Infecter par trojan.mailskinner.c - Page 4

Précédent
  • 1
  • 2
  • 3
  • 4
  1. fourmie Messages postés 3 Statut Membre
     
    salut g!rly

    j'ai scanner avec spybot et annalysé avec bitdefender je te met les rapport de navilog et bitdefender.je vais faire ce que tu m'as indiqué

    et encore merci .

    //-----------------------------------------------------------------
    //
    // Produit BitDefender Internet Security v10
    // Produit 10.2
    //
    // Créé le: 12/12/2007 21:12:45
    //
    //-----------------------------------------------------------------

    Statistiques

    Chemin cible: C:\
    E:\
    Dossiers : 5530
    Fichiers : 246464
    Processus Mémoire analysés : 34
    Archives : 11281
    Fichiers enpaquetés : 11585
    Virus trouvés : 3
    Fichiers infectés : 4
    Processus Mémoire infectés : 0
    Fichiers suspects : 4
    Alertes : 0
    Fichiers désinfectés : 0
    Fichiers effacés : 0
    Fichiers déplacés : 3
    Erreurs I/O : 31
    Temps d'analyse :=02:23:04
    Fichiers/seconde :28

    Statistiques Spywares

    Registres analysés : 2316
    Registres infectés : 0
    Cookies analysés : 2357
    Cookies infectés : 0
    Fichiers spyware infectés : 0
    Menaces Spyware détectées : 0

    Définitions virus : 952918
    Plugins d'analyse : 16
    Plugins archives : 41
    Plug-ins décompression : 7
    Plug-ins messagerie : 6
    Plug-ins système : 5

    Options d'analyse

    Détection
    [X] Analyser le secteur de boot
    [X] Processus mémoire
    [X] Analyser les archives
    [X] Analyser les fichiers enpaquetés
    [X] Analyser la messagerie

    Masque fichiers
    [ ] Programmes
    [X] Tous les fichiers
    [ ] Extensions définies par l'utilisateur:
    [ ] Exclure les extensions: ;

    Action

    Objets infectés
    [ ] Ignorer
    [X] Désinfecter
    [ ] Effacer
    [ ] Mettre en quarantaine
    [ ] Demander l'action

    Seconde action
    [ ] Ignorer
    [ ] Effacer
    [X] Mettre en quarantaine
    [ ] Demander l'action

    Options d'analyse
    [X] Activer les alertes
    [X] Activer l'heuristique
    [ ] Afficher tous les fichiers dans le journal
    [X] Fichier journal: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1197490365.log

    Options d'analyse Spyware

    [X] Analyse contre les risques non-viraux
    [ ] Ecarter de l'analyse les dialers et les applications
    [X] Clés de registres
    [X] Cookies

    Résumé:

    C:\Documents and Settings\Administrateur\Local Settings\Temp\ICD1.tmp\Install.exe Suspect: Dropped:Trojan.Downloader.Gen
    C:\Documents and Settings\Administrateur\Local Settings\Temp\ICD2.tmp\Install.exe Suspect: Dropped:Trojan.Downloader.Gen
    C:\Documents and Settings\Administrateur\Local Settings\Temp\ICD3.tmp\Install.exe Suspect: Dropped:Trojan.Downloader.Gen
    C:\Documents and Settings\Administrateur\Local Settings\Temp\nsi42E.tmp\NSUtils.dll Détecté: Adware.NaviPromo.BYC
    C:\Documents and Settings\Administrateur\Local Settings\Temp\nsi42E.tmp\NSUtils.dll Désinfection impossible
    C:\Documents and Settings\Administrateur\Local Settings\Temp\nsi42E.tmp\NSUtils.dll Déplacé
    C:\Documents and Settings\Administrateur\Local Settings\Temp\nsj428.tmp\NSUtils.dll Détecté: Adware.NaviPromo.BYC
    C:\Documents and Settings\Administrateur\Local Settings\Temp\nsj428.tmp\NSUtils.dll Désinfection impossible
    C:\Documents and Settings\Administrateur\Local Settings\Temp\nsj428.tmp\NSUtils.dll Déplacé
    C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\A7ENMTIR\SpywareSecure_trial_setup[1].exe=>(NSIS 2o)=>lzma_solid_nsis0007 Détecté: Adware.Navipromo.BXQ
    C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\A7ENMTIR\SpywareSecure_trial_setup[1].exe=>(NSIS 2o)=>lzma_solid_nsis0007 Désinfection impossible
    C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\A7ENMTIR\SpywareSecure_trial_setup[1].exe=>(NSIS 2o)=>lzma_solid_nsis0007 Déplacement impossible
    C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\A7ENMTIR\ultrashim[1].cab=>Install.exe Suspect: Dropped:Trojan.Downloader.Gen
    C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPYROXIV\f91fc00217d9c72c6279662cd7695569[1] Infecté: Backdoor.Agent.ARK
    C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPYROXIV\f91fc00217d9c72c6279662cd7695569[1] Désinfection impossible
    C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPYROXIV\f91fc00217d9c72c6279662cd7695569[1] Déplacé

    ____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

    Clean Navipromo version 3.3.7 commencé le 11/12/2007 à 15:58:06,07

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 08.12.2007 à 16h00 par IL-MAFIOSO

    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 6.0.2900.2180
    Système de fichiers : NTFS

    Mode suppression automatique

    *** Creation backups fichiers trouvés par Catchme ***

    Copie vers "C:\Program Files\navilog1\Backupnavi"

    Copie C:\WINDOWS\system32\koagcnrvaf.dat réalisée avec succès !
    Copie C:\WINDOWS\system32\koagcnrvaf.exe réalisée avec succès !
    Copie C:\WINDOWS\system32\koagcnrvaf_nav.dat réalisée avec succès !
    Copie C:\WINDOWS\system32\koagcnrvaf_navps.dat réalisée avec succès !

    *** Suppression des fichiers trouvés avec Catchme ***

    C:\WINDOWS\system32\koagcnrvaf.dat supprimé !
    C:\WINDOWS\system32\koagcnrvaf.exe supprimé !
    C:\WINDOWS\system32\koagcnrvaf_nav.dat supprimé !
    C:\WINDOWS\system32\koagcnrvaf_navps.dat supprimé !

    ** 2ème passage avec résultats Catchme **

    * Dans C:\WINDOWS\system32 *

    C:\WINDOWS\prefetch\koagcnrvaf*.pf trouvé !
    Copie C:\WINDOWS\prefetch\koagcnrvaf*.pf réalisée avec succès !
    C:\WINDOWS\prefetch\koagcnrvaf*.pf supprimé !

    * Dans "C:\Documents and Settings\Administrateur\local settings\application data" *

    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans C:\WINDOWS\System32 *

    * Suppression dans "C:\Documents and Settings\Administrateur\local settings\application data" *

    *** Suppression dossiers dans C:\WINDOWS ***

    *** Suppression dossiers dans C:\Program Files ***

    C:\Program Files\WebMediaPlayer ...suppression...
    C:\Program Files\WebMediaPlayer supprimé !

    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

    *** Suppression dossiers dans "C:\Documents and Settings\Administrateur\application data" ***

    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

    *** Suppression fichiers ***

    C:\WINDOWS\pack.epk supprimé !
    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Administrateur\Local Settings\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche fichiers connus:

    2)Recherche, création sauvegardes et suppression Heuristique :

    * Dans C:\WINDOWS\system32 *

    * Dans "C:\Documents and Settings\Administrateur\local settings\application data" *

    *** Sauvegarde du Registre vers dossier Backupnavi ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok

    *** Certificats ***

    Certificat Egroup supprimé !

    *** Nettoyage terminé le 11/12/2007 à 16:20:53,54 ***
    0
  2. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut fourmie,

    c´est jolie jolie

    oui post le rapport hijack this

    @+
    0
  3. fourmie Messages postés 3 Statut Membre
     
    re-
    sa c'est clean

    13/12/2007 a 22:02:35,25

    *** Recherche des fichiers dans C:

    *** Recherche des fichiers dans C:\WINDOWS\

    *** Recherche des fichiers dans C:\WINDOWS\system32
    C:\WINDOWS\system32\bdod.bin FOUND

    *** Recherche des fichiers dans C:\Program Files
    *** Fin du rapport !
    0
  4. fourmie Messages postés 3 Statut Membre
     
    re re

    le rapport hijackthis ( version1.99.1en francais)

    Logfile of HijackThis v1.99.1
    Scan saved at 22:27:35, on 13/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
    O2 - BHO: C:\WINDOWS\adsldpbc.dll - {405132A4-5DD1-4BA8-A181-95C8D435093A} - C:\WINDOWS\adsldpbc.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {94D9D272-BE4D-420A-123D-390227693354} - C:\DOCUME~1\ADMINI~1\APPLIC~1\HOLDDU~1\Isobold.exe (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [Poke kind save wma] C:\Documents and Settings\All Users\Application Data\StopKeepPokeKind\Error global.exe
    O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
    O4 - HKCU\..\Run: [long play] C:\DOCUME~1\ADMINI~1\APPLIC~1\KINDWA~1\Up Soft Grey.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Shared/ComCtl32/6,0,80,22/ComCtl32.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,8/McUpdatePortal.cab
    O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab
    O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
    O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: MysqlInventime - Unknown owner - C:\PROGRA~1\MYSOFT~1\GESTIO~1\mysql\bin\mysqld-nt.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    maintenant je dort.
    je ne pourrais pas consulter avant samedi matin .
    alors a + et merci.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut fourmie,

    Télécharge combofix.exe (par sUBs) sur ton Bureau.

