PAR PITIE Solution pour supprimer dll infecté
kinvara
Messages postés
23
Statut
Membre
-
FillPCA Messages postés 2264 Statut Contributeur sécurité -
FillPCA Messages postés 2264 Statut Contributeur sécurité -
Bonjour concitoyens internautes!
Quelqu'un pourrait-il me venir en aide s'il vous plaît?
Antivirus : AVAST
Système d'exploitation : WINDOWS XP SERVICE PACK 2
Voilà, en fait Avast me signale qu'un de mes fichiers système d'extension .dll est infecté par un cheval de Troie.
Les 3 actions proposées (mettre en quarantaine, supprimer ou renommer) ne fonctionnent pas.
Je me suis donc dit " Allons donc le supprimer à la source!". Seul problème, c'est que je ne peux, car un message m'indique qu'il est protégé ou gnagnagna, on connaît déjà tous le truc... Enfin bref, j'ai cherché des solutions sur le forum, mais unlocker ne me permet toujours pas de le supprimer même au redémarrage, le fichier .dll n'aparait pas dans le gestionnaire des tâches, le mode sans échec ne me permet toujours pas de l'effacer, la case "lecture seule" n'est pas cochée, et dans les autorisations effectives en mode sans échec pour ce fichier je suis soit disant autorisée à la suppression...
J'aimerais sincèrement que quelqu'un me file un p'tit coup de pouce, s'il vous plaîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîît!
Merci d'avance à celui qui m'aidera.
[en attente d'une réponse...]
kinvara
Quelqu'un pourrait-il me venir en aide s'il vous plaît?
Antivirus : AVAST
Système d'exploitation : WINDOWS XP SERVICE PACK 2
Voilà, en fait Avast me signale qu'un de mes fichiers système d'extension .dll est infecté par un cheval de Troie.
Les 3 actions proposées (mettre en quarantaine, supprimer ou renommer) ne fonctionnent pas.
Je me suis donc dit " Allons donc le supprimer à la source!". Seul problème, c'est que je ne peux, car un message m'indique qu'il est protégé ou gnagnagna, on connaît déjà tous le truc... Enfin bref, j'ai cherché des solutions sur le forum, mais unlocker ne me permet toujours pas de le supprimer même au redémarrage, le fichier .dll n'aparait pas dans le gestionnaire des tâches, le mode sans échec ne me permet toujours pas de l'effacer, la case "lecture seule" n'est pas cochée, et dans les autorisations effectives en mode sans échec pour ce fichier je suis soit disant autorisée à la suppression...
J'aimerais sincèrement que quelqu'un me file un p'tit coup de pouce, s'il vous plaîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîîît!
Merci d'avance à celui qui m'aidera.
[en attente d'une réponse...]
kinvara
A voir également:
- PAR PITIE Solution pour supprimer dll infecté
- Supprimer rond bleu whatsapp - Guide
- Supprimer page word - Guide
- Supprimer pub youtube - Accueil - Streaming
- Fichier impossible à supprimer - Guide
- Supprimer application windows 10 - Guide
46 réponses
Bonjour,
Edite un rapport Hijackthis.
http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Démo en image
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Fais un scan et poste l'analyse.
FillPCA
Edite un rapport Hijackthis.
http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Démo en image
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Fais un scan et poste l'analyse.
FillPCA
Bonsoir, essayez de redémarrer en mode sans echec et allez chercher ce fichier ou faites une analyse anti virus avec avast.
Généralement les analyse anti virus sont bien plus performante en mode sans echec.
J'espère que cela vous aidera et tenez moi au courant
Amicalement
Pascal
Généralement les analyse anti virus sont bien plus performante en mode sans echec.
