windows\Explorer.EXE 1640
C:\windows\RTHDCPL.EXE 1756
C:\windows\system32\RUNDLL32.EXE 1796
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe 1832
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 1864
C:\Program Files\Winamp\winampa.exe 1904
C:\Program Files\iTunes\iTunesHelper.exe 1924
C:\WINDOWS\system32\LVCOMSX.EXE 1932
C:\Program Files\Logitech\Video\LogiTray.exe 1968
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe 2000
C:\windows\system32\ctfmon.exe 2028
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe 2040
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 136
C:\Program Files\Microsoft ActiveSync\wcescomm.exe 144
C:\Program Files\Messenger\msmsgs.exe 156
C:\PROGRA~1\MICROS~4\rapimgr.exe 272
C:\Program Files\OpenOffice.org 3\program\soffice.exe 372
C:\Program Files\OpenOffice.org 3\program\soffice.bin 408
C:\windows\system32\spoolsv.exe 1056
C:\Program Files\Logitech\Video\FxSvr2.exe 1204
C:\windows\system32\svchost.exe 2548
C:\Program Files\a-squared Free\a2service.exe 2580
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2624
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 2656
C:\Program Files\Bonjour\mDNSResponder.exe 2684
C:\windows\system32\nvsvc32.exe 2748
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2816
C:\windows\system32\svchost.exe 3080
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe 3456
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe 3552
C:\Program Files\iPod\bin\iPodService.exe 3784
C:\windows\System32\svchost.exe 2068
C:\windows\system32\wuauclt.exe 2728
C:\Program Files\Mozilla Firefox\firefox.exe 2896
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe 972
C:\Program Files\Windows Live\Contacts\wlcomm.exe 4040
C:\Documents and Settings\Lacaze\Bureau\List_Killem.exe 3992
C:\windows\system32\cmd.exe 3932
C:\WINDOWS\system32\wbem\wmiprvse.exe 1740
C:\Documents and Settings\Lacaze\Local Settings\Temp\5C.tmp\pv.exe 1592
======================
Cles de demarrage "Run"
======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\windows\\system32\\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NMBgMonitor.exe\""
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
"uTorrent"="\"C:\\Program Files\\uTorrent\\uTorrent.exe\""
"H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"Alcmtr"="ALCMTR.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"WinSys2"="C:\\WINDOWS\\system32\\winsys2.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\jusched.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb03.exe"
"WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"Malwarebytes Anti-Malware (reboot)"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""
=====================
cles additionnelles
=====================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
===============
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000
===============
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
======
BHO :
======
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
@="AcroIEHelperStub"
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
@="Winamp Toolbar Loader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]
@=""
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
@="Search Helper"
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
"NoExplorer"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
"NoExplorer"=dword:00000001
==========================
===============
Path : C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\Fichiers communs\Ahead\Lib\
===============
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\windows\System32\SET152.tmp
