Analyse rapport HijackThis
Skolkaes
Messages postés
15
Statut
Membre
-
Skolkaes Messages postés 15 Statut Membre -
Skolkaes Messages postés 15 Statut Membre -
Bonjour,
j'ai eu un problème avec cette icône en bas à droite dans la barre des tâches qui apparaît par moment à mon insu. Il s'agît d'un petit gyrophare bleu surmonté de deux enveloppes blanches avec message suivant une fois le curseur de la souris posé dessus : Avast!Courrier Electronique [mai91....etc je n'ai pas la suite.
Après une rapide recherche, j'ai appris qu'il s'agissait de message sortant que je ne peux contrôler.
J'ai suivi les étapes décrites à l'adresse suivante : virus methode preliminaire de desinfection version fr
Voici les rapports demandés, dans l'ordre
J'espère que quelqu'un m'aidera car çà fait flipper...
Merci d'avance
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 15:14:52 11/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\Jean\Cookies\jean@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
Fin du rapport
---------------------------------------------------------
BitDefender Online Scanner
Scan report generated at: Thu, Oct 11, 2007 - 17:14:39
Scan path: C:\;D:\;E:\;F:\;G:\;
Statistics
Time
01:45:35
Files
544460
Folders
11341
Boot Sectors
6
Archives
11039
Packed Files
34606
Results
Identified Viruses
0
Infected Files
0
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
Engines Info
Virus Definitions
826198
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\system32\d3dx9_33.dll
Clean
C:\WINDOWS\system32\d3dx9_34.dll
Clean
C:\WINDOWS\system32\d3dxof.dll
Clean
C:\WINDOWS\system32\danim.dll
Clean
C:\WINDOWS\system32\dataclen.dll
Clean
C:\WINDOWS\system32\datime.dll
Clean
C:\WINDOWS\system32\davclnt.dll
Clean
C:\WINDOWS\system32\davinci.scr
Clean
C:\WINDOWS\system32\daxctle.ocx
Clean
C:\WINDOWS\system32\dayi.ime
Clean
C:\WINDOWS\system32\dbgeng.dll
Clean
C:\WINDOWS\system32\dbghelp.dll
Clean
C:\WINDOWS\system32\DBGRID32.OCX
Clean
C:\WINDOWS\system32\DBGRID32.OCX=>(zlib o)
Clean
C:\WINDOWS\system32\dbmsrpcn.dll
Clean
C:\WINDOWS\system32\dbnetlib.dll
Clean
C:\WINDOWS\system32\dbnmpntw.dll
Clean
C:\WINDOWS\system32\Dcache.bin
Clean
C:\WINDOWS\system32\dciman32.dll
Clean
C:\WINDOWS\system32\dcomcnfg.exe
Clean
C:\WINDOWS\system32\ddeml.dll
Clean
C:\WINDOWS\system32\ddeshare.exe
Clean
------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 18:41:12, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Harrap's Multimédia\Shorter\bin\HiHarrapsTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\FR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=101807 serial=DR12WUX-1105537-BTX lang=FR
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Ask Harrap's Shorter.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://tellmemore.ulg.ac.be/bin/tol7inst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IDL DicomEx Storage SCP - Unknown owner - D:\RSI\IDL63\bin\bin.x86\idl_dicomexstorscp.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
j'ai eu un problème avec cette icône en bas à droite dans la barre des tâches qui apparaît par moment à mon insu. Il s'agît d'un petit gyrophare bleu surmonté de deux enveloppes blanches avec message suivant une fois le curseur de la souris posé dessus : Avast!Courrier Electronique [mai91....etc je n'ai pas la suite.
Après une rapide recherche, j'ai appris qu'il s'agissait de message sortant que je ne peux contrôler.
J'ai suivi les étapes décrites à l'adresse suivante : virus methode preliminaire de desinfection version fr
Voici les rapports demandés, dans l'ordre
J'espère que quelqu'un m'aidera car çà fait flipper...