    -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    @+
    0
  7. fourmie
     
    salut g!rly

    combo fix m'a planté 2 fois tout ce que j'ai eu c'est ca :

    ComboFix 07-12-15.1 - Administrateur 2007-12-15 22:04:49.2 - NTFSx86
    Running from: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8LMJ4LYB\ComboFix[1].exe
    .

    je vais rettenter encore une fois
    merci @+
    0
  8. fourmie
     
    ca y est j'ai plus de plantage voila le rapport

    ComboFix 07-12-15.5 - Administrateur 2007-12-16 11:19:24.3 - NTFSx86
    Running from: C:\Downloads\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\Casino.ico
    C:\WINDOWS\hosts

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-11-16 to 2007-12-16 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-13 22:26 . 2007-12-13 22:37 <REP> d-------- C:\Program Files\Hijackthis Version Française
    2007-12-13 22:02 . 2007-12-13 22:02 3,001,087 --a------ C:\upload_moi_ALAIN.tar.gz
    2007-12-13 20:13 . 2007-12-13 20:13 <REP> d-------- C:\Program Files\Micro Application
    2007-12-13 18:48 . 2007-12-13 18:48 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Uniblue
    2007-12-12 18:21 . 2007-12-12 21:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-11 21:23 . 2007-01-18 13:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
    2007-12-10 19:08 . 2007-12-11 16:20 <REP> d-------- C:\Program Files\Navilog1
    2007-12-10 18:58 . 2007-12-10 18:58 <REP> d--h----- C:\WINDOWS\PIF
    2007-12-10 18:55 . 2007-12-10 18:56 136 --a------ C:\WINDOWS\wininit.ini
    2007-12-08 08:50 . 2007-12-08 16:14 56 --a------ C:\WINDOWS\system32\testscript.tmp

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-16 10:26 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2007-12-16 09:57 --------- d-----w C:\Program Files\Mozilla Thunderbird
    2007-12-16 08:17 --------- d-----w C:\Program Files\Microsoft AntiSpyware
    2006-12-17 18:34 53,192 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2006_12_17_19_24_25_small.dmp.zip
    2005-05-11 21:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{405132A4-5DD1-4BA8-A181-95C8D435093A}]
    2005-09-25 08:12 71168 --a------ C:\WINDOWS\adsldpbc.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{94D9D272-BE4D-420A-123D-390227693354}]
    C:\DOCUME~1\ADMINI~1\APPLIC~1\HOLDDU~1\Isobold.exe

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SP2 Connection Patcher"="C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" []
    "long play"="C:\DOCUME~1\ADMINI~1\APPLIC~1\KINDWA~1\Up Soft Grey.exe" []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
    "nwiz"="nwiz.exe" [2004-04-23 11:24 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
    "TkBellExe"="realsched.exe" []
    "gcasServ"="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" [2005-06-24 14:24]
    "Poke kind save wma"="C:\Documents and Settings\All Users\Application Data\StopKeepPokeKind\Error global.exe" [2005-10-16 10:16]
    "EoEngine"="" []
    "EoWeather"="" []
    "HPHUPD08"="C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 18:35]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12]
    "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-04-02 15:48]
    "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 14:49]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 23:49:24]
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 22:23:26]
    Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [2007-02-25 18:42:54]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll

    R1 bdftdif;BitDefender Firewall TDI Filter;\??\C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys
    R3 axsaki;axsaki;C:\WINDOWS\system32\DRIVERS\axsaki.sys
    R3 axskbus;axskbus;C:\WINDOWS\system32\DRIVERS\axskbus.sys
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
    R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
    S3 WmFilter;Logitech WingMan HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
    S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-11-24 16:05:15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-14 19:00:03 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-16 11:32:00
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-16 11:33:50
    0
  9. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut

    excuse pour le dalay, je suis en vqcqnces et il m est difficile de me connecter

    fais ceci

    Télécharge SREng (par Smallfrogs) de ce lien:
    http://www.kztechs.com/eng/download.html

    Extrais tout son contenu sur ton Bureau
    Du dossier sreng2 qui se trouve maintenant sur ton Bureau, double clique sur SREng.exe afin de lancer l'outil
    Clique sur Smart Scan
    Ensuite, clique sur le bouton [Scan]

    Lorsque complété, clique sur le bouton [Save Reports]
    Sauvegarde le rapport sur ton Bureau
    Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse

    Attention, le scan sera peut être trop long pour un seul message. Il faudra dans ce cas scinder le rapport en deux.
    0
  10. fourmie
     
    salut g!rly
    j' ai l'impression que mon ordi va déjà mieux avec le ménage que tu ma fais faire.
    qu'est ce qu'on cherche exactement ?
    [CODE]

    2007-12-21,17:13:59

    System Repair Engineer 2.5.16.900
    Smallfrogs (http://www.KZTechs.com)

    Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

    Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan

    Boot Items
    Registry
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <SP2 Connection Patcher><"C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200> [N/A]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <EoEngine><> [N/A]
    <EoWeather><> [N/A]
    <BDMCon><"C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg> [SOFTWIN S.R.L.]
    <BDAgent><"C:\Program Files\Softwin\BitDefender10\bdagent.exe"> [SOFTWIN S.R.L.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><sockspy.dll> [N/A]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{9EF34FF2-3396-4527-9D27-04C8C1C67806}><C:\Program Files\Microsoft AntiSpyware\shellextension.dll> [(Verified)Microsoft Corporation]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}><> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]

    ==================================
    Startup Folders
    N/A

    ==================================
    Services
    [Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
    <"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
    [ASP.NET State Service / aspnet_state][Stopped/Manual Start]
    <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
    [BitDefender Scan Server / bdss][Running/Auto Start]
    <"C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service><N/A>
    [BitDefender Desktop Update Service / LIVESRV][Running/Auto Start]
    <"C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service><SOFTWIN S.R.L.>
    [MysqlInventime / MysqlInventime][Stopped/Manual Start]
    <C:\PROGRA~1\MYSOFT~1\GESTIO~1\mysql\bin\mysqld-nt "--defaults-file=C:\Program Files\MySoftware\Gestion d'entreprise\mysql\my.ini" MysqlInventime><N/A>
    [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
    [Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Auto Start]
    <C:\WINDOWS\system32\HPZipm12.exe><HP>
    [SmartLinkService / SLService][Running/Auto Start]
    <slserv.exe><Smart Link>
    [BitDefender Virus Shield / VSSERV][Running/Auto Start]
    <"C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service><SOFTWIN S.R.L.>
    [BitDefender Communicator / XCOMM][Running/Auto Start]
    <"C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service><SOFTWIN S.R.L>