C:\windows\System32\SET154.tmp
C:\windows\System32\SET159.tmp
C:\windows\System32\SET160.tmp
C:\windows\System32\SET46.tmp
C:\windows\System32\SET4F.tmp
C:\windows\System32\SET51.tmp
C:\windows\System32\SET5D.tmp
C:\windows\System32\SET6E.tmp
C:\windows\System32\SET70.tmp
C:\windows\System32\SET7F.tmp
C:\windows\System32\SETA3.tmp
C:\windows\System32\winsys2.exe
C:\Documents and Settings\Lacaze\Application Data\inst.exe
C:\Documents and Settings\Lacaze\Application Data\Simply Super Software
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
¤¤¤¤¤¤¤¤¤¤ C:\windows\Prefetch :
A2FREE.EXE-34CE1BFD.pf
A2FREESETUP_ 4.5.0.21..EXE-0C5C9F70.pf
A2FREESETUP_ 4.5.0.21..TMP-1FB24FFD.pf
A2SERVICE.EXE-084E756C.pf
ADOBE_UPDATER.EXE-32E1E9B7.pf
ALCMTR.EXE-235F9538.pf
ALG.EXE-0F138680.pf
ASHAVAST.EXE-12F63458.pf
ASHCHEST.EXE-0FED8209.pf
ASHMAISV.EXE-12E27032.pf
ASHSIMPL.EXE-14F851AB.pf
ASHWEBSV.EXE-0548EF0A.pf
ATTRIB.EXE-39EAFB02.pf
AU_.EXE-155E3E43.pf
AVAST.SETUP-032170A8.pf
AVGAS.EXE-27525987.pf
BONJOUR.EXE.EXE-2C64EFAF.pf
BYPASS.EXE-3A13827B.pf
CCLEANER.EXE-0BCE437C.pf
CLEANMGR.EXE-1F86EA8E.pf
CMD.EXE-087B4001.pf
CSCRIPT.EXE-1C26180C.pf
CTFMON.EXE-0E17969B.pf
DRWTSN32.EXE-2B4B52AC.pf
DUMPREP.EXE-1B46F901.pf
DWWIN.EXE-30875ADC.pf
ECHOX.EXE-0EC32D49.pf
EXPLORER.EXE-082F38A9.pf
FFMPEG.DLL-3B900178.pf
FIND.EXE-0EC32F1E.pf
FINDSTR.EXE-0CA6274B.pf
FIREFOX.EXE-28641590.pf
FXSVR2.EXE-14513BBA.pf
GUARD.EXE-0ED6BFA5.pf
HELPSVC.EXE-2878DDA2.pf
IE8-WINDOWSXP-X86-FRA.EXE-195E491C.pf
IEDW.EXE-1880380E.pf
IESETUP.EXE-1CFD7381.pf
IEXPLORE.EXE-27122324.pf
IMAPI.EXE-0BF740A4.pf
IPCONFIG.EXE-2395F30B.pf
IPODSERVICE.EXE-3192DE38.pf
JUCHECK.EXE-0276A1EC.pf
JUSCHED.EXE-27E1FBBB.pf
KILL.EXE-25FB2C73.pf
KILL_P.EXE-15C7A895.pf
LACAZE.EXE-096C3AF7.pf
Layout.ini
LOGONUI.EXE-0AF22957.pf
MDNSRESPONDER.EXE-02F30C6E.pf
MODE.COM-31685BAE.pf
MRT.EXE-1B4A8D49.pf
MSHEARTS.EXE-0D7FE295.pf
MSNMSGR.EXE-030AB647.pf
NEROCHECK.EXE-35AE1DFB.pf
NMINDEXINGSERVICE.EXE-01E84916.pf
NMINDEXSTORESVR.EXE-22A7DEEF.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
NTVDM.EXE-1A10A423.pf
NVSVC32.EXE-1F9EED18.pf
NWIZ.EXE-2D0F9FBC.pf
PHOTOSNAPVIEWER.EXE-2371ED62.pf
PWRISOVM.EXE-395F826A.pf
QTTASK.EXE-342507FB.pf
QUICKSTART.EXE-24C38DA1.pf
RAPIMGR.EXE-086AD32F.pf
READER_SL.EXE-2B4EA1CB.pf
REG.EXE-0D2A95F7.pf
REGSVR32.EXE-25EEFE2F.pf
RSIT.EXE-0C3EF389.pf
RTHDCPL.EXE-06918CFA.pf
RUNDLL32.EXE-153C04BE.pf
RUNDLL32.EXE-1714B23E.pf
RUNDLL32.EXE-1857459C.pf
RUNDLL32.EXE-18DA868B.pf
RUNDLL32.EXE-24A9B5A5.pf
RUNDLL32.EXE-2867A71F.pf
RUNDLL32.EXE-2A587683.pf
RUNDLL32.EXE-2A94BB85.pf
RUNDLL32.EXE-35A483DA.pf
RUNDLL32.EXE-3C23393C.pf
RUNDLL32.EXE-451FC2C0.pf
RUNDLL32.EXE-47D6BD60.pf
SDUPDATE.EXE-00420EF0.pf
SEAPORT.EXE-2D9D4167.pf
SED.EXE-2A032EBB.pf
SERV.EXE-0274A4C7.pf
SETPATH.EXE-2D3D2E76.pf
SETUP.OVR-154CE291.pf
SHOWTIME.EXE-058E333F.pf
SHUTDOWN.EXE-12DAD820.pf
SOFFICE.BIN-01E25E9C.pf
SOFFICE.EXE-358D937C.pf
SOFTONIC_FRANCE_FFTOOLBARHELP-147000FA.pf
SPUPDSVC.EXE-21B36524.pf
SPYBOTSD.EXE-1344276B.pf
SPYBOTSD162.EXE-1F10AA49.pf
SPYBOTSD162.TMP-26331A6F.pf
SPYBOTSD_INCLUDES.EXE-12525E7B.pf
SVCHOST.EXE-3530F672.pf
SWREG.EXE-2A961210.pf
TASKMGR.EXE-20256C55.pf
TEATIMER.EXE-1F57E47A.pf
TRUNINS.EXE-26A8666C.pf
UNINS000.EXE-2B9B5974.pf
UNINS000.EXE-306E13BF.pf
UNINSTAL.EXE-0690AAFC.pf
UNINSTALL.EXE-2C116F1D.pf
UNINSTALL.EXE-38E35753.pf
UNINSTALLER.EXE-093B5E6A.pf
UPDATE.EXE-11280B04.pf
UPDATE.EXE-33293ABC.pf
UPDATE.EXE-3B345F99.pf
USBFIX.EXE-04B532C1.pf
UTORRENT.EXE-3888D1B0.pf
VCW.EXE-05096EC6.pf
VERCLSID.EXE-3667BD89.pf
VLC.EXE-22DF01AA.pf
WINAMP.EXE-0D0189CA.pf
WINRAR.EXE-39C6DAD9.pf
WINSYS2.EXE-2876619B.pf
WLCOMM.EXE-04AE9009.pf
WLTUSER.EXE-05A5B196.pf
WLXQUICKTIMECONTROLHOST.EXE-271639BF.pf
WMIPRVSE.EXE-28F301A9.pf
WMPLAYER.EXE-18DDEF9D.pf
WUAUCLT.EXE-399A8E72.pf
ZIP.EXE-020FF746.pf
_IU14D2N.TMP-11364576.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Suppression
REDEMARRE EN MODE SANS ECHEC
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
▶ Relance List&Kill'em (clic droit pour vista),
mais cette fois-ci :
▶ choisis l'option 2 = Mode Destruction
laisse travailler l'outil
apres les verifications , un rapport va s'ouvrir.
▶ ferme-le.
un deuxieme rapport va s'ouvrir ,
▶ colle son contenu dans ta reponse apres avoir redemarré en mode normal
puis fais moi un nouveau RSIT
REDEMARRE EN MODE SANS ECHEC
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
▶ Relance List&Kill'em (clic droit pour vista),
mais cette fois-ci :
▶ choisis l'option 2 = Mode Destruction
laisse travailler l'outil
apres les verifications , un rapport va s'ouvrir.
▶ ferme-le.
un deuxieme rapport va s'ouvrir ,
▶ colle son contenu dans ta reponse apres avoir redemarré en mode normal
puis fais moi un nouveau RSIT
oui c'est vrai tu me l'avais dit
essaies dont en normal en souhaitant qu'il sera aussi efficace que je l'espère
et rsit en suivant
essaies dont en normal en souhaitant qu'il sera aussi efficace que je l'espère
et rsit en suivant
Kill'em by g3n-h@ckm@n 1.0.4.8
User : Lacaze (Administrateurs) # LACAZE-5B32A5D9
Update on 29/10/2009 by g3n-h@ckm@n ::::: 18.30
Start at: 18:17:47 | 05/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.7.1043 [VPS 091105-0] 4.7.1043 [ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 298,08 Go (259,02 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\windows\System32\smss.exe 596
C:\windows\system32\csrss.exe 644
C:\windows\system32\winlogon.exe 668
C:\windows\system32\services.exe 716
C:\windows\system32\lsass.exe 728
C:\windows\system32\svchost.exe 908
C:\windows\system32\svchost.exe 988
C:\windows\System32\svchost.exe 1088
C:\windows\system32\svchost.exe 1208
C:\windows\system32\svchost.exe 1288
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1392
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1488
C:\windows\Explorer.EXE 1640
C:\windows\RTHDCPL.EXE 1756
C:\windows\system32\RUNDLL32.EXE 1796
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe 1832
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 1864
C:\Program Files\Winamp\winampa.exe 1904
C:\Program Files\iTunes\iTunesHelper.exe 1924
C:\WINDOWS\system32\LVCOMSX.EXE 1932
C:\Program Files\Logitech\Video\LogiTray.exe 1968
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe 2000
C:\windows\system32\ctfmon.exe 2028
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe 2040
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 136
C:\Program Files\Microsoft ActiveSync\wcescomm.exe 144
C:\Program Files\Messenger\msmsgs.exe 156
C:\PROGRA~1\MICROS~4\rapimgr.exe 272
C:\Program Files\OpenOffice.org 3\program\soffice.exe 372
C:\Program Files\OpenOffice.org 3\program\soffice.bin 408
C:\windows\system32\spoolsv.exe 1056
C:\Program Files\Logitech\Video\FxSvr2.exe 1204
C:\windows\system32\svchost.exe 2548
C:\Program Files\a-squared Free\a2service.exe 2580
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2624
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 2656
C:\Program Files\Bonjour\mDNSResponder.exe 2684
C:\windows\system32\nvsvc32.exe 2748
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2816
C:\windows\system32\svchost.exe 3080
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe 3456
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe 3552
C:\Program Files\iPod\bin\iPodService.exe 3784
