Sujet Précédent Sujet Suivant

Cheval de troie

Résolu
dede4240 Messages postés 243 Statut Membre -  
FillPCA Messages postés 2264 Statut Contributeur sécurité -
Bonjour a tous je retente ma chance car j'ai postéun message il y a quelque jour qui semble t il est passé a la trappe..
j'ai un cheval de troie sur mon ordi qui est en train de se repandre partout en gros l'ordi est ralenti et des pub intempestive apparaissent sans cesse je viens de changer d'antivirus suite a une recommandation sur un forum j'ai donc installé antivir ( avant j'avasi avast) je vous poste le rapport aprezs analyse d'antivir... j'espereque qqn pourra m'aider car je viens d'aller rue montgallet et on me demande 60 euro pour reformatter l'ordi d'apres eux c est la seule chose a faire contre un cheval de trois... merci de votre aide

AntiVir PersonalEdition Classic
Report file date: 2007-11-03 13:15

Scanning for 1036370 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: BEGNY-GA1A4CHG2

Version information:
BUILD.DAT : 269 15604 Bytes 2007-09-10 14:31:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 2006-05-31 12:32:40
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 2007-07-10 12:32:46
ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 2007-08-25 17:21:02
ANTIVIR3.VDF : 6.39.1.51 29696 Bytes 2007-08-28 07:22:36
AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 2007-08-29 17:09:10
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007-08-03 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2007-11-03 13:15

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'avnotify.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ATKOSD.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'sm56hlpr.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'HControl.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'Tablet.exe' - '1' Module(s) have been scanned
Scan process 'TabUserW.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'Tablet.exe' - '1' Module(s) have been scanned
Scan process 'StkCSrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '24' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\BEGNY\Local Settings\Temporary Internet Files\Content.IE5\2EDF7FFG\17PHolmes[1].cmt
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '477c6725.qua'!
C:\Documents and Settings\BEGNY\Local Settings\Temporary Internet Files\Content.IE5\5TVFVLU4\mosx1024[1]
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '479f6776.qua'!
C:\Documents and Settings\BEGNY\Local Settings\Temporary Internet Files\Content.IE5\Y2E0NSE5\isearch[1].htm
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4791678c.qua'!
C:\qoobox\Quarantine\C\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe.vir
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '47a66e4f.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\cucpfbcc.dll.vir
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '478f6e63.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\rslxxpph.dll.vir
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '47986e62.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\uaqifxbv.dll.vir
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '479d6e50.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\__c00198CA.dat.vir
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '478f6e4e.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\u4\c124wvr.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475e6e21.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\u4\wr31drs.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475f6e62.qua'!
C:\RECYCLER\S-1-5-21-484763869-884357618-725345543-1003\Dc78.zip
[0] Archive type: ZIP
--> __c001EC51.dat
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '47636e63.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP19\A0006877.exe
[DETECTION] Is the Trojan horse TR/Agent.RIR.135
[INFO] The file was moved to '475c6e48.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP29\A0008577.dll
[DETECTION] Contains detection pattern of the dropper DR/Agent.141853.A
[INFO] The file was moved to '475c6e89.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP60\A0013533.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475c6f0a.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP61\A0014704.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475c6f0e.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP61\A0014707.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '46c12e57.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014854.exe
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '475c6f11.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014861.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '475c6f12.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014863.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '46c12e4b.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014865.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '475c6f14.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014871.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475c6f13.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014872.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '46c12e4c.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014930.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '46c12e4d.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014931.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475c6f15.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP63\A0014989.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475c6f18.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP64\A0015109.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '475c6f1b.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP64\A0015220.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '475c6f1e.qua'!
C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP65\A0015446.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '475c6f23.qua'!
C:\WINDOWS\mrofinu1000106.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '479b6f77.qua'!
C:\WINDOWS\mrofinu1000106.exe.tmp
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '46005930.qua'!
C:\WINDOWS\mrofinu1188.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '479b6f79.qua'!
C:\WINDOWS\mrofinu1188.exe.tmp
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '479b6f78.qua'!
C:\WINDOWS\system32\lejygeds.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '479671b9.qua'!
C:\WINDOWS\system32\nkiupqwt.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '479571ca.qua'!
C:\WINDOWS\system32\spudscv.exe
[DETECTION] Is the Trojan horse TR/Spy.Banker.Gen
[INFO] The file was moved to '47a171d9.qua'!
C:\WINDOWS\system32\__c009ADE2.dat
[DETECTION] Contains suspicious code HEUR/Malware
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\b3\rarndrll2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.buy.1
[INFO] The file was moved to '479e72ab.qua'!
C:\WINDOWS\system32\u4\wr31drs.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '475f7308.qua'!

End of the scan: 2007-11-03 14:07
Used time: 52:21 min

The scan has been done completely.

6463 Scanning directories
397755 Files were scanned
22 viruses and/or unwanted programs were found
16 Files were classified as suspicious:
0 files were deleted
0 files were repaired
37 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
397733 Files not concerned
6422 Archives were scanned
2 Warnings
50 Notes

42 réponses

Précédent
Réponse 21 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
Re,

Si l'upload est impossible, ferme l'onglet ou la fenêtre de l'explorateur relative à l'upload. Le programme devrait poursuivre son travail.

FillPCA
0
Réponse 22 / 42
dede4240 Messages postés 243 Statut Membre 26
 
bon j'ai quand meme le log dans c: malgré que l'upload ne soit pas chargé ... j ene sais pas du coup si il y a toutesl es infos que tu souhaites
DiagHelp version v1.3 - http://www.malekal.com
excute le 03/11/2007 à 16:45:40,92

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->03/11/2007 16:45:38
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->03/11/2007 16:45:35
C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->03/11/2007 16:21:40
C:\WINDOWS\prefetch\GUARDGUI.EXE-2C20A958.pf -->03/11/2007 16:20:19
C:\WINDOWS\prefetch\FIND.EXE-0EC32F1E.pf -->03/11/2007 16:19:57
C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->03/11/2007 16:18:29
C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->03/11/2007 16:18:03
C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->03/11/2007 16:15:10
C:\WINDOWS\prefetch\MTEE.CFEXE-1E067BC7.pf -->03/11/2007 16:15:00
C:\WINDOWS\prefetch\CATCHME.CFEXE-0F2A0789.pf -->03/11/2007 16:14:52

C:\WINDOWS\System32\drivers\avipbb.sys -->03/11/2007 14:21:58
C:\WINDOWS\System32\drivers\tcpip.sys -->04/10/2007 17:28:48
C:\WINDOWS\System32\drivers\RtkHDAud.sys -->19/09/2007 21:01:14
C:\WINDOWS\System32\drivers\avgntdd.sys -->09/08/2007 13:04:11
C:\WINDOWS\System32\drivers\avgntmgr.sys -->18/07/2007 14:22:19
C:\WINDOWS\System32\drivers\update.sys -->23/04/2007 11:32:54
C:\WINDOWS\System32\drivers\imagesrv.sys -->26/03/2007 10:52:48