Merci d'avance
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 15:14:52 11/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\Jean\Cookies\jean@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
Fin du rapport
---------------------------------------------------------
BitDefender Online Scanner
Scan report generated at: Thu, Oct 11, 2007 - 17:14:39
Scan path: C:\;D:\;E:\;F:\;G:\;
Statistics
Time
01:45:35
Files
544460
Folders
11341
Boot Sectors
6
Archives
11039
Packed Files
34606
Results
Identified Viruses
0
Infected Files
0
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
Engines Info
Virus Definitions
826198
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\system32\d3dx9_33.dll
Clean
C:\WINDOWS\system32\d3dx9_34.dll
Clean
C:\WINDOWS\system32\d3dxof.dll
Clean
C:\WINDOWS\system32\danim.dll
Clean
C:\WINDOWS\system32\dataclen.dll
Clean
C:\WINDOWS\system32\datime.dll
Clean
C:\WINDOWS\system32\davclnt.dll
Clean
C:\WINDOWS\system32\davinci.scr
Clean
C:\WINDOWS\system32\daxctle.ocx
Clean
C:\WINDOWS\system32\dayi.ime
Clean
C:\WINDOWS\system32\dbgeng.dll
Clean
C:\WINDOWS\system32\dbghelp.dll
Clean
C:\WINDOWS\system32\DBGRID32.OCX
Clean
C:\WINDOWS\system32\DBGRID32.OCX=>(zlib o)
Clean
C:\WINDOWS\system32\dbmsrpcn.dll
Clean
C:\WINDOWS\system32\dbnetlib.dll
Clean
C:\WINDOWS\system32\dbnmpntw.dll
Clean
C:\WINDOWS\system32\Dcache.bin
Clean
C:\WINDOWS\system32\dciman32.dll
Clean
C:\WINDOWS\system32\dcomcnfg.exe
Clean
C:\WINDOWS\system32\ddeml.dll
Clean
C:\WINDOWS\system32\ddeshare.exe
Clean
------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 18:41:12, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Harrap's Multimédia\Shorter\bin\HiHarrapsTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\FR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=101807 serial=DR12WUX-1105537-BTX lang=FR
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Ask Harrap's Shorter.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://tellmemore.ulg.ac.be/bin/tol7inst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IDL DicomEx Storage SCP - Unknown owner - D:\RSI\IDL63\bin\bin.x86\idl_dicomexstorscp.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:
- Analyse rapport HijackThis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Un exemple de rapport de travail ✓ - Forum Word
- Analyse performance pc - Guide
6 réponses
salut
Telecharge genproc de Jean-Chrétien 1 et Narco 4.
http://www.alt-shift-return.org/Info/GenProc-HowTo.html
Poste le rapport .
A plus tard.
Telecharge genproc de Jean-Chrétien 1 et Narco 4.
http://www.alt-shift-return.org/Info/GenProc-HowTo.html
Poste le rapport .
A plus tard.
Bonjour,
Rapport GenProc 0.72 [1] effectué le lun. 15/10/2007 à 11:39:42.29 - SystemRoot = C:\WINDOWS
Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.
# Etape 1/ Télécharge :
- lopxpMH2 http://www.alt-shift-return.org/Info/Fichiers/lopxpMH2.zip sur ton bureau.
Dézippe-le (clic droit -> "Extraire ici") et double clique sur le fichier lopxpMH.bat.
Dans ta prochaine réponse, poste :
- le contenu du rapport qui va s'ouvrir ;
- un nouveau rapport GenProc.
Rapport GenProc 0.72 [1] effectué le lun. 15/10/2007 à 11:39:42.29 - SystemRoot = C:\WINDOWS
Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.
# Etape 1/ Télécharge :
- lopxpMH2 http://www.alt-shift-return.org/Info/Fichiers/lopxpMH2.zip sur ton bureau.
Dézippe-le (clic droit -> "Extraire ici") et double clique sur le fichier lopxpMH.bat.
Dans ta prochaine réponse, poste :
- le contenu du rapport qui va s'ouvrir ;
- un nouveau rapport GenProc.
Rapport lopxpMH2 version 2.0 fait à 11:44:18.78 le lun. 15/10/2007
C:\Program Files\Mes téléchargements\lopxpMH2\lopxpMH2
******************************************
## Répertoires Application Data
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Administrateur\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Identities
26/10/2006 06:35 <REP> Macromedia
26/10/2006 06:35 <REP> Microsoft
29/06/2006 12:59 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 10.436.685.824 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
26/10/2006 06:35 <REP> ApplicationHistory
26/10/2006 06:35 <REP> BVRP Software
26/10/2006 06:35 <REP> HP
26/10/2006 06:35 <REP> IsolatedStorage
26/10/2006 06:35 <REP> Microsoft
14/09/2006 13:32 0 AtStart.txt
14/09/2006 13:32 0 DSwitch.txt
29/06/2006 11:19 137 fusioncache.dat
14/09/2006 12:56 135.688 GDIPFONTCACHEV1.DAT
29/06/2006 12:10 3.230.782 IconCache.db
14/09/2006 13:32 0 QSwitch.txt
6 fichier(s) 3.366.607 octets
8 Rép(s) 10.436.681.728 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\All Users\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
31/10/2006 09:49 <REP> Adobe
08/11/2006 18:36 <REP> Ahead
10/12/2006 15:43 <REP> Apple Computer
01/03/2007 22:06 <REP> AXISFINDEACHNAME
26/10/2006 06:35 <REP> CyberLink
05/03/2007 16:04 <REP> ESRI
28/10/2006 10:44 <REP> Google
11/10/2007 12:03 <REP> Grisoft
26/10/2006 06:35 <REP> HP
26/10/2006 06:35 <REP> InstallShield
26/10/2006 06:35 <REP> Microsoft
30/09/2007 19:33 <REP> Mozilla
26/10/2006 06:35 <REP> nView_Profiles
26/10/2006 06:35 <REP> SBSI
26/10/2006 06:35 <REP> Sonic
31/10/2006 01:41 <REP> Spybot - Search & Destroy
26/10/2006 06:35 <REP> Symantec
31/03/2007 08:45 <REP> TEMP
25/11/2006 20:13 <REP> Windows Genuine Advantage
31/10/2006 10:17 <REP> Yahoo! Companion
29/06/2006 12:59 62 desktop.ini
29/06/2006 11:45 368 hpzinstall.log
02/01/2007 23:51 1.350 QTSBandwidthCache
3 fichier(s) 1.780 octets
22 Rép(s) 10.436.681.728 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Default User\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
25/10/2006 22:07 <REP> Identities
25/10/2006 22:07 <REP> Macromedia
26/10/2006 06:35 <REP> Microsoft
29/06/2006 12:59 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 10.436.681.728 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
25/10/2006 22:07 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
25/10/2006 22:07 <REP> ApplicationHistory
25/10/2006 22:07 <REP> BVRP Software
25/10/2006 22:07 <REP> HP
25/10/2006 22:07 <REP> IsolatedStorage
26/10/2006 06:35 <REP> Microsoft
25/10/2006 22:07 0 AtStart.txt
25/10/2006 22:07 0 DSwitch.txt
25/10/2006 22:07 137 fusioncache.dat
25/10/2006 22:07 43.688 GDIPFONTCACHEV1.DAT
25/10/2006 22:07 3.230.782 IconCache.db
25/10/2006 22:07 0 QSwitch.txt
6 fichier(s) 3.274.607 octets
8 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\eMule_Secure\Application Data
15/09/2007 22:57 <REP> .