J'espère que cela vous aidera et tenez moi au courant
Amicalement
Pascal
bonsoir,
essaye çette manip
ctrl+alt+supr
t'affiche les processus tu recherche celui ou ceux qui on le nom de ton fichier
tu les arrete manuellement (clic droit dessu puis arrter l'arbrescence du processus)
ensuite tu va chercher ton fichier à la source comme tu dis ,mais au lieu de le supprimer tu le renomme en .old
par fichier.dll==>fichier.dll.old
ca c'est au cas ou ca te provoque un pb. tu pourra le renommer en virant l'extension old
tiens nous au courant
@+
essaye çette manip
ctrl+alt+supr
t'affiche les processus tu recherche celui ou ceux qui on le nom de ton fichier
tu les arrete manuellement (clic droit dessu puis arrter l'arbrescence du processus)
ensuite tu va chercher ton fichier à la source comme tu dis ,mais au lieu de le supprimer tu le renomme en .old
par fichier.dll==>fichier.dll.old
ca c'est au cas ou ca te provoque un pb. tu pourra le renommer en virant l'extension old
tiens nous au courant
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
--
S"V"P. ((Veuillez lire attentivement les recommandations.))
((Cela évite de répéter)). (Firefox) = ((Navigations + Sécuritaires!!!)) (GMT-5h: Québec, CA)
Salut !!!!
Lis le post 2 ;-)
S"V"P. ((Veuillez lire attentivement les recommandations.))
((Cela évite de répéter)). (Firefox) = ((Navigations + Sécuritaires!!!)) (GMT-5h: Québec, CA)
Salut !!!!
Lis le post 2 ;-)
j'ai vu le post 2..^^
ma manip n'a que le mérite d'etre rapide....et au moins tu sais ce que tu vire..
apres rien n'empeche de faire un hitjackis
ma manip n'a que le mérite d'etre rapide....et au moins tu sais ce que tu vire..
apres rien n'empeche de faire un hitjackis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:39, on 09/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Visual Tooltip\VisualToolTip.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell sans fil\PRISMCFG.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Documents and Settings\Jenny\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: (no name) - {2339DDB6-4B01-4A84-9245-9AD0B602D210} - C:\WINDOWS\system32\ATHPRX.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\Visual Tooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Utilitaire de carte WLAN sans fil USB 2.0.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Scan saved at 17:54:39, on 09/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Visual Tooltip\VisualToolTip.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell sans fil\PRISMCFG.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Documents and Settings\Jenny\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: (no name) - {2339DDB6-4B01-4A84-9245-9AD0B602D210} - C:\WINDOWS\system32\ATHPRX.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\Visual Tooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Utilitaire de carte WLAN sans fil USB 2.0.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Bonsoir,
1/ * Ouvrir l'explorateur windows (Démarrer>programmes>Accessoires>Explorateur windows ou Démarrer>programmes>Explorateur windows).
* Cliquer sur outils>options des dossiers>affichage.
* Sélectionner :
o afficher les fichiers et dossiers cachés,
o décocher "masquer les extensions des fichiers dont le type est connu",
o décocher masquer les fichiers protégés du système d'exploitation (recommandé)".
* "appliquer" et "ok"
2/ * Peux-tu tester ceci : C:\WINDOWS\system32\ATHPRX.dll
* Clique sur ce lien : http://www.virustotal.com/en/indexf.html
* Clique sur parcourir et indique le chemin du fichier que j’ai désigné.
* Clique sur send. Au bout de quelques minutes, un rapport est généré. Poste-le dans ta prochaine réponse.
Edite ce rapport.
FillPCA
1/ * Ouvrir l'explorateur windows (Démarrer>programmes>Accessoires>Explorateur windows ou Démarrer>programmes>Explorateur windows).
* Cliquer sur outils>options des dossiers>affichage.
* Sélectionner :
o afficher les fichiers et dossiers cachés,
o décocher "masquer les extensions des fichiers dont le type est connu",
o décocher masquer les fichiers protégés du système d'exploitation (recommandé)".