C:\WINDOWS\System32\bdod.bin -->03/11/2007 15:17:50
C:\WINDOWS\System32\tmp.txt -->03/11/2007 15:15:16
C:\WINDOWS\System32\tmp.reg -->03/11/2007 15:15:16
C:\WINDOWS\System32\bdss.log -->03/11/2007 15:08:41
C:\WINDOWS\System32\CONFIG.NT -->03/11/2007 12:45:13
C:\WINDOWS\System32\bvxshpsx.ini -->03/11/2007 10:50:44
C:\WINDOWS\System32\mcrh.tmp -->02/11/2007 17:10:33
C:\WINDOWS\System32\jlxhesna.ini -->02/11/2007 10:42:51
C:\WINDOWS\System32\reg_0001.txt -->31/10/2007 17:23:07
C:\WINDOWS\System32\wpa.dbl -->31/10/2007 17:22:21
C:\WINDOWS\System32\vbzip10.dll -->31/10/2007 17:21:28
C:\WINDOWS\System32\perfh00C.dat -->28/10/2007 11:06:49
C:\WINDOWS\System32\perfh009.dat -->28/10/2007 11:06:49
C:\WINDOWS\System32\perfc00C.dat -->28/10/2007 11:06:49
C:\WINDOWS\System32\PerfStringBackup.INI -->28/10/2007 11:06:48
C:\WINDOWS\System32\perfc009.dat -->28/10/2007 11:06:48
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->24/10/2007 14:12:40
C:\WINDOWS\System32\FNTCACHE.DAT -->05/10/2007 10:56:41
C:\WINDOWS\System32\bitcometres.dll -->04/10/2007 12:40:09
C:\WINDOWS\System32\WS2Fix.exe -->03/10/2007 23:36:46
C:\WINDOWS\System32\nscompat.tlb -->02/10/2007 19:26:11
C:\WINDOWS\System32\amcompat.tlb -->02/10/2007 19:26:11
C:\WINDOWS\System32\MRT.exe -->28/09/2007 06:19:39
C:\WINDOWS\System32\javaws.exe -->24/09/2007 22:31:42
C:\WINDOWS\System32\javacpl.cpl -->24/09/2007 22:31:42

C:\WINDOWS\0.log -->03/11/2007 16:13:42
C:\WINDOWS\wiadebug.log -->03/11/2007 16:13:40
C:\WINDOWS\WindowsUpdate.log -->03/11/2007 16:13:38
C:\WINDOWS\wiaservc.log -->03/11/2007 16:13:38
C:\WINDOWS\bootstat.dat -->03/11/2007 16:13:31
C:\WINDOWS\SchedLgU.Txt -->03/11/2007 16:12:36
C:\WINDOWS\setupapi.log -->03/11/2007 13:20:48
C:\WINDOWS\setupact.log -->03/11/2007 13:20:43
C:\WINDOWS\ntbtlog.txt -->03/11/2007 01:26:55
C:\WINDOWS\NeroDigital.ini -->02/11/2007 17:16:32
C:\WINDOWS\win.ini -->01/11/2007 18:55:55
C:\WINDOWS\system.ini -->01/11/2007 18:55:55
C:\WINDOWS\catchme.exe -->29/10/2007 18:56:19
C:\WINDOWS\mozver.dat -->29/10/2007 16:21:09
C:\WINDOWS\nsreg.dat -->29/10/2007 16:18:08

MD5 des fichiers sensibles
tcpip.sys de891ad282e856acfd40990094a63b6f
ndis.sys 558635d3af1c7546d26067d5d9b6959e
null.sys 73c1e1f395918bc2c6dd67af7591a3ad
svchost.exe 2979b03d5382a602623c0535b16ab9c0

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 1664
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x44080000 0xcf000 7.00.6000.16544 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16544 C:\WINDOWS\system32\iertutil.dll
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
0x44360000 0x5cb000 7.00.6000.16544 C:\WINDOWS\system32\ieframe.dll
0x44160000 0x124000 7.00.6000.16544 C:\WINDOWS\system32\urlmon.dll
0x442b0000 0x3c000 7.00.6000.16544 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02fc0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x78130000 0x9b000 8.00.50727.0163 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
0x03460000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
0x031c0000 0x2e000 C:\Program Files\WinRAR\rarext.dll
0x03330000 0x14000 2.07.0003.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x03350000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x030a0000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x1c400000 0x11000 1.00.0000.0002 C:\WINDOWS\System32\StkCWIA.dll
0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL
0x36d30000 0x19000 11.00.5510.0000 C:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 600
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x1d000 6.14.0010.4158 C:\WINDOWS\system32\Ati2evxx.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 787E-345B

Répertoire de C:\WINDOWS\system32

19/08/2004 15:09 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 64 940 441 600 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 787E-345B

Répertoire de C:\WINDOWS\Downloaded Program Files

03/11/2007 10:12 <REP> .
03/11/2007 10:12 <REP> ..
03/11/2007 10:08 65 desktop.ini
1 fichier(s) 65 octets

Total des fichiers listés :
1 fichier(s) 65 octets
2 Rép(s) 64 940 437 504 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..

Liste des fichiers en exception sur le pare-feu XP SP2

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
164 - Tablet.exe
404 - sched.exe
436 - GoogleUpdaterSe
568 - csrss.exe
600 - winlogon.exe
644 - services.exe
660 - lsass.exe
812 - ati2evxx.exe
828 - svchost.exe
892 - svchost.exe
932 - svchost.exe
1032 - svchost.exe
1080 - svchost.exe
1220 - ati2evxx.exe
1516 - TabUserW.exe
1524 - avguard.exe
1568 - alg.exe
1664 - explorer.exe
2580 - iexplore.exe
2856 - HControl.exe
2888 - RTHDCPL.exe
2964 - sm56hlpr.exe
3036 - svchost.exe
3084 - avgnt.exe
3100 - GoogleToolbarNo
3128 - ctfmon.exe
3156 - msnmsgr.exe
3200 - BitComet.exe
3404 - ATKOSD.exe
5696 - cmd.exe

