Service ou programme fantôme & Mozilla
Résolu/Fermé
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
-
28 mai 2007 à 19:39
crazybabe Messages postés 464 Date d'inscription mercredi 30 août 2006 Statut Membre Dernière intervention 15 septembre 2020 - 1 juin 2007 à 22:11
crazybabe Messages postés 464 Date d'inscription mercredi 30 août 2006 Statut Membre Dernière intervention 15 septembre 2020 - 1 juin 2007 à 22:11
A voir également:
- Service ou programme fantôme & Mozilla
- Mozilla thunderbird - Télécharger - Mail
- Orange service client - Guide
- Programme demarrage windows 10 - Guide
- Service spouleur - Guide
- Carte sim reconnue mais aucun service - Forum Mobile
29 réponses
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
28 mai 2007 à 23:43
28 mai 2007 à 23:43
Merci à toi Rudy !
Je reprendrais ça demain, je fixe la page ;-), si tu peux juste répondre à ma dernière question sur SDfix ça me permettra d'avancer un poil !
Merci beaucoup ! A demain ou autre temps peut être !
Bonne soirée à toi !
Crazybabe
Je reprendrais ça demain, je fixe la page ;-), si tu peux juste répondre à ma dernière question sur SDfix ça me permettra d'avancer un poil !
Merci beaucoup ! A demain ou autre temps peut être !
Bonne soirée à toi !
Crazybabe
rudyrital
Messages postés
6230
Date d'inscription
lundi 14 novembre 2005
Statut
Membre
Dernière intervention
10 octobre 2009
131
29 mai 2007 à 18:58
29 mai 2007 à 18:58
salut crazybabe,
j'ai effectué moi meme la manip sur mon pc, j'ai reussi en faisant tout ce qui etait demandé ci dessus pour SDfix,
reprend la manip et dit moi si tu y arrive
j'ai effectué moi meme la manip sur mon pc, j'ai reussi en faisant tout ce qui etait demandé ci dessus pour SDfix,
reprend la manip et dit moi si tu y arrive
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
30 mai 2007 à 16:43
30 mai 2007 à 16:43
Salut Rudy !
Ben, j'ai tout relancé puis je connais bien SDfix, mais il ne propose pas l'option Y, à moins peut être de passer par une autre option avant et là seule que je n'ai jamais utilisé est l'option S !
C'est là qu'il y a un bug entre nous, tu me dis trouver cette option, ou tu m'as mal comprise ? :-)
A toi, merci. (Au cas, ne sois pas étonné si ce n'est pas la même config, jsuis sur un autre pc)
Crazybabe
Ben, j'ai tout relancé puis je connais bien SDfix, mais il ne propose pas l'option Y, à moins peut être de passer par une autre option avant et là seule que je n'ai jamais utilisé est l'option S !
C'est là qu'il y a un bug entre nous, tu me dis trouver cette option, ou tu m'as mal comprise ? :-)
A toi, merci. (Au cas, ne sois pas étonné si ce n'est pas la même config, jsuis sur un autre pc)
Crazybabe
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
30 mai 2007 à 16:46
30 mai 2007 à 16:46
Je réessayerais tout de même.
A toute.
Crazybabe
A toute.
Crazybabe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
31 mai 2007 à 14:02
31 mai 2007 à 14:02
Me revoilà, bonjour Rudy !
Oui, c'est fait en mode sans échec.
1/Voici le rapport de SDFix :
SDFix: Version 1.85
Run by RIKAO - 31/05/2007 - 13:45:48,89
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\RIKAO\Bureau\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\WINDOWS\regedit.com - Deleted
Removing Temp Files...
ADS Check:
Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.
Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\LeechFTP\\Leechftp.exe"="C:\\Program Files\\LeechFTP\\Leechftp.exe:*:Enabled:LeechFTP"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Disabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Disabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Disabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Disabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Disabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Disabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Disabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Disabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Disabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Disabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Disabled:hpzwiz01.exe"
"C:\\Kaspersky\\kavupd.exe"="C:\\Kaspersky\\kavupd.exe:*:Disabled:kavupd"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Disabled:Message Queuing"
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Disabled:MessengerDiscovery Live the Windows Live Messenger addon"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\DOCUME~1\RIKAO\Bureau\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes:
C:\Acer\Empowering Technology\eRecovery\ETFSBOOT.COM
C:\Acer\WR_PopUp\Microsoft.VisualBasic.Compatibility.dll
C:\Documents and Settings\RIKAO\Local Settings\Application Data\Microsoft\Messenger\authentiquement_vrai@hotmail.fr\SharingMetadata\anankeio@hotmail.com\Thumbs.db
C:\Acer\Empowering Technology\acer.empowering.framework.host.dll
C:\Acer\Empowering Technology\acer.empowering.framework.interface.dll
C:\Acer\Empowering Technology\acer.empowering.framework.launchbarview.dll
C:\Acer\Empowering Technology\acer.empowering.framework.passwordsetting.dll
C:\Acer\Empowering Technology\acer.empowering.framework.presenter.dll
C:\Acer\Empowering Technology\acer.empowering.shared.dll
C:\Acer\Empowering Technology\acer.empowering.shared.ui.dll
C:\Acer\Empowering Technology\acer.empowering.windows.forms.dll
C:\Acer\Empowering Technology\interop.shell32.dll
C:\Acer\Empowering Technology\log4net.dll
C:\Acer\Empowering Technology\MSVCR71.dll
C:\Acer\Empowering Technology\scrollbarlib.dll
C:\Acer\Empowering Technology\de\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.eperformance.eperformancelibrary.dll
C:\Acer\Empowering Technology\ePerformance\Acer.Empowering.ePerformance.Plugin.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.eperformance.popupwindow.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.framework.interface.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.patterns.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.ui.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.windows.forms.dll
C:\Acer\Empowering Technology\ePerformance\acermemusagecheckservinterface.dll
C:\Acer\Empowering Technology\ePerformance\interop.shell32.dll
C:\Acer\Empowering Technology\ePerformance\models.dll
C:\Acer\Empowering Technology\ePerformance\presenters.dll