15/09/2007 22:57 <REP> ..
15/09/2007 22:57 <REP> Identities
15/09/2007 22:57 <REP> Macromedia
15/09/2007 22:57 <REP> Microsoft
15/09/2007 22:57 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\eMule_Secure\Local Settings\Application Data
15/09/2007 22:57 <REP> .
15/09/2007 22:57 <REP> ..
15/09/2007 22:57 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
15/09/2007 22:57 <REP> ApplicationHistory
15/09/2007 22:57 <REP> BVRP Software
15/09/2007 22:57 <REP> HP
15/09/2007 22:57 <REP> IsolatedStorage
15/09/2007 22:57 <REP> Microsoft
15/09/2007 22:57 0 AtStart.txt
15/09/2007 22:57 0 DSwitch.txt
15/09/2007 22:57 137 fusioncache.dat
15/09/2007 22:57 43.688 GDIPFONTCACHEV1.DAT
15/09/2007 22:57 3.230.782 IconCache.db
15/09/2007 22:57 0 QSwitch.txt
6 fichier(s) 3.274.607 octets
8 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Jean\Application Data
25/10/2006 22:08 <REP> .
25/10/2006 22:08 <REP> ..
27/10/2006 20:15 <REP> Adobe
28/10/2006 14:50 <REP> AdobeUM
04/09/2007 08:41 <REP> Ahead
10/12/2006 15:45 <REP> Apple Computer
24/04/2007 18:03 <REP> ArcSoft
29/08/2007 11:13 <REP> Bioshock
28/10/2006 15:17 <REP> BitTorrent
14/11/2006 21:34 <REP> Corel
25/10/2006 22:42 <REP> CyberLink
30/10/2006 11:34 <REP> DivX
05/03/2007 16:08 <REP> ESRI
28/10/2006 11:15 <REP> Google
11/10/2007 12:03 <REP> Grisoft
20/03/2007 19:39 <REP> Help
25/10/2006 22:42 <REP> HP
25/10/2006 22:08 <REP> Identities
02/01/2007 20:06 <REP> Leadertech
25/10/2006 22:08 <REP> Macromedia
26/10/2006 04:18 <REP> MathWorks
25/10/2006 22:08 <REP> Microsoft
30/09/2007 19:34 <REP> Mozilla
01/03/2007 22:05 <REP> size bits bows
12/04/2007 11:45 <REP> Sonic
03/11/2006 16:46 <REP> Sun
30/09/2007 19:34 <REP> Talkback
25/10/2006 22:08 62 desktop.ini
1 fichier(s) 62 octets
27 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Jean\Local Settings\Application Data
25/10/2006 22:08 <REP> .
25/10/2006 22:08 <REP> ..
25/10/2006 22:08 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
27/10/2006 20:15 <REP> Adobe
27/11/2006 19:54 <REP> Ahead
10/12/2006 15:45 <REP> Apple Computer
25/10/2006 22:08 <REP> ApplicationHistory
25/10/2006 22:08 <REP> BVRP Software
28/10/2006 11:15 <REP> Google
15/12/2006 14:16 <REP> Help
25/10/2006 22:08 <REP> HP
31/10/2006 12:24 <REP> Identities
25/10/2006 22:08 <REP> IsolatedStorage
25/10/2006 22:08 <REP> Microsoft
30/09/2007 19:34 <REP> Mozilla
25/10/2006 22:42 <REP> QuickPlay
25/10/2006 22:42 <REP> WMTools Downloaded Files
25/10/2006 22:08 0 AtStart.txt
28/10/2006 23:50 152.064 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
25/10/2006 22:08 0 DSwitch.txt
16/11/2006 14:42 0 FnF4.txt
25/10/2006 22:08 127 fusioncache.dat
25/10/2006 22:08 43.688 GDIPFONTCACHEV1.DAT
25/10/2006 22:08 2.111.524 IconCache.db
25/10/2006 22:08 0 QSwitch.txt
8 fichier(s) 2.307.403 octets
17 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\LocalService\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\NetworkService\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data
26/10/2006 06:36 <REP> .