* "appliquer" et "ok"
2/ * Peux-tu tester ceci : C:\WINDOWS\system32\ATHPRX.dll
* Clique sur ce lien : http://www.virustotal.com/en/indexf.html
* Clique sur parcourir et indique le chemin du fichier que j’ai désigné.
* Clique sur send. Au bout de quelques minutes, un rapport est généré. Poste-le dans ta prochaine réponse.
Edite ce rapport.
FillPCA
Re,
Non. On fait autrement.
# Télécharge SDFix (créé par Andy Manchesta) et sauvegarde le sur ton Bureau : http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
# Imprime ceci.
# Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
* Redémarre ton ordinateur.
* Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (ou F5).
* A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
* Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
* Choisis ton compte.
# Déroule la liste des instructions ci-dessous :
* En mode sans échec, double-clique sur le fichier SDFix.exe et clique sur install,
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le script.
* Il va supprimer les services de certains trojans, effectuera aussi quelques réparations du Registre et il te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
* Enfin, ouvre le dossier de SDFix sur ton Bureau et copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
FillPCA
Non. On fait autrement.
# Télécharge SDFix (créé par Andy Manchesta) et sauvegarde le sur ton Bureau : http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
# Imprime ceci.
# Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
* Redémarre ton ordinateur.
* Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (ou F5).
* A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
* Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
* Choisis ton compte.
# Déroule la liste des instructions ci-dessous :
* En mode sans échec, double-clique sur le fichier SDFix.exe et clique sur install,
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le script.
* Il va supprimer les services de certains trojans, effectuera aussi quelques réparations du Registre et il te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
* Enfin, ouvre le dossier de SDFix sur ton Bureau et copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
FillPCA
---------------------------------- En attendant que ça se fasse, un grand merci de répondre aussi vite FillPCA--------------------------------------
[ En cours de Checking par SDFix]
[ En cours de Checking par SDFix]
SDFix: Version 1.125
Run by Jenny on 09/01/2008 at 18:22
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
evwmtjsh
Path:
system32\drivers\lvbuawzi.dat
evwmtjsh - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Service evwmtjsh - Deleted after Reboot
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\system32\drivers\lvbuawzi.dat - Deleted
C:\WINDOWS\SYSTEM32\ATHPRX.DLL - Deleted
C:\Documents and Settings\Jenny\Local Settings\Temp\tmp1F.tmp.exe - Deleted
C:\Documents and Settings\Jenny\Local Settings\Temp\tmp27.tmp.exe - Deleted
C:\Documents and Settings\Jenny\Local Settings\Temp\tmp2E.tmp.exe - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-09 18:28:42
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000093
"TracesSuccessful"=dword:00000007
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 27
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Remaining Files:
---------------
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
Tue 6 Nov 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Thu 8 Nov 2007 13 ...H. --- "C:\Documents and Settings\All Users\Application Data\1Þ13.sys"
Tue 6 Nov 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Thu 8 Nov 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Fri 31 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sat 3 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Mon 26 Nov 2007 444 ...HR --- "C:\Documents and Settings\Jenny\Application Data\SecuROM\UserData\securom_v7_01.bak"
Finished!
Run by Jenny on 09/01/2008 at 18:22
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
evwmtjsh
Path:
system32\drivers\lvbuawzi.dat
evwmtjsh - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Service evwmtjsh - Deleted after Reboot
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\system32\drivers\lvbuawzi.dat - Deleted
C:\WINDOWS\SYSTEM32\ATHPRX.DLL - Deleted
C:\Documents and Settings\Jenny\Local Settings\Temp\tmp1F.tmp.exe - Deleted
C:\Documents and Settings\Jenny\Local Settings\Temp\tmp27.tmp.exe - Deleted
C:\Documents and Settings\Jenny\Local Settings\Temp\tmp2E.tmp.exe - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-09 18:28:42
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000093
"TracesSuccessful"=dword:00000007
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 27
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Remaining Files:
---------------
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
Tue 6 Nov 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Thu 8 Nov 2007 13 ...H. --- "C:\Documents and Settings\All Users\Application Data\1Þ13.sys"
Tue 6 Nov 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Thu 8 Nov 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Fri 31 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sat 3 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Mon 26 Nov 2007 444 ...HR --- "C:\Documents and Settings\Jenny\Application Data\SecuROM\UserData\securom_v7_01.bak"
Finished!