    ==================================
    Drivers
    [AEGIS Protocol (IEEE 802.1x) v3.4.3.0 / AegisP][Running/Auto Start]
    <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
    [AVG Anti-Rootkit / AVG Anti-Rootkit][Running/Boot Start]
    <\SystemRoot\System32\DRIVERS\avgarkt.sys><GRISOFT, s.r.o.>
    [Avg Anti-Rootkit Clean Driver / AvgArCln][Running/System Start]
    <System32\DRIVERS\AvgArCln.sys><GRISOFT, s.r.o.>
    [axsaki / axsaki][Running/Manual Start]
    <system32\DRIVERS\axsaki.sys><>
    [axskbus / axskbus][Running/Manual Start]
    <system32\DRIVERS\axskbus.sys><>
    [bdfdll / bdfdll][Running/Manual Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys><N/A>
    [BitDefender Firewall NDIS Filter Service / Bdfndisf][Running/Manual Start]
    <system32\DRIVERS\bdfndisf.sys><Softwin SRL>
    [BDFSDRV / BDFSDRV][Running/Manual Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys><N/A>
    [BitDefender Firewall TDI Filter / bdftdif][Running/System Start]
    <\??\C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys><Softwin SRL>
    [bdpredir / bdpredir][Running/System Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys><Softwin SRL>
    [BDRSDRV / BDRSDRV][Running/Auto Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys><N/A>
    [catchme / catchme][Stopped/Manual Start]
    <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys><N/A>
    [FreeBox USB Network Adapter / fbxusb][Stopped/Manual Start]
    <system32\DRIVERS\fbxusb.sys><FreeBox SA>
    [IEEE-1284.4 Driver HPZid412 / HPZid412][Running/Manual Start]
    <system32\DRIVERS\HPZid412.sys><HP>
    [Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Running/Manual Start]
    <system32\DRIVERS\HPZipr12.sys><HP>
    [USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Running/Manual Start]
    <system32\DRIVERS\HPZius12.sys><HP>
    [Mtlmnt5 / Mtlmnt5][Running/Manual Start]
    <System32\DRIVERS\Mtlmnt5.sys><Smart Link>
    [Mtlstrm / Mtlstrm][Stopped/Manual Start]
    <System32\DRIVERS\Mtlstrm.sys><Smart Link>
    [NtMtlFax / NtMtlFax][Stopped/Manual Start]
    <System32\DRIVERS\NtMtlFax.sys><Smart Link>
    [nv / nv][Running/Manual Start]
    <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
    [Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Running/Manual Start]
    <system32\drivers\nvax.sys><NVIDIA Corporation>
    [NVIDIA nForce MCP Networking Controller Driver / NVENET][Running/Manual Start]
    <system32\DRIVERS\NVENET.sys><NVIDIA Corporation>
    [Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Running/Manual Start]
    <system32\drivers\nvapu.sys><NVIDIA Corporation>
    [NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
    <\SystemRoot\system32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
    [PCASp50 NDIS Protocol Driver / PCASp50][Stopped/Manual Start]
    <System32\Drivers\PCASp50.sys><Printing Communications Assoc., Inc. (PCAUSA)>
    [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
    <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
    [PxHelp20 / PxHelp20][Running/Boot Start]
    <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
    [RecAgent / RecAgent][Running/Boot Start]
    <\SystemRoot\System32\DRIVERS\RecAgent.sys><Smart Link>
    [Hercules Wireless USB Dongle Driver / RT2500USB][Stopped/Manual Start]
    <system32\DRIVERS\rt73.sys><Ralink Technology, Corp.>
    [Secdrv / Secdrv][Running/Auto Start]
    <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
    [Smart Link 56K Modem Driver / Slntamr][Running/Manual Start]
    <System32\DRIVERS\slntamr.sys><Smart Link>
    [SlNtHal / SlNtHal][Stopped/Manual Start]
    <System32\DRIVERS\Slnthal.sys><Smart Link>
    [SlWdmSup / SlWdmSup][Running/Manual Start]
    <System32\DRIVERS\SlWdmSup.sys><Smart Link>
    [Pilote de filtrage Sony USB (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
    <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
    [SAMSUNG Mobile USB Device II 1.0 driver (WDM) / ssm_bus][Stopped/Manual Start]
    <system32\DRIVERS\ssm_bus.sys><MCCI>
    [SAMSUNG Mobile USB Modem II 1.0 Filter / ssm_mdfl][Stopped/Manual Start]
    <system32\DRIVERS\ssm_mdfl.sys><MCCI>
    [SAMSUNG Mobile USB Modem II 1.0 Drivers / ssm_mdm][Stopped/Manual Start]
    <system32\DRIVERS\ssm_mdm.sys><MCCI>
    [Logitech Virtual Bus Enumerator Driver / WmBEnum][Running/Manual Start]
    <system32\drivers\WmBEnum.sys><Logitech Inc.>
    [Logitech WingMan HID Filter Driver / WmFilter][Stopped/Manual Start]
    <system32\drivers\WmFilter.sys><Logitech Inc.>
    [Logitech Virtual Hid Device Driver / WmVirHid][Stopped/Manual Start]
    <system32\drivers\WmVirHid.sys><Logitech Inc.>
    [Logitech WingMan Translation Layer Driver / WmXlCore][Running/Manual Start]
    <system32\drivers\WmXlCore.sys><Logitech Inc.>

    ==================================
    Browser Add-ons
    [AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
    [BitComet Helper]
    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll, BitComet>
    [C:\WINDOWS\adsldpbc.dll]
    {405132A4-5DD1-4BA8-A181-95C8D435093A} <C:\WINDOWS\adsldpbc.dll, N/A>
    []
    {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
    []
    {94D9D272-BE4D-420A-123D-390227693354} <C:\DOCUME~1\ADMINI~1\APPLIC~1\HOLDDU~1\Isobold.exe, N/A>
    [MSNToolBandBHO]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll, Microsoft Corporation>
    [QuickTime Object]
    {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
    [Microsoft ProgressBar Control, version 5.0 (SP2)]
    {0713E8D2-850A-101B-AFC0-4210102A8DA7} <C:\WINDOWS\system32\comctl32.ocx, Microsoft Corporation>
    [Shockwave ActiveX Control]
    {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Macromedia, Inc.>
    [Windows Genuine Advantage Validation Tool]
    {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft® Corporation>
    [McUpdatePortalFactory Class]
    {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} <C:\WINDOWS\Downloaded Program Files\McUpdatePortal.dll, Networks Associates Technology, Inc>
    [telechargement-photoweb]
    {68C1822F-F5C7-4404-A73F-03C10E0E94DA} <C:\WINDOWS\Downloaded Program Files\telechargement-photoweb.ocx, photoweb>
    [FotovistaPhotoUploader.ctrFpu]
    {6DB731A3-B074-4118-8B1C-32511C65D836} <C:\WINDOWS\Downloaded Program Files\fpu.ocx, Fotovista>
    [MUWebControl Class]
    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
    [HouseCall Control]
    {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINDOWS\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
    [Java Plug-in 1.5.0_04]
    {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
    []
    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <C:\WINDOWS\system32\macromed\download\Download.dll, Adobe Systems, Inc.>
    [F-Secure Online Scanner 3.0]
    {9D190AE6-C81E-4039-8061-978EBAD10073} <C:\WINDOWS\Downloaded Program Files\fscax.dll, F-Secure Corporation>
    [MsnMessengerSetupDownloadControl Class]
    {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
    [Java Plug-in 1.5.0_04]
    {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
    [Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
    [InfosFinder2.InfosFinder]
    {E862C832-3A5F-4CEB-BFAA-167B22010A71} <C:\WINDOWS\Downloaded Program Files\INFOSFINDER2.OCX, >
    [QuickTime Object]
    {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
    [ActiveMovieControl Object]
    {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
    [AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
    [Microsoft ProgressBar Control, version 5.0 (SP2)]
    {0713E8D2-850A-101B-AFC0-4210102A8DA7} <C:\WINDOWS\system32\comctl32.ocx, Microsoft Corporation>
    [CEnroll Class]
    {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\System32\xenroll.dll, Microsoft Corporation>
    [Shockwave ActiveX Control]
    {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Macromedia, Inc.>
    [Windows Genuine Advantage Validation Tool]
    {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft® Corporation>
    [Windows Media Player]
    {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
    [HTML Document]
    {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
    [Tabular Data Control]
    {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation>
    [IETag Factory]
    {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
    [BitComet Helper]
    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll, BitComet>
    [C:\WINDOWS\adsldpbc.dll]
    {405132A4-5DD1-4BA8-A181-95C8D435093A} <C:\WINDOWS\adsldpbc.dll, N/A>
    [QuickTime Object]
    {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
    [Microsoft Office Control]
    {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
    [XML Document]
    {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
    [Microsoft Licensed Class Manager 1.0]
    {5220CB21-C88D-11CF-B347-00AA00A28331} <C:\WINDOWS\System32\licmgr10.dll, Microsoft Corporation>
    [HHCtrl Object]
    {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\HHCTRL.OCX, Microsoft Corporation>
    []
    {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
    [Shell Name Space]
    {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
    [InstallShield Update Service Agent]
    {5B7524C8-2446-40E9-9474-94A779DBA224} <C:\WINDOWS\Downloaded Program Files\isusweb.dll, InstallShield Software Corporation>
    [McUpdatePortalFactory Class]
    {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} <C:\WINDOWS\Downloaded Program Files\McUpdatePortal.dll, Networks Associates Technology, Inc>
    [WUWebControl Class]
    {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
    [EoBho Class]
    {64F56FC1-1272-44CD-BA6E-39723696E350} <C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL, N/A>
    [telechargement-photoweb]
    {68C1822F-F5C7-4404-A73F-03C10E0E94DA} <C:\WINDOWS\Downloaded Program Files\telechargement-photoweb.ocx, photoweb>
    [Windows Media Player]
    {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [FotovistaPhotoUploader.ctrFpu]
    {6DB731A3-B074-4118-8B1C-32511C65D836} <C:\WINDOWS\Downloaded Program Files\fpu.ocx, Fotovista>
    [MUWebControl Class]
    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
    [Active Desktop Mover]
    {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
    [HouseCall Control]
    {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINDOWS\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
    [Windows Media Services DRM Storage object]
    {760C4B83-E211-11D2-BF3E-00805FBE84A6} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
    [Navigateur Web Microsoft]
    {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
    []
    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <C:\WINDOWS\system32\macromed\download\Download.dll, Adobe Systems, Inc.>
    []
    {94D9D272-BE4D-420A-123D-390227693354} <C:\DOCUME~1\ADMINI~1\APPLIC~1\HOLDDU~1\Isobold.exe, N/A>
    [F-Secure Online Scanner 3.0]
    {9D190AE6-C81E-4039-8061-978EBAD10073} <C:\WINDOWS\Downloaded Program Files\fscax.dll, F-Secure Corporation>
    [RMGetLicense Class]
    {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
    [Microsoft Scriptlet Component]
    {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
    [MsnMessengerSetupDownloadControl Class]
    {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
    [SearchAssistantOC]
    {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
    [RDS.DataSpace]
    {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, Microsoft Corporation>
    [MSNToolBandBHO]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll, Microsoft Corporation>
    [AUDIO__MID Moniker Class]
    {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__MP3 Moniker Class]
    {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__X_MS_WMA Moniker Class]
    {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__AVI Moniker Class]
    {CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__MPEG Moniker Class]
    {CD3AFA89-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__X_MS_ASF Moniker Class]
    {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
    [Microsoft Agent Control 2.0]
    {D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <C:\WINDOWS\msagent\agentctl.dll, Microsoft Corporation>
    []
    {D4A8680F-4272-4161-80FF-851A62AEA027} <C:\PROGRA~1\EZFace\ActiveX\EZFace207.ocx, EZFace Ltd.>
    [InfosFinder2.InfosFinder]
    {E862C832-3A5F-4CEB-BFAA-167B22010A71} <C:\WINDOWS\Downloaded Program Files\INFOSFINDER2.OCX, >
    [&Add animation to IncrediMail Style Box]
    <C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm, N/A>
    [Download all links using BitComet]
    <res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
    [Download all videos using BitComet]
    <res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
    [Download link using &BitComet]
    <res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
    [E&xporter vers Microsoft Excel]
    <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

