Win32.trojandownloader.zlob?

Bonjour,
mon PC est manifestement infecté, peut-être par win32.trojandownloader.zlob ou downloader.Conhook.hl?

j'ai utilisé différentes procédures trouvées sur ke forum, dont SmartFraudFix, mais rien n'y fait... il reste bombardé d'alertes de sécurité me proposant divers téléchargements...

voici les rapports:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:36:42 20/11/2007

+ Résultat de l'analyse:

C:\Documents and Settings\Anthony_2\Cookies\anthony_2@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
C:\Documents and Settings\Anthony_2\Cookies\anthony_2@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.

Fin du rapport

BitDefender Online Scanner -Scan ReportBitDefender Online Scanner
Scan report generated at: Wed, Nov 21, 2007 - 00:40:09

Scan path: A:\;C:\;D:\;E:\;F:\;

Statistics
Time03:16:30
Files425557
Folders9607
Boot Sectors4
Archives15529
Packed Files16687

Results
Identified Viruses 11
Infected Files 22
Suspect Files 0
Warnings0
Disinfected0
Deleted Files27

Engines Info
Virus Definitions878637
Engine buildAVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins14
Archive plugins38
Unpack plugins7
E-mail plugins6
System plugins1

Scan Settings
First ActionDisinfect
Second ActionDelete
HeuristicsYes
Enable WarningsYes
Scanned Extensions*;
Exclude Extensions
Scan EmailsYes
Scan ArchivesYes
Scan PackedYes
Scan FilesYes
Scan BootYes

Scanned File Status
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\0226082B.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\0226082B.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\0226082B.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\02293228.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\02293228.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\02293228.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\0C7061B9.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\0C7061B9.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\0C7061B9.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\11832A68.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\11832A68.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\11832A68.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\31F31313.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\31F31313.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\31F31313.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\5027228A.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\5027228A.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\5027228A.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\61376306.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\61376306.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\61376306.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\648D46C6.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\648D46C6.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\648D46C6.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\6CF84F31.class=>(Quarantine-2)Infected with:
Java.Trojan.Exploit.Bytverify2.Gen
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\6CF84F31.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\6CF84F31.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\741E1F9C.class=>(Quarantine-2)Infected with:
Trojan.Java.Classloader.C
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\741E1F9C.class=>(Quarantine-2)Disinfection
failed
C:\Documents and Settings\Administrateur\Bureau\anthony\Program
Files\Norton Internet Security\Norton
AntiVirus\Quarantine\741E1F9C.class=>(Quarantine-2)Deleted
C:\Documents and Settings\Anthony_2\Local
Settings\Temp\image28.zip=>image28-www.photobucket.comInfected with:
Trojan.Peed.Gen
C:\Documents and Settings\Anthony_2\Local
Settings\Temp\image28.zip=>image28-www.photobucket.comDisinfection
failed
C:\Documents and Settings\Anthony_2\Local
Settings\Temp\image28.zip=>image28-www.photobucket.comDeleted
C:\Documents and Settings\Anthony_2\Local
Settings\Temp\image28.zipUpdated
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\CPYRK1YZ\in30[1].exeInfected with:
Trojan.Peed.Gen
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\CPYRK1YZ\in30[1].exeDisinfection failed
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\CPYRK1YZ\in30[1].exeDeleted
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\CPYRK1YZ\pochki20071106[1]Infected with:
Trojan.Fotomoto.F
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\CPYRK1YZ\pochki20071106[1]Disinfection
failed
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\CPYRK1YZ\pochki20071106[1]Deleted
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\FSKKGZZM\ptch[1]Infected with:
Trojan.Vundo.DQO
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\FSKKGZZM\ptch[1]Disinfection failed
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\FSKKGZZM\ptch[1]Deleted
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\KDEVS5Q3\mosx1024[1]Infected with:
Trojan.Downloader.Conhook.BI
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\KDEVS5Q3\mosx1024[1]Deleted
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\KDEVS5Q3\poiu[1]Infected with:
Trojan.Clicker.MNB
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\KDEVS5Q3\poiu[1]Disinfection failed
C:\Documents and Settings\Anthony_2\Local Settings\Temporary
Internet Files\Content.IE5\KDEVS5Q3\poiu[1]Delete failed
C:\WINDOWS\Downloaded Program Files\Account.dllInfected with:
Trojan.Dloader.YH
C:\WINDOWS\Downloaded Program Files\Account.dllDisinfection failed
C:\WINDOWS\Downloaded Program Files\Account.dllDeleted
C:\WINDOWS\system32\awtspol.dllInfected with: Trojan.Inject.ET
C:\WINDOWS\system32\awtspol.dllDisinfection failed
C:\WINDOWS\system32\awtspol.dllDelete failed
C:\WINDOWS\system32\fviqhlgu.dllInfected with: Trojan.Vundo.DQO
C:\WINDOWS\system32\fviqhlgu.dllDisinfection failed
C:\WINDOWS\system32\fviqhlgu.dllDelete failed
C:\WINDOWS\system32\sksilwpl.exeInfected with: Trojan.Fotomoto.F
C:\WINDOWS\system32\sksilwpl.exeDisinfection failed
C:\WINDOWS\system32\sksilwpl.exeDeleted
C:\WINDOWS\system32\smtsvc.exeInfected with:
DeepScan:Generic.Malware.SIdld!.0F2DE431
C:\WINDOWS\system32\smtsvc.exeDisinfection failed
C:\WINDOWS\system32\smtsvc.exeDelete failed
C:\WINDOWS\system32\__c0091504.datInfected with:
Trojan.Downloader.Conhook.BI
C:\WINDOWS\system32\__c0091504.datDisinfection failed
C:\WINDOWS\system32\__c0091504.datDelete failed

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:44:57, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\USB Card RW\shwicon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\smtsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\SpamPal\spampal.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\fexutdyn.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [ShowIcon_KingByte_USB Card RW v1.14e045] "C:\Program Files\USB Card RW\shwicon.exe" -t"KingByte\USB Card RW v1.14e045"
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [OmniPage] C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB002" /M "Stylus D68"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB003" /M "Stylus CX3600"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [System Terminal Storage] smtsvc.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [e838bfc1] rundll32.exe "C:\WINDOWS\system32\irekbasa.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /M "Stylus D68" /EF "HKCU"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpamPal.lnk = C:\Program Files\SpamPal\spampal.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {B0A451A6-A5A6-11D4-A790-0010A4E6086F} (GettyFinder2 Control) - file://D:\activex\GettyFinder2.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C4D88B8E-352B-11D6-BF77-0080C740A177} (Setup Class) - http://europe.samsungportal.com/EP/web/common/cabfiles/ActiveXSetup.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/chuzzle/popcaploader_v6.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0091504.dat
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\snhnxfpv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe