[VIRUS] SYSTEM DOCTOR
EDOUARD
-
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
j'en peux plus... aide moi... je suis infecté par system doctor... des pubs chaque fois que je vais sur internet et parfois ca bug. j ai lu les solutions, mais elles semblent si compliquées. n y a -t-il pas une solution plus simple (genre on installe un truc, on scanne et c fini) sans faire appel au redemarrage sans echec, log etc. ou alors qlq peut-il m aider ???????????????
MERCI,
MERCI,
A voir également:
- [VIRUS] SYSTEM DOCTOR
- Reboot system now - Guide
- Pc doctor - Télécharger - Optimisation
- Virus mcafee - Accueil - Piratage
- Spyware doctor - Télécharger - Antivirus & Antimalwares
- Cette action ne peut pas être réalisée car le fichier est ouvert dans system - Guide
51 réponses
Re
Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
Tu scan ton pc avec et tu me donnes le rapport.
Pour norton, il est pas top et un antivirus et pare feu ne font pas tout.
Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
Tu scan ton pc avec et tu me donnes le rapport.
Pour norton, il est pas top et un antivirus et pare feu ne font pas tout.
desolé, j ai eu du mal a telecharger spybot et interrnet a coupé... je te donne le rapport dans 5 min !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
le probleme c que dans la rechercher seach and destry il repere mon KEYLOGGER !!! ET DOWNLOAD ACCELERATOR PLUS.-.... que je veux pas supprimer bien sur...
je sais pas si j ai bien fait.... enfin
:
--- Search result list ---
Download Accelerator Plus ads: Banner (Remplacer le fichier, nothing done)
C:\UTILIT~1\DAP\dap.gif
SC-KeyLog v2.24: Bibliothèque (Fichier, nothing done)
C:\WINDOWS\system32\funny.dll
MagicControl.Agent: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-462468640-523206749-1971367475-1007\Software\LanConfig
NewDotNet: Exécutable (Fichier, nothing done)
C:\WINDOWS\NDNuninstall6_38.exe
NewDotNet: Exécutable (Fichier, nothing done)
C:\WINDOWS\NDNuninstall6_90.exe
NewDotNet: <$WINSOCK> (Winsock, nothing done)
NewDotNet: Réglages Autorun (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\New.net Startup
NewDotNet: Réglages désinstallation (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net
NewDotNet: Dossier Programme (Répertoire, nothing done)
C:\Program Files\NewDotNet\
NewDotNet: Root class (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Tldctl2.URLLink
NewDotNet: Root class (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Tldctl2.URLLink.1
NewDotNet: Class ID (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
NewDotNet: Browser helper object (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
NewDotNet: Réglages globaux (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\New.net
NewDotNet: Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
NewDotNet: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\new.net
NewDotNet: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-462468640-523206749-1971367475-1007\Software\new.net
NewDotNet: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\new.net
Microsoft.WindowsSecurityCenter_disabled: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2
Windows Security Center.FirewallDisableNotify: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
Windows Security Center.AntiVirusDisableNotify: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
SC-KeyLog: Réglages désinstallation (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SC-KeyLog 2.24
SC-KeyLog: Réglages (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\SoftCentral
Teknum Updater: Common file (global) (Fichier, nothing done)
C:\Program Files\Fichiers communs\Teknum Systems\update.exe
Teknum Updater: Common file (global) (Fichier, nothing done)
C:\Program Files\Fichiers communs\Teknum Systems\update.dat
DoubleClick: Cookie traceur (Internet Explorer: HP_Propriétaire) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-04 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-04 Includes\Cookies.sbi (*)
2006-08-04 Includes\Dialer.sbi (*)
2006-08-04 Includes\Hijackers.sbi (*)
2006-08-04 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-08-04 Includes\Malware.sbi (*)
2006-08-04 Includes\PUPS.sbi (*)
2006-08-04 Includes\Revision.sbi (*)
2006-08-04 Includes\Security.sbi (*)
2006-08-04 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-08-04 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
/ Windows XP / SP3: Correctif Windows XP - KB834707
/ Windows XP / SP3: Correctif Windows XP - KB867282
/ Windows XP / SP3: Correctif Windows XP - KB873333
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939)
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890047
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB890923
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066)
/ Windows XP / SP3: Correctif Windows XP - KB893086
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896688)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB896727)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901190)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908531)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911280)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911567)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912812)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913446)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB916281)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917159)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221
--- Startup entries list ---
Located: HK_LM:Run, AGRSMMSG
command: AGRSMMSG.exe
file: C:\WINDOWS\AGRSMMSG.exe
size: 88209
MD5: 230ea041666125b6812fe3ff964b2df3
Located: HK_LM:Run, AlcxMonitor
command: ALCXMNTR.EXE
file: C:\WINDOWS\ALCXMNTR.EXE
size: 50176
MD5: d551e3a28be31adfa9ea4a3325481f65
Located: HK_LM:Run, Beoplayertray
command: C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
file: C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
size: 92672
MD5: 5703d1d139a9f2fab41f6b738ae95e09
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
file: C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 59040
MD5: 4956831b62212c6d9d3f4fcbdc715e63
Located: HK_LM:Run, CloneDVDElbyDelay
command: "C:\Utilitaires\CloneDVD\ElbyCheck.exe" /L ElbyDelay
file: C:\Utilitaires\CloneDVD\ElbyCheck.exe
size: 45056
MD5: 56193bce4dfd8879aedeb26b71a0a583
Located: HK_LM:Run, ElbyCheckAnyDVD
command: "C:\Utilitaires\AnyDVD\ElbyCheck.exe" /L AnyDVD
file: C:\Utilitaires\AnyDVD\ElbyCheck.exe
size: 45056
MD5: 56193bce4dfd8879aedeb26b71a0a583
Located: HK_LM:Run, funny
command: C:\WINDOWS\system32\funny.exe
file: C:\WINDOWS\system32\funny.exe
size: 30309
MD5: fadfa41eeb631051e92c8a8c844e2a1c
Located: HK_LM:Run, Home Theater SchSvr
command: "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
file: C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
size: 155648
MD5: 7ad21f62dd7472c4c6a0ae9bcdb5d382
Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: f5f1a8cdd473d55f9bf6fe23f715b0fa
Located: HK_LM:Run, HPHmon06
command: C:\WINDOWS\system32\hphmon06.exe
file: C:\WINDOWS\system32\hphmon06.exe
size: 659456
MD5: a6fd829f428f6445b8f72ff725438590
Located: HK_LM:Run, HPHUPD06
command: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
file: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
size: 49152
MD5: fe08c1ff4466ad41f6aa113678f5020d
Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06a1ecb63df139ec639e084d4ab3c9d7
Located: HK_LM:Run, iTunesHelper
command: C:\Program Files\iTunes\iTunesHelper.exe
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 286720
MD5: 66b5567789c173fbe294ea1a1f136193
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4a95f15b706b8fd9ec8715b6401eab7b
Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: b1388bf29a0522c7ccd08a563383401b
Located: HK_LM:Run, Logitech Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\WINDOWS\KHALMNPR.EXE
size: 25088
MD5: 473a2d4c94adfd77b633c062de12fa14
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 50688
MD5: 25d60f3cd198007541b422cd34e677ce
Located: HK_LM:Run, Mobile Phone Suite
command: C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe -nogui
file:
Located: HK_LM:Run, NeroCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, New.net Startup
command: rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
file:
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: f5402cd47b7389ddc21f92119a906eee
Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: f5402cd47b7389ddc21f92119a906eee
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1519616
MD5: 0033ce6494554e47514d3487c9a8f93d
Located: HK_LM:Run, OHE
command: C:\Utilitaires\Ohé\OHE.exe
file: C:\Utilitaires\Ohé\OHE.exe
size: 741376
MD5: 697de1bd0cc167a520ad84101fa5503c
Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 81920
MD5: c4c523e78774e05d06efe3e10017cf6d
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: 76a3a30b58405c2c6d833895253a51a9
Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 233472
MD5: 310f1e8a0781887ba1c217448c0e4d48
Located: HK_LM:Run, SiS Windows KeyHook
command: C:\WINDOWS\system32\keyhook.exe
file: C:\WINDOWS\system32\keyhook.exe
size: 249856
MD5: ecdcfbea4caeaf2dd5e9d0092396dfc1
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ed85b344e6edc30c1bc57ec1a2a56bf3
Located: HK_LM:Run, Symantec NetDriver Monitor
command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
file: C:\PROGRA~1\SYMNET~1\SNDMon.exe
size: 100056
MD5: f9418981ee4d7e995d359833adab59d5
Located: HK_LM:Run, VCDPlayer
command: C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
file: C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
size: 57344
MD5: e6922742c2359775735d8022c94a0cd6
Located: HK_LM:Run, VTTimer
command: VTTimer.exe
file:
Located: HK_LM:Run, WINCINEMAMGR
command: "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
file: C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
size: 192512
MD5: 0b006d4b2b669f300ca8b2dfecd9e9c7
Located: HK_LM:Run, WINREMOTE
command: "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
file: C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
size: 192512
MD5: 0b006d4b2b669f300ca8b2dfecd9e9c7