26/10/2006 06:36 <REP> ..
25/10/2006 22:07 <REP> Identities
25/10/2006 22:07 <REP> Macromedia
27/10/2006 09:06 <REP> MathWorks
26/10/2006 06:36 <REP> Microsoft
25/10/2006 22:07 <REP> Symantec
29/06/2006 12:59 62 desktop.ini
1 fichier(s) 62 octets
7 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
26/10/2006 06:36 <REP> .
26/10/2006 06:36 <REP> ..
25/10/2006 22:07 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
25/10/2006 22:07 <REP> ApplicationHistory
26/10/2006 06:36 <REP> BVRP Software
25/10/2006 22:07 <REP> HP
25/10/2006 22:07 <REP> IsolatedStorage
26/10/2006 06:36 <REP> Microsoft
25/10/2006 22:07 0 AtStart.txt
25/10/2006 22:07 0 DSwitch.txt
25/10/2006 22:07 137 fusioncache.dat
25/10/2006 22:07 43.688 GDIPFONTCACHEV1.DAT
25/10/2006 22:07 3.230.782 IconCache.db
25/10/2006 22:07 0 QSwitch.txt
6 fichier(s) 3.274.607 octets
8 Rép(s) 10.436.669.440 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
C:\WINDOWS\Tasks\A9BB527691B0CB0E.job
s "ˆ!× 6 c : \ d o c u m e ~ 1 \ j e a n \ a p p l i c ~ 1 \ s i z e b i ~ 1 \ B l e h d a s h s k i p . e x e J e a n € 0 Ï <
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
\+{ŽPßE’‘Ñ©F ê <
s €! : C : \ P r o g r a m F i l e s \ A p p l e S o f t w a r e U p d a t e \ S o f t w a r e U p d a t e . e x e - T a s k S Y S T E M 0 Ö
C:\WINDOWS\Tasks\Connexion
Connexion inexploitable
******************************************
## Répertoires de C:\Program Files
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Program Files
11/10/2007 18:40 <REP> .
11/10/2007 18:40 <REP> ..
31/10/2006 10:00 <REP> Adobe
04/09/2007 14:29 <REP> AGEIA Technologies
05/03/2007 14:03 <REP> Ahead
31/10/2006 01:09 <REP> Alwil Software
10/12/2006 15:44 <REP> Apple Software Update
05/03/2007 16:04 <REP> ArcGIS
24/04/2007 18:02 <REP> ArcSoft
25/03/2007 18:31 <REP> Beta LSDAO
10/10/2007 21:22 <REP> BitTorrent
11/10/2007 11:27 <REP> CCleaner
03/11/2006 12:06 <REP> Cisco Systems
26/10/2006 06:35 <REP> CONEXANT
14/11/2006 21:26 <REP> Corel
08/11/2006 18:43 <REP> CyberLink
04/09/2007 08:46 <REP> DivX
29/03/2007 18:20 <REP> DreamCatcher
01/10/2007 21:05 <REP> eMule
05/03/2007 15:51 <REP> ESRI
12/04/2007 14:32 <REP> EWRE
06/06/2007 13:03 <REP> FEAS
04/09/2007 14:27 <REP> Fichiers communs
18/11/2006 12:34 <REP> Focus
13/04/2007 22:19 <REP> FrenchOtto
13/04/2007 22:19 <REP> GemMasterFrench
28/05/2007 13:18 <REP> GeologicalMaps
24/02/2007 01:41 <REP> GMS 6.0
07/02/2007 19:35 <REP> Google
11/10/2007 12:03 <REP> Grisoft
03/03/2007 18:59 <REP> Harrap's Multimédia
05/03/2007 14:03 <REP> Hewlett-Packard
11/10/2007 18:41 <REP> Hijackthis Version Française
26/10/2006 06:35 <REP> HP
05/03/2007 14:03 <REP> HPQ
22/11/2006 12:41 <REP> IDL56
11/10/2007 20:28 <REP> Internet Explorer
10/12/2006 15:45 <REP> iPod
10/12/2006 15:45 <REP> iTunes
17/08/2007 00:41 <REP> Java
16/01/2007 12:49 <REP> KONAMI
05/03/2007 16:03 <REP> Leica Geosystems
22/11/2006 12:42 <REP> License
15/10/2007 11:43 <REP> Mes téléchargements
27/10/2006 18:13 <REP> Messenger
29/03/2007 18:11 <REP> Micro Application
30/08/2007 09:08 <REP> Microids
12/05/2007 14:53 <REP> Microsoft CAPICOM 2.1.0.2
01/02/2007 21:02 <REP> Microsoft Digital Image 2006
26/10/2006 06:36 <REP> microsoft frontpage
06/06/2007 20:04 <REP> Microsoft Office
26/10/2006 06:36 <REP> Microsoft Works
26/10/2006 01:42 <REP> Microsoft.NET
26/10/2006 06:36 <REP> Movie Maker
30/09/2007 19:36 <REP> Mozilla Firefox
06/06/2007 19:59 <REP> MSECache
10/03/2007 23:50 <REP> MSN
26/10/2006 06:36 <REP> MSN Gaming Zone
11/02/2007 22:50 <REP> MSN Messenger
17/08/2007 01:52 <REP> MSXML 4.0
26/10/2006 06:36 <REP> NetMeeting
26/10/2006 06:36 <REP> NetWaiting
26/10/2006 06:36 <REP> Online Services
14/06/2007 02:30 <REP> Outlook Express
17/06/2007 14:17 <REP> PDFCreator
23/08/2007 14:31 <REP> PENDULO Studios
08/11/2006 20:18 <REP> PowerISO
18/12/2006 19:05 <REP> Pro.Evolution.Soccer.5.[Game.Pc].[WwW.LiMiTeDiVx.CoM]
05/03/2007 14:03 <REP> QuickTime
05/03/2007 15:51 <REP> Rainbow Technologies
10/11/2006 21:27 <REP> Res2dinv
15/12/2006 14:19 <REP> Seagate Crystal Reports
15/12/2006 14:18 <REP> Seagate Software
26/10/2006 06:36 <REP> Services en ligne
07/11/2006 21:09 <REP> SGeMS
10/12/2006 15:10 <REP> Sierra
26/10/2006 06:36 <REP> Sonic