Total number of processes = 31
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
BADA8000 - \WINDOWS\system32\KDCOM.DLL
BACB8000 - \WINDOWS\system32\BOOTVID.dll
BA778000 - ACPI.sys
BADAA000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
BA767000 - pci.sys
BA8A8000 - isapnp.sys
BACBC000 - compbatt.sys
BACC0000 - \WINDOWS\System32\DRIVERS\BATTC.SYS
BAE70000 - pciide.sys
BAB28000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
BA8B8000 - MountMgr.sys
BA748000 - ftdisk.sys
BADAC000 - dmload.sys
BA722000 - dmio.sys
BACC4000 - ACPIEC.sys
BAE71000 - \WINDOWS\System32\DRIVERS\OPRGHDLR.SYS
BAB30000 - PartMgr.sys
BA8C8000 - VolSnap.sys
BA70A000 - atapi.sys
BA8D8000 - disk.sys
BA8E8000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
BA6EA000 - fltmgr.sys
BA6D8000 - sr.sys
BA8F8000 - PxHelp20.sys
BA6C1000 - KSecDD.sys
BA634000 - Ntfs.sys
BA607000 - NDIS.sys
BA908000 - ComboFix.sys
BA5EC000 - Mup.sys
BADDA000 - \SystemRoot\System32\DRIVERS\ATKACPI.sys
BAAC8000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B8022000 - \SystemRoot\System32\DRIVERS\ati2mtag.sys
B800E000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
B7F8C000 - \SystemRoot\System32\DRIVERS\ar5211.sys
BAC30000 - \SystemRoot\System32\DRIVERS\usbohci.sys
B7F69000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
BAC38000 - \SystemRoot\system32\DRIVERS\usbehci.sys
BAAD8000 - \SystemRoot\System32\Drivers\Imapi.SYS
BAAE8000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAAF8000 - \SystemRoot\System32\DRIVERS\redbook.sys
B7F46000 - \SystemRoot\System32\DRIVERS\ks.sys
B7F21000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
BAB08000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
BAC40000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
BAC48000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BA5C8000 - \SystemRoot\System32\DRIVERS\CmBatt.sys
BADDC000 - \SystemRoot\system32\DRIVERS\wacomvhid.sys
BAB18000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
BAC50000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
BADDE000 - \SystemRoot\system32\DRIVERS\WacomVKHid.sys
BAF34000 - \SystemRoot\System32\DRIVERS\audstub.sys
BA938000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BA5C4000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B7F0A000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
BA978000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BA948000 - \SystemRoot\System32\DRIVERS\raspptp.sys
BAC58000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B7EF9000 - \SystemRoot\System32\DRIVERS\psched.sys
BA958000 - \SystemRoot\System32\DRIVERS\msgpc.sys
BAC60000 - \SystemRoot\System32\DRIVERS\ptilink.sys
BAC68000 - \SystemRoot\System32\DRIVERS\raspti.sys
B7EC8000 - \SystemRoot\System32\DRIVERS\rdpdr.sys
BA968000 - \SystemRoot\System32\DRIVERS\termdd.sys
BADE0000 - \SystemRoot\System32\DRIVERS\swenum.sys
B7E6F000 - \SystemRoot\System32\DRIVERS\update.sys
BA5A8000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
BA5A4000 - \SystemRoot\System32\DRIVERS\mouhid.sys
BAC70000 - \SystemRoot\system32\DRIVERS\wacommousefilter.sys
B825A000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
BA988000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BA9C8000 - \SystemRoot\System32\DRIVERS\usbhub.sys
BADE2000 - \SystemRoot\System32\DRIVERS\USBD.SYS
AF8A5000 - \SystemRoot\system32\drivers\RtkHDAud.sys
AF883000 - \SystemRoot\system32\drivers\portcls.sys
BA9D8000 - \SystemRoot\system32\drivers\drmk.sys
AF793000 - \SystemRoot\system32\DRIVERS\smserial.sys
BAC78000 - \SystemRoot\System32\Drivers\Modem.SYS
BAD70000 - \SystemRoot\system32\drivers\MODEMCSA.sys
BADEC000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
BAFD3000 - \SystemRoot\System32\Drivers\Null.SYS
BADEE000 - \SystemRoot\System32\Drivers\Beep.SYS
BAC98000 - \SystemRoot\System32\drivers\vga.sys
BADF0000 - \SystemRoot\System32\Drivers\mnmdd.SYS
BADF2000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BACA0000 - \SystemRoot\System32\Drivers\Msfs.SYS
BACA8000 - \SystemRoot\System32\Drivers\Npfs.SYS
BAD84000 - \SystemRoot\System32\DRIVERS\rasacd.sys
AF710000 - \SystemRoot\System32\DRIVERS\ipsec.sys
AF6B8000 - \SystemRoot\System32\DRIVERS\tcpip.sys
AF690000 - \SystemRoot\System32\DRIVERS\netbt.sys
AF66F000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BA9E8000 - \SystemRoot\System32\DRIVERS\wanarp.sys
AF64D000 - \SystemRoot\System32\drivers\afd.sys
BA9F8000 - \SystemRoot\System32\DRIVERS\netbios.sys
BACB0000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
AF622000 - \SystemRoot\System32\DRIVERS\rdbss.sys
AF5B3000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BAA18000 - \SystemRoot\System32\Drivers\Fips.SYS
BAA28000 - \SystemRoot\system32\DRIVERS\avipbb.sys
BADF4000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
AF483000 - \SystemRoot\System32\Drivers\StkCMini.sys
AE8B7000 - \SystemRoot\System32\Drivers\StkCPipe.sys
BAA78000 - \SystemRoot\System32\Drivers\Cdfs.SYS
AE7D7000 - \SystemRoot\System32\Drivers\dump_atapi.sys
BAE0C000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
BAD6C000 - \SystemRoot\System32\drivers\Dxapi.sys
BABC0000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
BAFFC000 - \SystemRoot\System32\drivers\dxgthk.sys
BABD8000 - \SystemRoot\system32\drivers\RTSTOR.SYS
BF9D5000 - \SystemRoot\System32\ati2dvag.dll
BFA19000 - \SystemRoot\System32\ati2cqag.dll
BFA6E000 - \SystemRoot\System32\atikvmag.dll
BFABA000 - \SystemRoot\System32\atiok3x2.dll
BFACA000 - \SystemRoot\System32\ati3duag.dll
BFD7D000 - \SystemRoot\System32\ativvaxx.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
AC3DF000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
AC072000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
ABF97000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
ABF82000 - \SystemRoot\system32\drivers\wdmaud.sys
AC467000 - \SystemRoot\system32\drivers\sysaudio.sys
ABCB0000 - \SystemRoot\System32\DRIVERS\srv.sys
AB80F000 - \SystemRoot\System32\Drivers\HTTP.sys
AB513000 - \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS
AB7D3000 - \??\C:\DOCUME~1\BEGNY\LOCALS~1\Temp\catchme.sys
BAEFC000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
AB3D4000 - \SystemRoot\system32\drivers\kmixer.sys