    ==================================
    Running Processes
    [PID: 808 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 904 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 928 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [PID: 972 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
    [PID: 984 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1144 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1220 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1344 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1388 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1620 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1692 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.2175.0]
    [C:\WINDOWS\system32\hpz3l3xu.dll] [Hewlett-Packard Company, 60.051.644.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3xu.dll] [Hewlett-Packard Corporation, 60.051.644.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.2175.0]
    [PID: 1824 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.6085]
    [PID: 1872 / SYSTEM][C:\WINDOWS\system32\slserv.exe] [Smart Link, 3.80.01MC15]
    [PID: 1892 / SYSTEM][C:\WINDOWS\System32\snmp.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1936 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 232 / SYSTEM][C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe] [SOFTWIN S.R.L, 1, 8, 11, 0]
    [PID: 324 / SYSTEM][C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe] [N/A, ]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdcore.dll] [SOFTWIN SRL, 7, 0, 0, 2423]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\libfn.dll] [N/A, ]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\avxdisk.dll] [N/A, ]
    [PID: 568 / SYSTEM][C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe] [SOFTWIN S.R.L., 10, 2, 0, 18]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\HTTPGETF.dll] [N/A, ]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\zlib.dll] [, 1.2.3]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [PID: 796 / SYSTEM][C:\Program Files\Softwin\BitDefender10\vsserv.exe] [SOFTWIN S.R.L., 10, 2, 1, 147]
    [C:\Program Files\Softwin\BitDefender10\bdfltlib.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\zlib.dll] [, 1.2.3]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll] [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\mimeinf.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Softwin\BitDefender10\bdfdll_x86.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll] [, 10, 2, 0, 9]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\WSLib.dll] [N/A, ]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll] [SOFTWIN S.R.L., 10, 2, 1, 16]
    [C:\Program Files\Softwin\BitDefender10\NTTools.dll] [SOFTWIN S.R.L., 10, 1, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\privscan.dll] [SOFTWIN S.R.L., 10, 2, 0, 8]
    [C:\Program Files\Softwin\BitDefender10\agentreg.dll] [SOFTWIN S.R.L., 10.2.0.4]
    [C:\Program Files\Softwin\BitDefender10\getfile.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll] [Softwin, 10, 2, 0, 22]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll] [Softwin, 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\wsid.dll] [SOFTWIN S.R.L., 11, 0, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdfdrvi.dll] [Softwin SRL, 2.0.1.10]
    [C:\Program Files\Softwin\BitDefender10\libexpat.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\as2core.dll] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlbr.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemldsp.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlf.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlimg.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlnn2.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlrtr.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlsgn.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\ashttpbr.mdl] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\ashttpdsp.mdl] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\ashttpf.mdl] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\iconv.dll] [Free Software Foundation, 1.9]
    [C:\Program Files\Softwin\BitDefender10\asregex.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\mimepack.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\sch_serv.dll] [SOFTWIN S.R.L., 10, 1, 0, 11]
    [C:\Program Files\Softwin\BitDefender10\bdardrv.dll] [SOFTWIN S.R.L, 10, 1, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\PROFOS.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\trufos.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\libmpack.dll] [N/A, ]
    [C:\WINDOWS\system32\XRegLib.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\htmlpack.dll] [SOFTWIN S.R.L., 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdpredir.dll] [Softwin SRL, 1.0.1.11]
    [C:\Program Files\Softwin\BitDefender10\bdpop3p.dll] [SOFTWIN S.R.L., 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdsmtpp.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\httproxy.dll] [SOFTWIN SRL, 10, 2, 1, 1]
    [PID: 1444 / Administrateur][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\WINDOW~3\wmpband.dll] [Microsoft Corporation, 11.0.5358.4827 (WMP_11.060509-2009)]
    [C:\Program Files\Microsoft AntiSpyware\shellextension.dll] [Microsoft Corporation, 1.0.0614.10]
    [C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Softwin\BitDefender10\bdshelxt.dll] [, 1, 0, 0, 2]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL] [WinZip Computing, Inc., 3.0 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.6085]
    [C:\WINDOWS\system32\nvshell.dll] [NVIDIA Corporation, 6.14.10.6085]
    [C:\WINDOWS\system32\L3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr.dll] [Ahead Software AG, 1,2,1, 2278]
    [PID: 2020 / Administrateur][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1812 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 460 / Administrateur][C:\Program Files\Softwin\BitDefender10\bdmcon.exe] [SOFTWIN S.R.L., 10, 2, 0, 15]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll] [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\TxTools.dll] [SOFTWIN S.R.L, 10, 2, 0, 0]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll] [Softwin, 10, 2, 0, 22]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll] [, 10, 2, 0, 9]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll] [Softwin, 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\Program Files\Softwin\BitDefender10\NAG.dll] [SOFTWIN S.R.L., 10.2.0.0]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\popup.dll] [SOFTWIN S.R.L., 10, 0, 0, 9]
    [C:\Program Files\Softwin\BitDefender10\agentreg.dll] [SOFTWIN S.R.L., 10.2.0.4]
    [C:\Program Files\Softwin\BitDefender10\getfile.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\WSLib.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bdusers.dll] [TODO: <Company name>, 10.1.0.0]
    [C:\Program Files\Softwin\BitDefender10\main.dll] [SOFTWIN S.R.L., 10, 3, 0, 35]
    [C:\Program Files\Softwin\BitDefender10\antivirus.dll] [SOFTWIN S.R.L., 10, 1, 0, 24]
    [C:\Program Files\Softwin\BitDefender10\fwgui.dll] [Softwin SRL, 2.0.1.9]
    [C:\Program Files\Softwin\BitDefender10\dbokf.dll] [SOFTWIN, 10.2.0.1]
    [C:\Program Files\Softwin\BitDefender10\libexpat.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\antispam.dll] [SOFTWIN S.R.L, 10.0.0.1]
    [C:\Program Files\Softwin\BitDefender10\antispy.dll] [SOFTWIN S.R.L., 10, 1, 0, 29]
    [C:\Program Files\Softwin\BitDefender10\pcontrol.dll] [, 10, 2, 0, 8]
    [C:\Program Files\Softwin\BitDefender10\Wizards.dll] [SOFTWIN S.R.L., 10, 3, 0, 0]
    [C:\Program Files\Softwin\BitDefender10\live.dll] [SOFTWIN S.R.L., 10, 2, 0, 21]
    [C:\Program Files\Softwin\BitDefender10\vshield.dll] [SOFTWIN S.R.L., 10, 2, 1, 129]
    [C:\Program Files\Softwin\BitDefender10\vscan.dll] [SOFTWIN S.R.L., 10, 1, 0, 34]
    [C:\Program Files\Softwin\BitDefender10\quar.dll] [SOFTWIN S.R.L., 10, 2, 1, 18]
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll] [SOFTWIN S.R.L., 10, 2, 1, 16]
    [C:\Program Files\Softwin\BitDefender10\NTTools.dll] [SOFTWIN S.R.L., 10, 1, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\bwlist.dll] [SOFTWIN S.R.L., 10.0.0.0]
    [C:\Program Files\Softwin\BitDefender10\UnicoWS.dll] [Microsoft Corporation, 1.0.4018.0]
    [C:\Program Files\Softwin\BitDefender10\ashield.dll] [SOFTWIN S.R.L., 10, 2, 0, 92]
    [C:\Program Files\Softwin\BitDefender10\privintf.dll] [SOFTWIN S.R.L., 10, 2, 0, 25]
    [C:\Program Files\Softwin\BitDefender10\sysinfo.dll] [SOFTWIN S.R.L., 10, 2, 0, 1057]
    [C:\Program Files\Softwin\BitDefender10\BDElev.DLL] [SOFTWIN S.R.L., 1.0.0.1]
    [PID: 492 / Administrateur][C:\Program Files\Softwin\BitDefender10\bdagent.exe] [SOFTWIN S.R.L., 10, 2, 0, 16]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll] [, 10, 2, 0, 9]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll] [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll] [Softwin, 10, 2, 0, 22]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll] [Softwin, 10, 2, 0, 1]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\bdoe.dll] [SOFTWIN S.R.L., 10, 2, 0, 6]
    [C:\Program Files\Softwin\BitDefender10\mimeinf.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bwlist.dll] [SOFTWIN S.R.L., 10.0.0.0]
    [C:\Program Files\Softwin\BitDefender10\UnicoWS.dll] [Microsoft Corporation, 1.0.4018.0]
    [PID: 2384 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 2332 / Administrateur][C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\BIB.dll] [Adobe Systems Incorporated, 1.1.18]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.dll] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\AGM.dll] [Adobe Systems Incorporated, 4.14.45]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\CoolType.dll] [Adobe Systems Incorporated, 5.01.41]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\ACE.dll] [Adobe Systems Incorporated, 2.07.28]
    [c:\program files\adobe\acrobat 7.0\reader\rdlang32.fra] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Accessibility.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\AcroForm.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Checkers.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\DigSig.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\eBook.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EScript.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EWH32.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\HLS.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\IA32.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer.API] [Adobe Systems Inc., 7.0.0.41005]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\LegalPDF.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\MakeAccessible.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Multimedia.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PDDom.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PPKLite.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\reflow.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SaveAsRTF.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search5.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SendMail.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Soap.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Spelling.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Updater.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\weblink.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Spelling.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PPKLite.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Accessibility.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\AcroForm.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Checkers.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\DigSig.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\eBook.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EScript.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EWH32.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\HLS.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\MakeAccessible.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Multimedia.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PDDom.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\reflow.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SaveAsRTF.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search5.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SendMail.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Soap.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Updater.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\weblink.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\esdupdate.dll] [Adobe Systems, 3.1.0.9]
    [PID: 2348 / Administrateur][C:\Program Files\Mozilla Thunderbird\thunderbird.exe] [Mozilla Corporation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\js3250.dll] [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Thunderbird\nspr4.dll] [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Thunderbird\xpcom_core.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\plc4.dll] [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Thunderbird\plds4.dll] [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Thunderbird\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\NSLDAP32V50.dll] [N/A, ]
    [C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V50.dll] [N/A, ]
    [C:\Program Files\Mozilla Thunderbird\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\components\myspell.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\components\jar50.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\qfaservices.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL] [Full Circle Software, Inc., 2.2.unofficial]
    [C:\Program Files\Mozilla Thunderbird\components\spellchk.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\nssckbi.dll] [Mozilla Foundation, 1.64]
    [C:\Program Files\Microsoft AntiSpyware\shellextension.dll] [Microsoft Corporation, 1.0.0614.10]
    [PID: 9108 / Administrateur][C:\Documents and Settings\Administrateur\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
    [C:\Documents and Settings\Administrateur\Bureau\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\Documents and Settings\Administrateur\Bureau\Plugins\NTFSTREAM.SRE] [Smallfrogs Studio, 1, 0, 0, 5]

