Probleme pubs et spyware, besoin d'experts!

Résolu
nomad-cube -  
philae83 Messages postés 12854 Statut Contributeur sécurité -
Bonjour,

avant toute chose, je souhaite à tout les membres de commentcamarche.net de très joyeuses fêtes de fin d'année :)

Les miennes riment avec problèmes informatiques...

J'ai lu plusieurs topics et j'ai besoin de personnes compétentes pour me guider dans les choix à faire.

Voici mon premier rapport Navilog1:

Search Navipromo version 3.3.8 commencé le 28/12/2007 à 13:45:55,75

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 11.12.2007 à 18h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans C:\WINDOWS ***

*** Recherche dossiers dans C:\Program Files ***

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

*** Recherche dossiers dans "C:\Documents and Settings\Jérémy\application data" ***

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\Jérémy\local settings\application data" *

*** Recherche fichiers ***

C:\WINDOWS\Downloaded Program Files\nethv32.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :

* Dans "C:\Documents and Settings\Jérémy\local settings\application data" :

3)Recherche Certificats :

Certificat Egroup absent !

4)Recherche fichiers connus :

C:\WINDOWS\system32\hjkmp.ini2 trouvé ! infection Vundo possible non traitée par cet outil !

*** Analyse terminée le 28/12/2007 à 13:53:55,90 ***

Un grand merci à ceux qui m'aideront!
Configuration: Windows XP
Internet Explorer 7.0

37 réponses

  • 1
  • 2
Résumé de la discussion

Un signalement de contamination malware sur un PC Windows XP s’appuie sur les rapports Navilog1 et HijackThis pour identifier fichiers et éléments suspects et guider les analyses. Des conseils insistent sur l’importance de ne pas lancer la désinfection sans avis spécialisé et préconisent de recouper les résultats avec VirusTotal et des analyses SDFix pour préciser les actions. Les éléments des échanges signalent une possible infection Vundo et des traces d’exécution dans le démarrage, avec des services et processus actifs nécessitant une analyse plus approfondie. En parallèle, les échanges encouragent le dépôt de rapports complémentaires et la vérification des clés du registre pour confirmer l’étendue de l’infection et planifier une mise à jour ou une réinstallation éventuelle.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. nomad-cube
     
    Merci à toi!

    Voici le rapport demandé:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:03:22, on 28/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wintab32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\MSN Messenger\msvs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: {B5AB638F-D76C-415B-A8F2-F3CEAC502212} - - (no file)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [e0ce4ee4] rundll32.exe "C:\WINDOWS\system32\sbljpwwd.dll",b
    O4 - HKLM\..\Run: [0B55340967017A232855] Rundll32.exe "C:\WINDOWS\system32\cjlrhfcx.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
    O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.co.jp/_common/cab/NMStarterJP5.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/12c33e5d76c5c9047019/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BF546560-EA9C-4E73-A1DA-D65AF83FF641}: NameServer = 192.168.0.13
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\System32\wintab32.exe
    0
  2. Nomad-cube
     
    Encore un grand merci :D

    Voici les scans demandés.

    Celui de VundoFix:

    VundoFix V6.7.7

    Checking Java version...

    Java version is 1.5.0.11

    Scan started at 21:14:57 28/12/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\drgrmjbp.dll
    C:\WINDOWS\system32\gkgcidfj.dll
    C:\WINDOWS\system32\hjkmp.ini
    C:\WINDOWS\system32\hjkmp.ini2
    C:\WINDOWS\system32\jfdicgkg.ini
    C:\WINDOWS\system32\kddmseaj.dll
    C:\WINDOWS\system32\mnkgcodt.dll
    C:\WINDOWS\system32\pmkjh.dll
    C:\WINDOWS\system32\tdocgknm.ini
    C:\WINDOWS\system32\ugpwryxv.dll
    C:\WINDOWS\system32\wvuuvsp.dll
    C:\WINDOWS\system32\xjsgiyko.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\drgrmjbp.dll
    C:\WINDOWS\system32\drgrmjbp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\gkgcidfj.dll
    C:\WINDOWS\system32\gkgcidfj.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hjkmp.ini
    C:\WINDOWS\system32\hjkmp.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hjkmp.ini2
    C:\WINDOWS\system32\hjkmp.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jfdicgkg.ini
    C:\WINDOWS\system32\jfdicgkg.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\kddmseaj.dll
    C:\WINDOWS\system32\kddmseaj.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mnkgcodt.dll
    C:\WINDOWS\system32\mnkgcodt.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pmkjh.dll
    C:\WINDOWS\system32\pmkjh.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tdocgknm.ini
    C:\WINDOWS\system32\tdocgknm.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ugpwryxv.dll
    C:\WINDOWS\system32\ugpwryxv.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xjsgiyko.dll
    C:\WINDOWS\system32\xjsgiyko.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Ainsi qu'un nouveau d'Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:58:02, on 28/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wintab32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: SysApp - {4AE2A9A0-DC33-4C27-B521-5B6C68C1C53D} - C:\Program Files\ApplePie\ie-improver.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {79BEC705-D8A5-4E32-B9F3-F9D39043CE98} - C:\WINDOWS\system32\pmkjh.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: {350c3a0d-f1e9-8689-a524-5f1c12d4ec1c} - {c1ce4d21-c1f5-425a-9868-9e1fd0a3c053} - C:\WINDOWS\system32\drgrmjbp.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [e0ce4ee4] rundll32.exe "C:\WINDOWS\system32\gkgcidfj.dll",b
    O4 - HKLM\..\Run: [0B55340967017A232855] Rundll32.exe "C:\WINDOWS\system32\qygercjg.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
    O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.co.jp/_common/cab/NMStarterJP5.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/12c33e5d76c5c9047019/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BF546560-EA9C-4E73-A1DA-D65AF83FF641}: NameServer = 192.168.0.13
    O20 - Winlogon Notify: wvuuvsp - wvuuvsp.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\System32\wintab32.exe
    0
  3. Nomad-cube
     
    Pour ce qui est des pubs apparamment c'est réglé.

    Par contre j'ai toujours un drôle de problème: impossible de me connecter sur différents sites avec login et pass. ( Site sur lesquels je suis inscris hein ^^ )

    Merci d'avance!
    0
  4. Nomad-cube
     
    Hello, alors j'ai fais du mieux que j'ai pu. Voici les rapports.

    Celui de ComboFix:

    ComboFix 07-12-21.4 - Jérémy 2007-12-29 0:21:20.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.74 [GMT 1:00]
    Running from: C:\Documents and Settings\Jérémy\Bureau\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\screensavers.com
    C:\Program Files\screensavers.com\Installer\bin\siuninst.exe
    C:\Program Files\screensavers.com\Wallpaper\swpstart.exe
    C:\WINDOWS\bobsaver.exe
    C:\WINDOWS\bobsaver.scr
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\Fonts\acrsecI.fon

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-28 to 2007-12-28 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-28 21:14 . 2007-12-28 21:14 <REP> d-------- C:\VundoFix Backups
    2007-12-28 17:28 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\qygercjg.dll
    2007-12-28 17:28 . 2007-12-28 22:19 3,368 --a------ C:\WINDOWS\system32\qygercjg.xml
    2007-12-28 15:02 . 2007-12-28 15:02 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-28 13:36 . 2007-12-28 22:32 <REP> d-------- C:\Program Files\Navilog1
    2007-12-27 20:20 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\cjlrhfcx.dll
    2007-12-27 20:20 . 2007-12-28 14:52 3,368 --a------ C:\WINDOWS\system32\cjlrhfcx.xml
    2007-12-27 16:13 . 2007-12-28 16:14 963,332 ---hs---- C:\WINDOWS\system32\dwwpjlbs.ini
    2007-12-27 15:25 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\imeqlruu.dll
    2007-12-27 15:25 . 2007-12-27 16:01 2,428 --a------ C:\WINDOWS\system32\imeqlruu.xml
    2007-12-27 13:13 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\fpcvmguf.dll
    2007-12-27 13:13 . 2007-12-26 10:58 2,428 --a------ C:\WINDOWS\system32\fpcvmguf.xml
    2007-12-26 15:10 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\rlluzzdd.dll
    2007-12-26 15:10 . 2007-12-26 10:58 2,428 --a------ C:\WINDOWS\system32\rlluzzdd.xml
    2007-12-26 10:21 . 2007-12-27 15:43 1,011,036 ---hs---- C:\WINDOWS\system32\wrnxqhlv.ini
    2007-12-26 00:13 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\xowgktvd.dll
    2007-12-26 00:13 . 2007-12-26 10:58 2,428 --a------ C:\WINDOWS\system32\xowgktvd.xml
    2007-12-25 00:20 . 2007-12-26 10:21 1,019,577 ---hs---- C:\WINDOWS\system32\ivxblydk.ini
    2007-12-25 00:17 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\hkdrtdtm.dll
    2007-12-25 00:17 . 2007-12-25 12:19 2,521 --a------ C:\WINDOWS\system32\hkdrtdtm.xml
    2007-12-25 00:17 . 2007-12-29 00:28 22 --a------ C:\WINDOWS\pskt.ini
    2007-12-24 00:14 . 2007-12-25 00:15 1,010,146 ---hs---- C:\WINDOWS\system32\kcehsfjt.ini
    2007-12-23 13:38 . 2007-12-23 13:38 992,142 ---hs---- C:\WINDOWS\system32\okyigsjx.ini
    2007-12-22 00:13 . 2007-12-23 13:38 1,769,483 ---hs---- C:\WINDOWS\system32\jlndbilj.ini
    2007-12-21 00:11 . 2007-12-22 00:12 991,902 ---hs---- C:\WINDOWS\system32\aqcicxcw.ini
    2007-12-19 22:04 . 2007-12-21 00:10 987,574 ---hs---- C:\WINDOWS\system32\xhhxmfho.ini
    2007-12-17 22:02 . 2007-12-18 21:16 969,100 ---hs---- C:\WINDOWS\system32\vxyrwpgu.ini
    2007-12-17 17:52 . 2007-12-17 18:52 175 --a------ C:\WINDOWS\syss.html
    2007-12-17 17:52 . 2007-12-17 18:51 59 --a------ C:\WINDOWS\syst.html
    2007-12-16 22:01 . 2007-12-17 22:02 969,788 ---hs---- C:\WINDOWS\system32\dokxktln.ini
    2007-12-15 22:00 . 2007-12-16 22:00 968,830 ---hs---- C:\WINDOWS\system32\kemicumk.ini
    2007-12-14 18:26 . 2007-12-15 21:59 971,220 ---hs---- C:\WINDOWS\system32\gakdutcv.ini
    2007-12-13 18:28 . 2007-12-14 18:24 934,518 ---hs---- C:\WINDOWS\system32\butcvxho.ini
    2007-12-12 18:23 . 2007-12-13 18:24 934,338 ---hs---- C:\WINDOWS\system32\tdtibyvg.ini

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-28 23:07 --------- d-----w C:\Program Files\ApplePie
    2007-12-28 14:01 --------- d-----w C:\Program Files\Windows Live Safety Center
    2007-12-25 17:08 --------- d-----w C:\Program Files\Steam
    2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-11-30 08:40 --------- d-----w C:\Program Files\Windows Live Toolbar
    2007-11-29 21:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-29 21:44 --------- d-----w C:\Program Files\Yahoo!
    2007-11-18 19:22 --------- d-----w C:\Program Files\Windows Live Favorites
    2007-11-18 15:47 --------- d-----w C:\Program Files\IDoser v4
    2007-11-14 11:44 --------- d-----w C:\Program Files\Java
    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2006-04-13 17:36 0 -c--a-w C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro\Setup.exe
    2006-04-13 17:36 0 -c--a-w C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro\layout.bin
    2006-04-13 17:36 0 -c--a-w C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro\Install.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 08:20]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-03-12 21:03]
    "e0ce4ee4"="C:\WINDOWS\system32\gkgcidfj.dll" []
    "0B55340967017A232855"="Rundll32.exe" [2004-08-20 00:10 C:\WINDOWS\system32\rundll32.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvuuvsp]
    wvuuvsp.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
    backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
    backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
    Ati2mdxx.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    2003-08-12 21:10 335872 --a------ C:\ATI-CPanel\atiptaxx.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
    2007-12-04 14:00 79224 --a------ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2004-08-20 00:09 15360 --a------ C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 EPSON Stylus DX3800 Series /O6 USB001 /M Stylus DX3800

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
    2004-02-24 08:20 401491 --a------ C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    2003-09-15 14:58 1212466 --a------ C:\Program Files\Ahead\InCD\InCD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
    2001-09-24 08:39 98304 --a------ C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
    2002-07-18 17:36 28672 --a------ C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
    2001-07-09 10:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneClick]
    2004-12-13 12:22 397312 --------- C:\Program Files\oneclick\oneclick.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
    C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe /r

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2007-09-25 01:11 132496 --a------ C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_8 -reboot 1

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\W2acecad.Wtxpload]
    C:\WINDOWS\W2acecad\Wtxpload.exe acecad

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2006-11-03 09:59 204288 --------- C:\Program Files\Windows Media Player\WMPNSCFG.exe

    S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AN983.sys [2003-04-18 12:45]
    S3 dump_wmimmc;dump_wmimmc;C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys []
    S3 ESISTEMA53;ESISTEMA53;C:\Program Files\RuanEngine\sistema32.sys []
    S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
    S3 fuckoff1;fuckoff1;C:\ReymiXEngine\reymixddk.sys []
    S3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2001-09-24 08:39]
    S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2006-05-09 16:50]
    S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\WINDOWS\system32\DRIVERS\LV551AV.sys [2001-09-24 08:42]
    S3 SilverLink;Texas Instruments SilverLink (USB GraphLink) Cable;C:\WINDOWS\system32\Drivers\SilvrLnk.sys [2002-10-22 03:15]
    S3 W2acehid;ACECAD HID;C:\WINDOWS\system32\DRIVERS\w2acehid.sys [2000-07-14 12:41]
    S3 XDva006;XDva006;C:\WINDOWS\system32\XDva006.sys []
    S3 XDva007;XDva007;C:\WINDOWS\system32\XDva007.sys []
    S3 XDva009;XDva009;C:\WINDOWS\system32\XDva009.sys []
    S3 ZD1201U;Stick USB 802.11b OLITEC Driver;C:\WINDOWS\system32\DRIVERS\zd1201u.sys [2003-08-06 16:25]
    S4 Wtcls2k;WtCls2k;C:\WINDOWS\system32\DRIVERS\wtcls2k.sys [2000-08-02 18:03]

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2007-12-28 23:24:08 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-29 00:28:39
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
    -> C:\WINDOWS\system32\qygercjg.dll
    .
    Completion time: 2007-12-29 0:31:36 - machine was rebooted
    .
    2007-12-13 12:18:15 --- E O F ---

    Puis celui de hijackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:42:11, on 29/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wintab32.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [e0ce4ee4] rundll32.exe "C:\WINDOWS\system32\gkgcidfj.dll",b
    O4 - HKLM\..\Run: [0B55340967017A232855] Rundll32.exe "C:\WINDOWS\system32\qygercjg.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
    O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.co.jp/_common/cab/NMStarterJP5.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/12c33e5d76c5c9047019/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BF546560-EA9C-4E73-A1DA-D65AF83FF641}: NameServer = 192.168.0.13
    O20 - Winlogon Notify: wvuuvsp - wvuuvsp.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\System32\wintab32.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Nomad-cube
     
    Bonjour,

    voici les rapports demandés.

    Le Report.txt de SDFix:

    SDFix: Version 1.120

    Run by Jérémy on 29/12/2007 at 13:50

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\DOCUME~1\JRMY~1\Bureau\SDFix

    Safe Mode:
    Checking Services:

    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting...

    Normal Mode:
    Checking Files:

    No Trojan Files Found

    Removing Temp Files...

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.

    Final Check:

    catchme 0.3.1333.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-29 13:59:40
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 53

    Remaining Services:
    ------------------

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
    "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
    "C:\\Program Files\\LegacyGamers\\LegacyGamers GunZ Online\\LegacyGamers.exe"="C:\\Program Files\\LegacyGamers\\LegacyGamers GunZ Online\\LegacyGamers.exe:*:Enabled:Gunz"
    "C:\\Documents and Settings\\Jérémy\\Mes documents\\EGZ\\theduel.exe"="C:\\Documents and Settings\\Jérémy\\Mes documents\\EGZ\\theduel.exe:*:Enabled:Gunz"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    Remaining Files:
    ---------------

    Files with Hidden Attributes:

    Sun 23 Jan 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Wed 21 Jun 2006 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv11.bak"
    Thu 8 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
    Sun 5 Sep 2004 34,816 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0003.tmp"
    Fri 21 Dec 2007 340,480 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0004.tmp"
    Tue 7 Sep 2004 35,328 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0005.tmp"
    Tue 29 Aug 2006 297,984 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0006.tmp"
    Thu 21 Dec 2006 306,176 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0007.tmp"
    Sun 10 Jun 2007 325,632 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0008.tmp"
    Fri 12 Jan 2007 307,712 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0254.tmp"
    Thu 3 Nov 2005 173,056 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0700.tmp"
    Thu 17 Nov 2005 221,184 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0832.tmp"
    Fri 12 May 2006 282,624 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL0985.tmp"
    Sat 28 Jan 2006 271,360 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL1045.tmp"
    Mon 3 Apr 2006 275,456 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL1088.tmp"
    Mon 13 Mar 2006 274,432 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL1434.tmp"
    Sat 29 Apr 2006 279,040 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL1436.tmp"
    Fri 4 Nov 2005 175,616 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL1569.tmp"
    Tue 25 Apr 2006 277,504 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL1823.tmp"
    Sun 21 Aug 2005 76,288 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL1939.tmp"
    Sun 19 Sep 2004 38,400 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL2000.tmp"
    Thu 4 May 2006 280,064 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL2042.tmp"
    Mon 17 Jan 2005 54,784 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL2089.tmp"
    Tue 21 Mar 2006 274,432 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL2408.tmp"
    Fri 3 Mar 2006 274,432 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL2757.tmp"
    Wed 28 Dec 2005 256,512 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL3006.tmp"
    Thu 17 Nov 2005 220,672 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL3305.tmp"
    Thu 18 May 2006 282,624 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL3559.tmp"
    Sun 22 Jan 2006 265,216 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL3795.tmp"
    Thu 8 Jun 2006 284,160 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\ModŠles\~WRL3981.tmp"
    Thu 4 Jan 2007 306,176 ...H. --- "C:\Documents and Settings\J‚r‚my\Application Data\Microsoft\Word\~WRL0004.tmp"

    Finished!

    Et un nouveau de HiJackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:06:45, on 29/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wintab32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [e0ce4ee4] rundll32.exe "C:\WINDOWS\system32\gkgcidfj.dll",b
    O4 - HKLM\..\Run: [0B55340967017A232855] Rundll32.exe "C:\WINDOWS\system32\ovyrrcml.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/installer-hidden-test.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
    O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.co.jp/_common/cab/NMStarterJP5.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/12c33e5d76c5c9047019/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BF546560-EA9C-4E73-A1DA-D65AF83FF641}: NameServer = 192.168.0.13
    O20 - Winlogon Notify: wvuuvsp - wvuuvsp.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\System32\wintab32.exe
    0
  7. Nomad-cube
     
    Bonjour, effectivement merci de ton aide Philae!

    Tout d'abord le rapportSREnglLOG:

    [CODE]

    2007-12-29,15:09:42

    System Repair Engineer 2.5.16.900
    Smallfrogs (http://www.KZTechs.com)

    Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

    Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan

    Boot Items
    Registry
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
    <WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows Component Publisher]
    <H/PC Connection Agent><"C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"> [Microsoft Corporation]
    [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><> [N/A]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
    <TkBellExe><"C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
    <e0ce4ee4><rundll32.exe "C:\WINDOWS\system32\gkgcidfj.dll",b> [N/A]
    <0B55340967017A232855><Rundll32.exe "C:\WINDOWS\system32\ovyrrcml.dll",s> []
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><sockspy.dll> [N/A]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvuuvsp]
    <WinlogonNotify: wvuuvsp><wvuuvsp.dll> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player 6.4><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mswmp.inf,PerUserStub> []
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install> [Microsoft Corporation]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
    <Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Adobe Photo Downloader><; "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"> [Adobe Systems Incorporated]
    <ATIModeChange><; Ati2mdxx.exe> [ATI Technologies, Inc.]
    <ATIPTA><; C:\ATI-CPanel\atiptaxx.exe> [ATI Technologies, Inc.]
    <avast!><; C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <EPSON Stylus DX3800 Series><; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <H/PC Connection Agent><; "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"> [Microsoft Corporation]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <InCD><; C:\Program Files\Ahead\InCD\InCD.exe> [Ahead Software AG]
    <LVCOMS><; C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""]
    <Microsoft Works Update Detection><; C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe> [Microsoft® Corporation]
    <NeroCheck><; C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
    <OneClick><; "C:\Program Files\oneclick\oneclick.exe"> [1-Click Media Networks]
    <QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Steam><; > [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <StorageGuard><; "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r> [Sonic Solutions]
    <SunJavaUpdateSched><; "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
    <TkBellExe><; "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <updateMgr><; "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1> [N/A]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <W2acecad.Wtxpload><; C:\WINDOWS\W2acecad\Wtxpload.exe acecad> [N/A]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <WMPNSCFG><; C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows Publisher]

    ==================================
    Startup Folders
    N/A

    ==================================
    Services
    [Gestion d'applications / AppMgmt][Stopped/Manual Start]
    <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
    [Service d'état ASP.NET / aspnet_state][Stopped/Manual Start]
    <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
    [avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
    <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
    [avast! Antivirus / avast! Antivirus][Running/Auto Start]
    <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
    [avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
    <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
    [avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
    <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
    [C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
    <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
    [Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
    <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
    [InCD File System Service / InCDsrv][Running/Auto Start]
    <C:\Program Files\Ahead\InCD\InCDsrv.exe><AHEAD Software>
    [Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
    <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><CACE Technologies>
    [Wintab32 / Wintab32][Running/Auto Start]
    <C:\WINDOWS\System32\wintab32.exe><>

    ==================================
    Drivers
    [ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter / AN983][Stopped/Manual Start]
    <System32\DRIVERS\AN983.sys><ADMtek Incorporated.>
    [ati2mtag / ati2mtag][Running/Manual Start]
    <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
    [basic2 / basic2][Stopped/Manual Start]
    <System32\DRIVERS\HSF_BSC2.sys><Conexant>
    [Wireless-G PCI Adapter Driver / BCM43XX][Running/Manual Start]
    <system32\DRIVERS\bcmwl5.sys><Broadcom Corporation>
    [catchme / catchme][Running/Manual Start]
    <\??\C:\DOCUME~1\JRMY~1\LOCALS~1\Temp\catchme.sys><N/A>
    [CdaC15BA / CdaC15BA][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS><Macrovision Europe Ltd>
    [Olitec Router (via USB) / CnxTrLan][Stopped/Manual Start]
    <System32\DRIVERS\CnxTrLan.sys><Conexant>
    [Dual-Mode DSC(2770) / DCamUSBSQTECH][Stopped/Manual Start]
    <System32\Drivers\SQcaptur.sys><Service & Quality Technology.>
    [drvmcdb / drvmcdb][Running/Boot Start]
    <\SystemRoot\system32\DRIVERS\drvmcdb.sys><Sonic Solutions>
    [dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
    <\??\C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys><N/A>
    [EagleNT / EagleNT][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
    [ESISTEMA53 / ESISTEMA53][Stopped/Manual Start]
    <\??\C:\Program Files\RuanEngine\sistema32.sys><N/A>
    [Fallback / Fallback][Running/Auto Start]
    <System32\DRIVERS\HSF_FALL.sys><Conexant>
    [Carte réseau virtuelle FreeBox USB / fbxusb][Stopped/Manual Start]
    <system32\DRIVERS\fbxusb32.sys><FreeBox SA>
    [Fsks / Fsks][Running/Auto Start]
    <System32\DRIVERS\HSF_FSKS.sys><Conexant>
    [fuckoff1 / fuckoff1][Stopped/Manual Start]
    <\??\C:\ReymiXEngine\reymixddk.sys><N/A>
    [Hamachi Network Interface / hamachi][Stopped/Manual Start]
    <system32\DRIVERS\hamachi.sys><LogMeIn, Inc.>
    [HSFHWBS2 / HSFHWBS2][Running/Manual Start]
    <System32\DRIVERS\HSFHWBS2.sys><Conexant Systems, Inc.>
    [HSF_DP / HSF_DP][Running/Manual Start]
    <System32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
    [hsf_msft / hsf_msft][Stopped/Manual Start]
    <System32\DRIVERS\HSF_MSFT.sys><Conexant>
    [InCDPass / InCDPass][Running/System Start]
    <System32\DRIVERS\InCDPass.sys><Ahead Software>
    [K56 / K56][Running/Auto Start]
    <System32\DRIVERS\HSF_K56K.sys><Conexant>
    [LVBulk Service / LVBulk][Stopped/Manual Start]
    <system32\DRIVERS\LVBulk.sys><Logitech Inc.>
    [mdmxsdk / mdmxsdk][Running/Auto Start]
    <System32\DRIVERS\mdmxsdk.sys><Conexant>
    [Nokia USB Generic / Nokia USB Generic][Stopped/Manual Start]
    <system32\drivers\nmwcdc.sys><Nokia>
    [Nokia USB Modem / Nokia USB Modem][Stopped/Manual Start]
    <system32\drivers\nmwcdcm.sys><Nokia>
    [Nokia USB Phone Parent / Nokia USB Phone Parent][Stopped/Manual Start]
    <system32\drivers\nmwcd.sys><Nokia>
    [NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
    <system32\drivers\npf.sys><CACE Technologies>
    [NPPTNT2 / NPPTNT2][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
    [Padus ASPI Shell / pfc][Running/Manual Start]
    <system32\drivers\pfc.sys><Padus, Inc.>
    [Logitech ClickSmart 310(PID_0900_V) / PID_0900_V][Stopped/Manual Start]
    <system32\DRIVERS\LV551AV.sys><Logitech Inc.>
    [StarForce Protection Environment Driver v6 / prodrv06][Running/System Start]
    <\SystemRoot\System32\drivers\prodrv06.sys><Protection Technology>
    [StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start]
    <\SystemRoot\System32\drivers\prohlp02.sys><Protection Technology>
    [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
    <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
    [PxHelp20 / PxHelp20][Running/Boot Start]
    <\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
    [Rksample / Rksample][Stopped/Manual Start]
    <System32\DRIVERS\HSF_SAMP.sys><Conexant>
    [Secdrv / Secdrv][Running/Auto Start]
    <System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
    [StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
    <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
    [StarForce Protection Helper Driver / sfhlp01][Running/Boot Start]
    <\SystemRoot\System32\drivers\sfhlp01.sys><Protection Technology>
    [StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
    <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
    [StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
    <\SystemRoot\System32\drivers\sfvfs02.sys><Protection Technology>
    [Texas Instruments SilverLink (USB GraphLink) Cable / SilverLink][Stopped/Manual Start]
    <System32\Drivers\SilvrLnk.sys><Texas Instruments Incorporated>
    [SiS AGP Filter / SISAGP][Running/Boot Start]
    <\SystemRoot\System32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
    [SoftFax / SoftFax][Running/Auto Start]
    <System32\DRIVERS\HSF_FAXX.sys><Conexant>
    [SAMSUNG Mobile USB Device II 1.0 driver (WDM) / ssm_bus][Stopped/Manual Start]
    <system32\DRIVERS\ssm_bus.sys><MCCI>
    [SAMSUNG Mobile USB Modem II 1.0 Filter / ssm_mdfl][Stopped/Manual Start]
    <system32\DRIVERS\ssm_mdfl.sys><MCCI>
    [SAMSUNG Mobile USB Modem II 1.0 Drivers / ssm_mdm][Stopped/Manual Start]
    <system32\DRIVERS\ssm_mdm.sys><MCCI>
    [Audio Driver (WDM) - SigmaTel CODEC / STAC97][Running/Manual Start]
    <system32\drivers\stac97.sys><SigmaTel, Inc.>
    [Tones / Tones][Running/Auto Start]
    <System32\DRIVERS\HSF_TONE.sys><Conexant>
    [V124 / V124][Running/Auto Start]
    <System32\DRIVERS\HSF_V124.sys><Conexant>
    [ACECAD HID / W2acehid][Stopped/Manual Start]
    <System32\DRIVERS\w2acehid.sys><LCS/Telegraphics>
    [winachsf / winachsf][Running/Manual Start]
    <System32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
    [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
    <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
    [Wtcls2k / Wtcls2k][Stopped/Disabled]
    <System32\DRIVERS\wtcls2k.sys><LCS/Telegraphics>
    [XDva006 / XDva006][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\XDva006.sys><N/A>
    [XDva007 / XDva007][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\XDva007.sys><N/A>
    [XDva009 / XDva009][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\XDva009.sys><N/A>
    [XTrapD12 / XTrapD12][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\XTrapD12.sys><N/A>
    [Stick USB 802.11b OLITEC Driver / ZD1201U][Stopped/Manual Start]
    <system32\DRIVERS\zd1201u.sys><ZyDAS Technology Corporation>