05/03/2007 14:03 <REP> Spybot - Search & Destroy
26/10/2006 06:36 <REP> Synaptics
09/04/2007 11:59 <REP> Telltale Games
23/08/2007 14:35 <REP> THQ
03/03/2007 19:05 <REP> Trust
10/11/2006 10:08 <REP> ULg LGIH
12/04/2007 12:06 <REP> Vasp
12/04/2007 14:08 <REP> VASPNG
26/01/2007 14:47 <REP> Windows Media Connect 2
17/08/2007 01:51 <REP> Windows Media Player
26/10/2006 06:36 <REP> Windows NT
26/10/2006 06:36 <REP> Windows Plus
30/10/2006 13:55 <REP> WinRAR
28/10/2006 20:46 <REP> WinZip
26/10/2006 06:36 <REP> xerox
01/06/2007 23:59 <REP> Xvid
31/10/2006 09:59 <REP> Yahoo!
0 fichier(s) 0 octets
94 Rép(s) 10.436.665.344 octets libres
******************************************
## Popups autorisées
* Internet Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
spwebs.silverplatter.com REG_BINARY
*.ulg.ac.be REG_BINARY
* Mozilla Firefox (1 autorisé 2 interdit)
---------- C:\DOCUMENTS AND SETTINGS\JEAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\JOFVQYQU.DEFAULT\HOSTPERM.1
******************************************
## Registre
* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/toolbar/ie8/sidebar.html
******************************************
## Zones de sécurité
* HKCU Domains (4)
* P3P History (5)
******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"
*************** Fin du rapport ****************
GenProc Rapport
[2] Aucune infection caractéristique trouvée !
C:\Program Files\Mes téléchargements\lopxpMH2\lopxpMH2
******************************************
## Répertoires Application Data
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Administrateur\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Identities
26/10/2006 06:35 <REP> Macromedia
26/10/2006 06:35 <REP> Microsoft
29/06/2006 12:59 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 10.436.685.824 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
26/10/2006 06:35 <REP> ApplicationHistory
26/10/2006 06:35 <REP> BVRP Software
26/10/2006 06:35 <REP> HP
26/10/2006 06:35 <REP> IsolatedStorage
26/10/2006 06:35 <REP> Microsoft
14/09/2006 13:32 0 AtStart.txt
14/09/2006 13:32 0 DSwitch.txt
29/06/2006 11:19 137 fusioncache.dat
14/09/2006 12:56 135.688 GDIPFONTCACHEV1.DAT
29/06/2006 12:10 3.230.782 IconCache.db
14/09/2006 13:32 0 QSwitch.txt
6 fichier(s) 3.366.607 octets
8 Rép(s) 10.436.681.728 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\All Users\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
31/10/2006 09:49 <REP> Adobe
08/11/2006 18:36 <REP> Ahead
10/12/2006 15:43 <REP> Apple Computer
01/03/2007 22:06 <REP> AXISFINDEACHNAME
26/10/2006 06:35 <REP> CyberLink
05/03/2007 16:04 <REP> ESRI
28/10/2006 10:44 <REP> Google
11/10/2007 12:03 <REP> Grisoft
26/10/2006 06:35 <REP> HP
26/10/2006 06:35 <REP> InstallShield
26/10/2006 06:35 <REP> Microsoft
30/09/2007 19:33 <REP> Mozilla
26/10/2006 06:35 <REP> nView_Profiles
26/10/2006 06:35 <REP> SBSI
26/10/2006 06:35 <REP> Sonic
31/10/2006 01:41 <REP> Spybot - Search & Destroy
26/10/2006 06:35 <REP> Symantec
31/03/2007 08:45 <REP> TEMP
25/11/2006 20:13 <REP> Windows Genuine Advantage
31/10/2006 10:17 <REP> Yahoo! Companion
29/06/2006 12:59 62 desktop.ini
29/06/2006 11:45 368 hpzinstall.log
02/01/2007 23:51 1.350 QTSBandwidthCache
3 fichier(s) 1.780 octets
22 Rép(s) 10.436.681.728 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Default User\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
25/10/2006 22:07 <REP> Identities
25/10/2006 22:07 <REP> Macromedia
26/10/2006 06:35 <REP> Microsoft
29/06/2006 12:59 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 10.436.681.728 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
25/10/2006 22:07 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
25/10/2006 22:07 <REP> ApplicationHistory
25/10/2006 22:07 <REP> BVRP Software
25/10/2006 22:07 <REP> HP
25/10/2006 22:07 <REP> IsolatedStorage
26/10/2006 06:35 <REP> Microsoft
25/10/2006 22:07 0 AtStart.txt
25/10/2006 22:07 0 DSwitch.txt
25/10/2006 22:07 137 fusioncache.dat
25/10/2006 22:07 43.688 GDIPFONTCACHEV1.DAT
25/10/2006 22:07 3.230.782 IconCache.db
25/10/2006 22:07 0 QSwitch.txt
6 fichier(s) 3.274.607 octets
8 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\eMule_Secure\Application Data
15/09/2007 22:57 <REP> .