Located: HK_CU:Run, Acme.PCHButton
command: C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
file: C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
size: 159744
MD5: 46fea13bc79783b0f1be262c5c92c7da
Located: HK_CU:Run, Gestionnaire Antidote.exe
command: C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
file: C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
size: 368640
MD5: 416b1e7f8167c0f1894d1f484834af70
Located: HK_CU:Run, LDM
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 36864
MD5: c76c901f3d304c4d773e1bfdcb517798
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: HK_CU:Run, msnmsgr
command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
file: C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5324584
MD5: 651c2b55bc34a17b6a50bbab030673b9
Located: HK_CU:Run, pdfSaver3
command: "C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe"
file: C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
size: 385024
MD5: e5a1d97db93c37e6e1bc40b8df1b7e43
Located: HK_CU:Run, Update Service
command: C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
file: C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe
size: 19456
MD5: 1e172b784e6564834455cb65de87b82c
Located: Démarrage (tous utilisateurs), BeoPlayer.lnk
command: C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
file: C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
size: 359936
MD5: 5d521eb849b1fb157a9e4cb48d66f1c6
Located: Démarrage (tous utilisateurs), BTTray.lnk
command: C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
file: C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
size: 503869
MD5: 6d67db4ce1c1dfd068398a6fa3215a44
Located: Démarrage (tous utilisateurs), HP Digital Imaging Monitor.lnk
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 241664
MD5: 16e91805cc071039372ae0037aaa9a2b
Located: Démarrage (tous utilisateurs), Lancement rapide d'Adobe Reader.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Démarrage (tous utilisateurs), Logitech Desktop Messenger.lnk
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 196608
MD5: 6f2e5108667bf1149d884e3cbeb9cdd1
Located: Démarrage (tous utilisateurs), Logitech SetPoint.lnk
command: C:\Program Files\Logitech\SetPoint\kem.exe
file: C:\Program Files\Logitech\SetPoint\kem.exe
size: 454656
MD5: abb29c3432315798933288d8598b2958
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, funny
command: funny.dll
file: funny.dll
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
Located: WinLogon, LBTServ
command: C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
file: C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
size: 1064960
MD5: 3705e4fff4fc21c66062b65acbf96353
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 14/12/2004 01:56:50
Date (last access): 04/08/2006 19:55:54
Date (last write): 14/12/2004 01:56:50
Filesize: 63136
Attributes: archive
MD5: 42729C3DE75A7A51FC6F9EF6546C9199
CRC32: 4D60BD07
Version: 7.0.0.1333
{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (URLLink)
BHO name:
CLSID name: URLLink
description: New.net
classification: Confirmed as malware
known filename: newdotnet*_**.dll
info link: http://www.doxdesk.com/parasite/NewDotNet.html
info source: TonyKlein
Path: C:\Program Files\NewDotNet\
Long name: newdotnet7_22.dll
Short name: NEWDOT~2.DLL
Date (created): 30/01/2006 17:45:52
Date (last access): 04/08/2006 20:09:58
Date (last write): 30/01/2006 17:45:46
Filesize: 614400
Attributes: sysfile archive
MD5: FB75CC573D91162CA8D4746B6C57C1E8
CRC32: 64E7E4DB
Version: 7.0.0.22
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\UTILIT~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 04/08/2006 20:36:16
Date (last access): 04/08/2006 20:36:16
Date (last write): 31/05/2005 01:04:00
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} (Norton Internet Security)
BHO name: Norton Internet Security
CLSID name: CNisExtBho Class
description: NIS 2004,
classification: Legitimate
known filename: NISShExt.dll
info link: https://us.norton.com/internet-security
info source: TonyKlein
Path: C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\
Long name: NISShExt.dll
Short name:
Date (created): 08/09/2004 23:54:50
Date (last access): 04/08/2006 20:38:32
Date (last write): 08/09/2004 23:54:50
Filesize: 103552
Attributes: archive
MD5: 72D9B96B2A6DB5F713F6B5B57B404664
CRC32: 89D2EAE4
Version: 8.0.0.64
{BDF3E430-B101-42AD-A544-FADC6B084872} (NAV Helper)
BHO name: NAV Helper
CLSID name: CNavExtBho Class
description: Norton Antivirus
classification: Legitimate
known filename: NavShExt.dll
info link: https://us.norton.com/antivirus
info source: TonyKlein
Path: C:\Program Files\Norton Internet Security\Norton AntiVirus\
Long name: NAVSHEXT.DLL
Short name:
Date (created): 31/08/2004 18:47:58
Date (last access): 04/08/2006 19:55:54
Date (last write): 22/11/2005 11:04:36
Filesize: 218760
Attributes: archive
MD5: 8168B770A1A3CE2424E62BB7F4F5968E
CRC32: ACD3ABD7
Version: 11.0.16.2
--- ActiveX list ---
{00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class)
DPF name:
CLSID name: Checkers Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: msgrchkr.dll
Short name:
Date (created): 29/05/2003 16:00:18
Date (last access): 04/08/2006 20:40:24
Date (last write): 29/05/2003 16:00:18
Filesize: 77408
Attributes: archive
MD5: 42D567DF86B9B7AC4A89664C9651B68B
CRC32: 47FF3D19
Version: 7.1.9502.1
{09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control)
DPF name:
CLSID name: France Telecom MDM ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\MDM.inf
Codebase: http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
Path: C:\WINDOWS\
Long name: MDM.ocx
Short name:
Date (created): 23/06/2005 08:40:30
Date (last access): 04/08/2006 20:43:42
Date (last write): 23/06/2005 08:40:30
Filesize: 393216
Attributes: archive
MD5: 07D9EB8205B69FF7C830AE3E389541D2
CRC32: E10DA2ED
Version: 1.4.0.1
{14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~2.DLL
Date (created): 06/04/2004 20:03:54
Date (last access): 04/08/2006 20:40:24
Date (last write): 06/04/2004 20:03:54
Filesize: 172072
Attributes: archive
MD5: 94D1773AEAA2197AFEE3A6F8404FE4E9
CRC32: 76C3823D
Version: 9.2.7513.1
{2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
DPF name:
CLSID name: Minesweeper Flags Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: minesweeper.dll
Short name: MINESW~1.DLL
Date (created): 29/05/2003 15:00:22
Date (last access): 04/08/2006 20:40:24
Date (last write): 29/05/2003 15:00:22
Filesize: 84064
Attributes: archive
MD5: F951FD0EA383DF2D49CA0359E4A86968
CRC32: 50A69718
Version: 7.1.9502.1
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf
Codebase: http://office.microsoft.com/officeupdate/content/opuc3.cab
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 01/09/2005 20:13:54
Date (last access): 04/08/2006 20:43:42
Date (last write): 01/09/2005 20:13:54
Filesize: 532992
Attributes: archive
MD5: CC184F3FC11798F5D19F260797891D2E
CRC32: FA8EEDA8
Version: 12.0.3208.1003
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: https://www.oracle.com/java/technologies/
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 01/01/2004 16:07:26
Date (last access): 04/08/2006 15:32:42
Date (last write): 01/01/2004 16:07:26
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: messengerstatsclient.dll
Short name: MESSEN~1.DLL
Date (created): 29/05/2003 16:00:20
Date (last access): 04/08/2006 20:40:24
Date (last write): 29/05/2003 16:00:20
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 7.1.9502.1
{A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control)
DPF name:
CLSID name: Aurigma Image Uploader 3.5 Control
Installer: C:\WINDOWS\Downloaded Program Files\ImageUploader3.inf
Codebase: http://www.wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader35.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ImageUploader3.ocx
Short name: IMAGEU~1.OCX
Date (created): 22/03/2005 20:32:42
Date (last access): 04/08/2006 15:40:04
Date (last write): 22/03/2005 20:32:42
Filesize: 1918488
Attributes: archive
MD5: 43559FD5607AA570A4908157717CDA7C
CRC32: 58CEE6CD
Version: 3.5.4.0
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class)
DPF name:
CLSID name: MsnMessengerSetupDownloadControl Class
Installer: C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.inf
Codebase: http://messenger.msn.com/download/msnmessengersetupdownloader.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnMessengerSetupDownloader.ocx
Short name: MSNMES~1.OCX
Date (created): 05/11/2004 16:58:20
Date (last access): 04/08/2006 15:40:04
Date (last write): 05/11/2004 16:58:20
Filesize: 119496
Attributes: archive
MD5: 1B40AA6A5D25E6CB4EDFC4C717113161
CRC32: 4F5D45E3
Version: 1.0.0.1
{B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class)
DPF name:
CLSID name: ZoneIntro Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
Short name:
Date (created): 17/11/2004 23:44:52
Date (last access): 04/08/2006 15:40:04
Date (last write): 17/11/2004 23:44:52
Filesize: 114728
Attributes: archive
MD5: F94C4867418A1CA860D784CCD807740B
CRC32: 5DCE6500
Version: 9.3.2846.1
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: https://www.oracle.com/java/technologies/
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 01/01/2004 16:07:26
Date (last access): 04/08/2006 20:48:24
Date (last write): 01/01/2004 16:07:26
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30
{E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object)
DPF name:
CLSID name: ZoneChess Object
Installer:
Codebase: http://messenger.zone.msn.com/binary/Chess.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: Chess.ocx
Short name:
Date (created): 05/08/2004 14:41:42
Date (last access): 04/08/2006 15:40:00
Date (last write): 05/08/2004 14:41:42
Filesize: 288296
Attributes: archive
MD5: 2560A95AF7BE3D5FAE330F4CD6140120
CRC32: D5F7341D
Version: 9.2.9844.1
{FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class)
DPF name:
CLSID name: IWinAmpActiveX Class
Installer: C:\WINDOWS\Downloaded Program Files\ampx.inf
Codebase: http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
Path: C:\PROGRA~1\FICHIE~1\Nullsoft\ActiveX\2.4\
Long name: AmpX.dll
Short name:
Date (created): 03/03/2005 00:14:52
Date (last access): 04/08/2006 15:30:26
Date (last write): 03/03/2005 00:14:52
Filesize: 270408
Attributes: archive
MD5: CE886E0AEE678EBEEC2E59241C7F5A54
CRC32: 7E1839CA
Version: 2.4.0.6
--- Process list ---
PID: 0 ( 0) [System]
PID: 516 ( 4) \SystemRoot\System32\smss.exe
PID: 572 ( 516) \??\C:\WINDOWS\system32\csrss.exe
PID: 596 ( 516) \??\C:\WINDOWS\system32\winlogon.exe
PID: 640 ( 596) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
PID: 652 ( 596) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 9F3744A5C6F49291A7A685040A013399
PID: 800 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 856 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 892 ( 640) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 940 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 992 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1128 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
size: 235168
MD5: 5C0FCB31676012D4C5A35E61D5698A33
PID: 1140 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
size: 181920
MD5: A679E0F2F45C93D9A3601521E871DC3C
PID: 1156 ( 640) C:\Program Files\Norton Internet Security\ISSVC.exe
size: 83584
MD5: 64BC5239264896C8D8FCE558CFBA029B
PID: 1168 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
size: 206552
MD5: 443E397643965E08C5AB6A6CAA732B97
PID: 1256 ( 596) C:\WINDOWS\system32\funny.exe
size: 30309
MD5: FADFA41EEB631051E92C8A8C844E2A1C
PID: 1388 (1360) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA
PID: 1456 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
size: 198304
MD5: 7408706F48BFB2F49C0A34AFF53B94FD
PID: 1712 ( 640) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1812 ( 640) C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
size: 135168
MD5: 7366439142B0BCE950534B62253A18EA
PID: 1824 ( 640) C:\WINDOWS\system32\drivers\CDAC11BA.EXE
size: 54784
MD5: 9BDBDA21D3BA8E374FD06A405BE10215
PID: 1836 ( 640) C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
size: 46080
MD5: 12C13F85BE9D3A58FDB463A6F7DE4E61
PID: 1892 ( 640) C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
size: 177288
MD5: 998E500C07D76D4E7AAEFBA32EDC26D5
PID: 1920 ( 640) C:\WINDOWS\system32\nvsvc32.exe
size: 131139
MD5: A3B67AA9F60533557FD9141BCA9FA4A9
PID: 192 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 184 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 819352
MD5: F11341CD0D1DC5EFF5FEFFCC7424984E
PID: 368 ( 640) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 400 ( 640) C:\Utilitaires\Virtual CD v4\System\vcdsecs.exe
size: 32768
MD5: E5AF8A814C50B9CFEE6BEB043873ECCC
PID: 484 ( 640) c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
size: 316544
MD5: 67C5AF84809468061121FBCBECB19285
PID: 2116 ( 640) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
PID: 2292 (1388) C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3
PID: 2300 (1388) C:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
PID: 2316 (1388) C:\WINDOWS\system32\hphmon06.exe
size: 659456
MD5: A6FD829F428F6445B8F72FF725438590
PID: 2324 (1388) C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4A95F15B706B8FD9EC8715B6401EAB7B
PID: 2332 (1388) C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
size: 155648
MD5: 7AD21F62DD7472C4C6A0AE9BCDB5D382
PID: 2344 (1388) C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
size: 192512
MD5: 0B006D4B2B669F300CA8B2DFECD9E9C7
PID: 2352 (1388) C:\Program Files\iTunes\iTunesHelper.exe
size: 286720
MD5: 66B5567789C173FBE294EA1A1F136193
PID: 2868 (1388) C:\WINDOWS\system32\keyhook.exe
size: 249856
MD5: ECDCFBEA4CAEAF2DD5E9D0092396DFC1
PID: 2876 (1388) C:\WINDOWS\AGRSMMSG.exe
size: 88209
MD5: 230EA041666125B6812FE3FF964B2DF3
PID: 2892 (1388) C:\WINDOWS\ALCXMNTR.EXE
size: 50176
MD5: D551E3A28BE31ADFA9EA4A3325481F65
PID: 2972 (1388) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: F5F1A8CDD473D55F9BF6FE23F715B0FA
PID: 3280 ( 640) C:\Program Files\iPod\bin\iPodService.exe
size: 401408
MD5: 8BB59AC2E3B2077747323542D1035155
PID: 3536 (1388) C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe
size: 952131
MD5: 34166E53787EF627DF137C47F5B74FFA
PID: 3572 (1388) C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 50688
MD5: 25D60F3CD198007541B422CD34E677CE
PID: 3580 (1388) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: F5402CD47B7389DDC21F92119A906EEE
PID: 3708 (1388) C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: F5402CD47B7389DDC21F92119A906EEE
PID: 3736 (1388) C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
size: 57344
MD5: E6922742C2359775735D8022C94A0CD6
PID: 3832 (1388) C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
size: 92672
MD5: 5703D1D139A9F2FAB41F6B738AE95E09
PID: 3984 (1388) C:\Utilitaires\Ohé\OHE.exe
size: 741376
MD5: 697DE1BD0CC167A520AD84101FA5503C
PID: 3992 (3672) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: F5402CD47B7389DDC21F92119A906EEE
PID: 4016 (1388) C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 59040
MD5: 4956831B62212C6D9D3F4FCBDC715E63
PID: 920 (3736) C:\Utilitaires\Virtual CD v4\System\VCDTray.exe
size: 81920
MD5: 91C7D543C71DF11987C9360E56F99234
PID: 1016 (1388) C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
size: 159744
MD5: 46FEA13BC79783B0F1BE262C5C92C7DA
PID: 2308 (1388) C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
size: 385024
MD5: E5A1D97DB93C37E6E1BC40B8DF1B7E43
PID: 2400 (1388) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 36864
MD5: C76C901F3D304C4D773E1BFDCB517798
PID: 2696 (1388) C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
size: 368640
MD5: 416B1E7F8167C0F1894D1F484834AF70
PID: 2836 (1388) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
PID: 3176 (1388) C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5324584
MD5: 651C2B55BC34A17B6A50BBAB030673B9
PID: 3192 ( 640) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 2212 (1388) C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
size: 359936
MD5: 5D521EB849B1FB157A9E4CB48D66F1C6
PID: 2468 (1388) C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
size: 503869
MD5: 6D67DB4CE1C1DFD068398A6FA3215A44
PID: 2480 (1388) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 241664
MD5: 16E91805CC071039372AE0037AAA9A2B
PID: 3628 (1388) C:\Program Files\Logitech\SetPoint\kem.exe
size: 454656
MD5: ABB29C3432315798933288D8598B2958
PID: 2768 ( 800) C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
size: 1130580
MD5: 666E53C81C43F97DCA89FD81FB3140E8
PID: 3132 (3628) C:\PROGRAM FILES\LOGITECH\SETPOINT\KHALMNPR.EXE
size: 25088
MD5: 473A2D4C94ADFD77B633C062DE12FA14
PID: 1348 (1388) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 93184
MD5: 833E2B3F0E2484C0F2B804AE871B4381
PID: 2800 (2236) C:\UTILIT~1\DAP\DAP.EXE
size: 1565696
MD5: EA231C3B1AEB365CC5D22DC7C0623424
PID: 2460 (2808) C:\Utilitaires\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 3568 (1388) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 93184
MD5: 833E2B3F0E2484C0F2B804AE871B4381
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 04/08/2006 20:48:27
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.secure.bnpparibas.net/controller?redir=1&stamp=1107700678454&type=hom...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: New.net UDP Chain
GUID: {07785CE1-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Description: New.Net UDP chain
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Chain
Protocol 1: New.net TCP Chain
GUID: {F09D4560-0007-0016-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Protocol 2: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 4: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 5: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 6: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{94D81838-703F-49E7-89ED-94B5017F1DEE}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{94D81838-703F-49E7-89ED-94B5017F1DEE}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4398E732-1381-4C08-A174-117C1A6991F4}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4398E732-1381-4C08-A174-117C1A6991F4}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ADE12A70-83E0-4526-867D-FEA8E0260D06}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ADE12A70-83E0-4526-867D-FEA8E0260D06}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{711EC23A-C78A-400A-8B56-B836A7AF95E6}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{711EC23A-C78A-400A-8B56-B836A7AF95E6}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F057CA25-2E66-4064-97FF-E457F5282A7F}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F057CA25-2E66-4064-97FF-E457F5282A7F}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{62370002-5F1D-44D3-BEC6-FF1C1282E443}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{62370002-5F1D-44D3-BEC6-FF1C1282E443}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E6341A60-E735-4FB3-B7F9-196B1EDCFB46}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E6341A60-E735-4FB3-B7F9-196B1EDCFB46}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: New.net TCP Filter
GUID: {53D204E0-0007-0016-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Protocol 26: New.net UDP Filter
GUID: {07785CE0-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Description: New.Net UDP filter
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Filter
Namespace Provider 0: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Espace de noms NLA (Network Location Awareness)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 3: New.net Name Space Provider
GUID: {3B5F8060-1AE1-11D4-966F-00E018981B9E}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Description: New.Net name space provider
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net Name Space Provider
--- Uninstall list ---
320 SPACEC@M (320 SPACEC@M)
uninstall cmd: C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
7-Zip 4.33 beta (7-Zip)
uninstall cmd: "C:\Utilitaires\7-Zip\Uninstall.exe"
(AddressBook)
Adobe SVG Viewer 3.0 3.0 (Adobe SVG Viewer)
version (major): 3
install location: C:\WINDOWS\system32\Adobe\SVG Viewer 3.0
uninstall cmd: C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
publisher: Adobe Systems, Inc.