C:\Acer\Empowering Technology\ePerformance\scrollbarlib.dll
C:\Acer\Empowering Technology\ePerformance\views.dll
C:\Acer\Empowering Technology\ePerformance\widget.dll
C:\Acer\Empowering Technology\ePerformance\de\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\de\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\de\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\es\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\es\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\es\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\fr\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\fr\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\fr\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\it\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\it\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\it\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\ja\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\ja\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\ja\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\nl\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\nl\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\nl\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\pt\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\pt\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\pt\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\sv\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\sv\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\sv\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHS\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHS\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHS\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHT\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHT\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHT\Widget.resources.dll
C:\Acer\Empowering Technology\eRecovery\AboutNTISDK.dll
C:\Acer\Empowering Technology\eRecovery\acer.empowering.framework.passwordsetting.dll
C:\Acer\Empowering Technology\eRecovery\acer.empowering.windows.forms.dll
C:\Acer\Empowering Technology\eRecovery\CdrMmc32.dll
C:\Acer\Empowering Technology\eRecovery\Cdrw32.dll
C:\Acer\Empowering Technology\eRecovery\CdrwEx32.dll
C:\Acer\Empowering Technology\eRecovery\Data32.dll
C:\Acer\Empowering Technology\eRecovery\DataEx32.dll
C:\Acer\Empowering Technology\eRecovery\eRecoveryUI.dll
C:\Acer\Empowering Technology\eRecovery\FormatDisk.dll
C:\Acer\Empowering Technology\eRecovery\imagefile.dll
C:\Acer\Empowering Technology\eRecovery\ImagFile.dll
C:\Acer\Empowering Technology\eRecovery\it41.dll
C:\Acer\Empowering Technology\eRecovery\LogFile.dll
C:\Acer\Empowering Technology\eRecovery\Mpeg2Dec.dll
C:\Acer\Empowering Technology\eRecovery\NtiAspi.dll
C:\Acer\Empowering Technology\eRecovery\READFILE.DLL
C:\Acer\Empowering Technology\eRecovery\scrollbarlib.dll
C:\Acer\Empowering Technology\eRecovery\Video32.dll
C:\Acer\Empowering Technology\eRecovery\WIN32PwrSchemeDLL_R.dll
C:\Acer\Empowering Technology\eRecovery\de\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\de\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\de\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\es\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\es\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\es\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\fr\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\fr\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\fr\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\it\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\it\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\it\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\ja\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\ja\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\ja\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\nl\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\nl\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\nl\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\pt\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\pt\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\pt\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\sv\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\sv\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\sv\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHS\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHS\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHS\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHT\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHT\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHT\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\es\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\fr\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\it\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\ja\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\nl\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\pt\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\sv\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\zh-CHS\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\zh-CHT\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\WR_PopUp\Microsoft.VisualBasic.Compatibility.dll
C:\drv\MODEM0\DRIVER67\HCW34CO.DLL
C:\drv\MODEM0\DRIVER67\HCWI2C32.DLL
C:\drv\MODEM0\DRIVER67\HCWPNP32.DLL
C:\drv\MODEM0\DRIVER67\HCWUTL32.DLL
C:\drv\Modem1\sm56brz.dll
C:\drv\Modem1\sm56chs.dll
C:\drv\Modem1\sm56cht.dll
C:\drv\Modem1\sm56co.dll
C:\drv\Modem1\sm56eng.dll
C:\drv\Modem1\sm56fra.dll
C:\drv\Modem1\sm56ger.dll
C:\drv\Modem1\sm56itl.dll
C:\drv\Modem1\sm56jpn.dll
C:\drv\Modem1\sm56spn.dll
C:\drv\Modem2\agsetup1.dll
C:\drv\Modem2\agsetup2.dll
C:\drv\vga0\B_30806\atiiiexx.dll
C:\drv\VGA2\Driver88\HCWI2C32.DLL
C:\drv\VGA2\Driver88\hcwpnp32.dll
C:\drv\VGA2\Driver88\hcwutl32.dll
C:\drv\VGA2\Driver88\hcwxds.dll
C:\drv\VGA3\wfbbtvra.dll
C:\drv\VGA4\DriverA2\hcwutl32.dll
C:\drv\VGA4\DriverA2\hcwxds.dll
C:\drv\VGA4\DriverA2\64Bit\hcwutl32.dll
C:\drv\VGA4\DriverA2\64Bit\hcwxds.dll
C:\drv\VGA4\DriverA2\WOW64\WOWUtl32.dll
C:\drv\VGA4\DriverA2\WOW64\WOWxds.dll
C:\drv\VGA5\34COINSTALLER.DLL
C:\i386\CABINET.DLL
C:\i386\DBGENG.DLL
C:\i386\DBGHELP.DLL