15/09/2007 22:57 <REP> ..
15/09/2007 22:57 <REP> Identities
15/09/2007 22:57 <REP> Macromedia
15/09/2007 22:57 <REP> Microsoft
15/09/2007 22:57 62 desktop.ini
1 fichier(s) 62 octets
5 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\eMule_Secure\Local Settings\Application Data
15/09/2007 22:57 <REP> .
15/09/2007 22:57 <REP> ..
15/09/2007 22:57 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
15/09/2007 22:57 <REP> ApplicationHistory
15/09/2007 22:57 <REP> BVRP Software
15/09/2007 22:57 <REP> HP
15/09/2007 22:57 <REP> IsolatedStorage
15/09/2007 22:57 <REP> Microsoft
15/09/2007 22:57 0 AtStart.txt
15/09/2007 22:57 0 DSwitch.txt
15/09/2007 22:57 137 fusioncache.dat
15/09/2007 22:57 43.688 GDIPFONTCACHEV1.DAT
15/09/2007 22:57 3.230.782 IconCache.db
15/09/2007 22:57 0 QSwitch.txt
6 fichier(s) 3.274.607 octets
8 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Jean\Application Data
25/10/2006 22:08 <REP> .
25/10/2006 22:08 <REP> ..
27/10/2006 20:15 <REP> Adobe
28/10/2006 14:50 <REP> AdobeUM
04/09/2007 08:41 <REP> Ahead
10/12/2006 15:45 <REP> Apple Computer
24/04/2007 18:03 <REP> ArcSoft
29/08/2007 11:13 <REP> Bioshock
28/10/2006 15:17 <REP> BitTorrent
14/11/2006 21:34 <REP> Corel
25/10/2006 22:42 <REP> CyberLink
30/10/2006 11:34 <REP> DivX
05/03/2007 16:08 <REP> ESRI
28/10/2006 11:15 <REP> Google
11/10/2007 12:03 <REP> Grisoft
20/03/2007 19:39 <REP> Help
25/10/2006 22:42 <REP> HP
25/10/2006 22:08 <REP> Identities
02/01/2007 20:06 <REP> Leadertech
25/10/2006 22:08 <REP> Macromedia
26/10/2006 04:18 <REP> MathWorks
25/10/2006 22:08 <REP> Microsoft
30/09/2007 19:34 <REP> Mozilla
01/03/2007 22:05 <REP> size bits bows
12/04/2007 11:45 <REP> Sonic
03/11/2006 16:46 <REP> Sun
30/09/2007 19:34 <REP> Talkback
25/10/2006 22:08 62 desktop.ini
1 fichier(s) 62 octets
27 Rép(s) 10.436.677.632 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\Jean\Local Settings\Application Data
25/10/2006 22:08 <REP> .
25/10/2006 22:08 <REP> ..
25/10/2006 22:08 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
27/10/2006 20:15 <REP> Adobe
27/11/2006 19:54 <REP> Ahead
10/12/2006 15:45 <REP> Apple Computer
25/10/2006 22:08 <REP> ApplicationHistory
25/10/2006 22:08 <REP> BVRP Software
28/10/2006 11:15 <REP> Google
15/12/2006 14:16 <REP> Help
25/10/2006 22:08 <REP> HP
31/10/2006 12:24 <REP> Identities
25/10/2006 22:08 <REP> IsolatedStorage
25/10/2006 22:08 <REP> Microsoft
30/09/2007 19:34 <REP> Mozilla
25/10/2006 22:42 <REP> QuickPlay
25/10/2006 22:42 <REP> WMTools Downloaded Files
25/10/2006 22:08 0 AtStart.txt
28/10/2006 23:50 152.064 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
25/10/2006 22:08 0 DSwitch.txt
16/11/2006 14:42 0 FnF4.txt
25/10/2006 22:08 127 fusioncache.dat
25/10/2006 22:08 43.688 GDIPFONTCACHEV1.DAT
25/10/2006 22:08 2.111.524 IconCache.db
25/10/2006 22:08 0 QSwitch.txt
8 fichier(s) 2.307.403 octets
17 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\LocalService\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\NetworkService\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data
26/10/2006 06:35 <REP> .