Total number of drivers = 131

Liste des programmes installes

Adobe Flash Player 9 ActiveX
Adobe Illustrator 10
Adobe Illustrator CS
Adobe Illustrator CS2
Adobe Illustrator CS2
Adobe Photoshop 7.0
Adobe Reader 8.1.0 - Français
Adobe SVG Viewer 3.0
Archiveur WinRAR
ATI Display Driver
ATK0100 ACPI UTILITY
Attansic L2 Fast Ethernet Driver
Audacity 1.2.6
Avira AntiVir PersonalEdition Classic
AviSynth 2.5
BitComet 0.93
Canon iP4200
Canon Setup Utility 2.0
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
CD-LabelPrint
CDBurnerXP
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows XP (KB935448)
Correctif Windows XP - KB873339
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB888302
Correctif Windows XP - KB890859
Correctif Windows XP - KB891781
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
IziSpot 4.8
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Lame ACM MP3 Codec
Lecteur Windows Media 11
LightScribe 1.4.142.1
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Internet Explorer Administration Kit 5
Microsoft National Language Support Downlevel APIs
Microsoft Office Small Business Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918118)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921503)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923689)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924667)
Mise à jour de sécurité pour Windows XP (KB925902)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour de sécurité pour Windows XP (KB926436)
Mise à jour de sécurité pour Windows XP (KB927779)
Mise à jour de sécurité pour Windows XP (KB927802)
Mise à jour de sécurité pour Windows XP (KB928255)
Mise à jour de sécurité pour Windows XP (KB928843)
Mise à jour de sécurité pour Windows XP (KB929123)
Mise à jour de sécurité pour Windows XP (KB930178)
Mise à jour de sécurité pour Windows XP (KB931261)
Mise à jour de sécurité pour Windows XP (KB931784)
Mise à jour de sécurité pour Windows XP (KB932168)
Mise à jour de sécurité pour Windows XP (KB933729)
Mise à jour de sécurité pour Windows XP (KB935839)
Mise à jour de sécurité pour Windows XP (KB935840)
Mise à jour de sécurité pour Windows XP (KB936021)
Mise à jour de sécurité pour Windows XP (KB938829)
Mise à jour de sécurité pour Windows XP (KB941202)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB908531)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mise à jour pour Windows XP (KB927891)
Mise à jour pour Windows XP (KB930916)
Mise à jour pour Windows XP (KB933360)
Mise à jour pour Windows XP (KB936357)
Mise à jour pour Windows XP (KB938828)
Motorola SM56 Speakerphone Modem
Mozilla Firefox (2.0.0.8)
Navilog1 3.3.4
Nero 7 Essentials
QuickTime
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Ri4m v5.0.1d
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Tablette
Time Adjuster v2.9 (STANDARD)
USB2.0 1.3M WebCam
VideoLAN VLC media player 0.8.5
WebFldrs XP
Winamp
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 2

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 787E-345B

Répertoire de C:\Program Files

03/11/2007 15:18 <REP> .
03/11/2007 15:18 <REP> ..
20/09/2007 22:07 <REP> 1&1
21/09/2007 10:25 <REP> Adobe
24/09/2007 02:36 <REP> Adssite Advanced Toolbar
20/09/2007 22:17 <REP> Ahead
20/09/2007 22:17 <REP> Alwil Software
20/09/2007 22:17 <REP> Apple Software Update
25/09/2007 11:38 <REP> Audacity
03/11/2007 13:06 <REP> Avira
12/10/2007 23:36 <REP> AviSynth 2.5
04/10/2007 12:36 <REP> Azureus
04/10/2007 13:49 <REP> BitComet
20/09/2007 22:18 <REP> BSplayer_WhenUSave_Installer
04/10/2007 14:55 <REP> Canon
28/09/2007 18:55 <REP> CDBurnerXP
20/09/2007 22:18 <REP> CoffeeCup Software
20/09/2007 22:18 <REP> Common~1
20/09/2007 20:20 <REP> ComPlus Applications
20/09/2007 22:18 <REP> Creative
20/09/2007 22:18 <REP> CyberLink
22/09/2007 11:17 <REP> Eltima Software
20/09/2007 22:20 <REP> eMule
20/09/2007 22:21 <REP> EPSON
20/09/2007 22:21 <REP> eRightSoft
20/09/2007 22:21 <REP> Error Safe Free
20/09/2007 22:21 <REP> FairUse Wizard
03/11/2007 15:02 <REP> Fichiers communs
23/09/2007 20:41 <REP> Google
31/10/2007 18:44 <REP> Grisoft
24/09/2007 03:26 <REP> IEAK
20/09/2007 17:24 <REP> Infogrames
12/02/2005 14:29 812 INSTALL.LOG
20/09/2007 17:24 <REP> InterActual
11/10/2007 00:00 <REP> Internet Explorer
20/09/2007 17:24 <REP> InterVideo
20/09/2007 17:25 <REP> Jasc Software Inc
24/10/2007 14:12 <REP> Java
20/09/2007 17:25 <REP> key
20/09/2007 17:25 <REP> Lauyan
21/09/2007 22:11 <REP> Macromedia
20/09/2007 17:26 <REP> Maïdo Production
24/09/2007 02:29 <REP> Messenger
20/09/2007 20:23 <REP> microsoft frontpage
20/09/2007 17:27 <REP> Microsoft Games
04/10/2007 14:05 <REP> Microsoft Office
24/09/2007 03:36 <REP> Microsoft SQL Server
04/10/2007 14:02 <REP> Microsoft.NET
20/09/2007 21:12 <REP> Motorola
20/09/2007 20:59 <REP> Movie Maker
03/11/2007 14:17 <REP> Mozilla Firefox
20/09/2007 17:27 <REP> MSI
20/09/2007 20:20 <REP> MSN Gaming Zone
20/09/2007 19:37 <REP> MSN Messenger
20/09/2007 17:28 <REP> MSXML 4.0
20/09/2007 17:28 <REP> Multimedia Mouse Driver
20/09/2007 17:28 <REP> MyXOFT
02/11/2007 18:57 <REP> Navilog1
20/09/2007 21:18 <REP> Nero
20/09/2007 22:03 <REP> NETGEAR
20/09/2007 22:56 <REP> NetMeeting
24/09/2007 03:26 <REP> ORKTools
24/09/2007 02:27 <REP> Outlook Express
03/11/2007 12:23 <REP> Panda Security
20/09/2007 22:03 <REP> plugins
20/09/2007 19:03 <REP> QuickTime
20/09/2007 22:03 <REP> QuickTime Alternative
20/09/2007 22:03 <REP> RADVideo
20/09/2007 21:09 <REP> Realtek
12/10/2007 23:42 <REP> Ripp-it_AM
20/09/2007 20:20 <REP> Services en ligne
20/09/2007 22:03 <REP> Skype
20/09/2007 22:03 <REP> Sony Ericsson
03/11/2007 12:25 <REP> Spybot - Search & Destroy
20/09/2007 22:04 <REP> StarV9
20/09/2007 22:04 <REP> STK014
20/09/2007 22:04 <REP> Symantec
02/11/2007 19:09 <REP> Tablet
20/09/2007 22:04 <REP> Thugs at Bay
31/10/2007 16:02 <REP> TimeAdjuster
01/11/2007 18:17 <REP> Trend Micro
20/09/2007 22:04 <REP> Ubisoft
20/09/2007 22:04 <REP> Uniblue
20/09/2007 22:04 <REP> URUSoft
20/09/2007 22:04 <REP> VideoLAN
05/11/2006 13:25 859 136 VirtualDub.exe
27/05/2007 22:05 144 VirtualDub.jobs
05/11/2006 13:25 186 624 VirtualDub.vdi
20/09/2007 22:04 <REP> Visicom Media
20/09/2007 22:04 <REP> VISoftware
19/05/2006 14:45 8 282 187 vlc-0.8.5-win32.exe
20/09/2007 22:04 <REP> VOB
20/09/2007 22:04 <REP> VSO
20/09/2007 22:04 <REP> Webteh
17/10/2007 17:39 <REP> Winamp
20/09/2007 22:05 <REP> WinASPI
20/09/2007 22:06 <REP> Windows Live
20/09/2007 22:06 <REP> Windows Media Connect 2
02/10/2007 19:25 <REP> Windows Media Player
20/09/2007 22:56 <REP> Windows NT
13/10/2007 23:32 <REP> WinRAR
20/09/2007 20:23 <REP> xerox
20/09/2007 22:06 <REP> XviD codec (Neodivx Version)
5 fichier(s) 9 328 903 octets
98 Rép(s) 64 918 704 128 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 787E-345B