C:\i386\EXTS.DLL
C:\i386\HWDB.DLL
C:\i386\IMAGEHLP.DLL
C:\i386\KBDA1.DLL
C:\i386\KBDA2.DLL
C:\i386\KBDA3.DLL
C:\i386\KBDAL.DLL
C:\i386\KBDARME.DLL
C:\i386\KBDARMW.DLL
C:\i386\KBDAZE.DLL
C:\i386\KBDAZEL.DLL
C:\i386\KBDBE.DLL
C:\i386\KBDBLR.DLL
C:\i386\KBDBR.DLL
C:\i386\KBDBU.DLL
C:\i386\KBDCA.DLL
C:\i386\KBDCR.DLL
C:\i386\KBDCZ.DLL
C:\i386\KBDCZ1.DLL
C:\i386\KBDCZ2.DLL
C:\i386\KBDDA.DLL
C:\i386\KBDDIV1.DLL
C:\i386\KBDDIV2.DLL
C:\i386\KBDDV.DLL
C:\i386\KBDES.DLL
C:\i386\KBDEST.DLL
C:\i386\KBDFA.DLL
C:\i386\KBDFC.DLL
C:\i386\KBDFI.DLL
C:\i386\KBDFR.DLL
C:\i386\KBDGAE.DLL
C:\i386\KBDGEO.DLL
C:\i386\KBDGKL.DLL
C:\i386\KBDGR.DLL
C:\i386\KBDGR1.DLL
C:\i386\KBDHE.DLL
C:\i386\KBDHE220.DLL
C:\i386\KBDHE319.DLL
C:\i386\KBDHEB.DLL
C:\i386\KBDHELA2.DLL
C:\i386\KBDHELA3.DLL
C:\i386\KBDHEPT.DLL
C:\i386\KBDHU.DLL
C:\i386\KBDHU1.DLL
C:\i386\KBDIC.DLL
C:\i386\KBDINDEV.DLL
C:\i386\KBDINGUJ.DLL
C:\i386\KBDINHIN.DLL
C:\i386\KBDINKAN.DLL
C:\i386\KBDINMAR.DLL
C:\i386\KBDINPUN.DLL
C:\i386\KBDINTAM.DLL
C:\i386\KBDINTEL.DLL
C:\i386\KBDIR.DLL
C:\i386\KBDIT.DLL
C:\i386\KBDIT142.DLL
C:\i386\KBDKAZ.DLL
C:\i386\KBDKYR.DLL
C:\i386\KBDLA.DLL
C:\i386\KBDLT.DLL
C:\i386\KBDLT1.DLL
C:\i386\KBDLV.DLL
C:\i386\KBDLV1.DLL
C:\i386\KBDMON.DLL
C:\i386\KBDNE.DLL
C:\i386\KBDNEC.DLL
C:\i386\KBDNO.DLL
C:\i386\KBDPL.DLL
C:\i386\KBDPL1.DLL
C:\i386\KBDPO.DLL
C:\i386\KBDRO.DLL
C:\i386\KBDRU.DLL
C:\i386\KBDRU1.DLL
C:\i386\KBDSF.DLL
C:\i386\KBDSG.DLL
C:\i386\KBDSL.DLL
C:\i386\KBDSL1.DLL
C:\i386\KBDSP.DLL
C:\i386\KBDSW.DLL
C:\i386\KBDSYR1.DLL
C:\i386\KBDSYR2.DLL
C:\i386\KBDTAT.DLL
C:\i386\KBDTH0.DLL
C:\i386\KBDTH1.DLL
C:\i386\KBDTH2.DLL
C:\i386\KBDTH3.DLL
C:\i386\KBDTUF.DLL
C:\i386\KBDTUQ.DLL
C:\i386\KBDUK.DLL
C:\i386\KBDUR.DLL
C:\i386\KBDURDU.DLL
C:\i386\KBDUS.DLL
C:\i386\KBDUSL.DLL
C:\i386\KBDUSR.DLL
C:\i386\KBDUSX.DLL
C:\i386\KBDUZB.DLL
C:\i386\KBDVNTC.DLL
C:\i386\KBDYCC.DLL
C:\i386\KBDYCL.DLL
C:\i386\NTDLL.DLL
C:\i386\NTSDEXTS.DLL
C:\i386\PIDGEN.DLL
C:\i386\WINNT32A.DLL
C:\i386\WINNT32U.DLL
C:\i386\WINNTBBA.DLL
C:\i386\WINNTBBU.DLL
C:\i386\WSDU.DLL
C:\i386\WSDUENG.DLL
C:\i386\$OEM$\$$\OEMDIR\idecoi.dll
C:\i386\$OEM$\$$\OEMDIR\nvraidco.dll
C:\i386\$OEM$\TEXTMODE\idecoi.dll
C:\i386\$OEM$\TEXTMODE\nvraidco.dll
C:\i386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\ATL.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\MFC42.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\MFC42U.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\MSVCP60.DLL
C:\i386\ASMS\6000\MSFT\VCRTLINT\MFC42FRA.DLL
C:\i386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL
C:\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCIRT.DLL
C:\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
C:\i386\DRW\FAULTH.DLL
C:\i386\DRW\1033\DWINTL.DLL
C:\i386\DRW\1036\DWINTL.DLL
C:\i386\SYSTEM32\NTDLL.DLL
C:\i386\WIN9XMIG\ACROBAT\MIGRATE.DLL
C:\i386\WIN9XMIG\CMMGR\MIGRATE.DLL
C:\i386\WIN9XMIG\DEVUPGRD\MIGRATE.DLL
C:\i386\WIN9XMIG\DMICALL\MIGRATE.DLL
C:\i386\WIN9XMIG\DVD\MIGRATE.DLL
C:\i386\WIN9XMIG\EASTMAN\MIGRATE.DLL
C:\i386\WIN9XMIG\FAX\MIGRATE.DLL
C:\i386\WIN9XMIG\HPTOOLS\MIGRATE.DLL
C:\i386\WIN9XMIG\IBMAV\MIGRATE.DLL
C:\i386\WIN9XMIG\ICM\MIGRATE.DLL
C:\i386\WIN9XMIG\IEMIG\MIGRATE.DLL
C:\i386\WIN9XMIG\MAPI\DLL\MIGRATE.DLL
C:\i386\WIN9XMIG\MAPI\DLL\MSPATCHA.DLL
C:\i386\WIN9XMIG\MODEMS\MIGRATE.DLL
C:\i386\WIN9XMIG\MSGQUEUE\MIGRATE.DLL
C:\i386\WIN9XMIG\MSI\MIGRATE.DLL
C:\i386\WIN9XMIG\MSI\MSI9XMIG.DLL
C:\i386\WIN9XMIG\MSI\MSINTMIG.DLL
C:\i386\WIN9XMIG\MSP\MIGRATE.DLL
C:\i386\WIN9XMIG\NECKBD\MIGRATE.DLL
C:\i386\WIN9XMIG\NECPA\MIGRATE.DLL
C:\i386\WIN9XMIG\NECWPS\MIGRATE.DLL
C:\i386\WIN9XMIG\OCTOPUS\MIGRATE.DLL
C:\i386\WIN9XMIG\OEWAB\MIGRATE.DLL
C:\i386\WIN9XMIG\PRINT\MIGRATE.DLL
C:\i386\WIN9XMIG\PWS\MIGRATE.DLL
C:\i386\WIN9XMIG\RUMBA\MIGRATE.DLL
C:\i386\WIN9XMIG\SETUP\MIGRATE.DLL
C:\i386\WIN9XMIG\TRANSACT\MIGRATE.DLL
C:\i386\WIN9XMIG\WIA\MIGRATE.DLL
C:\i386\WIN9XMIG\WMP\MIGRATE.DLL
C:\i386\WIN9XUPG\CABINET.DLL
C:\i386\WIN9XUPG\CFGMGR32.DLL
C:\i386\WIN9XUPG\IMAGEHLP.DLL
C:\i386\WIN9XUPG\ISMIG.DLL
C:\i386\WIN9XUPG\MSVCRT.DLL
C:\i386\WIN9XUPG\SETUPAPI.DLL
C:\i386\WIN9XUPG\W95UPG.DLL
C:\i386\WINNTUPG\APMUPGRD.DLL
C:\i386\WINNTUPG\BOSCOMP.DLL
C:\i386\WINNTUPG\CFGMGR32.DLL
C:\i386\WINNTUPG\CLUSCOMP.DLL
C:\i386\WINNTUPG\FSFILTER.DLL
C:\i386\WINNTUPG\FTCOMP.DLL
C:\i386\WINNTUPG\INPUPGRD.DLL
C:\i386\WINNTUPG\MSMQCOMP.DLL
C:\i386\WINNTUPG\NETUPGRD.DLL
C:\i386\WINNTUPG\NTDSUPG.DLL
C:\i386\WINNTUPG\NV4PREP.DLL
C:\i386\WINNTUPG\SETUPAPI.DLL
C:\i386\WINNTUPG\TSCOMP.DLL
C:\i386\WINNTUPG\VIDUPGRD.DLL
C:\i386\WINNTUPG\MS\MODEMSHR\MDMSHRUP.DLL
C:\i386\WINNTUPG\MS\SNA\IBMMGUG.DLL
C:\i386\WINNTUPG\MS\SNA\NTSNAUPG.DLL
C:\i386\WINNTUPG\MS\SNA\SNADLCUG.DLL
C:\i386\WINNTUPG\OEM\DIGI\ASYNC\DGUPGRD.DLL
C:\i386\WINNTUPG\OEM\DIGI\ISDN\BRI\DIGIUPG.DLL
C:\i386\WINNTUPG\OEM\DIGI\ISDN\PRI\DIGPRIUP.DLL
C:\i386\WINNTUPG\OEM\DIGI\REALPORT\DGRPUPG.DLL
C:\i386\WINNTUPG\OEM\EQN\EQNUPGRD.DLL
C:\i386\WINNTUPG\OEM\SPX\MPS\SPXUPGRD.DLL
C:\i386\WINNTUPG\OEM\TIGERJET\TJUPG.DLL
C:\VALUEADD\MSFT\USMT\ICONLIB.DLL
C:\VALUEADD\MSFT\USMT\LOG.DLL
C:\VALUEADD\MSFT\USMT\MIGISM.DLL
C:\VALUEADD\MSFT\USMT\MIGISM_A.DLL
C:\VALUEADD\MSFT\USMT\SCRIPT.DLL
C:\VALUEADD\MSFT\USMT\SCRIPT_A.DLL
C:\VALUEADD\MSFT\USMT\SHFOLDER.DLL
C:\VALUEADD\MSFT\USMT\SYSMOD.DLL
C:\VALUEADD\MSFT\USMT\SYSMOD_A.DLL
C:\VALUEADD\MSFT\USMT\UNCTRN.DLL
C:\VALUEADD\MSFT\USMT\UNCTRN_A.DLL
C:\VALUEADD\MSFT\USMT\ANSI\ICONLIB.DLL
C:\VALUEADD\MSFT\USMT\ANSI\LOG.DLL
C:\VALUEADD\MSFT\USMT\ANSI\MIGISM.DLL
C:\VALUEADD\MSFT\USMT\ANSI\SCRIPT.DLL
C:\VALUEADD\MSFT\USMT\ANSI\SHFOLDER.DLL
C:\VALUEADD\MSFT\USMT\ANSI\SYSMOD.DLL
C:\VALUEADD\MSFT\USMT\ANSI\UNCTRN.DLL
C:\WINDOWS\system32\baddfaeb8_g.dll
C:\WINDOWS\system32\NTIBUN4.dll
C:\WINDOWS\system32\NTICDMK7.dll
C:\WINDOWS\system32\NTIFCD3.dll
C:\WINDOWS\system32\NTIMP3.dll
C:\WINDOWS\system32\NTIMPEG2.dll
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\WMIAcerCheck.exe
C:\Acer\Empowering Technology\ePerformance\ePerformance.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eRecovery\BurnMachine.exe
C:\Acer\Empowering Technology\eRecovery\catply.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eRecovery\eRecovery.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryUI.exe
C:\Acer\Empowering Technology\eRecovery\ImageItEncrypt.exe
C:\Acer\Empowering Technology\eRecovery\LockKM2.exe