    ==================================
    File Associations
    .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
    .EXE OK. ["%1" %*]
    .COM OK. ["%1" %*]
    .PIF OK. ["%1" %*]
    .REG OK. [regedit.exe "%1"]
    .BAT OK. ["%1" %*]
    .SCR OK. ["%1" /S]
    .CHM OK. ["C:\WINDOWS\hh.exe" %1]
    .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
    .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
    .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
    .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .LNK OK. [{00021401-0000-0000-C000-000000000046}]

    ==================================
    Winsock Provider
    N/A

    ==================================
    Autorun.Inf
    N/A

    ==================================
    HOSTS File
    N/A

    ==================================
    Process Privileges Scan
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 796, C:\PROGRAM FILES\SOFTWIN\BITDEFENDER10\VSSERV.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 460, C:\PROGRAM FILES\SOFTWIN\BITDEFENDER10\BDMCON.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 492, C:\PROGRAM FILES\SOFTWIN\BITDEFENDER10\BDAGENT.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2332, C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\READER\ACRORD32.EXE]

    ==================================
    API HOOK
    N/A

    ==================================
    Hidden Process
    N/A

    ==================================

    [/CODE]
    0
  11. fourmie
     
    salut g!rly
    j' ai l'impression que mon ordi va déjà mieux avec le ménage que tu m'as fais faire.
    qu'est ce qu'on cherche exactement ?
    [CODE]

    2007-12-21,17:13:59

    System Repair Engineer 2.5.16.900
    Smallfrogs (http://www.KZTechs.com)

    Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

    Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan

    Boot Items
    Registry
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <SP2 Connection Patcher><"C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200> [N/A]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <EoEngine><> [N/A]
    <EoWeather><> [N/A]
    <BDMCon><"C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg> [SOFTWIN S.R.L.]
    <BDAgent><"C:\Program Files\Softwin\BitDefender10\bdagent.exe"> [SOFTWIN S.R.L.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><sockspy.dll> [N/A]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{9EF34FF2-3396-4527-9D27-04C8C1C67806}><C:\Program Files\Microsoft AntiSpyware\shellextension.dll> [(Verified)Microsoft Corporation]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}><> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]

    ==================================
    Startup Folders
    N/A

    ==================================
    Services
    [Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
    <"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
    [ASP.NET State Service / aspnet_state][Stopped/Manual Start]
    <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
    [BitDefender Scan Server / bdss][Running/Auto Start]
    <"C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service><N/A>
    [BitDefender Desktop Update Service / LIVESRV][Running/Auto Start]
    <"C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service><SOFTWIN S.R.L.>
    [MysqlInventime / MysqlInventime][Stopped/Manual Start]
    <C:\PROGRA~1\MYSOFT~1\GESTIO~1\mysql\bin\mysqld-nt "--defaults-file=C:\Program Files\MySoftware\Gestion d'entreprise\mysql\my.ini" MysqlInventime><N/A>
    [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
    [Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Auto Start]
    <C:\WINDOWS\system32\HPZipm12.exe><HP>
    [SmartLinkService / SLService][Running/Auto Start]
    <slserv.exe><Smart Link>
    [BitDefender Virus Shield / VSSERV][Running/Auto Start]
    <"C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service><SOFTWIN S.R.L.>
    [BitDefender Communicator / XCOMM][Running/Auto Start]
    <"C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service><SOFTWIN S.R.L>

    ==================================
    Drivers
    [AEGIS Protocol (IEEE 802.1x) v3.4.3.0 / AegisP][Running/Auto Start]
    <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
    [AVG Anti-Rootkit / AVG Anti-Rootkit][Running/Boot Start]
    <\SystemRoot\System32\DRIVERS\avgarkt.sys><GRISOFT, s.r.o.>
    [Avg Anti-Rootkit Clean Driver / AvgArCln][Running/System Start]
    <System32\DRIVERS\AvgArCln.sys><GRISOFT, s.r.o.>
    [axsaki / axsaki][Running/Manual Start]
    <system32\DRIVERS\axsaki.sys><>
    [axskbus / axskbus][Running/Manual Start]
    <system32\DRIVERS\axskbus.sys><>
    [bdfdll / bdfdll][Running/Manual Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys><N/A>
    [BitDefender Firewall NDIS Filter Service / Bdfndisf][Running/Manual Start]
    <system32\DRIVERS\bdfndisf.sys><Softwin SRL>
    [BDFSDRV / BDFSDRV][Running/Manual Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys><N/A>
    [BitDefender Firewall TDI Filter / bdftdif][Running/System Start]
    <\??\C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys><Softwin SRL>
    [bdpredir / bdpredir][Running/System Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys><Softwin SRL>
    [BDRSDRV / BDRSDRV][Running/Auto Start]
    <\??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys><N/A>
    [catchme / catchme][Stopped/Manual Start]
    <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys><N/A>
    [FreeBox USB Network Adapter / fbxusb][Stopped/Manual Start]
    <system32\DRIVERS\fbxusb.sys><FreeBox SA>
    [IEEE-1284.4 Driver HPZid412 / HPZid412][Running/Manual Start]
    <system32\DRIVERS\HPZid412.sys><HP>
    [Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Running/Manual Start]
    <system32\DRIVERS\HPZipr12.sys><HP>
    [USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Running/Manual Start]
    <system32\DRIVERS\HPZius12.sys><HP>
    [Mtlmnt5 / Mtlmnt5][Running/Manual Start]
    <System32\DRIVERS\Mtlmnt5.sys><Smart Link>
    [Mtlstrm / Mtlstrm][Stopped/Manual Start]
    <System32\DRIVERS\Mtlstrm.sys><Smart Link>
    [NtMtlFax / NtMtlFax][Stopped/Manual Start]
    <System32\DRIVERS\NtMtlFax.sys><Smart Link>
    [nv / nv][Running/Manual Start]
    <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
    [Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Running/Manual Start]
    <system32\drivers\nvax.sys><NVIDIA Corporation>
    [NVIDIA nForce MCP Networking Controller Driver / NVENET][Running/Manual Start]
    <system32\DRIVERS\NVENET.sys><NVIDIA Corporation>
    [Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Running/Manual Start]
    <system32\drivers\nvapu.sys><NVIDIA Corporation>
    [NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
    <\SystemRoot\system32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
    [PCASp50 NDIS Protocol Driver / PCASp50][Stopped/Manual Start]
    <System32\Drivers\PCASp50.sys><Printing Communications Assoc., Inc. (PCAUSA)>
    [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
    <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
    [PxHelp20 / PxHelp20][Running/Boot Start]
    <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
    [RecAgent / RecAgent][Running/Boot Start]
    <\SystemRoot\System32\DRIVERS\RecAgent.sys><Smart Link>
    [Hercules Wireless USB Dongle Driver / RT2500USB][Stopped/Manual Start]
    <system32\DRIVERS\rt73.sys><Ralink Technology, Corp.>
    [Secdrv / Secdrv][Running/Auto Start]
    <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
    [Smart Link 56K Modem Driver / Slntamr][Running/Manual Start]
    <System32\DRIVERS\slntamr.sys><Smart Link>
    [SlNtHal / SlNtHal][Stopped/Manual Start]
    <System32\DRIVERS\Slnthal.sys><Smart Link>
    [SlWdmSup / SlWdmSup][Running/Manual Start]
    <System32\DRIVERS\SlWdmSup.sys><Smart Link>
    [Pilote de filtrage Sony USB (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
    <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
    [SAMSUNG Mobile USB Device II 1.0 driver (WDM) / ssm_bus][Stopped/Manual Start]
    <system32\DRIVERS\ssm_bus.sys><MCCI>
    [SAMSUNG Mobile USB Modem II 1.0 Filter / ssm_mdfl][Stopped/Manual Start]
    <system32\DRIVERS\ssm_mdfl.sys><MCCI>
    [SAMSUNG Mobile USB Modem II 1.0 Drivers / ssm_mdm][Stopped/Manual Start]
    <system32\DRIVERS\ssm_mdm.sys><MCCI>
    [Logitech Virtual Bus Enumerator Driver / WmBEnum][Running/Manual Start]
    <system32\drivers\WmBEnum.sys><Logitech Inc.>
    [Logitech WingMan HID Filter Driver / WmFilter][Stopped/Manual Start]
    <system32\drivers\WmFilter.sys><Logitech Inc.>
    [Logitech Virtual Hid Device Driver / WmVirHid][Stopped/Manual Start]
    <system32\drivers\WmVirHid.sys><Logitech Inc.>
    [Logitech WingMan Translation Layer Driver / WmXlCore][Running/Manual Start]
    <system32\drivers\WmXlCore.sys><Logitech Inc.>