Répertoire de C:\Program Files\fichiers communs

03/11/2007 15:02 <REP> .
03/11/2007 15:02 <REP> ..
01/10/2007 10:32 <REP> Adobe
21/09/2007 02:13 <REP> Adobe Systems Shared
20/09/2007 21:21 <REP> Ahead
04/10/2007 14:05 <REP> DESIGNER
10/02/2006 10:16 278 528 FDEUnInstaller.exe
21/09/2007 22:10 <REP> InstallShield
20/09/2007 19:21 <REP> Java
20/09/2007 21:21 <REP> LightScribe
21/09/2007 22:12 <REP> Macromedia
04/10/2007 14:05 <REP> Microsoft Shared
20/09/2007 20:21 <REP> MSSoap
20/09/2007 21:16 <REP> ODBC
20/09/2007 20:21 <REP> Services
03/11/2007 15:03 <REP> Softwin
20/09/2007 21:16 <REP> SpeechEngines
04/10/2007 14:04 <REP> System
20/09/2007 22:21 <REP> Teleca Shared
20/09/2007 22:21 <REP> Wise Installation Wizard
1 fichier(s) 278 528 octets
19 Rép(s) 64 918 700 032 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 787E-345B

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

04/10/2007 14:05 <REP> .
04/10/2007 14:05 <REP> ..
04/10/2007 14:04 <REP> 1033
04/10/2007 14:04 <REP> 1036
11/07/2003 09:15 1 292 872 MSONSEXT.DLL
15/07/2003 05:52 35 896 MSOSV.DLL
03/06/1999 13:09 122 937 MSOWS409.DLL
07/03/2001 08:00 127 033 MSOWS40c.DLL
11/07/2003 01:25 80 448 PKMWS.DLL
5 fichier(s) 1 659 186 octets
4 Rép(s) 64 918 700 032 octets libres

c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\Cnmvsa.exe
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\helpkicker.exe
c:\Documents and Settings\BEGNY\iexplorer.exe
c:\Documents and Settings\BEGNY\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
c:\Documents and Settings\BEGNY\Application Data\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe
c:\Documents and Settings\BEGNY\Bureau\HijackThis.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\BEGNY\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\BEGNY\Bureau\PACK OFFICE\SETUP.EXE
c:\Documents and Settings\BEGNY\Bureau\PACK OFFICE\FILES\OWC10\SETUP.EXE
c:\Documents and Settings\BEGNY\Bureau\PACK OFFICE\FILES\OWC11\SETUP.EXE
c:\Documents and Settings\BEGNY\Bureau\PACK OFFICE\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE
c:\Documents and Settings\BEGNY\Bureau\PACK OFFICE\FILES\PFILES\COMMON\MSSHARED\DW\DWTRIG20.EXE
c:\Documents and Settings\BEGNY\Bureau\PACK OFFICE\FILES\PFILES\MSOFFICE\OFFICE11\OFFCLN.EXE
c:\Documents and Settings\BEGNY\Bureau\PACK OFFICE\FILES\SETUP\OSE.EXE
c:\Documents and Settings\BEGNY\Bureau\rip\setup.exe
c:\Documents and Settings\BEGNY\Local Settings\Application Data\CDBurnerXP_Soft\cdbxpp.exe_Url_nfryvllqiqb1hla4nzefaejvhwflc2o0
c:\Documents and Settings\BEGNY\Mes documents\Mes documents\dossier melanie\Bt848RegTool.exe
c:\Documents and Settings\BEGNY\Mes documents\Mes documents\dossier melanie\MoreTV32French2.exe
c:\Documents and Settings\BEGNY\Mes documents\Mes documents\dossier melanie\Perfect Audio.exe
c:\Documents and Settings\BEGNY\Mes documents\Mes documents\dossier melanie\Wilma.exe
c:\Documents and Settings\BEGNY\Mes documents\Mes documents\dossier melanie\MeuhMeuhTV\MeuhMeuhTV.exe
c:\Documents and Settings\BEGNY\Mes documents\Mes documents\dossier melanie\MeuhMeuhTV\Recorder.exe
c:\Documents and Settings\BEGNY\Shared\Adobe Illustrator CS + serial\Adobe Illustrator CS\setup.exe
c:\Documents and Settings\BEGNY\Shared\Adobe Illustrator CS2 + ssg keygen\_keygen\keygen.exe
c:\Documents and Settings\BEGNY\Shared\Macromedia Studio 8 - Flash - Dreamweaver - Fireworks - Full Working - Tested with serial\Dreamweaver8-en.exe
c:\Documents and Settings\BEGNY\Shared\Macromedia Studio 8 - Flash - Dreamweaver - Fireworks - Full Working - Tested with serial\Fireworks8-en.exe
c:\Documents and Settings\BEGNY\Shared\Macromedia Studio 8 - Flash - Dreamweaver - Fireworks - Full Working - Tested with serial\Flash8-en.exe
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0404\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0404\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0404\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0405\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0405\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0405\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0406\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0406\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0406\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0407\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0407\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0407\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0408\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0408\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0408\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0409\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0409\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0409\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040b\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040b\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040b\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040c\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040c\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040c\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040e\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040e\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\040e\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0410\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0410\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0410\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0411\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0411\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0411\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0412\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0412\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0412\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0413\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0413\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0413\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0414\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0414\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0414\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0415\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0415\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0415\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0419\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0419\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0419\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041D\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041D\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041D\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041E\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041E\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041E\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041F\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041F\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\041F\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0804\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0804\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0804\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0816\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0816\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0816\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0c0a\CNMlr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0c0a\CNMsr78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200\LanguageModules\0c0a\CNMur78.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNM_0260.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMBR260.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMDRV.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMDUMP5.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMFUS.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMINST.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLMON2.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRGR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRHU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRIT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRJ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRKR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRNL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRNO.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRPL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRPT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRRU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRSE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRTH.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRTR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMLRTW.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMOP78.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMP_260.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMPCOMM.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMPD.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMPP.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMPV.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMQUEUE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSMSD.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRGR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRHU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRIT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRJ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRKR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRNL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRNO.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRPL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRPT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRRU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRSE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRTH.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRTR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSRTW.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMSTMN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMUI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMUR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURGR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURHU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURIT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURJ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURKR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURNL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURNO.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURPL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURPT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURRU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURSE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURTH.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURTR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMURTW.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMVS.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Driver2\CNMW3.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmi040c.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnminst2.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis4.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis5.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\devid.dll
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll
c:\Documents and Settings\BEGNY\Local Settings\Application Data\Macromedia\Flash 8\en\Configuration\External Libraries\FLfile.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_BEGNY-GA1A4CHG2.tar.gz a l'adresse http://upload.malekal.com
0
Réponse 23 / 42
dede4240 Messages postés 243 Statut Membre 26
 
[CODE]

2007-11-03,17:01:40

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan

Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<msnmsgr><"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background> [(Verified)Microsoft Corporation]
<BitComet><"C:\Program Files\BitComet\BitComet.exe" /tray> [(Verified)Comet Network Technology Co Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<HControl><C:\WINDOWS\ATK0100\HControl.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<RTHDCPL><RTHDCPL.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SkyTel><SkyTel.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SMSERIAL><C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NeroFilterCheck><C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe> [(Verified)Nero AG]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<Easy-PrintToolBox><C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon> [CANON INC.]
<avgnt><"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min> [Avira GmbH]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<BitComet><; "C:\Program Files\BitComet\BitComet.exe" /tray> [(Verified)Comet Network Technology Co Ltd.]
<MsnMsgr><; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Skype><; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies SA]

==================================
Startup Folders
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk --> C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
Services
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[AntiVir PersonalEdition Classic Scheduler / AntiVirScheduler][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"><Avira GmbH>
[AntiVir PersonalEdition Classic Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"><Avira GmbH>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\System32\Ati2evxx.exe><ATI Technologies Inc.>
[Google Updater Service / gusvc][Running/Auto Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
<"C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[NBService / NBService][Stopped/Manual Start]
<C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe"><Nero AG>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<C:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[Syntek AVStream USB2.0 WebCam Service / StkSSrv][Running/Auto Start]
<C:\WINDOWS\System32\StkCSrv.exe><Syntek America Inc.>
[TabletService / TabletService][Running/Auto Start]
<C:\WINDOWS\system32\Tablet.exe><Wacom Technology, Corp.>

==================================
Drivers
[Atheros Wireless Network Adapter Service / AR5211][Running/Manual Start]
<System32\DRIVERS\ar5211.sys><Atheros Communications, Inc.>
[ASNDIS5 Protocol Driver / ASNDIS5][Running/Manual Start]
<\??\C:\WINDOWS\ATK0100\ASNDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter / AtcL002][Stopped/Manual Start]
<System32\DRIVERS\atl02_xp.sys><Attansic Technology corporation.>
[ati2mtag / ati2mtag][Running/Manual Start]
<System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><AVIRA GmbH>
[BDFsDrv / BDFsDrv][Stopped/Manual Start]
<\??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys><N/A>
[BDRsDrv / BDRsDrv][Stopped/Manual Start]
<\??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys><N/A>
[catchme / catchme][Running/Manual Start]
<\??\C:\DOCUME~1\BEGNY\LOCALS~1\Temp\catchme.sys><N/A>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
<System32\DRIVERS\ATKACPI.sys><>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[USB Mass Stroage Device / RTSTOR][Running/Manual Start]
<system32\drivers\RTSTOR.SYS><Realtek Semiconductor Corp.>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[smserial / smserial][Running/Manual Start]
<system32\DRIVERS\smserial.sys><Motorola Inc.>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[Syntek AVStream USB2.0 1.3M WebCam / StkCMini][Running/Manual Start]
<System32\Drivers\StkCMini.sys><Syntek>
[Wacom Mouse Filter Driver / wacommousefilter][Running/Manual Start]
<system32\DRIVERS\wacommousefilter.sys><Wacom Technology>
[Wacom Virtual Hid Driver / wacomvhid][Running/Manual Start]
<system32\DRIVERS\wacomvhid.sys><Wacom Technology>
[Virtual Keyboard Driver / WacomVKHid][Running/Manual Start]
<system32\DRIVERS\WacomVKHid.sys><Wacom Technology>
[Codec Teletext standard / WSTCODEC][Stopped/Manual Start]
<System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
Browser Add-ons
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll, BitComet>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[Java Plug-in 1.6.0_03]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[BitComet Button]
{461CC20B-FB6E-4f16-8FE8-C29359DB100E} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll, BitComet>
[&Rechercher]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[Java Plug-in 1.6.0_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_02]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[Aide pour le lien d'Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[]
{28AEAED5-E434-468F-85BD-3D1A1BCCF761} <C:\WINDOWS\system32\xvfjpwqx.dll, N/A>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XSL Template]
{2933BF94-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll, BitComet>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[Microsoft Office Control]
{4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~3\OFFICE11\AUTHZAX.DLL, Microsoft Corporation>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[]
{4F07F79F-087F-42CF-8B36-7A88D06088E9} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[isInstalled Class]
{5852F5ED-8BF4-11D4-A245-0080C6F74284} <C:\Program Files\Java\jre1.6.0_03\bin\wsdetect.dll, Sun Microsystems, Inc.>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Java Plug-in 1.6.0_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, Microsoft Corporation>
[Java Plug-in 1.6.0_02]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_02]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_02]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll, Sun Microsystems, Inc.>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, Apple Computer, Inc.>
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[]
{F06608C7-1874-4EEA-B3B2-DF99EBB144B8} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 3.0]
{F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML Schema Cache 3.0]
{F5078F34-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XSL Template 3.0]
{F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML Data Source Object 3.0]
{F5078F39-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Free Threaded XML DOM Document]
{F6D90F12-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML Data Source Object]
{F6D90F14-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[&D&ownload &with BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[&D&ownload all video with BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[&D&ownload all with BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 516 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 568 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4158]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 644 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 660 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812 / SYSTEM][C:\WINDOWS\System32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4158]
[C:\WINDOWS\System32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2510]
[C:\WINDOWS\System32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2515]
[PID: 828 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 892 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1000 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 1220 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4158]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2510]
[C:\WINDOWS\system32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2515]
[C:\WINDOWS\system32\ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4158]
[PID: 1400 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\CNMLM78.DLL] [CANON INC., 1.90.2.61]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD78.DLL] [CANON INC., 1.90.2.61]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[PID: 1524 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe] [Avira GmbH, 7.00.00.82]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.dll] [Avira GmbH, 7.00.00.01]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardmsg.dll] [Avira GmbH, 7.00.11.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL] [Avira GmbH, 7.00.02.02]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL] [Avira GmbH, 1.02.00.17]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPACK32.DLL] [Avira GmbH, 7.03.00.15]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\unacev2.dll] [N/A, ]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVEWIN32.DLL] [Avira GmbH, 7.6.0.30]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[PID: 1664 / BEGNY][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll] [Nero AG, 2, 7, 3, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll] [Avira GmbH, 7.00.00.10]
[C:\WINDOWS\System32\StkCWIA.dll] [Syntek America Inc., 1.0.0.2]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[PID: 404 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe] [Avira GmbH, 7.00.00.62]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\schedr.dll] [Avira GmbH, 7.00.24.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[PID: 436 / SYSTEM][C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe] [Google, 2.2.824.5515.beta]
[PID: 356 / SYSTEM][C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe] [Hewlett-Packard Company, 1.4.142.1]
[C:\Program Files\Fichiers communs\LightScribe\LSSProxy.dll] [Hewlett-Packard Company, 1.4.142.1]
[C:\Program Files\Fichiers communs\LightScribe\LSLog.dll] [Hewlett-Packard Company, 1.4.142.1]
[PID: 772 / SYSTEM][C:\Program Files\CDBurnerXP\NMSAccessU.exe] [N/A, ]
[PID: 1080 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1152 / SYSTEM][C:\WINDOWS\System32\StkCSrv.exe] [Syntek America Inc., 1.0.0.2]
[PID: 1164 / SYSTEM][C:\WINDOWS\system32\Tablet.exe] [Wacom Technology, Corp., 6.0.4-4]
[PID: 1516 / BEGNY][C:\WINDOWS\system32\WTablet\TabUserW.exe] [Wacom Technology, Corp., 6.0.4-4]
[PID: 164 / SYSTEM][C:\WINDOWS\system32\Tablet.exe] [Wacom Technology, Corp., 6.0.4-4]
[PID: 1568 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2856 / BEGNY][C:\WINDOWS\ATK0100\HControl.exe] [, 1043, 2, 15, 65]
[C:\WINDOWS\ATK0100\CMSSC.dll] [N/A, ]
[C:\WINDOWS\ATK0100\inter_f2.dll] [ATK, 1043, 2, 15, 52]
[C:\WINDOWS\ATK0100\ATKWLIOC.DLL] [ACTIONTEC Electronics,Inc, 2.01.02]
[C:\WINDOWS\ATK0100\SiSPkt.dll] [Silicon Integrated Systems Corp., 1, 0, 0, 45]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\ATK0100\ASUSNET.dll] [, 1, 9, 9, 2]
[C:\WINDOWS\ATK0100\ASW32N50.dll] [Printing Communications Assoc., Inc. (PCAUSA), 5.00.13.50]
[PID: 2888 / BEGNY][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.1.5.7]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2964 / BEGNY][C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe] [Motorola Inc., 6.12.04]
[C:\Program Files\Motorola\SMSERIAL\sm56eng.dll] [Motorola Inc., 6.12.04]
[C:\Program Files\Motorola\SMSERIAL\sm56fra.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56brz.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56chs.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56cht.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56ger.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56ita.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56esp.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56kor.dll] [, ]
[C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll] [, ]
[PID: 2992 / BEGNY][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 3036 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3084 / BEGNY][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe] [Avira GmbH, 7.02.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclib.dll] [Avira GmbH, 7.02.00.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[c:\program files\avira\antivir personaledition classic\ccgen.dll] [Avira GmbH, 7.02.00.10]
[c:\program files\avira\antivir personaledition classic\ccgenrc.dll] [Avira GmbH, 7.02.04.02]
[c:\program files\avira\antivir personaledition classic\ccguard.dll] [Avira GmbH, 7.00.01.35]
[c:\program files\avira\antivir personaledition classic\ccgrdrc.dll] [Avira GmbH, 7.00.06.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[c:\program files\avira\antivir personaledition classic\ccupdate.dll] [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition classic\ccupdrc.dll] [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition classic\cclic.dll] [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition classic\cclicrc.dll] [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition classic\ccmsg.dll] [Avira GmbH, 7.00.00.00]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 3100 / BEGNY][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
[C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\gtn.dll] [Google Inc., 2, 1, 615, 5858]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll] [Google Inc., 2, 1, 615, 5858]
[PID: 3128 / BEGNY][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3156 / BEGNY][C:\Program Files\Windows Live\Messenger\msnmsgr.exe] [Microsoft Corporation, 8.5.1235.0517]
[C:\Program Files\Windows Live\Messenger\MSNCore.dll] [Microsoft Corporation, 8.5.1235.0517]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[C:\Program Files\Windows Live\Messenger\ContactsUX.dll] [Microsoft Corporation, 8.5.1235.0517]
[C:\Program Files\Windows Live\Messenger\msgslang.8.5.1235.0517.dll] [Microsoft Corporation, 8.5.1235.0517]
[C:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1235.0517]
[C:\Program Files\Windows Live\Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\Windows Live\Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\Windows Live\Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Windows Live\Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.5.1235.0517]
[C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00]
[C:\WINDOWS\system32\StkCProp.ax] [Syntek America Inc., 1.0.0.2]
[PID: 3200 / BEGNY][C:\Program Files\BitComet\BitComet.exe] [www.BitComet.com, 0.93]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3404 / BEGNY][C:\WINDOWS\ATK0100\ATKOSD.exe] [, 1043, 2, 15, 63]
[PID: 2580 / BEGNY][C:\Program Files\internet explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\IEFRAME.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\IEUI.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\xmllite.dll] [Microsoft Corporation, 1.00.1018.0]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[c:\program files\google\googletoolbar1.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll] [BitComet, 20070830]
[C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll] [Sun Microsystems, Inc., 6.0.30.5]
[C:\Program Files\Java\jre1.6.0_03\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll] [Google Inc., 2, 1, 615, 5858]
[C:\WINDOWS\system32\ieapfltr.dll] [Microsoft Corporation, 7.0.6000.16461]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[PID: 7224 / BEGNY][C:\Documents and Settings\BEGNY\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\Documents and Settings\BEGNY\Bureau\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1524, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3084, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGNT.EXE]