C:\Acer\Empowering Technology\eRecovery\MBRwrWin.exe
C:\Acer\Empowering Technology\eRecovery\OSCDIMG.EXE
C:\Acer\Empowering Technology\eRecovery\PopupMsgBackup.exe
C:\Acer\Empowering Technology\eRecovery\PopupMsgUpdate.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\drv\CPU\setup.exe
C:\drv\lan1\gSetXP.exe
C:\drv\Modem1\sm56hlpr.exe
C:\drv\Modem1\sm56unst.exe
C:\drv\Modem2\agrsmdel.exe
C:\drv\Modem2\AGRSMMsg.exe
C:\drv\Modem2\agsetup3.EXE
C:\drv\Modem2\setup.exe
C:\drv\vga1\nvudisp.exe
C:\drv\vga1\setup.exe
C:\drv\VGA4\HcwDriverInstall.exe
C:\drv\VGA5\LVCODER.EXE
C:\i386\AUTOCHK.EXE
C:\i386\AUTOFMT.EXE
C:\i386\EXPAND.EXE
C:\i386\FAXPATCH.EXE
C:\i386\NETSETUP.EXE
C:\i386\NTSD.EXE
C:\i386\REGEDIT.EXE
C:\i386\SPNPINST.EXE
C:\i386\SYSPARSE.EXE
C:\i386\TELNET.EXE
C:\i386\USETUP.EXE
C:\i386\WINNT.EXE
C:\i386\WINNT32.EXE
C:\i386\DRW\DWWIN.EXE
C:\i386\SYSTEM32\SMSS.EXE
C:\i386\WIN9XMIG\FAX\AWDVSTUB.EXE
C:\i386\WIN9XMIG\MAPI\DLL\MKNTFRMCACHE.EXE
C:\i386\WIN9XUPG\TWID.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\VALUEADD\3RDPARTY\MGMT\CITRIX\ICA32.EXE
C:\VALUEADD\MSFT\MGMT\IAS\IASNT4.EXE
C:\VALUEADD\MSFT\MGMT\PBA\PBAINST.EXE
C:\VALUEADD\MSFT\NET\TOOLS\TTCP.EXE
C:\VALUEADD\MSFT\USMT\LOADSTATE.EXE
C:\VALUEADD\MSFT\USMT\SCANSTATE.EXE
C:\VALUEADD\MSFT\USMT\SCANSTATE_A.EXE
C:\VALUEADD\MSFT\USMT\ANSI\SCANSTATE.EXE
C:\WINDOWS\AcerDRV\InsD1211.exe
C:\WINDOWS\AcerDRV\InsD1215.exe
C:\WINDOWS\AcerDRV\rescan.exe
C:\WINDOWS\system32\ImageItEncrypt.exe
C:\WINDOWS\system32\InsD1211.exe
C:\WINDOWS\system32\InsD1215.exe
C:\WINDOWS\system32\KCMDNIns.exe
C:\WINDOWS\system32\RemD1211.exe
C:\WINDOWS\system32\RemD1215.exe
C:\WINDOWS\system32\rescan.exe
C:\Acer\Empowering Technology\eRecovery\int15.sys
C:\drv\lan0\rtl8185.sys
C:\drv\lan1\ipgdnd51.sys
C:\drv\lan2\ar5211.sys
C:\drv\lan3\yk51x86.sys
C:\drv\MODEM0\DRIVER67\HVR1110.SYS
C:\drv\Modem1\SmSerial.sys
C:\drv\Modem2\AGRSM.sys
C:\drv\VGA2\Driver88\hcw88aud.sys
C:\drv\VGA2\Driver88\hcw88bar.sys
C:\drv\VGA2\Driver88\hcw88bda.sys
C:\drv\VGA2\Driver88\hcw88r9x.sys
C:\drv\VGA2\Driver88\hcw88rc5.sys
C:\drv\VGA2\Driver88\hcw88tse.sys
C:\drv\VGA2\Driver88\hcw88tun.sys
C:\drv\VGA2\Driver88\hcw88vid.sys
C:\drv\VGA3\wfpvrbar.sys
C:\drv\VGA3\wfpvrcap.sys
C:\drv\VGA3\wfpvrenc.sys
C:\drv\VGA3\wfpvrtun.sys
C:\drv\VGA4\DriverA2\hcwPP2.sys
C:\drv\VGA4\DriverA2\64Bit\hcwPP2.sys
C:\drv\VGA5\LVHYBRID.SYS
C:\drv\VGA6\WF2KTUNR.SYS
C:\drv\VGA6\WF2KVCAP.SYS
C:\drv\VGA6\WF2KXBAR.SYS
C:\drv\VGA6\WF88TUNE.SYS
C:\drv\VGA6\WF88VCAP.SYS
C:\drv\VGA6\WF88XBAR.SYS
C:\i386\KSECDD.SYS
C:\i386\NTFS.SYS
C:\i386\SPCMDCON.SYS
C:\i386\$OEM$\$$\OEMDIR\classpnp.sys
C:\i386\$OEM$\$$\OEMDIR\nvatabus.sys
C:\i386\$OEM$\$$\OEMDIR\nvraid.sys
C:\i386\$OEM$\TEXTMODE\classpnp.sys
C:\i386\$OEM$\TEXTMODE\nvatabus.sys
C:\i386\$OEM$\TEXTMODE\nvraid.sys
C:\i386\WIN9XMIG\DMICALL\DMICALL.SYS
C:\VALUEADD\MSFT\NET\NETBEUI\NBF.SYS
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
Finished
2/ Voici le rapport de HiJackthis :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:59:07, on 31/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Z. APPLICATIONS\PATCH VIRUS\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.google.com/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-
396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe"
/background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Personnaliser les options - C:\Program Files\PROMT5
\PROMTIE4\options.htm
O8 - Extra context menu item: Traduire - C:\Program Files\PROMT5\PROMTIE4
\translat.htm
O8 - Extra context menu item: Traduire avec WebView - C:\Program Files\PROMT5
\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - C:\Program Files\PROMT5\PROMTIE4
\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} -
C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-
E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} -
C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-
E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
(HKCU)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection
Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://el-viage-infinito.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center
Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.c
ab?1179771392015
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments
Control) - http://by113fd.bay113.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-
00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant -
{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. -
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers
communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1
\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1
\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1
\Grisoft\AVG7\avgemc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) -
Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Service de planification Media Center (ehSched) - Unknown owner -
C:\WINDOWS\eHome\ehSched.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner -
C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner -
C:\WINDOWS\system32\imapi.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) -
Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program
Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner -
C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32
\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner -
C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32
\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) -
Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32
\SCardSvr.exe
O23 - Service: Service SNMP (SNMP) - Unknown owner - C:\WINDOWS\System32
\snmp.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner -
C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner -
C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner -
C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) -
Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
Oui, c'est fait en mode sans échec.
1/Voici le rapport de SDFix :
SDFix: Version 1.85
Run by RIKAO - 31/05/2007 - 13:45:48,89
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\RIKAO\Bureau\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\WINDOWS\regedit.com - Deleted
Removing Temp Files...
ADS Check:
Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.
Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\LeechFTP\\Leechftp.exe"="C:\\Program Files\\LeechFTP\\Leechftp.exe:*:Enabled:LeechFTP"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Disabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Disabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Disabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Disabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Disabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Disabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Disabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Disabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Disabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Disabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Disabled:hpzwiz01.exe"
"C:\\Kaspersky\\kavupd.exe"="C:\\Kaspersky\\kavupd.exe:*:Disabled:kavupd"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Disabled:Message Queuing"
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Disabled:MessengerDiscovery Live the Windows Live Messenger addon"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\DOCUME~1\RIKAO\Bureau\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes:
C:\Acer\Empowering Technology\eRecovery\ETFSBOOT.COM
C:\Acer\WR_PopUp\Microsoft.VisualBasic.Compatibility.dll
C:\Documents and Settings\RIKAO\Local Settings\Application Data\Microsoft\Messenger\authentiquement_vrai@hotmail.fr\SharingMetadata\anankeio@hotmail.com\Thumbs.db
C:\Acer\Empowering Technology\acer.empowering.framework.host.dll
C:\Acer\Empowering Technology\acer.empowering.framework.interface.dll
C:\Acer\Empowering Technology\acer.empowering.framework.launchbarview.dll
C:\Acer\Empowering Technology\acer.empowering.framework.passwordsetting.dll
C:\Acer\Empowering Technology\acer.empowering.framework.presenter.dll
C:\Acer\Empowering Technology\acer.empowering.shared.dll
C:\Acer\Empowering Technology\acer.empowering.shared.ui.dll
C:\Acer\Empowering Technology\acer.empowering.windows.forms.dll
C:\Acer\Empowering Technology\interop.shell32.dll
C:\Acer\Empowering Technology\log4net.dll
C:\Acer\Empowering Technology\MSVCR71.dll
C:\Acer\Empowering Technology\scrollbarlib.dll
C:\Acer\Empowering Technology\de\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.eperformance.eperformancelibrary.dll
C:\Acer\Empowering Technology\ePerformance\Acer.Empowering.ePerformance.Plugin.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.eperformance.popupwindow.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.framework.interface.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.patterns.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.ui.dll
C:\Acer\Empowering Technology\ePerformance\acer.empowering.windows.forms.dll
C:\Acer\Empowering Technology\ePerformance\acermemusagecheckservinterface.dll
C:\Acer\Empowering Technology\ePerformance\interop.shell32.dll
C:\Acer\Empowering Technology\ePerformance\models.dll
C:\Acer\Empowering Technology\ePerformance\presenters.dll
C:\Acer\Empowering Technology\ePerformance\scrollbarlib.dll
C:\Acer\Empowering Technology\ePerformance\views.dll
C:\Acer\Empowering Technology\ePerformance\widget.dll
C:\Acer\Empowering Technology\ePerformance\de\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\de\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\de\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\es\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\es\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\es\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\fr\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\fr\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\fr\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\it\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\it\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\it\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\ja\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\ja\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\ja\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\nl\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\nl\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\nl\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\pt\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\pt\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\pt\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\sv\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\sv\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\sv\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHS\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHS\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHS\Widget.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHT\Acer.Empowering.ePerformance.Plugin.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHT\Views.resources.dll
C:\Acer\Empowering Technology\ePerformance\zh-CHT\Widget.resources.dll
C:\Acer\Empowering Technology\eRecovery\AboutNTISDK.dll
C:\Acer\Empowering Technology\eRecovery\acer.empowering.framework.passwordsetting.dll
C:\Acer\Empowering Technology\eRecovery\acer.empowering.windows.forms.dll
C:\Acer\Empowering Technology\eRecovery\CdrMmc32.dll
C:\Acer\Empowering Technology\eRecovery\Cdrw32.dll
C:\Acer\Empowering Technology\eRecovery\CdrwEx32.dll
C:\Acer\Empowering Technology\eRecovery\Data32.dll
C:\Acer\Empowering Technology\eRecovery\DataEx32.dll
C:\Acer\Empowering Technology\eRecovery\eRecoveryUI.dll
C:\Acer\Empowering Technology\eRecovery\FormatDisk.dll
C:\Acer\Empowering Technology\eRecovery\imagefile.dll
C:\Acer\Empowering Technology\eRecovery\ImagFile.dll
C:\Acer\Empowering Technology\eRecovery\it41.dll
C:\Acer\Empowering Technology\eRecovery\LogFile.dll
C:\Acer\Empowering Technology\eRecovery\Mpeg2Dec.dll
C:\Acer\Empowering Technology\eRecovery\NtiAspi.dll
C:\Acer\Empowering Technology\eRecovery\READFILE.DLL
C:\Acer\Empowering Technology\eRecovery\scrollbarlib.dll
C:\Acer\Empowering Technology\eRecovery\Video32.dll
C:\Acer\Empowering Technology\eRecovery\WIN32PwrSchemeDLL_R.dll
C:\Acer\Empowering Technology\eRecovery\de\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\de\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\de\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\es\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\es\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\es\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\fr\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\fr\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\fr\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\it\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\it\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\it\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\ja\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\ja\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\ja\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\nl\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\nl\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\nl\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\pt\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\pt\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\pt\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\sv\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\sv\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\sv\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHS\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHS\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHS\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHT\eRecoveryUI.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHT\PopupMsgBackup.resources.dll
C:\Acer\Empowering Technology\eRecovery\zh-CHT\PopupMsgUpdate.resources.dll
C:\Acer\Empowering Technology\es\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\fr\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\it\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\ja\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\nl\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\pt\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\sv\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\zh-CHS\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\Empowering Technology\zh-CHT\Acer.Empowering.Framework.LaunchBarView.resources.dll
C:\Acer\WR_PopUp\Microsoft.VisualBasic.Compatibility.dll
C:\drv\MODEM0\DRIVER67\HCW34CO.DLL
C:\drv\MODEM0\DRIVER67\HCWI2C32.DLL
C:\drv\MODEM0\DRIVER67\HCWPNP32.DLL
C:\drv\MODEM0\DRIVER67\HCWUTL32.DLL
C:\drv\Modem1\sm56brz.dll
C:\drv\Modem1\sm56chs.dll
C:\drv\Modem1\sm56cht.dll
C:\drv\Modem1\sm56co.dll
C:\drv\Modem1\sm56eng.dll
C:\drv\Modem1\sm56fra.dll
C:\drv\Modem1\sm56ger.dll
C:\drv\Modem1\sm56itl.dll
C:\drv\Modem1\sm56jpn.dll
C:\drv\Modem1\sm56spn.dll
C:\drv\Modem2\agsetup1.dll
C:\drv\Modem2\agsetup2.dll
C:\drv\vga0\B_30806\atiiiexx.dll
C:\drv\VGA2\Driver88\HCWI2C32.DLL
C:\drv\VGA2\Driver88\hcwpnp32.dll
C:\drv\VGA2\Driver88\hcwutl32.dll
C:\drv\VGA2\Driver88\hcwxds.dll
C:\drv\VGA3\wfbbtvra.dll
C:\drv\VGA4\DriverA2\hcwutl32.dll
C:\drv\VGA4\DriverA2\hcwxds.dll
C:\drv\VGA4\DriverA2\64Bit\hcwutl32.dll
C:\drv\VGA4\DriverA2\64Bit\hcwxds.dll
C:\drv\VGA4\DriverA2\WOW64\WOWUtl32.dll
C:\drv\VGA4\DriverA2\WOW64\WOWxds.dll
C:\drv\VGA5\34COINSTALLER.DLL
C:\i386\CABINET.DLL
C:\i386\DBGENG.DLL
C:\i386\DBGHELP.DLL
C:\i386\EXTS.DLL
C:\i386\HWDB.DLL
C:\i386\IMAGEHLP.DLL
C:\i386\KBDA1.DLL
C:\i386\KBDA2.DLL
C:\i386\KBDA3.DLL
C:\i386\KBDAL.DLL
C:\i386\KBDARME.DLL
C:\i386\KBDARMW.DLL
C:\i386\KBDAZE.DLL
C:\i386\KBDAZEL.DLL
C:\i386\KBDBE.DLL
C:\i386\KBDBLR.DLL
C:\i386\KBDBR.DLL
C:\i386\KBDBU.DLL
C:\i386\KBDCA.DLL
C:\i386\KBDCR.DLL
C:\i386\KBDCZ.DLL
C:\i386\KBDCZ1.DLL
C:\i386\KBDCZ2.DLL
C:\i386\KBDDA.DLL
C:\i386\KBDDIV1.DLL
C:\i386\KBDDIV2.DLL
C:\i386\KBDDV.DLL
C:\i386\KBDES.DLL
C:\i386\KBDEST.DLL
C:\i386\KBDFA.DLL
C:\i386\KBDFC.DLL
C:\i386\KBDFI.DLL
C:\i386\KBDFR.DLL
C:\i386\KBDGAE.DLL
C:\i386\KBDGEO.DLL
C:\i386\KBDGKL.DLL
C:\i386\KBDGR.DLL
C:\i386\KBDGR1.DLL
C:\i386\KBDHE.DLL
C:\i386\KBDHE220.DLL
C:\i386\KBDHE319.DLL
C:\i386\KBDHEB.DLL
C:\i386\KBDHELA2.DLL
C:\i386\KBDHELA3.DLL
C:\i386\KBDHEPT.DLL
C:\i386\KBDHU.DLL
C:\i386\KBDHU1.DLL
C:\i386\KBDIC.DLL
C:\i386\KBDINDEV.DLL
C:\i386\KBDINGUJ.DLL
C:\i386\KBDINHIN.DLL
C:\i386\KBDINKAN.DLL
C:\i386\KBDINMAR.DLL
C:\i386\KBDINPUN.DLL
C:\i386\KBDINTAM.DLL
C:\i386\KBDINTEL.DLL
C:\i386\KBDIR.DLL
C:\i386\KBDIT.DLL
C:\i386\KBDIT142.DLL
C:\i386\KBDKAZ.DLL
C:\i386\KBDKYR.DLL
C:\i386\KBDLA.DLL
C:\i386\KBDLT.DLL
C:\i386\KBDLT1.DLL
C:\i386\KBDLV.DLL
C:\i386\KBDLV1.DLL
C:\i386\KBDMON.DLL
C:\i386\KBDNE.DLL
C:\i386\KBDNEC.DLL
C:\i386\KBDNO.DLL
C:\i386\KBDPL.DLL
C:\i386\KBDPL1.DLL
C:\i386\KBDPO.DLL
C:\i386\KBDRO.DLL
C:\i386\KBDRU.DLL
C:\i386\KBDRU1.DLL
C:\i386\KBDSF.DLL
C:\i386\KBDSG.DLL
C:\i386\KBDSL.DLL
C:\i386\KBDSL1.DLL
C:\i386\KBDSP.DLL
C:\i386\KBDSW.DLL
C:\i386\KBDSYR1.DLL
C:\i386\KBDSYR2.DLL
C:\i386\KBDTAT.DLL
C:\i386\KBDTH0.DLL
C:\i386\KBDTH1.DLL
C:\i386\KBDTH2.DLL
C:\i386\KBDTH3.DLL
C:\i386\KBDTUF.DLL
C:\i386\KBDTUQ.DLL
C:\i386\KBDUK.DLL
C:\i386\KBDUR.DLL
C:\i386\KBDURDU.DLL
C:\i386\KBDUS.DLL
C:\i386\KBDUSL.DLL
C:\i386\KBDUSR.DLL
C:\i386\KBDUSX.DLL
C:\i386\KBDUZB.DLL
C:\i386\KBDVNTC.DLL
C:\i386\KBDYCC.DLL
C:\i386\KBDYCL.DLL
C:\i386\NTDLL.DLL
C:\i386\NTSDEXTS.DLL
C:\i386\PIDGEN.DLL
C:\i386\WINNT32A.DLL
C:\i386\WINNT32U.DLL
C:\i386\WINNTBBA.DLL
C:\i386\WINNTBBU.DLL
C:\i386\WSDU.DLL
C:\i386\WSDUENG.DLL
C:\i386\$OEM$\$$\OEMDIR\idecoi.dll
C:\i386\$OEM$\$$\OEMDIR\nvraidco.dll
C:\i386\$OEM$\TEXTMODE\idecoi.dll
C:\i386\$OEM$\TEXTMODE\nvraidco.dll
C:\i386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\ATL.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\MFC42.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\MFC42U.DLL
C:\i386\ASMS\6000\MSFT\VCRTL\MSVCP60.DLL
C:\i386\ASMS\6000\MSFT\VCRTLINT\MFC42FRA.DLL
C:\i386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL
C:\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCIRT.DLL
C:\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
C:\i386\DRW\FAULTH.DLL
C:\i386\DRW\1033\DWINTL.DLL
C:\i386\DRW\1036\DWINTL.DLL
C:\i386\SYSTEM32\NTDLL.DLL
C:\i386\WIN9XMIG\ACROBAT\MIGRATE.DLL
C:\i386\WIN9XMIG\CMMGR\MIGRATE.DLL
C:\i386\WIN9XMIG\DEVUPGRD\MIGRATE.DLL
C:\i386\WIN9XMIG\DMICALL\MIGRATE.DLL
C:\i386\WIN9XMIG\DVD\MIGRATE.DLL
C:\i386\WIN9XMIG\EASTMAN\MIGRATE.DLL
C:\i386\WIN9XMIG\FAX\MIGRATE.DLL
C:\i386\WIN9XMIG\HPTOOLS\MIGRATE.DLL
C:\i386\WIN9XMIG\IBMAV\MIGRATE.DLL
C:\i386\WIN9XMIG\ICM\MIGRATE.DLL
C:\i386\WIN9XMIG\IEMIG\MIGRATE.DLL
C:\i386\WIN9XMIG\MAPI\DLL\MIGRATE.DLL
C:\i386\WIN9XMIG\MAPI\DLL\MSPATCHA.DLL
C:\i386\WIN9XMIG\MODEMS\MIGRATE.DLL
C:\i386\WIN9XMIG\MSGQUEUE\MIGRATE.DLL
C:\i386\WIN9XMIG\MSI\MIGRATE.DLL
C:\i386\WIN9XMIG\MSI\MSI9XMIG.DLL
C:\i386\WIN9XMIG\MSI\MSINTMIG.DLL
C:\i386\WIN9XMIG\MSP\MIGRATE.DLL
C:\i386\WIN9XMIG\NECKBD\MIGRATE.DLL
C:\i386\WIN9XMIG\NECPA\MIGRATE.DLL
