A voir également:
- [virus] Infecté par JS:Feebs Family
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- L'ordinateur d'arthur a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? ✓ - Forum Virus
- Operagxsetup virus ✓ - Forum Virus
- Virus mcafee - Accueil - Piratage
2 réponses
voilà mon rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:09:35, on 19/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\SERGE\Mes documents\veromoutard\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\grgrbdbi.dll
O2 - BHO: (no name) - {1B7648B4-3A42-4C2E-8C21-485F50213B35} - C:\WINDOWS\system32\sstts.dll
O2 - BHO: (no name) - {32D0EAD6-2584-4097-A0FA-D47C2D0D8072} - C:\WINDOWS\system32\mtxfqpqh.dll
O2 - BHO: (no name) - {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} - C:\WINDOWS\system32\byxxurq.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\gqisidqr.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - Winlogon Notify: byxxurq - C:\WINDOWS\SYSTEM32\byxxurq.dll
O20 - Winlogon Notify: ljjjkjg - C:\WINDOWS\SYSTEM32\ljjjkjg.dll
O20 - Winlogon Notify: ljjkhih - C:\WINDOWS\SYSTEM32\ljjkhih.dll
O20 - Winlogon Notify: ljjkifc - C:\WINDOWS\SYSTEM32\ljjkifc.dll
O20 - Winlogon Notify: ljjklml - C:\WINDOWS\SYSTEM32\ljjklml.dll
O20 - Winlogon Notify: mljhgdb - C:\WINDOWS\SYSTEM32\mljhgdb.dll
O20 - Winlogon Notify: mljiged - C:\WINDOWS\SYSTEM32\mljiged.dll
O20 - Winlogon Notify: mljighi - C:\WINDOWS\SYSTEM32\mljighi.dll
O20 - Winlogon Notify: mljjjhi - C:\WINDOWS\SYSTEM32\mljjjhi.dll
O20 - Winlogon Notify: nnnkjjj - C:\WINDOWS\SYSTEM32\nnnkjjj.dll
O20 - Winlogon Notify: nnnlkkh - C:\WINDOWS\SYSTEM32\nnnlkkh.dll
O20 - Winlogon Notify: opnkjih - C:\WINDOWS\SYSTEM32\opnkjih.dll
O20 - Winlogon Notify: opnkkih - C:\WINDOWS\SYSTEM32\opnkkih.dll
O20 - Winlogon Notify: opnligh - C:\WINDOWS\SYSTEM32\opnligh.dll
O20 - Winlogon Notify: opnmmlm - C:\WINDOWS\SYSTEM32\opnmmlm.dll
O20 - Winlogon Notify: opnnkih - C:\WINDOWS\SYSTEM32\opnnkih.dll
O20 - Winlogon Notify: opnonkl - C:\WINDOWS\SYSTEM32\opnonkl.dll
O20 - Winlogon Notify: pmnkhhh - C:\WINDOWS\SYSTEM32\pmnkhhh.dll
O20 - Winlogon Notify: pmnklkh - C:\WINDOWS\SYSTEM32\pmnklkh.dll
O20 - Winlogon Notify: pmnljge - C:\WINDOWS\SYSTEM32\pmnljge.dll
O20 - Winlogon Notify: qomkkji - C:\WINDOWS\SYSTEM32\qomkkji.dll
O20 - Winlogon Notify: qomljkl - C:\WINDOWS\SYSTEM32\qomljkl.dll
O20 - Winlogon Notify: qomlljh - C:\WINDOWS\SYSTEM32\qomlljh.dll
O20 - Winlogon Notify: qommjhi - C:\WINDOWS\SYSTEM32\qommjhi.dll
O20 - Winlogon Notify: qomnkkl - C:\WINDOWS\SYSTEM32\qomnkkl.dll
O20 - Winlogon Notify: rqrqrsp - C:\WINDOWS\SYSTEM32\rqrqrsp.dll
O20 - Winlogon Notify: rqrrspp - C:\WINDOWS\SYSTEM32\rqrrspp.dll
O20 - Winlogon Notify: rqrrsqo - C:\WINDOWS\SYSTEM32\rqrrsqo.dll
O20 - Winlogon Notify: ssqnkhf - C:\WINDOWS\SYSTEM32\ssqnkhf.dll
O20 - Winlogon Notify: ssqrqnl - C:\WINDOWS\SYSTEM32\ssqrqnl.dll
O20 - Winlogon Notify: sstts - C:\WINDOWS\system32\sstts.dll
O20 - Winlogon Notify: tuvsqoo - C:\WINDOWS\SYSTEM32\tuvsqoo.dll
O20 - Winlogon Notify: tuvutqo - C:\WINDOWS\SYSTEM32\tuvutqo.dll
O20 - Winlogon Notify: tuvuttt - C:\WINDOWS\SYSTEM32\tuvuttt.dll
O20 - Winlogon Notify: tuvvusq - C:\WINDOWS\SYSTEM32\tuvvusq.dll
O20 - Winlogon Notify: urqnmll - C:\WINDOWS\SYSTEM32\urqnmll.dll
O20 - Winlogon Notify: urqomkl - C:\WINDOWS\SYSTEM32\urqomkl.dll
O20 - Winlogon Notify: urqopmj - C:\WINDOWS\SYSTEM32\urqopmj.dll
O20 - Winlogon Notify: urqqrol - C:\WINDOWS\SYSTEM32\urqqrol.dll
O20 - Winlogon Notify: urqrqno - C:\WINDOWS\SYSTEM32\urqrqno.dll
O20 - Winlogon Notify: urqrsrq - C:\WINDOWS\SYSTEM32\urqrsrq.dll
O20 - Winlogon Notify: vturppq - C:\WINDOWS\SYSTEM32\vturppq.dll
O20 - Winlogon Notify: vtustsq - C:\WINDOWS\SYSTEM32\vtustsq.dll
O20 - Winlogon Notify: vtuvsrr - C:\WINDOWS\SYSTEM32\vtuvsrr.dll
O20 - Winlogon Notify: wvurspo - C:\WINDOWS\SYSTEM32\wvurspo.dll
O20 - Winlogon Notify: wvursqp - C:\WINDOWS\SYSTEM32\wvursqp.dll
O20 - Winlogon Notify: wvusrss - C:\WINDOWS\SYSTEM32\wvusrss.dll
O20 - Winlogon Notify: wvustqr - C:\WINDOWS\SYSTEM32\wvustqr.dll
O20 - Winlogon Notify: wvutstr - C:\WINDOWS\SYSTEM32\wvutstr.dll
O20 - Winlogon Notify: wvuutrs - C:\WINDOWS\SYSTEM32\wvuutrs.dll
O20 - Winlogon Notify: wvuvwus - C:\WINDOWS\SYSTEM32\wvuvwus.dll
O20 - Winlogon Notify: xxyvwus - C:\WINDOWS\SYSTEM32\xxyvwus.dll
O20 - Winlogon Notify: xxyxyaa - C:\WINDOWS\SYSTEM32\xxyxyaa.dll
O20 - Winlogon Notify: yayyaaa - C:\WINDOWS\SYSTEM32\yayyaaa.dll
O20 - Winlogon Notify: yayyaba - C:\WINDOWS\SYSTEM32\yayyaba.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:09:35, on 19/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\SERGE\Mes documents\veromoutard\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\grgrbdbi.dll
O2 - BHO: (no name) - {1B7648B4-3A42-4C2E-8C21-485F50213B35} - C:\WINDOWS\system32\sstts.dll
O2 - BHO: (no name) - {32D0EAD6-2584-4097-A0FA-D47C2D0D8072} - C:\WINDOWS\system32\mtxfqpqh.dll
O2 - BHO: (no name) - {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} - C:\WINDOWS\system32\byxxurq.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\gqisidqr.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - Winlogon Notify: byxxurq - C:\WINDOWS\SYSTEM32\byxxurq.dll
O20 - Winlogon Notify: ljjjkjg - C:\WINDOWS\SYSTEM32\ljjjkjg.dll
O20 - Winlogon Notify: ljjkhih - C:\WINDOWS\SYSTEM32\ljjkhih.dll
O20 - Winlogon Notify: ljjkifc - C:\WINDOWS\SYSTEM32\ljjkifc.dll
O20 - Winlogon Notify: ljjklml - C:\WINDOWS\SYSTEM32\ljjklml.dll
O20 - Winlogon Notify: mljhgdb - C:\WINDOWS\SYSTEM32\mljhgdb.dll
O20 - Winlogon Notify: mljiged - C:\WINDOWS\SYSTEM32\mljiged.dll
O20 - Winlogon Notify: mljighi - C:\WINDOWS\SYSTEM32\mljighi.dll
O20 - Winlogon Notify: mljjjhi - C:\WINDOWS\SYSTEM32\mljjjhi.dll
O20 - Winlogon Notify: nnnkjjj - C:\WINDOWS\SYSTEM32\nnnkjjj.dll
O20 - Winlogon Notify: nnnlkkh - C:\WINDOWS\SYSTEM32\nnnlkkh.dll
O20 - Winlogon Notify: opnkjih - C:\WINDOWS\SYSTEM32\opnkjih.dll
O20 - Winlogon Notify: opnkkih - C:\WINDOWS\SYSTEM32\opnkkih.dll
O20 - Winlogon Notify: opnligh - C:\WINDOWS\SYSTEM32\opnligh.dll
O20 - Winlogon Notify: opnmmlm - C:\WINDOWS\SYSTEM32\opnmmlm.dll
O20 - Winlogon Notify: opnnkih - C:\WINDOWS\SYSTEM32\opnnkih.dll
O20 - Winlogon Notify: opnonkl - C:\WINDOWS\SYSTEM32\opnonkl.dll
O20 - Winlogon Notify: pmnkhhh - C:\WINDOWS\SYSTEM32\pmnkhhh.dll
O20 - Winlogon Notify: pmnklkh - C:\WINDOWS\SYSTEM32\pmnklkh.dll
O20 - Winlogon Notify: pmnljge - C:\WINDOWS\SYSTEM32\pmnljge.dll
O20 - Winlogon Notify: qomkkji - C:\WINDOWS\SYSTEM32\qomkkji.dll
O20 - Winlogon Notify: qomljkl - C:\WINDOWS\SYSTEM32\qomljkl.dll
O20 - Winlogon Notify: qomlljh - C:\WINDOWS\SYSTEM32\qomlljh.dll
O20 - Winlogon Notify: qommjhi - C:\WINDOWS\SYSTEM32\qommjhi.dll
O20 - Winlogon Notify: qomnkkl - C:\WINDOWS\SYSTEM32\qomnkkl.dll
O20 - Winlogon Notify: rqrqrsp - C:\WINDOWS\SYSTEM32\rqrqrsp.dll
O20 - Winlogon Notify: rqrrspp - C:\WINDOWS\SYSTEM32\rqrrspp.dll
O20 - Winlogon Notify: rqrrsqo - C:\WINDOWS\SYSTEM32\rqrrsqo.dll
O20 - Winlogon Notify: ssqnkhf - C:\WINDOWS\SYSTEM32\ssqnkhf.dll
O20 - Winlogon Notify: ssqrqnl - C:\WINDOWS\SYSTEM32\ssqrqnl.dll
O20 - Winlogon Notify: sstts - C:\WINDOWS\system32\sstts.dll
O20 - Winlogon Notify: tuvsqoo - C:\WINDOWS\SYSTEM32\tuvsqoo.dll
O20 - Winlogon Notify: tuvutqo - C:\WINDOWS\SYSTEM32\tuvutqo.dll
O20 - Winlogon Notify: tuvuttt - C:\WINDOWS\SYSTEM32\tuvuttt.dll
O20 - Winlogon Notify: tuvvusq - C:\WINDOWS\SYSTEM32\tuvvusq.dll
O20 - Winlogon Notify: urqnmll - C:\WINDOWS\SYSTEM32\urqnmll.dll
O20 - Winlogon Notify: urqomkl - C:\WINDOWS\SYSTEM32\urqomkl.dll
O20 - Winlogon Notify: urqopmj - C:\WINDOWS\SYSTEM32\urqopmj.dll
O20 - Winlogon Notify: urqqrol - C:\WINDOWS\SYSTEM32\urqqrol.dll
O20 - Winlogon Notify: urqrqno - C:\WINDOWS\SYSTEM32\urqrqno.dll
O20 - Winlogon Notify: urqrsrq - C:\WINDOWS\SYSTEM32\urqrsrq.dll
O20 - Winlogon Notify: vturppq - C:\WINDOWS\SYSTEM32\vturppq.dll
O20 - Winlogon Notify: vtustsq - C:\WINDOWS\SYSTEM32\vtustsq.dll
O20 - Winlogon Notify: vtuvsrr - C:\WINDOWS\SYSTEM32\vtuvsrr.dll
O20 - Winlogon Notify: wvurspo - C:\WINDOWS\SYSTEM32\wvurspo.dll
O20 - Winlogon Notify: wvursqp - C:\WINDOWS\SYSTEM32\wvursqp.dll
O20 - Winlogon Notify: wvusrss - C:\WINDOWS\SYSTEM32\wvusrss.dll
O20 - Winlogon Notify: wvustqr - C:\WINDOWS\SYSTEM32\wvustqr.dll
O20 - Winlogon Notify: wvutstr - C:\WINDOWS\SYSTEM32\wvutstr.dll
O20 - Winlogon Notify: wvuutrs - C:\WINDOWS\SYSTEM32\wvuutrs.dll
O20 - Winlogon Notify: wvuvwus - C:\WINDOWS\SYSTEM32\wvuvwus.dll
O20 - Winlogon Notify: xxyvwus - C:\WINDOWS\SYSTEM32\xxyvwus.dll
O20 - Winlogon Notify: xxyxyaa - C:\WINDOWS\SYSTEM32\xxyxyaa.dll
O20 - Winlogon Notify: yayyaaa - C:\WINDOWS\SYSTEM32\yayyaaa.dll
O20 - Winlogon Notify: yayyaba - C:\WINDOWS\SYSTEM32\yayyaba.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