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================

[/CODE]
0
Réponse 24 / 42
dede4240 Messages postés 243 Statut Membre 26
 
le dernier hijackthis... pas trop ras le bol j'espère ;-) mille merci en tout cas ...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:56, on 03/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\BEGNY\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] ; "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] ; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitComet] ; "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Skype] ; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8B7581F-45BC-462C-8D2B-15CB7C159F03}: NameServer = 213.36.80.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
Re,

Ca me semble pas mal. Comment le pc se porte-t-il ?

Fais ensuite ceci :

1/ * Télécharge OTMoveIt (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :

C:\WINDOWS\System32\bvxshpsx.ini
C:\WINDOWS\System32\jlxhesna.ini

* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

2/ Télécharge Ccleaner Basic https://www.ccleaner.com/ccleaner/download

Ouvre Ccleaner, clique sur "lancer le nettoyage".

3/ Télécharge AVGantispyware : https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.

Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

4/ * Fais un scan en ligne en cliquant ici : https://www.bitdefender.com/toolbox/
* Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
* Réalise un scan complet du système.
* Sauvegarde le rapport en mode texte à l'issue du scan.

5/ Edite ces rapports : AVGantispyware, Bit defender et un nouveau rapport Hijackthis.

FillPCA
0
Réponse 26 / 42
dede4240 Messages postés 243 Statut Membre 26
 
merde j'ai ait une erreur ... j'ai appuye sur clean up apres avoir collé les dossier:
C:\WINDOWS\System32\bvxshpsx.ini
C:\WINDOWS\System32\jlxhesna.ini
dsl :(
0
Réponse 27 / 42
dede4240 Messages postés 243 Statut Membre 26
 
C:\WINDOWS\System32\bvxshpsx.ini moved successfully.
C:\WINDOWS\System32\jlxhesna.ini moved successfully.
File/Folder not found.

Created on 11/03/2007 17:23:55
0
Réponse 28 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
OK. Comment le pc se porte ?

FillPCA
0
Réponse 29 / 42
dede4240 Messages postés 243 Statut Membre 26
 
bcp mieux j'ai l'impression... je n'ai pas compris un foutu mot de ce que vous avez pu faire mais je pense que ca lui afait plus que du bien .... ;) si ca peut m'eviter de perdre toute mes donnees ca serait fantastique...avec mon boulot, j'utilise enormement de dossier flash ...
0
Réponse 30 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
Re,

Ne t'inquiète pas, on va sauver ton pc. Peux-tu passer à la suite (Ccleaner + AVGantispyware +bit defender) ?