C:\i386\WIN9XMIG\NECWPS\MIGRATE.DLL
C:\i386\WIN9XMIG\OCTOPUS\MIGRATE.DLL
C:\i386\WIN9XMIG\OEWAB\MIGRATE.DLL
C:\i386\WIN9XMIG\PRINT\MIGRATE.DLL
C:\i386\WIN9XMIG\PWS\MIGRATE.DLL
C:\i386\WIN9XMIG\RUMBA\MIGRATE.DLL
C:\i386\WIN9XMIG\SETUP\MIGRATE.DLL
C:\i386\WIN9XMIG\TRANSACT\MIGRATE.DLL
C:\i386\WIN9XMIG\WIA\MIGRATE.DLL
C:\i386\WIN9XMIG\WMP\MIGRATE.DLL
C:\i386\WIN9XUPG\CABINET.DLL
C:\i386\WIN9XUPG\CFGMGR32.DLL
C:\i386\WIN9XUPG\IMAGEHLP.DLL
C:\i386\WIN9XUPG\ISMIG.DLL
C:\i386\WIN9XUPG\MSVCRT.DLL
C:\i386\WIN9XUPG\SETUPAPI.DLL
C:\i386\WIN9XUPG\W95UPG.DLL
C:\i386\WINNTUPG\APMUPGRD.DLL
C:\i386\WINNTUPG\BOSCOMP.DLL
C:\i386\WINNTUPG\CFGMGR32.DLL
C:\i386\WINNTUPG\CLUSCOMP.DLL
C:\i386\WINNTUPG\FSFILTER.DLL
C:\i386\WINNTUPG\FTCOMP.DLL
C:\i386\WINNTUPG\INPUPGRD.DLL
C:\i386\WINNTUPG\MSMQCOMP.DLL
C:\i386\WINNTUPG\NETUPGRD.DLL
C:\i386\WINNTUPG\NTDSUPG.DLL
C:\i386\WINNTUPG\NV4PREP.DLL
C:\i386\WINNTUPG\SETUPAPI.DLL
C:\i386\WINNTUPG\TSCOMP.DLL
C:\i386\WINNTUPG\VIDUPGRD.DLL
C:\i386\WINNTUPG\MS\MODEMSHR\MDMSHRUP.DLL
C:\i386\WINNTUPG\MS\SNA\IBMMGUG.DLL
C:\i386\WINNTUPG\MS\SNA\NTSNAUPG.DLL
C:\i386\WINNTUPG\MS\SNA\SNADLCUG.DLL
C:\i386\WINNTUPG\OEM\DIGI\ASYNC\DGUPGRD.DLL
C:\i386\WINNTUPG\OEM\DIGI\ISDN\BRI\DIGIUPG.DLL
C:\i386\WINNTUPG\OEM\DIGI\ISDN\PRI\DIGPRIUP.DLL
C:\i386\WINNTUPG\OEM\DIGI\REALPORT\DGRPUPG.DLL
C:\i386\WINNTUPG\OEM\EQN\EQNUPGRD.DLL
C:\i386\WINNTUPG\OEM\SPX\MPS\SPXUPGRD.DLL
C:\i386\WINNTUPG\OEM\TIGERJET\TJUPG.DLL
C:\VALUEADD\MSFT\USMT\ICONLIB.DLL
C:\VALUEADD\MSFT\USMT\LOG.DLL
C:\VALUEADD\MSFT\USMT\MIGISM.DLL
C:\VALUEADD\MSFT\USMT\MIGISM_A.DLL
C:\VALUEADD\MSFT\USMT\SCRIPT.DLL
C:\VALUEADD\MSFT\USMT\SCRIPT_A.DLL
C:\VALUEADD\MSFT\USMT\SHFOLDER.DLL
C:\VALUEADD\MSFT\USMT\SYSMOD.DLL
C:\VALUEADD\MSFT\USMT\SYSMOD_A.DLL
C:\VALUEADD\MSFT\USMT\UNCTRN.DLL
C:\VALUEADD\MSFT\USMT\UNCTRN_A.DLL
C:\VALUEADD\MSFT\USMT\ANSI\ICONLIB.DLL
C:\VALUEADD\MSFT\USMT\ANSI\LOG.DLL
C:\VALUEADD\MSFT\USMT\ANSI\MIGISM.DLL
C:\VALUEADD\MSFT\USMT\ANSI\SCRIPT.DLL
C:\VALUEADD\MSFT\USMT\ANSI\SHFOLDER.DLL
C:\VALUEADD\MSFT\USMT\ANSI\SYSMOD.DLL
C:\VALUEADD\MSFT\USMT\ANSI\UNCTRN.DLL
C:\WINDOWS\system32\baddfaeb8_g.dll
C:\WINDOWS\system32\NTIBUN4.dll
C:\WINDOWS\system32\NTICDMK7.dll
C:\WINDOWS\system32\NTIFCD3.dll
C:\WINDOWS\system32\NTIMP3.dll
C:\WINDOWS\system32\NTIMPEG2.dll
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\WMIAcerCheck.exe
C:\Acer\Empowering Technology\ePerformance\ePerformance.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eRecovery\BurnMachine.exe
C:\Acer\Empowering Technology\eRecovery\catply.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eRecovery\eRecovery.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryUI.exe
C:\Acer\Empowering Technology\eRecovery\ImageItEncrypt.exe
C:\Acer\Empowering Technology\eRecovery\LockKM2.exe
C:\Acer\Empowering Technology\eRecovery\MBRwrWin.exe
C:\Acer\Empowering Technology\eRecovery\OSCDIMG.EXE
C:\Acer\Empowering Technology\eRecovery\PopupMsgBackup.exe
C:\Acer\Empowering Technology\eRecovery\PopupMsgUpdate.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\drv\CPU\setup.exe
C:\drv\lan1\gSetXP.exe
C:\drv\Modem1\sm56hlpr.exe
C:\drv\Modem1\sm56unst.exe
C:\drv\Modem2\agrsmdel.exe
C:\drv\Modem2\AGRSMMsg.exe
C:\drv\Modem2\agsetup3.EXE
C:\drv\Modem2\setup.exe
C:\drv\vga1\nvudisp.exe
C:\drv\vga1\setup.exe
C:\drv\VGA4\HcwDriverInstall.exe
C:\drv\VGA5\LVCODER.EXE
C:\i386\AUTOCHK.EXE
C:\i386\AUTOFMT.EXE
C:\i386\EXPAND.EXE
C:\i386\FAXPATCH.EXE
C:\i386\NETSETUP.EXE
C:\i386\NTSD.EXE
C:\i386\REGEDIT.EXE
C:\i386\SPNPINST.EXE
C:\i386\SYSPARSE.EXE
C:\i386\TELNET.EXE
C:\i386\USETUP.EXE
C:\i386\WINNT.EXE
C:\i386\WINNT32.EXE
C:\i386\DRW\DWWIN.EXE
C:\i386\SYSTEM32\SMSS.EXE
C:\i386\WIN9XMIG\FAX\AWDVSTUB.EXE
C:\i386\WIN9XMIG\MAPI\DLL\MKNTFRMCACHE.EXE
C:\i386\WIN9XUPG\TWID.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\VALUEADD\3RDPARTY\MGMT\CITRIX\ICA32.EXE
C:\VALUEADD\MSFT\MGMT\IAS\IASNT4.EXE
C:\VALUEADD\MSFT\MGMT\PBA\PBAINST.EXE
C:\VALUEADD\MSFT\NET\TOOLS\TTCP.EXE
C:\VALUEADD\MSFT\USMT\LOADSTATE.EXE
C:\VALUEADD\MSFT\USMT\SCANSTATE.EXE
C:\VALUEADD\MSFT\USMT\SCANSTATE_A.EXE
C:\VALUEADD\MSFT\USMT\ANSI\SCANSTATE.EXE
C:\WINDOWS\AcerDRV\InsD1211.exe
C:\WINDOWS\AcerDRV\InsD1215.exe
C:\WINDOWS\AcerDRV\rescan.exe
C:\WINDOWS\system32\ImageItEncrypt.exe
C:\WINDOWS\system32\InsD1211.exe
C:\WINDOWS\system32\InsD1215.exe
C:\WINDOWS\system32\KCMDNIns.exe
C:\WINDOWS\system32\RemD1211.exe
C:\WINDOWS\system32\RemD1215.exe
C:\WINDOWS\system32\rescan.exe
C:\Acer\Empowering Technology\eRecovery\int15.sys
C:\drv\lan0\rtl8185.sys
C:\drv\lan1\ipgdnd51.sys
C:\drv\lan2\ar5211.sys
C:\drv\lan3\yk51x86.sys
C:\drv\MODEM0\DRIVER67\HVR1110.SYS
C:\drv\Modem1\SmSerial.sys
C:\drv\Modem2\AGRSM.sys
C:\drv\VGA2\Driver88\hcw88aud.sys
C:\drv\VGA2\Driver88\hcw88bar.sys
C:\drv\VGA2\Driver88\hcw88bda.sys
C:\drv\VGA2\Driver88\hcw88r9x.sys
C:\drv\VGA2\Driver88\hcw88rc5.sys
C:\drv\VGA2\Driver88\hcw88tse.sys
C:\drv\VGA2\Driver88\hcw88tun.sys
C:\drv\VGA2\Driver88\hcw88vid.sys
C:\drv\VGA3\wfpvrbar.sys
C:\drv\VGA3\wfpvrcap.sys
C:\drv\VGA3\wfpvrenc.sys
C:\drv\VGA3\wfpvrtun.sys
C:\drv\VGA4\DriverA2\hcwPP2.sys
C:\drv\VGA4\DriverA2\64Bit\hcwPP2.sys
C:\drv\VGA5\LVHYBRID.SYS
C:\drv\VGA6\WF2KTUNR.SYS
C:\drv\VGA6\WF2KVCAP.SYS
C:\drv\VGA6\WF2KXBAR.SYS
C:\drv\VGA6\WF88TUNE.SYS
C:\drv\VGA6\WF88VCAP.SYS
C:\drv\VGA6\WF88XBAR.SYS
C:\i386\KSECDD.SYS
C:\i386\NTFS.SYS
C:\i386\SPCMDCON.SYS
C:\i386\$OEM$\$$\OEMDIR\classpnp.sys
C:\i386\$OEM$\$$\OEMDIR\nvatabus.sys
C:\i386\$OEM$\$$\OEMDIR\nvraid.sys
C:\i386\$OEM$\TEXTMODE\classpnp.sys
C:\i386\$OEM$\TEXTMODE\nvatabus.sys
C:\i386\$OEM$\TEXTMODE\nvraid.sys
C:\i386\WIN9XMIG\DMICALL\DMICALL.SYS
C:\VALUEADD\MSFT\NET\NETBEUI\NBF.SYS
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
Finished
2/ Voici le rapport de HiJackthis :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:59:07, on 31/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Z. APPLICATIONS\PATCH VIRUS\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.google.com/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-
396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe"
/background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Personnaliser les options - C:\Program Files\PROMT5
\PROMTIE4\options.htm
O8 - Extra context menu item: Traduire - C:\Program Files\PROMT5\PROMTIE4
\translat.htm
O8 - Extra context menu item: Traduire avec WebView - C:\Program Files\PROMT5
\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - C:\Program Files\PROMT5\PROMTIE4