Re,
Il me faut aussi un rapport Hijackthis.
Fais aussi ceci :
* Télécharge SREng (de Smallfrogs) : http://www.kztechs.com/eng/download.html
* Dézippe tout son contenu sur ton bureau (clic droit >Extraire ici).
* Ouvre le dossier SReng2 et double-clique sur SREngPS.exe.
* Clique sur "smart scan".
* Clique sur le bouton "scan".
* Quand l'analyse est terminée, clique sur le bouton "save reports".
* Sauvegarde alors le rapport sur ton bureau.
* Copie/colle le contenu du rapport SREnglLOG.log dans ta prochaine réponse.
FillPCA
Il me faut aussi un rapport Hijackthis.
Fais aussi ceci :
* Télécharge SREng (de Smallfrogs) : http://www.kztechs.com/eng/download.html
* Dézippe tout son contenu sur ton bureau (clic droit >Extraire ici).
* Ouvre le dossier SReng2 et double-clique sur SREngPS.exe.
* Clique sur "smart scan".
* Clique sur le bouton "scan".
* Quand l'analyse est terminée, clique sur le bouton "save reports".
* Sauvegarde alors le rapport sur ton bureau.
* Copie/colle le contenu du rapport SREnglLOG.log dans ta prochaine réponse.
FillPCA
[CODE]
2008-01-09,18:47:17
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [(Verified)Microsoft Windows Publisher]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<IncrediMail><C:\Program Files\IncrediMail\bin\IncMail.exe /c> [IncrediMail, Ltd.]
<RocketDock><"C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"> []
<LDM><C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe> [N/A]
<LogitechSoftwareUpdate><"C:\Program Files\Logitech\Video\ManifestEngine.exe" boot> [N/A]
<eMuleAutoStart><C:\Program Files\eMule\emule.exe -AutoStart> [N/A]
<Orb><"C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background> [Orb Networks]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SDTray><"C:\Program Files\Spyware Doctor\SDTrayApp.exe"> [(Verified)PC Tools]
<Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<ISUSPM Startup><C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup> [InstallShield Software Corporation]
<ISUSScheduler><"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start> [InstallShield Software Corporation]
<DVDLauncher><"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"> [CyberLink Corp.]
<VisualTooltip><C:\Program Files\Visual Tooltip\VisualToolTip.exe> [Christian Salmon]
<IAAnotif><"C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"> [(Verified)Intel Corporation]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Persistence><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<FLMOFFICE4DMOUSE><C:\Program Files\Labtec\Mouse\2.1\moffice.exe> []
<DLA><C:\WINDOWS\System32\DLA\DLACTRLW.EXE> [Sonic Solutions]
<SigmatelSysTrayApp><stsystra.exe> [SigmaTel, Inc.]
<QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<LVCOMSX><C:\WINDOWS\system32\LVCOMSX.EXE> [Logitech Inc.]
<LogitechVideoRepair><C:\Program Files\Logitech\Video\ISStart.exe > [Logitech Inc.]
<LogitechVideoTray><C:\Program Files\Logitech\Video\LogiTray.exe> [Logitech Inc.]
<TkBellExe><"C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<TrayServer><C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe> [N/A]
<UVS11 Preload><C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe> [(Verified)"Ulead Systems, Inc."]
<WinampAgent><C:\Program Files\Winamp\wianmpa.exe> [N/A]
<spa_start><C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify> [N/A]
<UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe"> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PRISMAPI.DLL]
<WinlogonNotify: PRISMAPI.DLL><PRISMAPI.DLL> [Conexant Systems, Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
==================================
Startup Folders
[Logitech Desktop Messenger]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk --> C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [Logitech Inc.]><N>
[Microsoft Office]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[Outil de mise à jour Google]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk --> C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE [Google]><N>
[Utilitaire de carte WLAN sans fil USB 2.0]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de carte WLAN sans fil USB 2.0.lnk --> C:\PROGRA~1\DELLSA~1\PRISMCFG.exe [Dell Inc.]><N>
[Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk --> C:\PROGRA~1\SAGEMW~1.11G\WLANUTL.exe [ ]><N>
[RocketDock]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\ROCKET~1\ROCKET~1.EXE [N/A]><N>
[StarOffice 8]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\StarOffice 8.lnk --> C:\PROGRA~1\Sun\STAROF~1\program\QUICKS~1.EXE [N/A]><N>
[TransBar]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\TransBar.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [AKSoftware]><N>
[UberIcon]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [N/A]><N>
[Y'z Shadow]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\YzShadow\YzShadow.exe [Y'z@Home]><N>
==================================
Services
[Gestion d'applications / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
<C:\WINDOWS\system32\drivers\CDAC11BA.EXE><C-Dilla Ltd>
[Capture Device Service / Capture Device Service][Running/Auto Start]
<"C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe"><InterVideo Inc.>
[Firebird Server - MAGIX Instance / FirebirdServerMAGIXInstance][Stopped/Manual Start]
<C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe><MAGIX®>
[Google Updater Service / gusvc][Running/Auto Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Intel(R) Matrix Storage Event Monitor / IAANTMON][Running/Auto Start]
<C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe><Intel Corporation>
[PRISMSVC / PRISMSVC][Running/Auto Start]
<C:\WINDOWS\system32\PRISMSVC.EXE><Conexant Systems, Inc.>
[PC Tools Auxiliary Service / sdAuxService][Running/Auto Start]
<C:\Program Files\Spyware Doctor\svcntaux.exe><PC Tools>
[PC Tools Security Service / sdCoreService][Running/Auto Start]
<C:\Program Files\Spyware Doctor\swdsvc.exe><PC Tools>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><>
==================================
Drivers
[AEGIS Protocol (IEEE 802.1x) v3.4.3.0 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[atksgt / atksgt][Running/Auto Start]
<system32\DRIVERS\atksgt.sys><N/A>
[catchme / catchme][Running/Manual Start]
<\??\C:\DOCUME~1\Jenny\LOCALS~1\Temp\catchme.sys><N/A>
[DLABOIOM / DLABOIOM][Running/Auto Start]
<System32\DLA\DLABOIOM.SYS><Sonic Solutions>
[DLACDBHM / DLACDBHM][Running/System Start]
<System32\Drivers\DLACDBHM.SYS><Sonic Solutions>
[DLADResN / DLADResN][Running/Auto Start]
<System32\DLA\DLADResN.SYS><Sonic Solutions>
[DLAIFS_M / DLAIFS_M][Running/Auto Start]
<System32\DLA\DLAIFS_M.SYS><Sonic Solutions>
[DLAOPIOM / DLAOPIOM][Running/Auto Start]
<System32\DLA\DLAOPIOM.SYS><Sonic Solutions>
[DLAPoolM / DLAPoolM][Running/Auto Start]
<System32\DLA\DLAPoolM.SYS><Sonic Solutions>
[DLARTL_N / DLARTL_N][Running/System Start]
<System32\Drivers\DLARTL_N.SYS><Sonic Solutions>
[DLAUDFAM / DLAUDFAM][Running/Auto Start]
<System32\DLA\DLAUDFAM.SYS><Sonic Solutions>
[DLAUDF_M / DLAUDF_M][Running/Auto Start]
<System32\DLA\DLAUDF_M.SYS><Sonic Solutions>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys><Ma-Config.com>
[drvmcdb / drvmcdb][Running/Boot Start]
<\SystemRoot\System32\Drivers\DRVMCDB.SYS><Sonic Solutions>
[drvnddm / drvnddm][Running/Auto Start]
<System32\Drivers\DRVNDDM.SYS><Sonic Solutions>
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start]
<system32\DRIVERS\e1e5132.sys><Intel Corporation>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[Intel RAID Controller / iastor][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>
[File Security Driver / IKFileSec][Running/Boot Start]
<\SystemRoot\system32\drivers\ikfilesec.sys><PCTools Research Pty Ltd.>
[System Filter Driver / IKSysFlt][Running/System Start]
<system32\drivers\iksysflt.sys><PCTools Research Pty Ltd.>
[System Security Driver / IKSysSec][Running/System Start]
<system32\drivers\iksyssec.sys><PCTools Research Pty Ltd.>
[lirsgt / lirsgt][Running/Auto Start]
<system32\DRIVERS\lirsgt.sys><N/A>
[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start]
<system32\drivers\lvusbsta.sys><Logitech Inc.>
[PCANDIS5 Protocol Driver / PCANDIS5][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[Volume Adapter / pepifilter][Running/Manual Start]
<system32\DRIVERS\lv302af.sys><Logitech Inc.>
[QuickCam IM(PID_08A0) / PID_08A0][Running/Manual Start]
<system32\DRIVERS\LV302AV.SYS><Logitech Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SAGEM 802.11g XG760 1211 Driver / SG760_XP][Stopped/Manual Start]
<system32\DRIVERS\WlanUZXP.sys><ZyDAS Technology Corporation>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><SigmaTel, Inc.>
[Codec Teletext standard / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[ZDCndis5 Protocol Driver / ZDCndis5][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\ZDCndis5.SYS><N/A>
[ZDPNDIS5 NDIS Protocol Driver / ZDPNDIS5][Running/Manual Start]
<\??\C:\WINDOWS\system32\ZDPNDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
==================================
Browser Add-ons
[Aide pour le lien d'Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Dcads Search Assistant]
{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} <C:\WINDOWS\system32\dcads_sidebar.dll, >
[Winamp Toolbar BHO]
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[VMN Toolbar]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} <C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL, Visicom Media Inc. >
[DriveLetterAccess]
{5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions>
[dcads]
{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} <C:\WINDOWS\system32\nsk17.dll, >
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[Java Plug-in 1.6.0_03]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[VMN Toolbar]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} <C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL, Visicom Media Inc. >
[Winamp Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[SysProWmi Class]
{01A88BB1-1174-41EC-ACCB-963509EAE56B} <C:\WINDOWS\system32\Dell\SystemProfiler\SysPro.ocx, Dell Computer Corp.>
[Java Plug-in 1.6.0_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_02]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Dell PC Checkup Installer Control]
{E856B973-45FD-4559-8F82-EAB539144667} <C:\WINDOWS\system32\gtdownde_110.ocx, Gteko Ltd.>
[SysProWmi Class]
{01A88BB1-1174-41EC-ACCB-963509EAE56B} <C:\WINDOWS\system32\Dell\SystemProfiler\SysPro.ocx, Dell Computer Corp.>
[Aide pour le lien d'Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Dcads Search Assistant]
{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} <C:\WINDOWS\system32\dcads_sidebar.dll, >
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Winamp Toolbar BHO]
{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[VMN Toolbar]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} <C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL, Visicom Media Inc. >
[DriveLetterAccess]
{5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[dcads]
{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} <C:\WINDOWS\system32\nsk17.dll, >
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[browser optimizer superiorads]
{8E015787-B1E3-404A-95DE-3E71E1FA0305} <C:\WINDOWS\system32\spads.dll, N/A>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[Windows Live Sign-in Control]
{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Dell PC Checkup Installer Control]
{E856B973-45FD-4559-8F82-EAB539144667} <C:\WINDOWS\system32\gtdownde_110.ocx, Gteko Ltd.>
[Winamp Toolbar]
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[&Add animation to IncrediMail Style Box]
<C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm, N/A>
[&Winamp Toolbar Search]
<C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 604 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 652 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 676 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PRISMAPI.DLL] [Conexant Systems, Inc., 2.03.17]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 720 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 732 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 924 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 992 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1088 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1160 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1300 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1412 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1488 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1852 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1936 / Jenny][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\PROGRA~1\BADGES~1.0\SHELL_~1.DLL] [Shedko software, 1.5.0.0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll] [Sun Microsystems, Inc., 8.0.0.9118]
[C:\Program Files\Sun\StarOffice 8\program\uwinapi.dll] [Sun Microsystems, Inc., 8.0.0.9180]
[C:\Program Files\Sun\StarOffice 8\program\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Sun\StarOffice 8\program\stlport_vc7145.dll] [STLport Consulting, Inc., 4.5.2003.0120]
[C:\Program Files\Sun\StarOffice 8\program\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
[PID: 1944 / Jenny][C:\WINDOWS\system32\PRISMSVR.EXE] [Conexant Systems, Inc., 2.03.17]
[C:\WINDOWS\system32\PRISME5.DLL] [Meetinghouse Data Communications, 3, 0, 11, 0]
[C:\WINDOWS\system32\PRISMAPI.DLL] [Conexant Systems, Inc., 2.03.17]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 1608 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [C-Dilla Ltd, 4.11.050]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 220 / SYSTEM][C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe] [InterVideo Inc., 1.0.0.1]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 288 / SYSTEM][C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe] [Google, 2.2.824.5515.beta]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 400 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 444 / SYSTEM][C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_FRA.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 488 / SYSTEM][C:\WINDOWS\system32\PRISMSVC.EXE] [Conexant Systems, Inc., 2.03.17]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 504 / SYSTEM][C:\Program Files\Spyware Doctor\svcntaux.exe] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\ikdll.dll] [PCTools Research Pty Ltd., 5.0.2.1035]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 872 / SYSTEM][C:\Program Files\Spyware Doctor\swdsvc.exe] [PC Tools, 5.0.5.23]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\ikdll.dll] [PCTools Research Pty Ltd., 5.0.2.1035]
[C:\Program Files\Spyware Doctor\CommOM.dll] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\vcl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\CommLib.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\commhlpr.dll] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\RegHelper.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\inethlpr.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\filehlpr.dll] [PC Tools, 5.0.5.21]
[C:\Program Files\Spyware Doctor\sdcore.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Spyware Doctor\FileStorage.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\Settings.sdp] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\IDBLib.sdp] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\SDInfo.sdp] [PC Tools, 5.0.5.8]
[C:\Program Files\Spyware Doctor\SDExtra.sdp] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\PCTWSC.dll] [PC Tools, 1, 0, 0, 7]
[C:\Program Files\Spyware Doctor\Immunizer.sdp] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\Localizer.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\NfyMan.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\quarantine.sdp] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\BH.dll] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\RebootManager.sdp] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\scaneng.sdp] [PC Tools, 5.0.5.5]
[C:\Program Files\Spyware Doctor\stasks.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\SystemMonitor.sdp] [PC Tools, 5.0.5.44]
[C:\Program Files\Spyware Doctor\whitelist.sdp] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\plugins\Browsers.SDP] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\plugins\grfiles.SDP] [PC Tools, 5.0.5.27]
[C:\Program Files\Spyware Doctor\plugins\grregistry.SDP] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\PCToolsComponents.bpl] [PC Tools, 5.0.5.3]
[C:\Program Files\Spyware Doctor\SH.dll] [PC Tools, 5.0.5.3]
[C:\Program Files\Spyware Doctor\plugins\Network.SDP] [PC Tools, 5.0.5.12]
[C:\Program Files\Spyware Doctor\plugins\Process.SDP] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\plugins\ScriptEngine.SDP] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\plugins\StartUp.SDP] [PC Tools, 5.0.5.2]
[PID: 1052 / Jenny][C:\Program Files\Spyware Doctor\SDTrayApp.exe] [PC Tools, 5.0.5.31]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\ikdll.dll] [PCTools Research Pty Ltd., 5.0.2.1035]