FillPCA
0
Réponse 31 / 42
dede4240 Messages postés 243 Statut Membre 26
 
c'est en cours mais c'est assez long pour ccleaner ( pas de soucis je patiente )
juste une question technique en attendant...
- dans la panique j'ai écouté les conseils du vendeur rue montgallet ce matin et j'ai sauvegardé par copier coller tous mes fichiers important sur mon disque dur externe... le pbm maintenant c'est que si je rebranche ce disque dur externe sur mon ordi ( juste pour supprimer ces fichiers sauvegardés qui du coup ne me servent plus a rien) il y a un risque que les virus reviennent en courant le temps de la supppression non?
- pour le moment j'ai antivir ( que je viens d'installer avant j'avais avast) et le pare feu windows... est ce que ca vous semble convenable comme config pour parer aux eventuels prochaines attaques de virus ou me conseillez vous d'installer autre chose??
mille merci...
0
Réponse 32 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
Re,

Les dernières étapes seront assez longues (notamment AVGantispyware et surtout le scan en ligne bit defender qui peut durer plusieurs heures, selon la taille du disque dur).

Je pense qu'il serait intéressant que tu réalises les scan d'AVGantispyware et de bit defender avec le disque dur externe branché.

On ne fait jamais de sauvegarde en cas d'infection. Il faut les faire avant...

Pour les conseils, je t'en donnerai quand tout sera propre. Le firewall de XP est minimaliste.

FillPCA
0
Réponse 33 / 42
dede4240 Messages postés 243 Statut Membre 26
 
j'ai plein de message d'antivir qui apparaissent tou a coup : cest du au scan d'avg a votre avis ???
0
Réponse 34 / 42
dede4240 Messages postés 243 Statut Membre 26
 
je coupe l'ntivurus les temps des scan ??? merci bcp
0
Réponse 35 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
Re,
Inutile. Normalement, bit defender et Antivir sont compatibles.

Je reviens plus tard.

FillPCA
0
Réponse 36 / 42
dede4240 Messages postés 243 Statut Membre 26
 
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:33:34 03/11/2007

+ Résultat de l'analyse:

C:\Documents and Settings\BEGNY\Cookies\begny@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.

Fin du rapport
0
Réponse 37 / 42
dede4240 Messages postés 243 Statut Membre 26
 
et voila le rapport bitdefender... merci et bonne soiree ;)

BitDefender Online Scanner

Scan report generated at: Sat, Nov 03, 2007 - 22:00:47

Scan path: C:\;D:\;E:\;F:\;

Statistics

Time

00:53:24

Files

304202

Folders

6467

Boot Sectors

2

Archives

2296

Packed Files

15899

Results

Identified Viruses

1

Infected Files

4

Suspect Files

0

Warnings

0

Disinfected

0

Deleted Files

4

Engines Info

Virus Definitions

860168

Engine build

AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins

14

Archive plugins

38

Unpack plugins

7

E-mail plugins

6

System plugins

1

Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions

Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes

Scanned File

Status

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP61\A0014706.exe=>(NSIS o)=>zlib_nsis0003

Detected with: Adware.TTC.B

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP61\A0014706.exe=>(NSIS o)=>zlib_nsis0003

Disinfection failed

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP61\A0014706.exe=>(NSIS o)=>zlib_nsis0003

Deleted

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP61\A0014706.exe=>(NSIS o)

Update failed

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014870.exe=>(NSIS o)=>zlib_nsis0003

Detected with: Adware.TTC.B

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014870.exe=>(NSIS o)=>zlib_nsis0003

Disinfection failed

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014870.exe=>(NSIS o)=>zlib_nsis0003

Deleted

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP62\A0014870.exe=>(NSIS o)

Update failed

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP65\A0015553.exe=>(NSIS o)=>zlib_nsis0003

Detected with: Adware.TTC.B

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP65\A0015553.exe=>(NSIS o)=>zlib_nsis0003

Disinfection failed

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP65\A0015553.exe=>(NSIS o)=>zlib_nsis0003

Deleted

C:\System Volume Information\_restore{1A8E027C-D601-467A-ABBC-00C5EF01FCC8}\RP65\A0015553.exe=>(NSIS o)

Update failed

C:\upload_moi_BEGNY-GA1A4CHG2.tar.gz=>upload_moi.tar=>qoobox/Quarantine/C/WINDOWS/system32/e1/caws83122.exe.vir=>(NSIS o)=>zlib_nsis0003

Detected with: Adware.TTC.B

C:\upload_moi_BEGNY-GA1A4CHG2.tar.gz=>upload_moi.tar=>qoobox/Quarantine/C/WINDOWS/system32/e1/caws83122.exe.vir=>(NSIS o)=>zlib_nsis0003

Disinfection failed

C:\upload_moi_BEGNY-GA1A4CHG2.tar.gz=>upload_moi.tar=>qoobox/Quarantine/C/WINDOWS/system32/e1/caws83122.exe.vir=>(NSIS o)=>zlib_nsis0003

Deleted

C:\upload_moi_BEGNY-GA1A4CHG2.tar.gz=>upload_moi.tar=>qoobox/Quarantine/C/WINDOWS/system32/e1/caws83122.exe.vir=>(NSIS o)

Update failed
0
Réponse 38 / 42
dede4240 Messages postés 243 Statut Membre 26
 
j oubliais le hijack this...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:11:02, on 03/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\BEGNY\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] ; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Skype] ; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8B7581F-45BC-462C-8D2B-15CB7C159F03}: NameServer = 213.36.80.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
0
Réponse 39 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
Re,

1/ Supprime ceci : C:\upload_moi_BEGNY-GA1A4CHG2.tar.gz
Puis vide ta corbeille.

2/ Tu dois désactiver puis réactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », coche la case « désactiver la restauration système ». Clique sur appliquer.
Décoche cette case, clique sur appliquer>OK et redémarre le PC.

As-tu toujours des soucis ? Sinon, je te donne les derniers conseils.

FillPCA
0
Réponse 40 / 42
FillPCA Messages postés 2264 Statut Contributeur sécurité 123
 
Re,

Si tu n'as plus de problème, je te conseille d'installer au minimum un firewall. Je te conseille Comodo, mais il y en a d'autres qui sont aussi très bien.

Tu trouveras des liens intéressants ici : http://perso.orange.fr/Le-site-de-Fill/S%E9curit%E9/Logiciels%20de%20protection.html

N'oublie pas d'indiquer ton sujet comme "résolu" si tu n'as plus de problème, et avec les 60 € économisés, tu t'achèteras quelques bonnes bouteilles !

Boone nuit !

FillPCA
0

Discussions similaires

Cheval de troie comment le supprimer?
sonia -
^^Marie^^ -

28 réponses
expressions francaises
bifaka -
lanonyme -

4 réponses
virus: comment supprimer ccxprocess (virus cheval de troie)
grrlesang -
bazfile -

1 réponse
cheval dans oblivion
sernaldo53 -
sernaldo53 -

12 réponses
comment se debarasser d un cheval de troie
jennyfer1 -
MrMaDGaME -

66 réponses