26/10/2006 06:35 <REP> ..
26/10/2006 06:35 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data
26/10/2006 06:36 <REP> .
26/10/2006 06:36 <REP> ..
25/10/2006 22:07 <REP> Identities
25/10/2006 22:07 <REP> Macromedia
27/10/2006 09:06 <REP> MathWorks
26/10/2006 06:36 <REP> Microsoft
25/10/2006 22:07 <REP> Symantec
29/06/2006 12:59 62 desktop.ini
1 fichier(s) 62 octets
7 Rép(s) 10.436.673.536 octets libres
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
26/10/2006 06:36 <REP> .
26/10/2006 06:36 <REP> ..
25/10/2006 22:07 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150060}
25/10/2006 22:07 <REP> ApplicationHistory
26/10/2006 06:36 <REP> BVRP Software
25/10/2006 22:07 <REP> HP
25/10/2006 22:07 <REP> IsolatedStorage
26/10/2006 06:36 <REP> Microsoft
25/10/2006 22:07 0 AtStart.txt
25/10/2006 22:07 0 DSwitch.txt
25/10/2006 22:07 137 fusioncache.dat
25/10/2006 22:07 43.688 GDIPFONTCACHEV1.DAT
25/10/2006 22:07 3.230.782 IconCache.db
25/10/2006 22:07 0 QSwitch.txt
6 fichier(s) 3.274.607 octets
8 Rép(s) 10.436.669.440 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
C:\WINDOWS\Tasks\A9BB527691B0CB0E.job
s "ˆ!× 6 c : \ d o c u m e ~ 1 \ j e a n \ a p p l i c ~ 1 \ s i z e b i ~ 1 \ B l e h d a s h s k i p . e x e J e a n € 0 Ï <
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
\+{ŽPßE’‘Ñ©F ê <
s €! : C : \ P r o g r a m F i l e s \ A p p l e S o f t w a r e U p d a t e \ S o f t w a r e U p d a t e . e x e - T a s k S Y S T E M 0 Ö
C:\WINDOWS\Tasks\Connexion
Connexion inexploitable
******************************************
## Répertoires de C:\Program Files
Le volume dans le lecteur C s'appelle OS
Le numéro de série du volume est 78E9-B798
Répertoire de C:\Program Files
11/10/2007 18:40 <REP> .
11/10/2007 18:40 <REP> ..
31/10/2006 10:00 <REP> Adobe
04/09/2007 14:29 <REP> AGEIA Technologies
05/03/2007 14:03 <REP> Ahead
31/10/2006 01:09 <REP> Alwil Software
10/12/2006 15:44 <REP> Apple Software Update
05/03/2007 16:04 <REP> ArcGIS
24/04/2007 18:02 <REP> ArcSoft
25/03/2007 18:31 <REP> Beta LSDAO
10/10/2007 21:22 <REP> BitTorrent
11/10/2007 11:27 <REP> CCleaner
03/11/2006 12:06 <REP> Cisco Systems
26/10/2006 06:35 <REP> CONEXANT
14/11/2006 21:26 <REP> Corel
08/11/2006 18:43 <REP> CyberLink
04/09/2007 08:46 <REP> DivX
29/03/2007 18:20 <REP> DreamCatcher
01/10/2007 21:05 <REP> eMule
05/03/2007 15:51 <REP> ESRI
12/04/2007 14:32 <REP> EWRE
06/06/2007 13:03 <REP> FEAS
04/09/2007 14:27 <REP> Fichiers communs
18/11/2006 12:34 <REP> Focus
13/04/2007 22:19 <REP> FrenchOtto
13/04/2007 22:19 <REP> GemMasterFrench
28/05/2007 13:18 <REP> GeologicalMaps
24/02/2007 01:41 <REP> GMS 6.0
07/02/2007 19:35 <REP> Google
11/10/2007 12:03 <REP> Grisoft
03/03/2007 18:59 <REP> Harrap's Multimédia
05/03/2007 14:03 <REP> Hewlett-Packard
11/10/2007 18:41 <REP> Hijackthis Version Française
26/10/2006 06:35 <REP> HP
05/03/2007 14:03 <REP> HPQ
22/11/2006 12:41 <REP> IDL56
11/10/2007 20:28 <REP> Internet Explorer
10/12/2006 15:45 <REP> iPod
10/12/2006 15:45 <REP> iTunes
17/08/2007 00:41 <REP> Java
16/01/2007 12:49 <REP> KONAMI
05/03/2007 16:03 <REP> Leica Geosystems
22/11/2006 12:42 <REP> License
15/10/2007 11:43 <REP> Mes téléchargements
27/10/2006 18:13 <REP> Messenger
29/03/2007 18:11 <REP> Micro Application
30/08/2007 09:08 <REP> Microids
12/05/2007 14:53 <REP> Microsoft CAPICOM 2.1.0.2
01/02/2007 21:02 <REP> Microsoft Digital Image 2006
26/10/2006 06:36 <REP> microsoft frontpage
06/06/2007 20:04 <REP> Microsoft Office
26/10/2006 06:36 <REP> Microsoft Works
26/10/2006 01:42 <REP> Microsoft.NET
26/10/2006 06:36 <REP> Movie Maker
30/09/2007 19:36 <REP> Mozilla Firefox
06/06/2007 19:59 <REP> MSECache
10/03/2007 23:50 <REP> MSN
26/10/2006 06:36 <REP> MSN Gaming Zone
11/02/2007 22:50 <REP> MSN Messenger
17/08/2007 01:52 <REP> MSXML 4.0
26/10/2006 06:36 <REP> NetMeeting
26/10/2006 06:36 <REP> NetWaiting
26/10/2006 06:36 <REP> Online Services
14/06/2007 02:30 <REP> Outlook Express
17/06/2007 14:17 <REP> PDFCreator
23/08/2007 14:31 <REP> PENDULO Studios
08/11/2006 20:18 <REP> PowerISO
18/12/2006 19:05 <REP> Pro.Evolution.Soccer.5.[Game.Pc].[WwW.LiMiTeDiVx.CoM]
05/03/2007 14:03 <REP> QuickTime
05/03/2007 15:51 <REP> Rainbow Technologies
10/11/2006 21:27 <REP> Res2dinv
15/12/2006 14:19 <REP> Seagate Crystal Reports
15/12/2006 14:18 <REP> Seagate Software
26/10/2006 06:36 <REP> Services en ligne
07/11/2006 21:09 <REP> SGeMS
10/12/2006 15:10 <REP> Sierra
26/10/2006 06:36 <REP> Sonic
05/03/2007 14:03 <REP> Spybot - Search & Destroy
26/10/2006 06:36 <REP> Synaptics
09/04/2007 11:59 <REP> Telltale Games
23/08/2007 14:35 <REP> THQ
03/03/2007 19:05 <REP> Trust
10/11/2006 10:08 <REP> ULg LGIH
12/04/2007 12:06 <REP> Vasp
12/04/2007 14:08 <REP> VASPNG
26/01/2007 14:47 <REP> Windows Media Connect 2
17/08/2007 01:51 <REP> Windows Media Player
26/10/2006 06:36 <REP> Windows NT
26/10/2006 06:36 <REP> Windows Plus
30/10/2006 13:55 <REP> WinRAR
28/10/2006 20:46 <REP> WinZip
26/10/2006 06:36 <REP> xerox
01/06/2007 23:59 <REP> Xvid
31/10/2006 09:59 <REP> Yahoo!
0 fichier(s) 0 octets
94 Rép(s) 10.436.665.344 octets libres
******************************************
## Popups autorisées
* Internet Explorer
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
spwebs.silverplatter.com REG_BINARY
*.ulg.ac.be REG_BINARY
* Mozilla Firefox (1 autorisé 2 interdit)
---------- C:\DOCUMENTS AND SETTINGS\JEAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\JOFVQYQU.DEFAULT\HOSTPERM.1
******************************************
## Registre
* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/toolbar/ie8/sidebar.html
******************************************
## Zones de sécurité
* HKCU Domains (4)
* P3P History (5)
******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"
*************** Fin du rapport ****************
GenProc Rapport
[2] Aucune infection caractéristique trouvée !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
le voici
Logfile of HijackThis v1.99.1
Scan saved at 11:12:09, on 23/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Harrap's Multimédia\Shorter\bin\HiHarrapsTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\FR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=110707 serial=DR12WUX-1105537-BTX lang=FR
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Ask Harrap's Shorter.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://tellmemore.ulg.ac.be/bin/tol7inst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IDL DicomEx Storage SCP - Unknown owner - D:\RSI\IDL63\bin\bin.x86\idl_dicomexstorscp.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
le voici
Logfile of HijackThis v1.99.1
Scan saved at 11:12:09, on 23/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Harrap's Multimédia\Shorter\bin\HiHarrapsTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\FR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=110707 serial=DR12WUX-1105537-BTX lang=FR
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Ask Harrap's Shorter.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://tellmemore.ulg.ac.be/bin/tol7inst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IDL DicomEx Storage SCP - Unknown owner - D:\RSI\IDL63\bin\bin.x86\idl_dicomexstorscp.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
dernier en date après avoir fait ce qui était dit sur l'adress web que tu as indiqué
Logfile of HijackThis v1.99.1
Scan saved at 13:42:38, on 23/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Harrap's Multimédia\Shorter\bin\HiHarrapsTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\FR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=110707 serial=DR12WUX-1105537-BTX lang=FR
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Ask Harrap's Shorter.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://tellmemore.ulg.ac.be/bin/tol7inst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IDL DicomEx Storage SCP - Unknown owner - D:\RSI\IDL63\bin\bin.x86\idl_dicomexstorscp.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 13:42:38, on 23/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Harrap's Multimédia\Shorter\bin\HiHarrapsTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\FR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=110707 serial=DR12WUX-1105537-BTX lang=FR
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Ask Harrap's Shorter.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C7C7152F-6E85-44F3-A14B-A7F85FDDEA3B} (InstallerCtrl Class) - http://tellmemore.ulg.ac.be/bin/tol7inst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IDL DicomEx Storage SCP - Unknown owner - D:\RSI\IDL63\bin\bin.x86\idl_dicomexstorscp.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