    ==================================
    Browser Add-ons
    [AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
    [BitComet Helper]
    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll, BitComet>
    [C:\WINDOWS\adsldpbc.dll]
    {405132A4-5DD1-4BA8-A181-95C8D435093A} <C:\WINDOWS\adsldpbc.dll, N/A>
    []
    {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
    []
    {94D9D272-BE4D-420A-123D-390227693354} <C:\DOCUME~1\ADMINI~1\APPLIC~1\HOLDDU~1\Isobold.exe, N/A>
    [MSNToolBandBHO]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll, Microsoft Corporation>
    [QuickTime Object]
    {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
    [Microsoft ProgressBar Control, version 5.0 (SP2)]
    {0713E8D2-850A-101B-AFC0-4210102A8DA7} <C:\WINDOWS\system32\comctl32.ocx, Microsoft Corporation>
    [Shockwave ActiveX Control]
    {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Macromedia, Inc.>
    [Windows Genuine Advantage Validation Tool]
    {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft® Corporation>
    [McUpdatePortalFactory Class]
    {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} <C:\WINDOWS\Downloaded Program Files\McUpdatePortal.dll, Networks Associates Technology, Inc>
    [telechargement-photoweb]
    {68C1822F-F5C7-4404-A73F-03C10E0E94DA} <C:\WINDOWS\Downloaded Program Files\telechargement-photoweb.ocx, photoweb>
    [FotovistaPhotoUploader.ctrFpu]
    {6DB731A3-B074-4118-8B1C-32511C65D836} <C:\WINDOWS\Downloaded Program Files\fpu.ocx, Fotovista>
    [MUWebControl Class]
    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
    [HouseCall Control]
    {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINDOWS\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
    [Java Plug-in 1.5.0_04]
    {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
    []
    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <C:\WINDOWS\system32\macromed\download\Download.dll, Adobe Systems, Inc.>
    [F-Secure Online Scanner 3.0]
    {9D190AE6-C81E-4039-8061-978EBAD10073} <C:\WINDOWS\Downloaded Program Files\fscax.dll, F-Secure Corporation>
    [MsnMessengerSetupDownloadControl Class]
    {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
    [Java Plug-in 1.5.0_04]
    {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
    [Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
    [InfosFinder2.InfosFinder]
    {E862C832-3A5F-4CEB-BFAA-167B22010A71} <C:\WINDOWS\Downloaded Program Files\INFOSFINDER2.OCX, >
    [QuickTime Object]
    {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
    [ActiveMovieControl Object]
    {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
    [AcroIEHlprObj Class]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
    [Microsoft ProgressBar Control, version 5.0 (SP2)]
    {0713E8D2-850A-101B-AFC0-4210102A8DA7} <C:\WINDOWS\system32\comctl32.ocx, Microsoft Corporation>
    [CEnroll Class]
    {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\System32\xenroll.dll, Microsoft Corporation>
    [Shockwave ActiveX Control]
    {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Macromedia, Inc.>
    [Windows Genuine Advantage Validation Tool]
    {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft® Corporation>
    [Windows Media Player]
    {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
    [HTML Document]
    {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
    [Tabular Data Control]
    {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation>
    [IETag Factory]
    {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
    [BitComet Helper]
    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll, BitComet>
    [C:\WINDOWS\adsldpbc.dll]
    {405132A4-5DD1-4BA8-A181-95C8D435093A} <C:\WINDOWS\adsldpbc.dll, N/A>
    [QuickTime Object]
    {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
    [Microsoft Office Control]
    {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
    [XML Document]
    {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
    [Microsoft Licensed Class Manager 1.0]
    {5220CB21-C88D-11CF-B347-00AA00A28331} <C:\WINDOWS\System32\licmgr10.dll, Microsoft Corporation>
    [HHCtrl Object]
    {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\HHCTRL.OCX, Microsoft Corporation>
    []
    {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
    [Shell Name Space]
    {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
    [InstallShield Update Service Agent]
    {5B7524C8-2446-40E9-9474-94A779DBA224} <C:\WINDOWS\Downloaded Program Files\isusweb.dll, InstallShield Software Corporation>
    [McUpdatePortalFactory Class]
    {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} <C:\WINDOWS\Downloaded Program Files\McUpdatePortal.dll, Networks Associates Technology, Inc>
    [WUWebControl Class]
    {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
    [EoBho Class]
    {64F56FC1-1272-44CD-BA6E-39723696E350} <C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL, N/A>
    [telechargement-photoweb]
    {68C1822F-F5C7-4404-A73F-03C10E0E94DA} <C:\WINDOWS\Downloaded Program Files\telechargement-photoweb.ocx, photoweb>
    [Windows Media Player]
    {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [FotovistaPhotoUploader.ctrFpu]
    {6DB731A3-B074-4118-8B1C-32511C65D836} <C:\WINDOWS\Downloaded Program Files\fpu.ocx, Fotovista>
    [MUWebControl Class]
    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
    [Active Desktop Mover]
    {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
    [HouseCall Control]
    {74D05D43-3236-11D4-BDCD-00C04F9A3B61} <C:\WINDOWS\DOWNLO~1\xscan53.ocx, Trend Micro Inc.>
    [Windows Media Services DRM Storage object]
    {760C4B83-E211-11D2-BF3E-00805FBE84A6} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
    [Navigateur Web Microsoft]
    {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
    []
    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <C:\WINDOWS\system32\macromed\download\Download.dll, Adobe Systems, Inc.>
    []
    {94D9D272-BE4D-420A-123D-390227693354} <C:\DOCUME~1\ADMINI~1\APPLIC~1\HOLDDU~1\Isobold.exe, N/A>
    [F-Secure Online Scanner 3.0]
    {9D190AE6-C81E-4039-8061-978EBAD10073} <C:\WINDOWS\Downloaded Program Files\fscax.dll, F-Secure Corporation>
    [RMGetLicense Class]
    {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
    [Microsoft Scriptlet Component]
    {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
    [MsnMessengerSetupDownloadControl Class]
    {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
    [SearchAssistantOC]
    {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
    [RDS.DataSpace]
    {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, Microsoft Corporation>
    [MSNToolBandBHO]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll, Microsoft Corporation>
    [AUDIO__MID Moniker Class]
    {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__MP3 Moniker Class]
    {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__X_MS_WMA Moniker Class]
    {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__AVI Moniker Class]
    {CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__MPEG Moniker Class]
    {CD3AFA89-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__X_MS_ASF Moniker Class]
    {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
    [Microsoft Agent Control 2.0]
    {D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <C:\WINDOWS\msagent\agentctl.dll, Microsoft Corporation>
    []
    {D4A8680F-4272-4161-80FF-851A62AEA027} <C:\PROGRA~1\EZFace\ActiveX\EZFace207.ocx, EZFace Ltd.>
    [InfosFinder2.InfosFinder]
    {E862C832-3A5F-4CEB-BFAA-167B22010A71} <C:\WINDOWS\Downloaded Program Files\INFOSFINDER2.OCX, >
    [&Add animation to IncrediMail Style Box]
    <C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm, N/A>
    [Download all links using BitComet]
    <res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
    [Download all videos using BitComet]
    <res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
    [Download link using &BitComet]
    <res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
    [E&xporter vers Microsoft Excel]
    <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