    ==================================
    Browser Add-ons
    [Aide pour le lien d'Adobe PDF Reader]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
    []
    {243B17DE-77C7-46BF-B94B-0B5F309A0E64} <c:\Program Files\Microsoft Money\System\mnyside.dll, Microsoft Corporation>
    []
    {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
    [SSVHelper Class]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Google Toolbar Helper]
    {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
    [Windows Live Toolbar Helper]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
    [EpsonToolBandKicker Class]
    {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
    [Java Plug-in 1.6.0_03]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Create Mobile Favorite]
    {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <C:\Program Files\Microsoft ActiveSync\INetRepl.dll, Microsoft Corporation>
    [Create Mobile Favorite]
    {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <C:\Program Files\Microsoft ActiveSync\INetRepl.dll, Microsoft Corporation>
    [AIM]
    {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} <C:\Program Files\AIM95\aim.exe, America Online, Inc.>
    []
    {E023F504-0C5A-4750-A1E7-A9046DEA8A21} <c:\Program Files\Microsoft Money\System\mnyside.dll, Microsoft Corporation>
    []
    {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
    [Messenger]
    {FB5F1910-F110-11d2-BB9E-00C04F795683} <, N/A>
    [EPSON Web-To-Page]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
    [&Google]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
    [Windows Live Toolbar]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
    [Checkers Class]
    {00B71CFB-6864-4346-A978-C0A14556272C} <C:\WINDOWS\Downloaded Program Files\msgrchkr.dll, Microsoft Corporation>
    [InstallerObj Class]
    {01347765-1965-426B-91A4-AA6BB342B9A3} <C:\WINDOWS\Downloaded Program Files\installer.dll, 1-Click Media>
    [QuickTime Object]
    {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
    [MessengerStatsClient Class]
    {14B87622-7E19-4EA8-93B3-97215F77A6BC} <C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll, Microsoft Corporation>
    [Shockwave ActiveX Control]
    {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
    [NMJPStarter15 Class]
    {20050325-D35A-4233-926E-2E801AE25949} <C:\WINDOWS\Downloaded Program Files\NMStarterJP5.dll, CJI Japan>
    [Minesweeper Flags Class]
    {2917297F-F02B-4B9D-81DF-494B6333150B} <C:\WINDOWS\Downloaded Program Files\minesweeper.dll, Microsoft Corporation>
    [FileSharingCtrl Class]
    {45E83043-1F6F-4D22-A5E7-0138EA171B49} <C:\WINDOWS\Downloaded Program Files\fsmsngr-fr.dll, >
    [MSN Photo Upload Tool]
    {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft® Corporation>
    [UnoCtrl Class]
    {5D6F45B3-9043-443D-A792-115447494D24} <C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll, Microsoft>
    [Windows Live Safety Center Base Module]
    {5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, Microsoft Corporation>
    [ijjiPlugin2 Class]
    {5F5F9FB8-878E-4455-95E0-F64B2314288A} <C:\WINDOWS\system32\ijjiPlugin2.dll, TODO: <Company name>>
    [Java Plug-in 1.6.0_03]
    {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [MessengerStatsClient Class]
    {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} <C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll, Microsoft Corporation>
    [CBreakshotControl Class]
    {BD393C14-72AD-4790-A095-76522973D6B8} <C:\WINDOWS\Downloaded Program Files\Banksht2.dll, pixelStorm Inc.>
    [MessengerStatsClient Class]
    {C3F79A2B-B9B4-4A66-B012-3EE46475B072} <C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MessengerStatsPAClient.dll, Microsoft Corporation>
    [Java Plug-in 1.5.0_11]
    {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Java Plug-in 1.6.0_01]
    {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Java Plug-in 1.6.0_02]
    {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Java Plug-in 1.6.0_03]
    {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Java Plug-in 1.6.0_03]
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll, Sun Microsystems, Inc.>
    [HGPlugin9USA Class]
    {CD995117-98E5-4169-9920-6C12D4C0B548} <C:\WINDOWS\Downloaded Program Files\HGPlugin9USA.dll, >
    [Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
    [HGPlugin10USA Class]
    {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} <C:\WINDOWS\Downloaded Program Files\HGPlugin10USA.dll, NHN USA Corp.>
    [Microsoft Outlook 8.0 Object Library]
    {0006F033-0000-0000-C000-000000000046} <, N/A>
    [Microsoft Outlook]
    {0006F03A-0000-0000-C000-000000000046} <, N/A>
    [Google Script Object]
    {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
    [QuickTime Object]
    {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
    [MetaStreamCtl Class]
    {03F998B2-0E00-11D3-A498-00104B6EB52E} <C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation>
    [Aide pour le lien d'Adobe PDF Reader]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
    [Web Browser Applet Control]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
    [Shockwave ActiveX Control]
    {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
    [Windows Media Player]
    {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
    [&Google]
    {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
    [Shockwave ActiveX Control]
    {233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Macromed\Director\SwDir.dll, Adobe Systems, Inc.>
    []
    {243B17DE-77C7-46BF-B94B-0B5F309A0E64} <c:\Program Files\Microsoft Money\System\mnyside.dll, Microsoft Corporation>
    [HTML Document]
    {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
    [XML DOM Document]
    {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, N/A>
    [HtmlDlgSafeHelper Class]
    {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
    [SVG Document]
    {377B5106-3B4E-4A2D-8520-8767590CAC86} <C:\WINDOWS\system32\Adobe\SVGVIE~1.0\NPSVG3.dll, Adobe Systems Inc.>
    [IETag Factory]
    {38481807-CA0E-42D2-BF39-B33AF135CC4D} <c:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
    [QuickTime Object]
    {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
    [XML Document]
    {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
    [EPUImageControl Class]
    {4C39376E-FA9D-4349-BACC-D305C1750EF3} <C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.dll, eBay, Inc.>
    []
    {4F07F79F-087F-42CF-8B36-7A88D06088E9} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
    []
    {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
    [Shell Name Space]
    {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
    [Windows Live Safety Center Base Module]
    {5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, Microsoft Corporation>
    [ijjiPlugin2 Class]
    {5F5F9FB8-878E-4455-95E0-F64B2314288A} <C:\WINDOWS\system32\ijjiPlugin2.dll, TODO: <Company name>>
    [WUWebControl Class]
    {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
    [Windows Media Player]
    {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [MUWebControl Class]
    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
    [Active Desktop Mover]
    {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
    [SSVHelper Class]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Microsoft Web Browser]
    {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
    [XML DOM Document 4.0]
    {88D969C0-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
    [Java Plug-in 1.6.0_03]
    {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
    [Windows Live Safety Center Control Module]
    {8E5C8BEE-1887-414C-8AC9-7C3951F28476} <C:\Program Files\Windows Live Safety Center\wlscCtrl.dll, Microsoft Corporation>
    [ST]
    {9394EDE7-C8B5-483E-8773-474BF36AF6E4} <C:\Program Files\Windows Live Toolbar\stmain.dll, Microsoft Corporation>
    [RMGetLicense Class]
    {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
    [Google Toolbar Helper]
    {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
    [SearchAssistantOC]
    {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
    [RDS.DataSpace]
    {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, Microsoft Corporation>
    [Windows Live Toolbar]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
    [Windows Live Toolbar Helper]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
    [ijjiSetupCtrl1010 Class]
    {C901354A-DFBC-4297-9BC2-22D499A916D5} <C:\WINDOWS\Downloaded Program Files\ijjisetup1010.dll, NHN USA>
    [AUDIO__MID Moniker Class]
    {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__MP3 Moniker Class]
    {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [AUDIO__WAV Moniker Class]
    {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__AVI Moniker Class]
    {CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__MPEG Moniker Class]
    {CD3AFA89-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [VIDEO__X_MS_WMV Moniker Class]
    {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
    [HGPlugin9USA Class]
    {CD995117-98E5-4169-9920-6C12D4C0B548} <C:\WINDOWS\Downloaded Program Files\HGPlugin9USA.dll, >
    [RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
    [Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
    [OfficeObj Class]
    {D2BD7935-05FC-11D2-9059-00C04FD7A1BD} <, N/A>
    [HGPlugin10USA Class]
    {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} <C:\WINDOWS\Downloaded Program Files\HGPlugin10USA.dll, NHN USA Corp.>
    [QuickTimeCheck Class]
    {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, Apple Computer, Inc.>
    []
    {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
    [EpsonToolBandKicker Class]
    {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
    [XML HTTP Request]
    {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
    [EPSON Web-To-Page]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} <C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
    [Yahoo! Toolbar avec bloqueur de fenêtres pop-up]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
    []
    {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, Microsoft Corporation>
    [XML DOM Document 3.0]
    {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
    [XML HTTP]
    {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
    [IERPCtl Class]
    {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
    [&Traduire à partir de l'anglais]
    <res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html, N/A>
    [&Windows Live Search]
    <res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
    [Add to Windows &Live Favorites]
    <https://onedrive.live.com/?id=favorites N/A>
    [Pages liées]
    <res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html, N/A>
    [Pages similaires]
    <res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html, N/A>
    [Recherche &Google]
    <res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html, N/A>
    [Version de la page actuelle disponible dans le cache Google]
    <res://c:\program files\google\GoogleToolbar2.dll/cmcache.html, N/A>

    ==================================
    Running Processes
    [PID: 612 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 664 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 688 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [PID: 732 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
    [PID: 744 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 896 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 964 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1000 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
    [PID: 1064 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1100 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [PID: 1420 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
    [PID: 1476 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
    [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 7, 1098, 0]
    [PID: 1564 / Jérémy][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.0.0.0]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
    [C:\Program Files\Ahead\InCD\incdshx.dll] [Ahead Software, Karlsbad, Germany, 4, 0, 6, 1]
    [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
    [C:\Program Files\Alwil Software\Avast4\ashShell.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\PROGRA~1\QuickZip\QzShlExt.dll] [N/A, ]
    [C:\PROGRA~1\QuickZip\cabinet.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
    [C:\Program Files\Adobe\Photoshop Elements 2\PSICON.DLL] [Adobe Systems, Incorporated, 2.0]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
    [c:\Program Files\Microsoft Money\System\mnyside.dll] [Microsoft Corporation, 11.00.0716]
    [c:\Program Files\Microsoft Money\System\misstub.dll] [Microsoft Corporation, 11.00.0716]
    [C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
    [C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll] [SEIKO EPSON CORPORATION, 1, 1, 0, 0]
    [PID: 1852 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\E_FLMACE.DLL] [SEIKO EPSON CORPORATION, 5, 7, 0, 0]
    [PID: 2024 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [Macrovision, 4.20.0]
    [PID: 436 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 504 / SYSTEM][C:\Program Files\Ahead\InCD\InCDsrv.exe] [AHEAD Software, 4, 0, 6, 1]
    [C:\Program Files\Ahead\InCD\InCDunt.dll] [AHEAD Software, 4, 0, 6, 1]
    [C:\Program Files\Fichiers communs\Ahead\Lib\DriveLocker.dll] [Ahead Software AG, 1, 0, 0, 11]
    [C:\Program Files\Ahead\InCD\incdshx.dll] [Ahead Software, Karlsbad, Germany, 4, 0, 6, 1]
    [PID: 920 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 1316 / SYSTEM][C:\WINDOWS\System32\wintab32.exe] [, ]
    [PID: 1696 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\WMPNetwk.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\wmpmde.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\MFPlat.DLL] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\wmpps.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [PID: 496 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
    [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\French\langmai.dll] [ALWIL Software, 4, 7, 1098, 0]
    [PID: 1280 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1098, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
    [PID: 852 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [PID: 2688 / Jérémy][C:\Program Files\QuickTime\qttask.exe] [Apple Computer, Inc., 7.1.3]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [PID: 2808 / Jérémy][C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3249]
    [PID: 2872 / Jérémy][C:\WINDOWS\system32\Rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [PID: 2292 / Jérémy][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [PID: 2936 / Jérémy][C:\Program Files\Windows Media Player\WMPNSCFG.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\Program Files\Windows Media Player\wmpnssci.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
    [PID: 3000 / Jérémy][C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE] [Microsoft Corporation, 3.7.1.4034]
    [C:\WINDOWS\system32\CEUTIL.dll] [Microsoft Corporation, 3.7.1.4034]
    [C:\WINDOWS\system32\RAPI.dll] [Microsoft Corporation, 3.7.1.4034]
    [C:\Program Files\Microsoft ActiveSync\TCP2UDP.dll] [Microsoft Corporation, 3.7.1.4034]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [PID: 2444 / Jérémy][C:\Program Files\MSN Messenger\msnmsgr.exe] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\MSIMG32.dll] [Patchou, 4, 23, 0, 276]
    [C:\Program Files\MSN Messenger\MSNCore.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\Program Files\MSN Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
    [C:\Program Files\MSN Messenger\ContactsUX.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll] [Patchou, 4, 23, 0, 276]
    [C:\Program Files\Messenger Plus! Live\Detoured.dll] [N/A, ]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\msgsres.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll] [Patchou, 4, 23, 0, 276]
    [C:\Program Files\MSN Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
    [C:\WINDOWS\system32\msdmo.dll] [, ]
    [C:\Program Files\MSN Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
    [C:\Program Files\MSN Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\MSN Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00]
    [C:\Program Files\MSN Messenger\lmcdata.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\contact.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\Program Files\MSN Messenger\dfsr.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
    [C:\Program Files\MSN Messenger\abssm.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\usnsvcps.dll] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\Messenger Plus! Live\libsndfile.dll] [N/A, ]
    [C:\Program Files\Messenger Plus! Live\lame_enc.dll] [N/A, ]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.0.0.0]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
    [C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL] [Microsoft Corporation, 8.1.0178.00]
    [PID: 3632 / SYSTEM][C:\Program Files\MSN Messenger\usnsvc.exe] [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\usnsvcps.dll] [Microsoft Corporation, 8.1.0178.00]
    [PID: 3580 / Jérémy][C:\Program Files\internet explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\IEFRAME.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\IEUI.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [C:\WINDOWS\system32\xmllite.dll] [Microsoft Corporation, 1.00.1018.0]
    [C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
    [C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [C:\Program Files\Windows Live Toolbar\msntb.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\fr-fr\mtbres.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\mtbres.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Tem.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\fr-fr\searchboxRes.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\searchboxRes.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\fr-fr\wlscres.dll.mui] [Microsoft Corporation, 1.0.0001.1]
    [C:\Program Files\Windows Live Toolbar\fr-fr\CMRes.dll.mui] [Microsoft Corporation, 03.00.0001.2032]
    [C:\Program Files\Windows Live Toolbar\CMRes.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\fr-fr\obarres.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\obarres.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Favorites\wlfext.dll] [Microsoft Corporation, 03.01.0000.0130]
    [C:\Program Files\Windows Live Toolbar\Components\fr-fr\RssFinderRes.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\Components\RssFinderRes.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\fr-fr\msn_slrs.DLL.mui] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\msn_slrs.DLL] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\fr-fr\pgres.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\Components\pgres.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\fr-fr\MSNExtensionRes.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\Components\MSNExtensionRes.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\fr-fr\SmaMenRes.dll.mui] [Microsoft Corporation., 03.00.0001.2012]
    [C:\Program Files\Windows Live Toolbar\Components\SmaMenRes.dll] [Microsoft Corporation., 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\fr-fr\CBRes.dll.mui] [Microsoft Corporation, 03.01.0000.0032]
    [C:\Program Files\Windows Live Toolbar\CBRes.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\rssFinder.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
    [c:\Program Files\Microsoft Money\System\mnyside.dll] [Microsoft Corporation, 11.00.0716]
    [c:\Program Files\Microsoft Money\System\misstub.dll] [Microsoft Corporation, 11.00.0716]
    [C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
    [C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll] [Sun Microsystems, Inc., 6.0.30.5]
    [C:\Program Files\Java\jre1.6.0_03\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
    [c:\program files\google\googletoolbar2.dll] [Google Inc., 3, 0, 131, 0]
    [C:\Program Files\Windows Live Toolbar\searchbox.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\stmain.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\wlsctb.dll] [Microsoft Corporation, 03.05.0000.0159]
    [C:\Program Files\Windows Live Toolbar\cm.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\msn_slps.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\WLExtension.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\Components\smamen.dll] [Microsoft Corporation., 03.01.0000.0146]
    [C:\Program Files\Windows Live Toolbar\CB.dll] [Microsoft Corporation, 03.01.0000.0146]
    [C:\Program Files\Windows Live Favorites\WLFExtRes.dll] [Microsoft Corporation, 03.00.0001.2012]
    [C:\Program Files\Windows Live Favorites\TBIDCRL.dll] [Microsoft Corporation, 03.01.0000.0130]
    [C:\Program Files\Windows Live Favorites\msidcrl40.dll] [Microsoft Corporation, 4.000.248.1]
    [C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll] [SEIKO EPSON CORPORATION, 1, 1, 0, 0]
    [C:\WINDOWS\System32\mscoree.dll] [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll] [Microsoft Corporation, 1.1.4322.2407]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll] [Microsoft Corporation, 1.1.4322.2407]
    [C:\Program Files\Windows Live Toolbar\Components\COMCRF\COMCRF.dll] [Microsoft Corporation., 03.01.0000.0146]
    [C:\WINDOWS\system32\ieapfltr.dll] [Microsoft Corporation, 7.0.6000.16461]
    [C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL] [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msfeeds.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.0.0.0]
    [C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
    [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll] [Macromedia, Inc., 8.5.1r102]
    [PID: 1780 / Jérémy][C:\Documents and Settings\Jérémy\Bureau\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
    [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
    [C:\WINDOWS\system32\ovyrrcml.dll] [N/A, ]
    [C:\Documents and Settings\Jérémy\Bureau\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

    ==================================
    File Associations
    .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
    .EXE OK. ["%1" %*]
    .COM OK. ["%1" %*]
    .PIF OK. ["%1" %*]
    .REG OK. [regedit.exe "%1"]
    .BAT OK. ["%1" %*]
    .SCR OK. ["%1" /S]
    .CHM OK. ["C:\WINDOWS\hh.exe" %1]
    .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
    .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
    .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
    .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
    .LNK OK. [{00021401-0000-0000-C000-000000000046}]

    ==================================
    Winsock Provider
    N/A

    ==================================
    Autorun.Inf
    N/A

    ==================================
    HOSTS File
    127.0.0.1 localhost

    ==================================
    Process Privileges Scan
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1316, C:\WINDOWS\SYSTEM32\WINTAB32.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2688, C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2808, C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3000, C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\WCESCOMM.EXE]
    Special Privilege Enabled: SeDebugPrivilege [PID = 1780, C:\DOCUMENTS AND SETTINGS\JÉRÉMY\BUREAU\SRENG2\SRENGPS.EXE]
    Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1780, C:\DOCUMENTS AND SETTINGS\JÉRÉMY\BUREAU\SRENG2\SRENGPS.EXE]

    ==================================
    API HOOK
    N/A

    ==================================
    Hidden Process
    N/A

    ==================================

    [/CODE]

    Par contre pour la marche à suivre de ton post 14, il n'y a pas de petite icone à coté de l'horloge. Juste celle de msn, de la connection wifi, de quicktime, et le truc pour pouvoir retirer le périphérique en sécurité.

    Voilà voilà :(
    0
  8. Nomad-cube
     
    Au fait, pour les deux dossiers dont tu m'as donné le nom. Le premier je ne le connais pas. Le deuxième oui, mais il ne m'est d'aucune utilité.
    0
  9. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    re

    fait les manips que je t'ai donné plus haut, ensuite tu feras analyser ce fichier

    Par contre pour la marche à suivre de ton post 14, il n'y a pas de petite icone à coté de l'horloge. 


    alors laisse tomber pour ca

    fait les manips que je t'ai donné plus haut, ensuite tu feras analyser ces fichiers

    C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro
    C:\ReymiXEngine\reymixddk.sys
    C:\WINDOWS\system32\XDva006.sys
    C:\Program Files\RuanEngine\sistema32.sys
    C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys

    sur VIRUS TOTAL
    http://www.virustotal.com/en/indexf.html

    Tuto : http://pageperso.aol.fr/loraline60/virus_total.htm

    poste le rapport ici ensuite

    je regarde ton rapport SRENG
    0
  10. Nomad-cube
     
    Voici le rapport ComboFix résultant de ta manip post 14:

    ComboFix 07-12-21.4 - Jérémy 2007-12-29 15:52:13.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.48 [GMT 1:00]
    Running from: C:\Documents and Settings\Jérémy\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Jérémy\Bureau\CFScript.txt
    * Created a new restore point

    FILE
    :\WINDOWS\syss.html
    :\WINDOWS\system32\okyigsjx.ini
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\syst.html
    C:\WINDOWS\system32\aqcicxcw.ini
    C:\WINDOWS\system32\butcvxho.ini
    C:\WINDOWS\system32\cjlrhfcx.dll
    C:\WINDOWS\system32\cjlrhfcx.xml
    C:\WINDOWS\system32\dokxktln.ini
    C:\WINDOWS\system32\dwwpjlbs.ini
    C:\WINDOWS\system32\fpcvmguf.dll
    C:\WINDOWS\system32\fpcvmguf.xml
    C:\WINDOWS\system32\gakdutcv.ini
    C:\WINDOWS\system32\hkdrtdtm.dll
    C:\WINDOWS\system32\hkdrtdtm.xml
    C:\WINDOWS\system32\imeqlruu.xml
    C:\WINDOWS\system32\ivxblydk.ini
    C:\WINDOWS\system32\jlndbilj.ini
    C:\WINDOWS\system32\kcehsfjt.ini
    C:\WINDOWS\system32\kemicumk.ini
    C:\WINDOWS\system32\ovyrrcml.dll
    C:\WINDOWS\system32\qygercjg.dll
    C:\WINDOWS\system32\qygercjg.xml
    C:\WINDOWS\system32\rlluzzdd.dll
    C:\WINDOWS\system32\rlluzzdd.xml
    C:\WINDOWS\system32\tdtibyvg.ini
    C:\WINDOWS\system32\vxyrwpgu.ini
    C:\WINDOWS\system32\wrnxqhlv.ini
    C:\WINDOWS\system32\xhhxmfho.ini
    C:\WINDOWS\system32\xowgktvd.dll
    C:\WINDOWS\system32\xowgktvd.xml
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\pskt.ini
    C:\WINDOWS\syst.html
    C:\WINDOWS\system32\aqcicxcw.ini
    C:\WINDOWS\system32\butcvxho.ini
    C:\WINDOWS\system32\cjlrhfcx.dll
    C:\WINDOWS\system32\cjlrhfcx.xml
    C:\WINDOWS\system32\dokxktln.ini
    C:\WINDOWS\system32\dwwpjlbs.ini
    C:\WINDOWS\system32\fpcvmguf.dll
    C:\WINDOWS\system32\fpcvmguf.xml
    C:\WINDOWS\system32\gakdutcv.ini
    C:\WINDOWS\system32\hkdrtdtm.dll
    C:\WINDOWS\system32\hkdrtdtm.xml
    C:\WINDOWS\system32\imeqlruu.xml
    C:\WINDOWS\system32\ivxblydk.ini
    C:\WINDOWS\system32\jlndbilj.ini
    C:\WINDOWS\system32\kcehsfjt.ini
    C:\WINDOWS\system32\kemicumk.ini
    C:\WINDOWS\system32\ovyrrcml.dll
    C:\WINDOWS\system32\qygercjg.dll
    C:\WINDOWS\system32\qygercjg.xml
    C:\WINDOWS\system32\rlluzzdd.dll
    C:\WINDOWS\system32\rlluzzdd.xml
    C:\WINDOWS\system32\tdtibyvg.ini
    C:\WINDOWS\system32\vxyrwpgu.ini
    C:\WINDOWS\system32\wrnxqhlv.ini
    C:\WINDOWS\system32\xhhxmfho.ini
    C:\WINDOWS\system32\xowgktvd.dll
    C:\WINDOWS\system32\xowgktvd.xml

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-11-28 to 2007-12-29 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-29 13:48 . 2007-12-29 13:49 <REP> d-------- C:\WINDOWS\ERUNT
    2007-12-29 13:45 . 2007-12-29 15:29 3,274 --a------ C:\WINDOWS\system32\ovyrrcml.xml
    2007-12-29 11:59 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\zkqcpjmx.dll
    2007-12-29 11:59 . 2007-12-29 13:36 3,275 --a------ C:\WINDOWS\system32\zkqcpjmx.xml
    2007-12-29 02:51 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\ltbgwdeo.dll
    2007-12-29 02:51 . 2007-12-29 02:48 3,368 --a------ C:\WINDOWS\system32\ltbgwdeo.xml
    2007-12-28 21:14 . 2007-12-28 21:14 <REP> d-------- C:\VundoFix Backups
    2007-12-28 15:02 . 2007-12-28 15:02 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-28 13:36 . 2007-12-28 22:32 <REP> d-------- C:\Program Files\Navilog1
    2007-12-27 15:25 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\imeqlruu.dll
    2007-12-23 13:38 . 2007-12-23 13:38 992,142 ---hs---- C:\WINDOWS\system32\okyigsjx.ini
    2007-12-17 17:52 . 2007-12-17 18:52 175 --a------ C:\WINDOWS\syss.html
    2007-11-30 20:42 . 2007-12-01 12:48 <REP> d-------- C:\Documents and Settings\Jérémy\Application Data\Azureus

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-28 23:07 --------- d-----w C:\Program Files\ApplePie
    2007-12-28 14:01 --------- d-----w C:\Program Files\Windows Live Safety Center
    2007-12-25 17:08 --------- d-----w C:\Program Files\Steam
    2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
    2007-11-30 08:40 --------- d-----w C:\Program Files\Windows Live Toolbar
    2007-11-29 21:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-29 21:44 --------- d-----w C:\Program Files\Yahoo!
    2007-11-18 19:22 --------- d-----w C:\Program Files\Windows Live Favorites
    2007-11-18 15:47 --------- d-----w C:\Program Files\IDoser v4
    2007-11-14 11:44 --------- d-----w C:\Program Files\Java
    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2006-04-13 17:36 0 -c--a-w C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro\Setup.exe
    2006-04-13 17:36 0 -c--a-w C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro\layout.bin
    2006-04-13 17:36 0 -c--a-w C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro\Install.exe
    2005-12-19 08:53 200,704 -c--a-w C:\Documents and Settings\Jérémy\BAReport.exe
    2005-12-19 08:53 200,704 -c--a-w C:\Documents and Settings\Jérémy\BAReport.exe
    1999-06-30 13:06 151,552 -c--a-r C:\WINDOWS\inf\AGFA\Message.exe
    .

    ((((((((((((((((((((((((((((( snapshot@2007-12-29_ 0.30.46.24 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\29-12-2007\ERDNT.EXE
    + 2007-12-29 14:39:56 11,214,848 ----a-w C:\WINDOWS\erdnt\29-12-2007\Users\[u]0[/u]0000001\ntuser.dat
    + 2007-12-29 14:39:56 147,456 ----a-w C:\WINDOWS\erdnt\29-12-2007\Users\[u]0[/u]0000002\UsrClass.dat
    + 2007-12-29 06:04:43 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
    + 2007-12-29 12:49:19 11,210,752 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\ntuser.dat
    + 2007-12-29 12:49:19 147,456 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
    + 2007-12-29 06:04:43 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
    + 2007-12-29 12:49:01 11,210,752 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\ntuser.dat
    + 2007-12-29 12:49:02 147,456 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
    + 2007-12-29 12:58:12 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5c4.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 08:20]
    "Steam"="" []
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 19:33]
    "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 15:24 C:\WINDOWS\system32\Ati2mdxx.exe]
    "ATIPTA"="C:\ATI-CPanel\atiptaxx.exe" [2003-08-12 21:10]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
    "EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 05:00]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-09-15 14:58]
    "LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE" [2001-09-24 08:39]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 17:36]
    "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "OneClick"="C:\Program Files\oneclick\oneclick.exe" [2004-12-13 12:22]
    "StorageGuard"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-02-13 01:01]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "W2acecad.Wtxpload"="C:\WINDOWS\W2acecad\Wtxpload.exe" [2000-05-21 01:00]
    "0B55340967017A232855"="Rundll32.exe" [2004-08-20 00:10 C:\WINDOWS\system32\rundll32.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" []