C:\windows\System32\svchost.exe 2068
C:\windows\system32\wuauclt.exe 2728
C:\Program Files\Mozilla Firefox\firefox.exe 2896
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe 972
C:\Program Files\Windows Live\Contacts\wlcomm.exe 4040
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2484
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2344
C:\Documents and Settings\Lacaze\Bureau\List_Killem.exe 1120
C:\windows\system32\cmd.exe 1764
C:\WINDOWS\system32\wbem\wmiprvse.exe 3268
C:\Documents and Settings\Lacaze\Local Settings\Temp\92.tmp\pv.exe 3936
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
C:\windows\System32\SET152.tmp
C:\windows\System32\SET154.tmp
C:\windows\System32\SET159.tmp
C:\windows\System32\SET160.tmp
C:\windows\System32\SET46.tmp
C:\windows\System32\SET4F.tmp
C:\windows\System32\SET51.tmp
C:\windows\System32\SET5D.tmp
C:\windows\System32\SET6E.tmp
C:\windows\System32\SET70.tmp
C:\windows\System32\SET7F.tmp
C:\windows\System32\SETA3.tmp
"C:\windows\System32\winsys2.exe"
"C:\Documents and Settings\Lacaze\Application Data\inst.exe"
"C:\Documents and Settings\Lacaze\Application Data\Simply Super Software"
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
inst.exe.Kill'em
SET152.tmp.Kill'em
SET154.tmp.Kill'em
SET159.tmp.Kill'em
SET160.tmp.Kill'em
SET46.tmp.Kill'em
SET4F.tmp.Kill'em
SET51.tmp.Kill'em
SET5D.tmp.Kill'em
SET6E.tmp.Kill'em
SET70.tmp.Kill'em
SET7F.tmp.Kill'em
SETA3.tmp.Kill'em
Simply Super Software.Kill'em
WinSys2.exe.Kill'em
¤¤¤¤¤¤¤¤¤¤ Verification :
===============
Path : C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\Fichiers communs\Ahead\Lib\
===============
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
¤¤¤¤¤¤¤¤¤¤ C:\windows\Prefetch :
Layout.ini
NTOSBOOT-B00DFAAD.pf
SOFTONIC_FRANCE_FFTOOLBARHELP-147000FA.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
User : Lacaze (Administrateurs) # LACAZE-5B32A5D9
Update on 29/10/2009 by g3n-h@ckm@n ::::: 18.30
Start at: 18:17:47 | 05/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.7.1043 [VPS 091105-0] 4.7.1043 [ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 298,08 Go (259,02 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\windows\System32\smss.exe 596
C:\windows\system32\csrss.exe 644
C:\windows\system32\winlogon.exe 668
C:\windows\system32\services.exe 716
C:\windows\system32\lsass.exe 728
C:\windows\system32\svchost.exe 908
C:\windows\system32\svchost.exe 988
C:\windows\System32\svchost.exe 1088
C:\windows\system32\svchost.exe 1208
C:\windows\system32\svchost.exe 1288
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1392
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1488
C:\windows\Explorer.EXE 1640
C:\windows\RTHDCPL.EXE 1756
C:\windows\system32\RUNDLL32.EXE 1796
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe 1832
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 1864
C:\Program Files\Winamp\winampa.exe 1904
C:\Program Files\iTunes\iTunesHelper.exe 1924
C:\WINDOWS\system32\LVCOMSX.EXE 1932
C:\Program Files\Logitech\Video\LogiTray.exe 1968
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe 2000
C:\windows\system32\ctfmon.exe 2028
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe 2040
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 136
C:\Program Files\Microsoft ActiveSync\wcescomm.exe 144
C:\Program Files\Messenger\msmsgs.exe 156
C:\PROGRA~1\MICROS~4\rapimgr.exe 272
C:\Program Files\OpenOffice.org 3\program\soffice.exe 372
C:\Program Files\OpenOffice.org 3\program\soffice.bin 408
C:\windows\system32\spoolsv.exe 1056
C:\Program Files\Logitech\Video\FxSvr2.exe 1204
C:\windows\system32\svchost.exe 2548