\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} -
C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-
E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} -
C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} -
C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-
E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
(HKCU)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection
Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://el-viage-infinito.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center
Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.c
ab?1179771392015
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments
Control) - http://by113fd.bay113.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-
00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant -
{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. -
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers
communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1
\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1
\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1
\Grisoft\AVG7\avgemc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) -
Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Service de planification Media Center (ehSched) - Unknown owner -
C:\WINDOWS\eHome\ehSched.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner -
C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner -
C:\WINDOWS\system32\imapi.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) -
Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program
Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner -
C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32
\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner -
C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32
\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) -
Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32
\SCardSvr.exe
O23 - Service: Service SNMP (SNMP) - Unknown owner - C:\WINDOWS\System32
\snmp.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner -
C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner -
C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner -
C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) -
Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
31 mai 2007 à 14:20
31 mai 2007 à 14:20
Me revoici.
Ne sachant pas trop, j'ai exécuter SmitfraudFix en Mode sans Echec.
SmitFraudFix v2.188
Rapport fait à 14:13:24,35, 31/05/2007
Executé à partir de C:\Program Files\Z. APPLICATIONS\PATCH VIRUS\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RIKAO
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RIKAO\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32-xpdt
»»»»»»»»»»»»»»»»»»»»»»»» DNS
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Voilà mon cher...
En t'attendant. Crazybabe.
Ne sachant pas trop, j'ai exécuter SmitfraudFix en Mode sans Echec.
SmitFraudFix v2.188
Rapport fait à 14:13:24,35, 31/05/2007
Executé à partir de C:\Program Files\Z. APPLICATIONS\PATCH VIRUS\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RIKAO
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RIKAO\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32-xpdt
»»»»»»»»»»»»»»»»»»»»»»»» DNS
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Voilà mon cher...
En t'attendant. Crazybabe.
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
31 mai 2007 à 14:32
31 mai 2007 à 14:32
Tiens, je vais en rajouter une couche ;-)
AVG m'a trouvé le Trojan Horse Generik.PMK dans mon disque dur externe, il me l'a bouclé en quarantaine, mais il se trouve dans le système de restauration si je ne me trompe pas :
"J:\System Volume Information\_restore
{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP16\A0005199.exe"
Mais bon, c'est un scan qui date du 26.05.07, deux jours avant le début de cette discussion.
Depuis plus rien, sauf AVG Anti-Spyware qui me le retrouve en tant que spyware, mais le supprime.
Bon, je refais un tour de tous les anti spyware.
En attendant, j'espère que tu passes une bonne journée.
Crazybabe
AVG m'a trouvé le Trojan Horse Generik.PMK dans mon disque dur externe, il me l'a bouclé en quarantaine, mais il se trouve dans le système de restauration si je ne me trompe pas :
"J:\System Volume Information\_restore
{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP16\A0005199.exe"
Mais bon, c'est un scan qui date du 26.05.07, deux jours avant le début de cette discussion.
Depuis plus rien, sauf AVG Anti-Spyware qui me le retrouve en tant que spyware, mais le supprime.
Bon, je refais un tour de tous les anti spyware.
En attendant, j'espère que tu passes une bonne journée.
Crazybabe
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
1 juin 2007 à 16:41
1 juin 2007 à 16:41
Salut, mouaih, je me réveille, donc tu vois rien de précipitant, hormis ce rêve de fou... oh là là, j'adore ce que me ramène mon inconscient !!
Bon, je désactive et réactive, c'est tout ? Rien à faire entre les deux ?
Ok, pourquoi pas ;-)
Meilleur à toi :-)
Crazybabe
Bon, je désactive et réactive, c'est tout ? Rien à faire entre les deux ?
Ok, pourquoi pas ;-)
Meilleur à toi :-)
Crazybabe
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
1 juin 2007 à 16:45
1 juin 2007 à 16:45
Ok ça roulle, c'est fait.
Puis plus aucun spyware nommé Générik.
Voilà, à plus tard !!
Crazybabe.
Puis plus aucun spyware nommé Générik.
Voilà, à plus tard !!
Crazybabe.
rudyrital
Messages postés
6230
Date d'inscription
lundi 14 novembre 2005
Statut
Membre
Dernière intervention
10 octobre 2009
131
1 juin 2007 à 18:38
1 juin 2007 à 18:38
c'etait quoi ton reve ? lol
alors , plus de problemes avec ton PC??
alors , plus de problemes avec ton PC??
crazybabe
Messages postés
464
Date d'inscription
mercredi 30 août 2006
Statut
Membre
Dernière intervention
15 septembre 2020
167
1 juin 2007 à 22:11
1 juin 2007 à 22:11
Es-tu certain de vouloir le savoir ??
Ben, je crois qu'il n'a plus aucun problème, c'est triste, Rudy... Qu'allons - nous devenir ? :-)
Oh, je trouverais de bonne raison pour revenir, je me sens bien ici !
En tout cas, merci à toi, vraiment niquel, je m'incline...et il y a de quoi !
Crazybabe
Ben, je crois qu'il n'a plus aucun problème, c'est triste, Rudy... Qu'allons - nous devenir ? :-)
Oh, je trouverais de bonne raison pour revenir, je me sens bien ici !
En tout cas, merci à toi, vraiment niquel, je m'incline...et il y a de quoi !
Crazybabe