    ==================================
    Running Processes
    [PID: 808 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 904 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 928 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [PID: 972 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
    [PID: 984 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1144 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1220 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1344 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1388 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1620 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1692 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.2175.0]
    [C:\WINDOWS\system32\hpz3l3xu.dll] [Hewlett-Packard Company, 60.051.644.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3xu.dll] [Hewlett-Packard Corporation, 60.051.644.00]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.2175.0]
    [PID: 1824 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.6085]
    [PID: 1872 / SYSTEM][C:\WINDOWS\system32\slserv.exe] [Smart Link, 3.80.01MC15]
    [PID: 1892 / SYSTEM][C:\WINDOWS\System32\snmp.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1936 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 232 / SYSTEM][C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe] [SOFTWIN S.R.L, 1, 8, 11, 0]
    [PID: 324 / SYSTEM][C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe] [N/A, ]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdcore.dll] [SOFTWIN SRL, 7, 0, 0, 2423]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\libfn.dll] [N/A, ]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\avxdisk.dll] [N/A, ]
    [PID: 568 / SYSTEM][C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe] [SOFTWIN S.R.L., 10, 2, 0, 18]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\HTTPGETF.dll] [N/A, ]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\zlib.dll] [, 1.2.3]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [PID: 796 / SYSTEM][C:\Program Files\Softwin\BitDefender10\vsserv.exe] [SOFTWIN S.R.L., 10, 2, 1, 147]
    [C:\Program Files\Softwin\BitDefender10\bdfltlib.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\zlib.dll] [, 1.2.3]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll] [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\mimeinf.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Softwin\BitDefender10\bdfdll_x86.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll] [, 10, 2, 0, 9]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\WSLib.dll] [N/A, ]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll] [SOFTWIN S.R.L., 10, 2, 1, 16]
    [C:\Program Files\Softwin\BitDefender10\NTTools.dll] [SOFTWIN S.R.L., 10, 1, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\privscan.dll] [SOFTWIN S.R.L., 10, 2, 0, 8]
    [C:\Program Files\Softwin\BitDefender10\agentreg.dll] [SOFTWIN S.R.L., 10.2.0.4]
    [C:\Program Files\Softwin\BitDefender10\getfile.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll] [Softwin, 10, 2, 0, 22]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll] [Softwin, 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\wsid.dll] [SOFTWIN S.R.L., 11, 0, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdfdrvi.dll] [Softwin SRL, 2.0.1.10]
    [C:\Program Files\Softwin\BitDefender10\libexpat.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\as2core.dll] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlbr.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemldsp.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlf.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlimg.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlnn2.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlrtr.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\asemlsgn.mdl] [SOFTWIN S.R.L., 2, 5, 15, 0]
    [C:\Program Files\Softwin\BitDefender10\ashttpbr.mdl] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\ashttpdsp.mdl] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\ashttpf.mdl] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\iconv.dll] [Free Software Foundation, 1.9]
    [C:\Program Files\Softwin\BitDefender10\asregex.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\mimepack.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\sch_serv.dll] [SOFTWIN S.R.L., 10, 1, 0, 11]
    [C:\Program Files\Softwin\BitDefender10\bdardrv.dll] [SOFTWIN S.R.L, 10, 1, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\PROFOS.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\trufos.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\libmpack.dll] [N/A, ]
    [C:\WINDOWS\system32\XRegLib.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\htmlpack.dll] [SOFTWIN S.R.L., 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdpredir.dll] [Softwin SRL, 1.0.1.11]
    [C:\Program Files\Softwin\BitDefender10\bdpop3p.dll] [SOFTWIN S.R.L., 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdsmtpp.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\httproxy.dll] [SOFTWIN SRL, 10, 2, 1, 1]
    [PID: 1444 / Administrateur][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\WINDOW~3\wmpband.dll] [Microsoft Corporation, 11.0.5358.4827 (WMP_11.060509-2009)]
    [C:\Program Files\Microsoft AntiSpyware\shellextension.dll] [Microsoft Corporation, 1.0.0614.10]
    [C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Softwin\BitDefender10\bdshelxt.dll] [, 1, 0, 0, 2]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL] [WinZip Computing, Inc., 3.0 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.6085]
    [C:\WINDOWS\system32\nvshell.dll] [NVIDIA Corporation, 6.14.10.6085]
    [C:\WINDOWS\system32\L3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr.dll] [Ahead Software AG, 1,2,1, 2278]
    [PID: 2020 / Administrateur][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1812 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 460 / Administrateur][C:\Program Files\Softwin\BitDefender10\bdmcon.exe] [SOFTWIN S.R.L., 10, 2, 0, 15]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll] [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\TxTools.dll] [SOFTWIN S.R.L, 10, 2, 0, 0]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll] [Softwin, 10, 2, 0, 22]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll] [, 10, 2, 0, 9]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll] [Softwin, 10, 2, 0, 1]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\Program Files\Softwin\BitDefender10\NAG.dll] [SOFTWIN S.R.L., 10.2.0.0]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\popup.dll] [SOFTWIN S.R.L., 10, 0, 0, 9]
    [C:\Program Files\Softwin\BitDefender10\agentreg.dll] [SOFTWIN S.R.L., 10.2.0.4]
    [C:\Program Files\Softwin\BitDefender10\getfile.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\WSLib.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bdusers.dll] [TODO: <Company name>, 10.1.0.0]
    [C:\Program Files\Softwin\BitDefender10\main.dll] [SOFTWIN S.R.L., 10, 3, 0, 35]
    [C:\Program Files\Softwin\BitDefender10\antivirus.dll] [SOFTWIN S.R.L., 10, 1, 0, 24]
    [C:\Program Files\Softwin\BitDefender10\fwgui.dll] [Softwin SRL, 2.0.1.9]
    [C:\Program Files\Softwin\BitDefender10\dbokf.dll] [SOFTWIN, 10.2.0.1]
    [C:\Program Files\Softwin\BitDefender10\libexpat.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\antispam.dll] [SOFTWIN S.R.L, 10.0.0.1]
    [C:\Program Files\Softwin\BitDefender10\antispy.dll] [SOFTWIN S.R.L., 10, 1, 0, 29]
    [C:\Program Files\Softwin\BitDefender10\pcontrol.dll] [, 10, 2, 0, 8]
    [C:\Program Files\Softwin\BitDefender10\Wizards.dll] [SOFTWIN S.R.L., 10, 3, 0, 0]
    [C:\Program Files\Softwin\BitDefender10\live.dll] [SOFTWIN S.R.L., 10, 2, 0, 21]
    [C:\Program Files\Softwin\BitDefender10\vshield.dll] [SOFTWIN S.R.L., 10, 2, 1, 129]
    [C:\Program Files\Softwin\BitDefender10\vscan.dll] [SOFTWIN S.R.L., 10, 1, 0, 34]
    [C:\Program Files\Softwin\BitDefender10\quar.dll] [SOFTWIN S.R.L., 10, 2, 1, 18]
    [C:\Program Files\Softwin\BitDefender10\quarcore.dll] [SOFTWIN S.R.L., 10, 2, 1, 16]
    [C:\Program Files\Softwin\BitDefender10\NTTools.dll] [SOFTWIN S.R.L., 10, 1, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\bwlist.dll] [SOFTWIN S.R.L., 10.0.0.0]
    [C:\Program Files\Softwin\BitDefender10\UnicoWS.dll] [Microsoft Corporation, 1.0.4018.0]
    [C:\Program Files\Softwin\BitDefender10\ashield.dll] [SOFTWIN S.R.L., 10, 2, 0, 92]
    [C:\Program Files\Softwin\BitDefender10\privintf.dll] [SOFTWIN S.R.L., 10, 2, 0, 25]
    [C:\Program Files\Softwin\BitDefender10\sysinfo.dll] [SOFTWIN S.R.L., 10, 2, 0, 1057]
    [C:\Program Files\Softwin\BitDefender10\BDElev.DLL] [SOFTWIN S.R.L., 1.0.0.1]
    [PID: 492 / Administrateur][C:\Program Files\Softwin\BitDefender10\bdagent.exe] [SOFTWIN S.R.L., 10, 2, 0, 16]
    [C:\Program Files\Softwin\BitDefender10\bdch.dll] [SOFTWIN, 1, 1, 300]
    [C:\Program Files\Softwin\BitDefender10\bdsubmit.dll] [SOFTWIN, 1,2,0, 200]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Softwin\BitDefender10\bdutils.dll] [, 10, 2, 0, 9]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\XCOMM.dll] [Softwin, 1, 8, 12, 0]
    [C:\Program Files\Softwin\BitDefender10\procinf.dll] [SOFTWIN S.R.L., 10, 2, 0, 7]
    [C:\Program Files\Softwin\BitDefender10\BDGUICtl.dll] [Softwin, 10, 2, 0, 22]
    [C:\Program Files\Softwin\BitDefender10\txmlx.dll] [Softwin, 10, 2, 0, 1]
    [C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Softwin\BitDefender10\bdoe.dll] [SOFTWIN S.R.L., 10, 2, 0, 6]
    [C:\Program Files\Softwin\BitDefender10\mimeinf.dll] [N/A, ]
    [C:\Program Files\Softwin\BitDefender10\bwlist.dll] [SOFTWIN S.R.L., 10.0.0.0]
    [C:\Program Files\Softwin\BitDefender10\UnicoWS.dll] [Microsoft Corporation, 1.0.4018.0]
    [PID: 2384 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 2332 / Administrateur][C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\BIB.dll] [Adobe Systems Incorporated, 1.1.18]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.dll] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\AGM.dll] [Adobe Systems Incorporated, 4.14.45]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\CoolType.dll] [Adobe Systems Incorporated, 5.01.41]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\ACE.dll] [Adobe Systems Incorporated, 2.07.28]
    [c:\program files\adobe\acrobat 7.0\reader\rdlang32.fra] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Accessibility.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\AcroForm.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Checkers.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\DigSig.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\eBook.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EScript.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EWH32.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\HLS.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\IA32.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer.API] [Adobe Systems Inc., 7.0.0.41005]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\LegalPDF.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\MakeAccessible.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Multimedia.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PDDom.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PPKLite.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\reflow.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SaveAsRTF.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search5.api] [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SendMail.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Soap.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Spelling.api] [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Updater.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\weblink.api] [Adobe Systems Incorporated, 7.0.7.2006011300]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Spelling.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PPKLite.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Accessibility.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\AcroForm.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Checkers.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\DigSig.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\eBook.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EScript.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EWH32.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\HLS.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\MakeAccessible.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Multimedia.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PDDom.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\reflow.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SaveAsRTF.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search5.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SendMail.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Soap.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Updater.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\weblink.FRA] [, ]
    [C:\Program Files\Adobe\Acrobat 7.0\Reader\esdupdate.dll] [Adobe Systems, 3.1.0.9]
    [PID: 2348 / Administrateur][C:\Program Files\Mozilla Thunderbird\thunderbird.exe] [Mozilla Corporation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\js3250.dll] [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Thunderbird\nspr4.dll] [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Thunderbird\xpcom_core.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\plc4.dll] [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Thunderbird\plds4.dll] [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Thunderbird\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\NSLDAP32V50.dll] [N/A, ]
    [C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V50.dll] [N/A, ]
    [C:\Program Files\Mozilla Thunderbird\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\components\myspell.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\components\jar50.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\qfaservices.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL] [Full Circle Software, Inc., 2.2.unofficial]
    [C:\Program Files\Mozilla Thunderbird\components\spellchk.dll] [Mozilla Foundation, 1.8.1.9: 2007103104]
    [C:\Program Files\Mozilla Thunderbird\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Thunderbird\nssckbi.dll] [Mozilla Foundation, 1.64]
    [C:\Program Files\Microsoft AntiSpyware\shellextension.dll] [Microsoft Corporation, 1.0.0614.10]
    [PID: 9108 / Administrateur][C:\Documents and Settings\Administrateur\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
    [C:\Documents and Settings\Administrateur\Bureau\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\Documents and Settings\Administrateur\Bureau\Plugins\NTFSTREAM.SRE] [Smallfrogs Studio, 1, 0, 0, 5]