C:\Program Files\a-squared Free\a2service.exe 2580
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2624
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 2656
C:\Program Files\Bonjour\mDNSResponder.exe 2684
C:\windows\system32\nvsvc32.exe 2748
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2816
C:\windows\system32\svchost.exe 3080
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe 3456
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe 3552
C:\Program Files\iPod\bin\iPodService.exe 3784
C:\windows\System32\svchost.exe 2068
C:\windows\system32\wuauclt.exe 2728
C:\Program Files\Mozilla Firefox\firefox.exe 2896
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe 972
C:\Program Files\Windows Live\Contacts\wlcomm.exe 4040
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2484
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2344
C:\Documents and Settings\Lacaze\Bureau\List_Killem.exe 1120
C:\windows\system32\cmd.exe 1764
C:\WINDOWS\system32\wbem\wmiprvse.exe 3268
C:\Documents and Settings\Lacaze\Local Settings\Temp\92.tmp\pv.exe 3936
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
C:\windows\System32\SET152.tmp
C:\windows\System32\SET154.tmp
C:\windows\System32\SET159.tmp
C:\windows\System32\SET160.tmp
C:\windows\System32\SET46.tmp
C:\windows\System32\SET4F.tmp
C:\windows\System32\SET51.tmp
C:\windows\System32\SET5D.tmp
C:\windows\System32\SET6E.tmp
C:\windows\System32\SET70.tmp
C:\windows\System32\SET7F.tmp
C:\windows\System32\SETA3.tmp
"C:\windows\System32\winsys2.exe"
"C:\Documents and Settings\Lacaze\Application Data\inst.exe"
"C:\Documents and Settings\Lacaze\Application Data\Simply Super Software"
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
inst.exe.Kill'em
SET152.tmp.Kill'em
SET154.tmp.Kill'em
SET159.tmp.Kill'em
SET160.tmp.Kill'em
SET46.tmp.Kill'em
SET4F.tmp.Kill'em
SET51.tmp.Kill'em
SET5D.tmp.Kill'em
SET6E.tmp.Kill'em
SET70.tmp.Kill'em
SET7F.tmp.Kill'em
SETA3.tmp.Kill'em
Simply Super Software.Kill'em
WinSys2.exe.Kill'em
¤¤¤¤¤¤¤¤¤¤ Verification :
===============
Path : C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\Fichiers communs\Ahead\Lib\
===============
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
¤¤¤¤¤¤¤¤¤¤ C:\windows\Prefetch :
Layout.ini
NTOSBOOT-B00DFAAD.pf
SOFTONIC_FRANCE_FFTOOLBARHELP-147000FA.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
et voila pour le RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lacaze at 2009-11-05 18:26:52
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 265 GB (87%) free of 305 GB
Total RAM: 2047 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:54, on 05/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\windows\RTHDCPL.EXE
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\windows\system32\spoolsv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Lacaze\Bureau\RSIT.exe
C:\Program Files\trend micro\Lacaze.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - http://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lacaze at 2009-11-05 18:26:52
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 265 GB (87%) free of 305 GB
Total RAM: 2047 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:54, on 05/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\windows\RTHDCPL.EXE
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\windows\system32\spoolsv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Lacaze\Bureau\RSIT.exe
C:\Program Files\trend micro\Lacaze.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSoft.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - http://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