    C:\Documents and Settings\J‚r‚my\Menu D‚marrer\Programmes\D‚marrage\
    ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [2005-10-20 12:04:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
    backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
    backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AN983.sys [2003-04-18 12:45]
    S3 dump_wmimmc;dump_wmimmc;C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys []
    S3 ESISTEMA53;ESISTEMA53;C:\Program Files\RuanEngine\sistema32.sys []
    S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
    S3 fuckoff1;fuckoff1;C:\ReymiXEngine\reymixddk.sys []
    S3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2001-09-24 08:39]
    S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2006-05-09 16:50]
    S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\WINDOWS\system32\DRIVERS\LV551AV.sys [2001-09-24 08:42]
    S3 SilverLink;Texas Instruments SilverLink (USB GraphLink) Cable;C:\WINDOWS\system32\Drivers\SilvrLnk.sys [2002-10-22 03:15]
    S3 W2acehid;ACECAD HID;C:\WINDOWS\system32\DRIVERS\w2acehid.sys [2000-07-14 12:41]
    S3 XDva006;XDva006;C:\WINDOWS\system32\XDva006.sys []
    S3 XDva007;XDva007;C:\WINDOWS\system32\XDva007.sys []
    S3 XDva009;XDva009;C:\WINDOWS\system32\XDva009.sys []
    S3 ZD1201U;Stick USB 802.11b OLITEC Driver;C:\WINDOWS\system32\DRIVERS\zd1201u.sys [2003-08-06 16:25]
    S4 Wtcls2k;WtCls2k;C:\WINDOWS\system32\DRIVERS\wtcls2k.sys [2000-08-02 18:03]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-29 14:24:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-29 15:58:28
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-29 15:59:15
    .
    2007-12-13 12:18:15 --- E O F ---

    Et le HiJackThis juste derrière:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:01:48, on 29/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wintab32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Adobe Photo Downloader] ; "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [ATIModeChange] ; Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] ; C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [avast!] ; C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] ; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [InCD] ; C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [LVCOMS] ; C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] ; C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [NeroCheck] ; C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [OneClick] ; "C:\Program Files\oneclick\oneclick.exe"
    O4 - HKLM\..\Run: [StorageGuard] ; "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] ; "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [W2acecad.Wtxpload] ; C:\WINDOWS\W2acecad\Wtxpload.exe acecad
    O4 - HKLM\..\Run: [0B55340967017A232855] Rundll32.exe "C:\WINDOWS\system32\ovyrrcml.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] ; C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] ; "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [Steam] ;
    O4 - HKCU\..\Run: [updateMgr] ; "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BF546560-EA9C-4E73-A1DA-D65AF83FF641}: NameServer = 192.168.0.13
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\System32\wintab32.exe
    0
  11. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    ffiche les fichiers et dossiers cachés ainsi que les extensions

    -démarrer
    
    -poste de travail ou autre dossier
    
    -menu outils
    
    -options de dossier
    
    -onglet affichage
    
    puis
    
    - activer la case : Afficher les fichiers et dossiers cachés
    
    - désactiver la case : Masquer les extensions des fichiers dont le type est connu
    
    - désactiver  la case : Masquer les fichier protégés du système d'exploitation
    
    Puis  - Appliquer


    il en reste mais j'aimerais bien connaître un peu plus sur ces drivers
    0
  12. Nomad-cube
     
    Ok je vais voir si je peux analyser ces fichiers avec virus total et je te mets ici les rapports. :)
    0
  13. Nomad-cube
     
    Même avec ta méthode post 20, les fichiers ci dessous restant invisibles en cherchant depuis la page principale de virus total. En les cherchant sur le pc directement aussi.

    C:\Documents and Settings\AOInstall16.2.0_EP0_live_nointro
    C:\ReymiXEngine\reymixddk.sys
    C:\WINDOWS\system32\XDva006.sys
    C:\Program Files\RuanEngine\sistema32.sys
    C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys
    0
  14. Nomad-cube
     
    Bon par contre un grand merci à vous deux car mon pc a l'air d'aller mieux. Plus aucune pub ni ralentissement. Et j'arrive de nouveau à me connecter sur mes forums et sites habituels!

    Je refais des rapports pour vérifier si tout est vraiment nickel?

    Comment garder mon pc sain?
    0
  15. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    tout n'est pas propre....

    je reviens quand j'aurais trouvé ce que je cherche concernant tes drivers
    0
  16. Nomad-cube
     
    Ok je te remercie.

    En attendant je remarque que l'icone à coté de l'horloge pour le résident avast! n'est pas revenue. Mon pc n'est plus protégé? :/ Pourtant j'ai choisi l'option "toujours afficher" dans les paramètres.
    0
  17. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    si en cliquant sur la flèche de ta barre du bas tu ne le vois pas apparaitre, et que tu ne le vois pas visible, c'est qu'il n'est pas présent au démarrage.

    poste un rapport hijackthis en attendant pour voir stp
    0
  18. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    j'ai finalement eu les infos dont j'avais besoin.

    par contre avant de continuer il faudrait que tu me dises si tu utilises ou a utiliser ce jeu

    Knight Online

    0
    1. cgui33 Messages postés 1176 Statut Membre 10
       
      Salut Philae

      Dans le dernier Hijack on retrouve
      O4 - HKLM\..\Run: [0B55340967017A232855] Rundll32.exe "C:\WINDOWS\system32\ovyrrcml.dll",s

      C'est du Vundo non ?

      Qui en plus a été supprimé (?) par Combofix
      mais qui revient en force non ?
      (rapport Combofix)
      ((((((((((((((((((((((((((((( Fichiers créés 2007-11-28 to 2007-12-29 ))))))))))))))))))))))))))))))))))))

      2007-12-29 13:45 . 2007-12-29 15:29 3,274 --a------ C:\WINDOWS\system32\ovyrrcml.xml
      2007-12-29 11:59 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\zkqcpjmx.dll
      2007-12-29 11:59 . 2007-12-29 13:36 3,275 --a------ C:\WINDOWS\system32\zkqcpjmx.xml
      2007-12-29 02:51 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\ltbgwdeo.dll
      2007-12-29 02:51 . 2007-12-29 02:48 3,368 --a------ C:\WINDOWS\system32\ltbgwdeo.xml
      2007-12-27 15:25 . 2007-12-25 00:17 98,368 --a------ C:\WINDOWS\system32\imeqlruu.dll
      2007-12-23 13:38 . 2007-12-23 13:38 992,142 ---hs---- C:\WINDOWS\system32\okyigsjx.ini

      Ces DLL ont elles un rapport avec ce que tu es en train d'essayer de supprimer en ce moment ?
      Merci
      A+
      0
  19. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    j'attends qu'il revienne pour me donner la réponse à ma question, il reste encore pas mal de choses à faire ici

    il faut que je reprenne les derniers rapports pour tout remettre en ordre, mais j'attends qu'il revienne..........on en a vu ne jamais revenir.

    je te réponds en MP pour éviter de tout polluer ici
    0
  20. Nomad-cube
     
    Bonjour,

    je suis toujours là ;)

    Pour Knight Online je connais ce jeu, j'ai du l'installer mais je n'y joue pas.

    Mon pc semble sain, j'ai réinstallé Avast et les icones sont réapparues en bas à coté de l'horloge.

    Voici un rapport HiJackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:48:43, on 30/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wintab32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Adobe Photo Downloader] ; "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [ATIModeChange] ; Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] ; C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] ; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [InCD] ; C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [LVCOMS] ; C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] ; C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [NeroCheck] ; C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [OneClick] ; "C:\Program Files\oneclick\oneclick.exe"
    O4 - HKLM\..\Run: [StorageGuard] ; "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SunJavaUpdateSched] ; "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [W2acecad.Wtxpload] ; C:\WINDOWS\W2acecad\Wtxpload.exe acecad
    O4 - HKLM\..\Run: [0B55340967017A232855] Rundll32.exe "C:\WINDOWS\system32\ovyrrcml.dll",s
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] ; C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] ; "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [Steam] ;
    O4 - HKCU\..\Run: [updateMgr] ; "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BF546560-EA9C-4E73-A1DA-D65AF83FF641}: NameServer = 192.168.0.13
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\System32\wintab32.exe
    0
  21. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,
    merci pour les précisions, néanmoins le pc n'est pas sain,

    je vais m'occuper de la suite à donner dans la journée, il me faut le tps de reprendre les rapports

    0
  • 1
  • 2