    ==================================
    File Associations
    .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
    .EXE OK. ["%1" %*]
    .COM OK. ["%1" %*]
    .PIF OK. ["%1" %*]
    .REG OK. [regedit.exe "%1"]
    .BAT OK. ["%1" %*]
    .SCR OK. ["%1" /S]
    .CHM OK. ["C:\WINDOWS\hh.exe" %1]
    .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
    .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
    .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
    .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .LNK OK. [{00021401-0000-0000-C000-000000000046}]

    ==================================
    Winsock Provider
    N/A

    ==================================
    Autorun.Inf
    N/A

    ==================================
    HOSTS File
    N/A

    ==================================
    Process Privileges Scan
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 796, C:\PROGRAM FILES\SOFTWIN\BITDEFENDER10\VSSERV.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 460, C:\PROGRAM FILES\SOFTWIN\BITDEFENDER10\BDMCON.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 492, C:\PROGRAM FILES\SOFTWIN\BITDEFENDER10\BDAGENT.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2332, C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\READER\ACRORD32.EXE]

    ==================================
    API HOOK
    N/A

    ==================================
    Hidden Process
    N/A

    ==================================

    [/CODE]
    0
  12. g!rly Messages postés 18462 Statut Contributeur 407
     
    bonsoir fourmie,

    je viens de rentrer de vacances, j´en profite pour te souhaiter une bonne année 2008 ;-)

    vu le temps ecoulé depuis notre derniere conversation, j´aimerais bien que tu poste un nouveau hijack this

    @+
    0
  13. tortue
     
    tu as ce qu il te faut sur ce site

    http://foxspm.ifrance.com

    bon surf...
    0
  14. fourmie
     
    Salut et bonne Année à tous
    voici le rapport hijack this, je ne suis pas encore allé sur ton site tortue mais je vais regarder ça de plus près merci.

    Logfile of HijackThis v1.99.1
    Scan saved at 18:22:11, on 16/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: C:\WINDOWS\adsldpbc.dll - {405132A4-5DD1-4BA8-A181-95C8D435093A} - C:\WINDOWS\adsldpbc.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {94D9D272-BE4D-420A-123D-390227693354} - C:\DOCUME~1\ADMINI~1\APPLIC~1\HOLDDU~1\Isobold.exe (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Shared/ComCtl32/6,0,80,22/ComCtl32.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,8/McUpdatePortal.cab
    O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab
    O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.securite.neuf.fr/Ols/fscax.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
    O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: MysqlInventime - Unknown owner - C:\PROGRA~1\MYSOFT~1\GESTIO~1\mysql\bin\mysqld-nt.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
    0
  15. g!rly Messages postés 18462 Statut Contributeur 407
     
    fourmie,

    Télécharge combofix.exe (par sUBs) sur ton Bureau.

    -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    @+
    0
  16. Passet
     
    Search Navipromo version 3.5.2 commencé le 05/04/2008 à 11:52:55,14

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "Utilisateur 1"

    Mise à jour le 29.03.2008 à 22h00 par IL-MAFIOSO

    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : FAT32

    Executé en mode normal

    *** Recherche Programmes installés ***

    InternetGameBox
    MessengerSkinner

    *** Recherche dossiers dans C:\WINDOWS ***

    *** Recherche dossiers dans C:\Program Files ***

    C:\Program Files\InternetGameBox trouvé !
    C:\Program Files\MessengerSkinner trouvé !

    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

    *** Recherche dossiers dans "C:\Documents and Settings\Utilisateur 1\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Utilisateur 1\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Utilisateur 1\menud+~1\progra~1" ***

    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***

    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier trouvé

    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\WINDOWS\system32 *

    Fichiers trouvés :

    lpkjbak.exe trouvé !
    qxipth.exe trouvé !

    * Recherche dans "C:\Documents and Settings\Utilisateur 1\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\LESTOY~1\locals~1\applic~1" *

    *** Recherche fichiers ***

    C:\WINDOWS\pack.epk trouvé !
    C:\WINDOWS\system32\nvs2.inf trouvé !
    C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-0EE2A110.pf trouvé !

    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :

    2)Recherche Heuristique :

    * Dans C:\WINDOWS\system32 :

    grsiquju.dat trouvé !
    grsiquju_nav.dat trouvé !
    grsiquju_navps.dat trouvé !

    * Dans "C:\Documents and Settings\Utilisateur 1\locals~1\applic~1" :

    * Dans "C:\DOCUME~1\LESTOY~1\locals~1\applic~1" :

    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :

    *** Analyse terminée le 05/04/2008 à 11:54:03,00 ***
    0
  17. g!rly Messages postés 18462 Statut Contributeur 407
     
    bonjour aurevoir ?
    0
  18. Passet
     
    Bonjour.
    Aide moi s'il vous plait, je ne sais pas comment faire pour me débarrasser de trojan.mailskinner!!
    C'est la première foi que sa m'arrive!
    merci d'avance
    0
  19. g!rly Messages postés 18462 Statut Contributeur 407
     
    ok ;-)

    Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
    Au menu principal, choisis 2 et valide.

    Le fix va t'informer qu'il va alors redémarrer ton PC
    Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
    Appuie sur une touche comme demandé.
    (si ton Pc ne redémarre pas automatiquement, fais le toi même)
    Au redémarrage de ton PC, choisis ta session habituelle.

    Patiente jusqu'au message :
    *** Nettoyage Termine le ..... ***
    Le blocnote va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver
    Referme le blocnote. Ton bureau va réapparaitre

    PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
    Tape explorer et valide. Celà te fera apparaitre ton bureau.

    post le rapport

    @+
    0
Précédent
  • 1
  • 2
  • 3
  • 4