Agere Systems PCI Soft Modem (Agere Systems Soft Modem)
uninstall cmd: agrsmdel
AMSN-Pack (remove only) (AMSN-Pack)
uninstall cmd: C:\Program Files\AMSN\uninstall.exe
Antidote (Antidote)
uninstall cmd: "C:\Program Files\Druide\Antidote\IsStub32.exe" -f"C:\Program Files\Druide\Antidote\DeIsL1.isu" -c"C:\Program Files\Druide\Antidote\_ISREG32.DLL"
AnyDVD (AnyDVD)
install location: C:\Utilitaires\AnyDVD
uninstall cmd: "C:\Utilitaires\AnyDVD\AnyDVD-uninst.exe" /D="C:\Utilitaires\AnyDVD"
publisher: SlySoft
Archos MPG4 Translator V3.0.9 (Archos MPG4 Translator V3.0.9)
uninstall cmd: C:\UTILITAIRES\Archos MP4SP\Uninstal.exe
CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Utilitaires\CCleaner\uninst.exe"
CD Dalloz Expert - Dalloz Etudes Civil (Cd Etudes Civil)
uninstall cmd: C:\Evasion\Etudes\Civil\Desinstall.exe
CD Dalloz Expert - Dalloz Etudes Pénal - Procédure Pénale (Cd Etudes Penal)
uninstall cmd: C:\Evasion\Etudes\Penal\Desinstall.exe
SafeCast Shared Components (CdaC13Ba)
version (major): 2
version (minor): 20
install location: C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\
uninstall cmd: C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
publisher: Macrovision
CDex extraction audio (CDex)
uninstall cmd: "C:\Utilitaires\CDex_150\uninstall.exe"
CloneDVD (CloneDVD)
install location: C:\Utilitaires\CloneDVD
uninstall cmd: "C:\Utilitaires\CloneDVD\CloneDVD-uninst.exe" /D="C:\Utilitaires\CloneDVD"
publisher: Elaborate Bytes
(Connection Manager)
(DeleteProdRunDictate_FR)
uninstall cmd: "C:\UTILITAIRES\ViaVoice\Bin\vunFR.exe" ProdRunDictate Dc Fr_FR 'IBM ViaVoice™ Dictation Runtime' C:\WINDOWS\IsUn040c.exe -fC:\UTILITAIRES\ViaVoice\RtDict_FR.isu
IBM ViaVoice Pro 8.0 - Français (DeleteProdVVFW80Full_FR)
uninstall cmd: "C:\UTILITAIRES\ViaVoice\Bin\uninst_FR.exe" DeleteProdVVFW80Full_FR
(DirectAnimation)
(DirectDrawEx)
Download Accelerator Plus (Download Accelerator Plus )
uninstall cmd: C:\UTILIT~1\DAP\DAPREMOVE.EXE
DVD Shrink 3.2 (DVD Shrink_is1)
install location: C:\Utilitaires\DVD Shrink\
uninstall cmd: "C:\Utilitaires\DVD Shrink\unins000.exe"
publisher: DVD Shrink
help link: http://www.dvdshrink.org
DVDFab Decrypter 2.9.8.1 (DVDFab Decrypter_is1)
install location: C:\Utilitaires\DVDFab Decrypter\
uninstall cmd: "C:\Utilitaires\DVDFab Decrypter\unins000.exe"
publisher: Fengtao Software Inc.
help link: http://www.dvdidle.com/
(DXM_Runtime)
(EasyDivX v0.82)
eMule (eMule)
uninstall cmd: "C:\Utilitaires\eMule\Uninstall.exe"
:
--- Search result list ---
Download Accelerator Plus ads: Banner (Remplacer le fichier, nothing done)
C:\UTILIT~1\DAP\dap.gif
SC-KeyLog v2.24: Bibliothèque (Fichier, nothing done)
C:\WINDOWS\system32\funny.dll
MagicControl.Agent: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-462468640-523206749-1971367475-1007\Software\LanConfig
NewDotNet: Exécutable (Fichier, nothing done)
C:\WINDOWS\NDNuninstall6_38.exe
NewDotNet: Exécutable (Fichier, nothing done)
C:\WINDOWS\NDNuninstall6_90.exe
NewDotNet: <$WINSOCK> (Winsock, nothing done)
NewDotNet: Réglages Autorun (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\New.net Startup
NewDotNet: Réglages désinstallation (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net
NewDotNet: Dossier Programme (Répertoire, nothing done)
C:\Program Files\NewDotNet\
NewDotNet: Root class (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Tldctl2.URLLink
NewDotNet: Root class (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Tldctl2.URLLink.1
NewDotNet: Class ID (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
NewDotNet: Browser helper object (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
NewDotNet: Réglages globaux (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\New.net
NewDotNet: Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
NewDotNet: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\new.net
NewDotNet: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-462468640-523206749-1971367475-1007\Software\new.net
NewDotNet: Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\new.net
Microsoft.WindowsSecurityCenter_disabled: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2
Windows Security Center.FirewallDisableNotify: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
Windows Security Center.AntiVirusDisableNotify: Réglages (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
SC-KeyLog: Réglages désinstallation (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SC-KeyLog 2.24
SC-KeyLog: Réglages (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\SoftCentral
Teknum Updater: Common file (global) (Fichier, nothing done)
C:\Program Files\Fichiers communs\Teknum Systems\update.exe
Teknum Updater: Common file (global) (Fichier, nothing done)
C:\Program Files\Fichiers communs\Teknum Systems\update.dat
DoubleClick: Cookie traceur (Internet Explorer: HP_Propriétaire) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-04 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-04 Includes\Cookies.sbi (*)
2006-08-04 Includes\Dialer.sbi (*)
2006-08-04 Includes\Hijackers.sbi (*)
2006-08-04 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-08-04 Includes\Malware.sbi (*)
2006-08-04 Includes\PUPS.sbi (*)
2006-08-04 Includes\Revision.sbi (*)
2006-08-04 Includes\Security.sbi (*)
2006-08-04 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-08-04 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
/ Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
/ Windows XP / SP3: Correctif Windows XP - KB834707
/ Windows XP / SP3: Correctif Windows XP - KB867282
/ Windows XP / SP3: Correctif Windows XP - KB873333
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939)
/ Windows XP / SP3: Correctif Windows XP - KB885250
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: Correctif Windows XP - KB887742
/ Windows XP / SP3: Correctif Windows XP - KB888113
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
/ Windows XP / SP3: Correctif Windows XP - KB890047
/ Windows XP / SP3: Correctif Windows XP - KB890175
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB890923
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066)
/ Windows XP / SP3: Correctif Windows XP - KB893086
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896688)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB896727)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899588)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901190)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908531)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911280)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911567)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912812)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913446)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB916281)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917159)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221
--- Startup entries list ---
Located: HK_LM:Run, AGRSMMSG
command: AGRSMMSG.exe
file: C:\WINDOWS\AGRSMMSG.exe
size: 88209
MD5: 230ea041666125b6812fe3ff964b2df3
Located: HK_LM:Run, AlcxMonitor
command: ALCXMNTR.EXE
file: C:\WINDOWS\ALCXMNTR.EXE
size: 50176
MD5: d551e3a28be31adfa9ea4a3325481f65
Located: HK_LM:Run, Beoplayertray
command: C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
file: C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
size: 92672
MD5: 5703d1d139a9f2fab41f6b738ae95e09
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
file: C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 59040
MD5: 4956831b62212c6d9d3f4fcbdc715e63
Located: HK_LM:Run, CloneDVDElbyDelay
command: "C:\Utilitaires\CloneDVD\ElbyCheck.exe" /L ElbyDelay
file: C:\Utilitaires\CloneDVD\ElbyCheck.exe
size: 45056
MD5: 56193bce4dfd8879aedeb26b71a0a583
Located: HK_LM:Run, ElbyCheckAnyDVD
command: "C:\Utilitaires\AnyDVD\ElbyCheck.exe" /L AnyDVD
file: C:\Utilitaires\AnyDVD\ElbyCheck.exe
size: 45056
MD5: 56193bce4dfd8879aedeb26b71a0a583
Located: HK_LM:Run, funny
command: C:\WINDOWS\system32\funny.exe
file: C:\WINDOWS\system32\funny.exe
size: 30309
MD5: fadfa41eeb631051e92c8a8c844e2a1c
Located: HK_LM:Run, Home Theater SchSvr
command: "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
file: C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
size: 155648
MD5: 7ad21f62dd7472c4c6a0ae9bcdb5d382
Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: f5f1a8cdd473d55f9bf6fe23f715b0fa
Located: HK_LM:Run, HPHmon06
command: C:\WINDOWS\system32\hphmon06.exe
file: C:\WINDOWS\system32\hphmon06.exe
size: 659456
MD5: a6fd829f428f6445b8f72ff725438590
Located: HK_LM:Run, HPHUPD06
command: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
file: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
size: 49152
MD5: fe08c1ff4466ad41f6aa113678f5020d
Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06a1ecb63df139ec639e084d4ab3c9d7
Located: HK_LM:Run, iTunesHelper
command: C:\Program Files\iTunes\iTunesHelper.exe
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 286720
MD5: 66b5567789c173fbe294ea1a1f136193
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4a95f15b706b8fd9ec8715b6401eab7b
Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: b1388bf29a0522c7ccd08a563383401b
Located: HK_LM:Run, Logitech Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\WINDOWS\KHALMNPR.EXE
size: 25088
MD5: 473a2d4c94adfd77b633c062de12fa14
Located: HK_LM:Run, Microsoft Works Update Detection
command: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
file: C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 50688
MD5: 25d60f3cd198007541b422cd34e677ce
Located: HK_LM:Run, Mobile Phone Suite
command: C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe -nogui
file:
Located: HK_LM:Run, NeroCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, New.net Startup
command: rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
file:
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: f5402cd47b7389ddc21f92119a906eee
Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: f5402cd47b7389ddc21f92119a906eee
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1519616
MD5: 0033ce6494554e47514d3487c9a8f93d
Located: HK_LM:Run, OHE
command: C:\Utilitaires\Ohé\OHE.exe
file: C:\Utilitaires\Ohé\OHE.exe
size: 741376
MD5: 697de1bd0cc167a520ad84101fa5503c
Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 81920
MD5: c4c523e78774e05d06efe3e10017cf6d
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: 76a3a30b58405c2c6d833895253a51a9
Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 233472
MD5: 310f1e8a0781887ba1c217448c0e4d48
Located: HK_LM:Run, SiS Windows KeyHook
command: C:\WINDOWS\system32\keyhook.exe
file: C:\WINDOWS\system32\keyhook.exe
size: 249856
MD5: ecdcfbea4caeaf2dd5e9d0092396dfc1
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ed85b344e6edc30c1bc57ec1a2a56bf3
Located: HK_LM:Run, Symantec NetDriver Monitor
command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
file: C:\PROGRA~1\SYMNET~1\SNDMon.exe
size: 100056
MD5: f9418981ee4d7e995d359833adab59d5
Located: HK_LM:Run, VCDPlayer
command: C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
file: C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
size: 57344
MD5: e6922742c2359775735d8022c94a0cd6
Located: HK_LM:Run, VTTimer
command: VTTimer.exe
file:
Located: HK_LM:Run, WINCINEMAMGR
command: "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
file: C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
size: 192512
MD5: 0b006d4b2b669f300ca8b2dfecd9e9c7
Located: HK_LM:Run, WINREMOTE
command: "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
file: C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
size: 192512
MD5: 0b006d4b2b669f300ca8b2dfecd9e9c7
Located: HK_CU:Run, Acme.PCHButton
command: C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
file: C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
size: 159744
MD5: 46fea13bc79783b0f1be262c5c92c7da
Located: HK_CU:Run, Gestionnaire Antidote.exe
command: C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
file: C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
size: 368640
MD5: 416b1e7f8167c0f1894d1f484834af70
Located: HK_CU:Run, LDM
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 36864
MD5: c76c901f3d304c4d773e1bfdcb517798
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: HK_CU:Run, msnmsgr
command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
file: C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5324584
MD5: 651c2b55bc34a17b6a50bbab030673b9
Located: HK_CU:Run, pdfSaver3
command: "C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe"
file: C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
size: 385024
MD5: e5a1d97db93c37e6e1bc40b8df1b7e43
Located: HK_CU:Run, Update Service
command: C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
file: C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe
size: 19456
MD5: 1e172b784e6564834455cb65de87b82c
Located: Démarrage (tous utilisateurs), BeoPlayer.lnk
command: C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
file: C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
size: 359936
MD5: 5d521eb849b1fb157a9e4cb48d66f1c6
Located: Démarrage (tous utilisateurs), BTTray.lnk
command: C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
file: C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
size: 503869
MD5: 6d67db4ce1c1dfd068398a6fa3215a44
Located: Démarrage (tous utilisateurs), HP Digital Imaging Monitor.lnk
command: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
file: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 241664
MD5: 16e91805cc071039372ae0037aaa9a2b
Located: Démarrage (tous utilisateurs), Lancement rapide d'Adobe Reader.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Démarrage (tous utilisateurs), Logitech Desktop Messenger.lnk
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 196608
MD5: 6f2e5108667bf1149d884e3cbeb9cdd1
Located: Démarrage (tous utilisateurs), Logitech SetPoint.lnk
command: C:\Program Files\Logitech\SetPoint\kem.exe
file: C:\Program Files\Logitech\SetPoint\kem.exe
size: 454656
MD5: abb29c3432315798933288d8598b2958
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, funny
command: funny.dll
file: funny.dll
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
Located: WinLogon, LBTServ
command: C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
file: C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
size: 1064960
MD5: 3705e4fff4fc21c66062b65acbf96353
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 14/12/2004 01:56:50
Date (last access): 04/08/2006 19:55:54
Date (last write): 14/12/2004 01:56:50
Filesize: 63136
Attributes: archive
MD5: 42729C3DE75A7A51FC6F9EF6546C9199
CRC32: 4D60BD07
Version: 7.0.0.1333
{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (URLLink)
BHO name:
CLSID name: URLLink
description: New.net
classification: Confirmed as malware
known filename: newdotnet*_**.dll
info link: http://www.doxdesk.com/parasite/NewDotNet.html
info source: TonyKlein
Path: C:\Program Files\NewDotNet\
Long name: newdotnet7_22.dll
Short name: NEWDOT~2.DLL
Date (created): 30/01/2006 17:45:52
Date (last access): 04/08/2006 20:09:58
Date (last write): 30/01/2006 17:45:46
Filesize: 614400
Attributes: sysfile archive
MD5: FB75CC573D91162CA8D4746B6C57C1E8
CRC32: 64E7E4DB
Version: 7.0.0.22
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\UTILIT~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 04/08/2006 20:36:16
Date (last access): 04/08/2006 20:36:16
Date (last write): 31/05/2005 01:04:00
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} (Norton Internet Security)
BHO name: Norton Internet Security
CLSID name: CNisExtBho Class
description: NIS 2004,
classification: Legitimate
known filename: NISShExt.dll
info link: https://us.norton.com/internet-security
info source: TonyKlein
Path: C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\
Long name: NISShExt.dll
Short name:
Date (created): 08/09/2004 23:54:50
Date (last access): 04/08/2006 20:38:32
Date (last write): 08/09/2004 23:54:50
Filesize: 103552
Attributes: archive
MD5: 72D9B96B2A6DB5F713F6B5B57B404664
CRC32: 89D2EAE4
Version: 8.0.0.64
{BDF3E430-B101-42AD-A544-FADC6B084872} (NAV Helper)
BHO name: NAV Helper
CLSID name: CNavExtBho Class
description: Norton Antivirus
classification: Legitimate
known filename: NavShExt.dll
info link: https://us.norton.com/antivirus
info source: TonyKlein
Path: C:\Program Files\Norton Internet Security\Norton AntiVirus\
Long name: NAVSHEXT.DLL
Short name:
Date (created): 31/08/2004 18:47:58
Date (last access): 04/08/2006 19:55:54
Date (last write): 22/11/2005 11:04:36
Filesize: 218760
Attributes: archive
MD5: 8168B770A1A3CE2424E62BB7F4F5968E
CRC32: ACD3ABD7
Version: 11.0.16.2
--- ActiveX list ---
{00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class)
DPF name:
CLSID name: Checkers Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: msgrchkr.dll
Short name:
Date (created): 29/05/2003 16:00:18
Date (last access): 04/08/2006 20:40:24
Date (last write): 29/05/2003 16:00:18
Filesize: 77408
Attributes: archive
MD5: 42D567DF86B9B7AC4A89664C9651B68B
CRC32: 47FF3D19
Version: 7.1.9502.1
{09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control)
DPF name:
CLSID name: France Telecom MDM ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\MDM.inf
Codebase: http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
Path: C:\WINDOWS\
Long name: MDM.ocx
Short name:
Date (created): 23/06/2005 08:40:30
Date (last access): 04/08/2006 20:43:42
Date (last write): 23/06/2005 08:40:30
Filesize: 393216
Attributes: archive
MD5: 07D9EB8205B69FF7C830AE3E389541D2
CRC32: E10DA2ED
Version: 1.4.0.1
{14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~2.DLL
Date (created): 06/04/2004 20:03:54
Date (last access): 04/08/2006 20:40:24
Date (last write): 06/04/2004 20:03:54
Filesize: 172072
Attributes: archive
MD5: 94D1773AEAA2197AFEE3A6F8404FE4E9
CRC32: 76C3823D
Version: 9.2.7513.1
{2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class)
DPF name:
CLSID name: Minesweeper Flags Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: minesweeper.dll
Short name: MINESW~1.DLL
Date (created): 29/05/2003 15:00:22
Date (last access): 04/08/2006 20:40:24
Date (last write): 29/05/2003 15:00:22
Filesize: 84064
Attributes: archive
MD5: F951FD0EA383DF2D49CA0359E4A86968
CRC32: 50A69718
Version: 7.1.9502.1
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf
Codebase: http://office.microsoft.com/officeupdate/content/opuc3.cab
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 01/09/2005 20:13:54
Date (last access): 04/08/2006 20:43:42
Date (last write): 01/09/2005 20:13:54
Filesize: 532992
Attributes: archive
MD5: CC184F3FC11798F5D19F260797891D2E
CRC32: FA8EEDA8
Version: 12.0.3208.1003
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: https://www.oracle.com/java/technologies/
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 01/01/2004 16:07:26
Date (last access): 04/08/2006 15:32:42
Date (last write): 01/01/2004 16:07:26
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: messengerstatsclient.dll
Short name: MESSEN~1.DLL
Date (created): 29/05/2003 16:00:20
Date (last access): 04/08/2006 20:40:24
Date (last write): 29/05/2003 16:00:20
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 7.1.9502.1
{A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control)
DPF name:
CLSID name: Aurigma Image Uploader 3.5 Control
Installer: C:\WINDOWS\Downloaded Program Files\ImageUploader3.inf
Codebase: http://www.wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader35.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ImageUploader3.ocx
Short name: IMAGEU~1.OCX
Date (created): 22/03/2005 20:32:42
Date (last access): 04/08/2006 15:40:04
Date (last write): 22/03/2005 20:32:42
Filesize: 1918488
Attributes: archive
MD5: 43559FD5607AA570A4908157717CDA7C
CRC32: 58CEE6CD
Version: 3.5.4.0
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class)
DPF name:
CLSID name: MsnMessengerSetupDownloadControl Class
Installer: C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.inf
Codebase: http://messenger.msn.com/download/msnmessengersetupdownloader.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnMessengerSetupDownloader.ocx
Short name: MSNMES~1.OCX
Date (created): 05/11/2004 16:58:20
Date (last access): 04/08/2006 15:40:04
Date (last write): 05/11/2004 16:58:20
Filesize: 119496
Attributes: archive
MD5: 1B40AA6A5D25E6CB4EDFC4C717113161
CRC32: 4F5D45E3
Version: 1.0.0.1
{B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class)
DPF name:
CLSID name: ZoneIntro Class
Installer:
Codebase: http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
Short name:
Date (created): 17/11/2004 23:44:52
Date (last access): 04/08/2006 15:40:04
Date (last write): 17/11/2004 23:44:52
Filesize: 114728
Attributes: archive
MD5: F94C4867418A1CA860D784CCD807740B
CRC32: 5DCE6500
Version: 9.3.2846.1
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: https://www.oracle.com/java/technologies/
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 01/01/2004 16:07:26
Date (last access): 04/08/2006 20:48:24
Date (last write): 01/01/2004 16:07:26
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30
{E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object)
DPF name:
CLSID name: ZoneChess Object
Installer:
Codebase: http://messenger.zone.msn.com/binary/Chess.cab31267.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: Chess.ocx
Short name:
Date (created): 05/08/2004 14:41:42
Date (last access): 04/08/2006 15:40:00
Date (last write): 05/08/2004 14:41:42
Filesize: 288296
Attributes: archive
MD5: 2560A95AF7BE3D5FAE330F4CD6140120
CRC32: D5F7341D
Version: 9.2.9844.1
{FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class)
DPF name:
CLSID name: IWinAmpActiveX Class
Installer: C:\WINDOWS\Downloaded Program Files\ampx.inf
Codebase: http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
Path: C:\PROGRA~1\FICHIE~1\Nullsoft\ActiveX\2.4\
Long name: AmpX.dll
Short name:
Date (created): 03/03/2005 00:14:52
Date (last access): 04/08/2006 15:30:26
Date (last write): 03/03/2005 00:14:52
Filesize: 270408
Attributes: archive
MD5: CE886E0AEE678EBEEC2E59241C7F5A54
CRC32: 7E1839CA
Version: 2.4.0.6
--- Process list ---
PID: 0 ( 0) [System]
PID: 516 ( 4) \SystemRoot\System32\smss.exe
PID: 572 ( 516) \??\C:\WINDOWS\system32\csrss.exe
PID: 596 ( 516) \??\C:\WINDOWS\system32\winlogon.exe
PID: 640 ( 596) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
PID: 652 ( 596) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 9F3744A5C6F49291A7A685040A013399
PID: 800 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 856 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 892 ( 640) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 940 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 992 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1128 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
size: 235168
MD5: 5C0FCB31676012D4C5A35E61D5698A33
PID: 1140 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
size: 181920
MD5: A679E0F2F45C93D9A3601521E871DC3C
PID: 1156 ( 640) C:\Program Files\Norton Internet Security\ISSVC.exe
size: 83584
MD5: 64BC5239264896C8D8FCE558CFBA029B
PID: 1168 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
size: 206552
MD5: 443E397643965E08C5AB6A6CAA732B97
PID: 1256 ( 596) C:\WINDOWS\system32\funny.exe
size: 30309
MD5: FADFA41EEB631051E92C8A8C844E2A1C
PID: 1388 (1360) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA
PID: 1456 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
size: 198304
MD5: 7408706F48BFB2F49C0A34AFF53B94FD
PID: 1712 ( 640) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1812 ( 640) C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
size: 135168
MD5: 7366439142B0BCE950534B62253A18EA
PID: 1824 ( 640) C:\WINDOWS\system32\drivers\CDAC11BA.EXE
size: 54784
MD5: 9BDBDA21D3BA8E374FD06A405BE10215
PID: 1836 ( 640) C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
size: 46080
MD5: 12C13F85BE9D3A58FDB463A6F7DE4E61
PID: 1892 ( 640) C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
size: 177288
MD5: 998E500C07D76D4E7AAEFBA32EDC26D5
PID: 1920 ( 640) C:\WINDOWS\system32\nvsvc32.exe
size: 131139
MD5: A3B67AA9F60533557FD9141BCA9FA4A9
PID: 192 ( 640) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 184 ( 640) C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 819352
MD5: F11341CD0D1DC5EFF5FEFFCC7424984E
PID: 368 ( 640) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 400 ( 640) C:\Utilitaires\Virtual CD v4\System\vcdsecs.exe
size: 32768
MD5: E5AF8A814C50B9CFEE6BEB043873ECCC
PID: 484 ( 640) c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
size: 316544
MD5: 67C5AF84809468061121FBCBECB19285
PID: 2116 ( 640) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
PID: 2292 (1388) C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3
PID: 2300 (1388) C:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06A1ECB63DF139EC639E084D4AB3C9D7
PID: 2316 (1388) C:\WINDOWS\system32\hphmon06.exe
size: 659456
MD5: A6FD829F428F6445B8F72FF725438590
PID: 2324 (1388) C:\HP\KBD\KBD.EXE
size: 61440
MD5: 4A95F15B706B8FD9EC8715B6401EAB7B
PID: 2332 (1388) C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
size: 155648
MD5: 7AD21F62DD7472C4C6A0AE9BCDB5D382
PID: 2344 (1388) C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
size: 192512
MD5: 0B006D4B2B669F300CA8B2DFECD9E9C7
PID: 2352 (1388) C:\Program Files\iTunes\iTunesHelper.exe
size: 286720
MD5: 66B5567789C173FBE294EA1A1F136193
PID: 2868 (1388) C:\WINDOWS\system32\keyhook.exe
size: 249856
MD5: ECDCFBEA4CAEAF2DD5E9D0092396DFC1
PID: 2876 (1388) C:\WINDOWS\AGRSMMSG.exe
size: 88209
MD5: 230EA041666125B6812FE3FF964B2DF3
PID: 2892 (1388) C:\WINDOWS\ALCXMNTR.EXE
size: 50176
MD5: D551E3A28BE31ADFA9EA4A3325481F65
PID: 2972 (1388) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: F5F1A8CDD473D55F9BF6FE23F715B0FA
PID: 3280 ( 640) C:\Program Files\iPod\bin\iPodService.exe
size: 401408
MD5: 8BB59AC2E3B2077747323542D1035155
PID: 3536 (1388) C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe
size: 952131
MD5: 34166E53787EF627DF137C47F5B74FFA
PID: 3572 (1388) C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
size: 50688
MD5: 25D60F3CD198007541B422CD34E677CE
PID: 3580 (1388) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: F5402CD47B7389DDC21F92119A906EEE
PID: 3708 (1388) C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: F5402CD47B7389DDC21F92119A906EEE
PID: 3736 (1388) C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
size: 57344
MD5: E6922742C2359775735D8022C94A0CD6
PID: 3832 (1388) C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
size: 92672
MD5: 5703D1D139A9F2FAB41F6B738AE95E09
PID: 3984 (1388) C:\Utilitaires\Ohé\OHE.exe
size: 741376
MD5: 697DE1BD0CC167A520AD84101FA5503C
PID: 3992 (3672) C:\WINDOWS\system32\rundll32.exe
size: 33792
MD5: F5402CD47B7389DDC21F92119A906EEE
PID: 4016 (1388) C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
size: 59040
MD5: 4956831B62212C6D9D3F4FCBDC715E63
PID: 920 (3736) C:\Utilitaires\Virtual CD v4\System\VCDTray.exe
size: 81920
MD5: 91C7D543C71DF11987C9360E56F99234
PID: 1016 (1388) C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
size: 159744
MD5: 46FEA13BC79783B0F1BE262C5C92C7DA
PID: 2308 (1388) C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
size: 385024
MD5: E5A1D97DB93C37E6E1BC40B8DF1B7E43
PID: 2400 (1388) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 36864
MD5: C76C901F3D304C4D773E1BFDCB517798
PID: 2696 (1388) C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
size: 368640
MD5: 416B1E7F8167C0F1894D1F484834AF70
PID: 2836 (1388) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
PID: 3176 (1388) C:\Program Files\MSN Messenger\msnmsgr.exe
size: 5324584
MD5: 651C2B55BC34A17B6A50BBAB030673B9
PID: 3192 ( 640) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 2212 (1388) C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
size: 359936
MD5: 5D521EB849B1FB157A9E4CB48D66F1C6
PID: 2468 (1388) C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
size: 503869
MD5: 6D67DB4CE1C1DFD068398A6FA3215A44
PID: 2480 (1388) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
size: 241664
MD5: 16E91805CC071039372AE0037AAA9A2B
PID: 3628 (1388) C:\Program Files\Logitech\SetPoint\kem.exe
size: 454656
MD5: ABB29C3432315798933288D8598B2958
PID: 2768 ( 800) C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
size: 1130580
MD5: 666E53C81C43F97DCA89FD81FB3140E8
PID: 3132 (3628) C:\PROGRAM FILES\LOGITECH\SETPOINT\KHALMNPR.EXE
size: 25088
MD5: 473A2D4C94ADFD77B633C062DE12FA14
PID: 1348 (1388) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 93184
MD5: 833E2B3F0E2484C0F2B804AE871B4381
PID: 2800 (2236) C:\UTILIT~1\DAP\DAP.EXE
size: 1565696
MD5: EA231C3B1AEB365CC5D22DC7C0623424
PID: 2460 (2808) C:\Utilitaires\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 3568 (1388) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 93184
MD5: 833E2B3F0E2484C0F2B804AE871B4381
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 04/08/2006 20:48:27
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.secure.bnpparibas.net/controller?redir=1&stamp=1107700678454&type=hom...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: New.net UDP Chain
GUID: {07785CE1-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Description: New.Net UDP chain
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Chain
Protocol 1: New.net TCP Chain
GUID: {F09D4560-0007-0016-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Protocol 2: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 4: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 5: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 6: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{94D81838-703F-49E7-89ED-94B5017F1DEE}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{94D81838-703F-49E7-89ED-94B5017F1DEE}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4398E732-1381-4C08-A174-117C1A6991F4}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4398E732-1381-4C08-A174-117C1A6991F4}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ADE12A70-83E0-4526-867D-FEA8E0260D06}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ADE12A70-83E0-4526-867D-FEA8E0260D06}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{711EC23A-C78A-400A-8B56-B836A7AF95E6}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{711EC23A-C78A-400A-8B56-B836A7AF95E6}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{BCEA4CCD-5AD7-462A-BC53-19A51F9571AC}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F057CA25-2E66-4064-97FF-E457F5282A7F}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F057CA25-2E66-4064-97FF-E457F5282A7F}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{62370002-5F1D-44D3-BEC6-FF1C1282E443}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{62370002-5F1D-44D3-BEC6-FF1C1282E443}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E6341A60-E735-4FB3-B7F9-196B1EDCFB46}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E6341A60-E735-4FB3-B7F9-196B1EDCFB46}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: New.net TCP Filter
GUID: {53D204E0-0007-0016-9A6F-0001031EA788}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Protocol 26: New.net UDP Filter
GUID: {07785CE0-3852-11D5-9A70-0001031EA755}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Description: New.Net UDP filter
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net UDP Filter
Namespace Provider 0: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Espace de noms NLA (Network Location Awareness)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 3: New.net Name Space Provider
GUID: {3B5F8060-1AE1-11D4-966F-00E018981B9E}
Filename: C:\Program Files\NewDotNet\newdotnet7_22.dll
Description: New.Net name space provider
DB filename: %programfiles%\NewDotNet\newdotnet?_??.dll
DB protocol: New.net Name Space Provider
--- Uninstall list ---
320 SPACEC@M (320 SPACEC@M)
uninstall cmd: C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
7-Zip 4.33 beta (7-Zip)
uninstall cmd: "C:\Utilitaires\7-Zip\Uninstall.exe"
(AddressBook)
Adobe SVG Viewer 3.0 3.0 (Adobe SVG Viewer)
version (major): 3
install location: C:\WINDOWS\system32\Adobe\SVG Viewer 3.0
uninstall cmd: C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
publisher: Adobe Systems, Inc.
Agere Systems PCI Soft Modem (Agere Systems Soft Modem)
uninstall cmd: agrsmdel
AMSN-Pack (remove only) (AMSN-Pack)
uninstall cmd: C:\Program Files\AMSN\uninstall.exe
Antidote (Antidote)
uninstall cmd: "C:\Program Files\Druide\Antidote\IsStub32.exe" -f"C:\Program Files\Druide\Antidote\DeIsL1.isu" -c"C:\Program Files\Druide\Antidote\_ISREG32.DLL"
AnyDVD (AnyDVD)
install location: C:\Utilitaires\AnyDVD
uninstall cmd: "C:\Utilitaires\AnyDVD\AnyDVD-uninst.exe" /D="C:\Utilitaires\AnyDVD"
publisher: SlySoft
Archos MPG4 Translator V3.0.9 (Archos MPG4 Translator V3.0.9)
uninstall cmd: C:\UTILITAIRES\Archos MP4SP\Uninstal.exe
CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Utilitaires\CCleaner\uninst.exe"
CD Dalloz Expert - Dalloz Etudes Civil (Cd Etudes Civil)
uninstall cmd: C:\Evasion\Etudes\Civil\Desinstall.exe
CD Dalloz Expert - Dalloz Etudes Pénal - Procédure Pénale (Cd Etudes Penal)
uninstall cmd: C:\Evasion\Etudes\Penal\Desinstall.exe
SafeCast Shared Components (CdaC13Ba)
version (major): 2
version (minor): 20
install location: C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\
uninstall cmd: C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
publisher: Macrovision
CDex extraction audio (CDex)
uninstall cmd: "C:\Utilitaires\CDex_150\uninstall.exe"
CloneDVD (CloneDVD)
install location: C:\Utilitaires\CloneDVD
uninstall cmd: "C:\Utilitaires\CloneDVD\CloneDVD-uninst.exe" /D="C:\Utilitaires\CloneDVD"
publisher: Elaborate Bytes
(Connection Manager)
(DeleteProdRunDictate_FR)
uninstall cmd: "C:\UTILITAIRES\ViaVoice\Bin\vunFR.exe" ProdRunDictate Dc Fr_FR 'IBM ViaVoice™ Dictation Runtime' C:\WINDOWS\IsUn040c.exe -fC:\UTILITAIRES\ViaVoice\RtDict_FR.isu
IBM ViaVoice Pro 8.0 - Français (DeleteProdVVFW80Full_FR)
uninstall cmd: "C:\UTILITAIRES\ViaVoice\Bin\uninst_FR.exe" DeleteProdVVFW80Full_FR
(DirectAnimation)
(DirectDrawEx)
Download Accelerator Plus (Download Accelerator Plus )
uninstall cmd: C:\UTILIT~1\DAP\DAPREMOVE.EXE
DVD Shrink 3.2 (DVD Shrink_is1)
install location: C:\Utilitaires\DVD Shrink\
uninstall cmd: "C:\Utilitaires\DVD Shrink\unins000.exe"
publisher: DVD Shrink
help link: http://www.dvdshrink.org
DVDFab Decrypter 2.9.8.1 (DVDFab Decrypter_is1)
install location: C:\Utilitaires\DVDFab Decrypter\
uninstall cmd: "C:\Utilitaires\DVDFab Decrypter\unins000.exe"
publisher: Fengtao Software Inc.
help link: http://www.dvdidle.com/
(DXM_Runtime)
(EasyDivX v0.82)
eMule (eMule)
uninstall cmd: "C:\Utilitaires\eMule\Uninstall.exe"
Coche les cases de tous les programmes detectes sauf ton keyllogger pour espionner ta femme et puis l autre truc
ensuite corrige les problemes
a+
ensuite corrige les problemes
a+
ok merci bcp ... en tt cas, doctor system est eradiqué... s'il reste des virus ils sont quasi invisibles... tant qu ils ne me derangent pas ca va !!!
en tt cas MERCI BCP, bonne fin de soirée et VIVE "WWW.COMMENTCAMARCHE.NET"
en tt cas MERCI BCP, bonne fin de soirée et VIVE "WWW.COMMENTCAMARCHE.NET"
Grrrrrrrrrrr
ECOUTE MOIIIIIIIIIIIIIIIII lol
Remet un HijackThis !
J ai l impression que tu es pressé et que tu veux regler ca tout seul lol
ECOUTE MOIIIIIIIIIIIIIIIII lol
Remet un HijackThis !
J ai l impression que tu es pressé et que tu veux regler ca tout seul lol
voici le nouveau rapport.... !!!
Logfile of HijackThis v1.99.1
Scan saved at 22:52:07, on 04/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\funny.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Utilitaires\Virtual CD v4\System\vcdsecs.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
C:\Utilitaires\Ohé\OHE.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Utilitaires\Virtual CD v4\System\VCDTray.exe
C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\kem.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\PROGRAM FILES\LOGITECH\SETPOINT\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\UTILIT~1\DAP\DAP.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.secure.bnpparibas.net/controller?redir=1&stamp=1107700678454&type=hom...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\UTILIT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Utilitaires\DAP\DAPIEBar.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [funny] C:\WINDOWS\system32\funny.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Mobile Phone Suite] C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe -nogui
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Utilitaires\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Utilitaires\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [VCDPlayer] C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Beoplayertray] C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
O4 - HKLM\..\Run: [OHE] C:\Utilitaires\Ohé\OHE.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [pdfSaver3] "C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BeoPlayer.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download with &DAP - C:\UTILIT~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\UTILIT~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\UTILIT~1\DAP\DAP.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader35.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}: NameServer = 192.168.0.1
O18 - Protocol: bw+0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: funny - C:\WINDOWS\SYSTEM32\funny.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: LBTServ - C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VCDSecS - H+H Software GmbH - C:\Utilitaires\Virtual CD v4\System\vcdsecs.exe
Logfile of HijackThis v1.99.1
Scan saved at 22:52:07, on 04/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\funny.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Utilitaires\Virtual CD v4\System\vcdsecs.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
C:\Utilitaires\Ohé\OHE.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Utilitaires\Virtual CD v4\System\VCDTray.exe
C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Utilitaires\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\kem.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\PROGRAM FILES\LOGITECH\SETPOINT\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\UTILIT~1\DAP\DAP.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.secure.bnpparibas.net/controller?redir=1&stamp=1107700678454&type=hom...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavil...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\UTILIT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Utilitaires\DAP\DAPIEBar.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [funny] C:\WINDOWS\system32\funny.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Mobile Phone Suite] C:\Program Files\Logitech\Mobile Phone Suite\MobilePhoneSuite.exe -nogui
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Utilitaires\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Utilitaires\AnyDVD\ElbyCheck.exe" /L AnyDVD
O4 - HKLM\..\Run: [VCDPlayer] C:\UTILIT~1\VIRTUA~1\System\VCDPlay.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Beoplayertray] C:\Utilitaires\Bang & Olufsen\BeoPlayer\Beotray.exe
O4 - HKLM\..\Run: [OHE] C:\Utilitaires\Ohé\OHE.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [pdfSaver3] "C:\Utilitaires\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BeoPlayer.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download with &DAP - C:\UTILIT~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\UTILIT~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\UTILIT~1\DAP\DAP.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader35.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{146346A3-C00B-4F7F-BAB8-B3BE9C134F99}: NameServer = 192.168.0.1
O18 - Protocol: bw+0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {A7EFE754-0C3E-4A6D-8988-CA1CC3F758CA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: funny - C:\WINDOWS\SYSTEM32\funny.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: LBTServ - C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VCDSecS - H+H Software GmbH - C:\Utilitaires\Virtual CD v4\System\vcdsecs.exe
re
1-HijackThis -> Open the misc tools sections -> open Uninstall manager -> clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.
2-Rend toi sur ce site :
http://www.virustotal.com/xhtml/virustotal_en.html
Clik sur parcourir
Recherche ceci :
C:\WINDOWS\SYSTEM32\funny.dll
Clik send et colle le rapport stp
A+
1-HijackThis -> Open the misc tools sections -> open Uninstall manager -> clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.
2-Rend toi sur ce site :
http://www.virustotal.com/xhtml/virustotal_en.html
Clik sur parcourir
Recherche ceci :
C:\WINDOWS\SYSTEM32\funny.dll
Clik send et colle le rapport stp
A+
crois-moi j 'apprecie vraiment ton aide et ca m a pas mal sorti de la ou j etais tombé... mais la je suis bien fatigué (je ne suis qu un amateur en Pc !)... l'analyse et le rapport je les ferais donc demain si tu veux bien. en plus, ca fait toute la journee que tu suis et que tt t occupe de mon probleme !!! je veux pas non plus abuser !!!
Bref, ne le prend pas mal, mais je vais me coucher !!!
en tout cas, MERCI ENCORE... ton aide m'a été veritablement precieuse !
A demain ou a bientot !!!
Bref, ne le prend pas mal, mais je vais me coucher !!!
en tout cas, MERCI ENCORE... ton aide m'a été veritablement precieuse !
A demain ou a bientot !!!
Salut
Oui y a aucuns problemes, je sais que c est fatigant lol
Je ne le prend pas mal loin de la, ca serait absurde sinon lol
J'espere que tu as bien dormi ?!
a+
Oui y a aucuns problemes, je sais que c est fatigant lol
Je ne le prend pas mal loin de la, ca serait absurde sinon lol
J'espere que tu as bien dormi ?!
a+
bonjour, j'ai bien dormi et toi !?
voici le rapport :
320 SPACEC@M
7-Zip 4.33 beta
A380 pour FS2004
Adobe Reader 7.0 - Français
Adobe SVG Viewer 3.0
Agere Systems PCI Soft Modem
Ahead Nero Burning ROM
AMSN-Pack (remove only)
Antidote
AnyDVD
Archos MPG4 Translator V3.0.9
ArcSoft PhotoImpression
BeoPlayer
Carmageddon TDR2000
CC_ccProxyExt
ccCommon
CCleaner (remove only)
ccPxyCore
CD Dalloz Expert - Dalloz Etudes Civil
CD Dalloz Expert - Dalloz Etudes Pénal - Procédure Pénale
CDBurnerXP Pro 3
CDex extraction audio
C-Dilla Licence Management System
CloneDVD
DivX
DivX Player
DivxToDVD 0.4.8
Download Accelerator Plus
DVD Shrink 3.2
DVDFab Decrypter 2.9.8.1
eMule
Encyclopédie Microsoft Encarta 2004
EVEREST Home Edition v1.51
F-22 Lightning 3
Google Earth
GTAIII
HandyBits Voice Mail
Help and Support Additions
HijackThis 1.99.1
HP Appareils photos Photosmart 4.0
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.2
HP Image Zone Plus 4.2
HP PSC & OfficeJet 4.0
HP Software Update
HPIZ402
IBM ViaVoice Pro 8.0 - Français
InterVideo Home Theater
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Kazaa Lite K++ v2.4.3
KBD
K-Lite Codec Pack 2.36 Full
Lecteur Windows Media 10
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Logitech Desktop Messenger
Logitech SetPoint
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft AutoRoute v11.0
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Office 2000 Proofing Tools Disc 1
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Picture It! Photo Premium 9
Microsoft Windows Script Host
Microsoft Works
Mobile Phone Suite
MSN
MSRedist
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton Security Center
Norton WMI Update
Norton WMI Update
Norton WMI Update
NVIDIA Drivers
Ohé Free v1.4
PC-Doctor pour Windows
PDF-XChange 3.0 Pro
Photo et imagerie HP 3.5 - HP Devices
PhotoFiltre
Photosmart 320,370,7400,8100,8400 Series (fra)
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
Re-Volt
SafeCast Shared Components
SC-KeyLog 2.24
Sélecteur d'installation de Microsoft Works 2004
Shockwave
SiS VGA Utilities
Sonic RecordNow!
SPBBC
Spybot - Search & Destroy 1.4
Symantec Script Blocking Installer
SymNet
The Matrix Revolutions 3D Screen Saver Donor Version v3.2
TYPSoft FTP Server
Universalis 10
VB Runtime
VideoLAN VLC media player 0.8.4a
Virtual CD v4
WIDCOMM Bluetooth Software
Windows Live Messenger
Windows Media Format Runtime
WinZip
X'nStop 2.5
voici le rapport :
320 SPACEC@M
7-Zip 4.33 beta
A380 pour FS2004
Adobe Reader 7.0 - Français
Adobe SVG Viewer 3.0
Agere Systems PCI Soft Modem
Ahead Nero Burning ROM
AMSN-Pack (remove only)
Antidote
AnyDVD
Archos MPG4 Translator V3.0.9
ArcSoft PhotoImpression
BeoPlayer
Carmageddon TDR2000
CC_ccProxyExt
ccCommon
CCleaner (remove only)
ccPxyCore
CD Dalloz Expert - Dalloz Etudes Civil
CD Dalloz Expert - Dalloz Etudes Pénal - Procédure Pénale
CDBurnerXP Pro 3
CDex extraction audio
C-Dilla Licence Management System
CloneDVD
DivX
DivX Player
DivxToDVD 0.4.8
Download Accelerator Plus
DVD Shrink 3.2
DVDFab Decrypter 2.9.8.1
eMule
Encyclopédie Microsoft Encarta 2004
EVEREST Home Edition v1.51
F-22 Lightning 3
Google Earth
GTAIII
HandyBits Voice Mail
Help and Support Additions
HijackThis 1.99.1
HP Appareils photos Photosmart 4.0
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.2
HP Image Zone Plus 4.2
HP PSC & OfficeJet 4.0
HP Software Update
HPIZ402
IBM ViaVoice Pro 8.0 - Français
InterVideo Home Theater
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Kazaa Lite K++ v2.4.3
KBD
K-Lite Codec Pack 2.36 Full
Lecteur Windows Media 10
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Logitech Desktop Messenger
Logitech SetPoint
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft AutoRoute v11.0
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Office 2000 Proofing Tools Disc 1
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Picture It! Photo Premium 9
Microsoft Windows Script Host
Microsoft Works
Mobile Phone Suite
MSN
MSRedist
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton Security Center
Norton WMI Update
Norton WMI Update
Norton WMI Update
NVIDIA Drivers
Ohé Free v1.4
PC-Doctor pour Windows
PDF-XChange 3.0 Pro
Photo et imagerie HP 3.5 - HP Devices
PhotoFiltre
Photosmart 320,370,7400,8100,8400 Series (fra)
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
Re-Volt
SafeCast Shared Components
SC-KeyLog 2.24
Sélecteur d'installation de Microsoft Works 2004
Shockwave
SiS VGA Utilities
Sonic RecordNow!
SPBBC
Spybot - Search & Destroy 1.4
Symantec Script Blocking Installer
SymNet
The Matrix Revolutions 3D Screen Saver Donor Version v3.2
TYPSoft FTP Server
Universalis 10
VB Runtime
VideoLAN VLC media player 0.8.4a
Virtual CD v4
WIDCOMM Bluetooth Software
Windows Live Messenger
Windows Media Format Runtime
WinZip
X'nStop 2.5