[C:\Program Files\Spyware Doctor\vcl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\CommOM.dll] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\CommLib.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\PCToolsComponents.bpl] [PC Tools, 5.0.5.3]
[C:\Program Files\Spyware Doctor\cdialogs.dll] [PC Tools, 5.0.5.23]
[C:\Program Files\Spyware Doctor\pwindow.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 1064 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\eswia30.dll] [SEIKO EPSON CORP., 1.12]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1128 / SYSTEM][C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 5]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1684 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\WMPNetwk.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\wmpmde.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\MFPlat.DLL] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\wmpps.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\wmdrmdev.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Documents and Settings\All Users\DRM\Cache\Indiv01.key] [Microsoft Corporation, 11.0.6000.7000]
[C:\WINDOWS\system32\wmdrmnet.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[PID: 2828 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\langmai.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 2884 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 3096 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 2968 / Jenny][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 2992 / Jenny][C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe] [InstallShield Software Corporation, 3, 10, 100, 1155]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 3144 / Jenny][C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe] [CyberLink Corp., 3.00.0000]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3184 / Jenny][C:\Program Files\Visual Tooltip\VisualToolTip.exe] [Christian Salmon, 2.2.0.0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[PID: 3232 / Jenny][C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_FRA.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3248 / Jenny][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3260 / Jenny][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3280 / Jenny][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3288 / Jenny][C:\Program Files\Labtec\Mouse\2.1\moffice.exe] [, 1, 0, 0, 1]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Labtec\Mouse\2.1\ofmdll.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3304 / Jenny][C:\WINDOWS\system32\igfxsrvc.exe] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 6.14.10.4859]
[PID: 3328 / Jenny][C:\WINDOWS\System32\DLA\DLACTRLW.EXE] [Sonic Solutions, 5.20.12a]
[C:\WINDOWS\system32\DLAAPI_W.DLL] [Sonic Solutions, 5.20.12a]
[C:\WINDOWS\System32\DLA\DLACResW.dll] [Sonic Solutions, 5.20.12a]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\VxBlock.dll] [Sonic Solutions, 1.00.83a]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3340 / Jenny][C:\WINDOWS\stsystra.exe] [SigmaTel, Inc., 1.0.4991.0 nd444 cp1]
[C:\WINDOWS\system32\STLang.dll] [SigmaTel, Inc., 1.6.4947.0 nd229 cp1]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\stacapi.dll] [SigmaTel, Inc., 1.0.4991.0 nd444 cp1]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3372 / Jenny][C:\WINDOWS\system32\LVCOMSX.EXE] [Logitech Inc., 8.4.1.1092]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\lvmaenum.dll] [Logitech Inc., 8.4.1.1092]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\system32\lvcomcx.dll] [Logitech Inc., 8.4.1.1092]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3392 / Jenny][C:\Program Files\Logitech\Video\LogiTray.exe] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Logitech\Video\QCUI2.dll] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Logitech\Video\LTWVC12n.dll] [LEAD Technologies, Inc., 12.1.0.058]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Logitech\Video\LTFIL12n.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LTKRN12n.dll] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LQCUI2.dll] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Logitech\Video\LLogTray.dll] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Logitech\Video\LTDIS12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LTIMG12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LTEFX12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LFFAX12N.DLL] [LEAD Technologies, Inc., 12.1.0.020]
[C:\Program Files\Logitech\Video\LFCMP12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LFTIF12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LFBMP12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\WINDOWS\system32\lvmaenum.dll] [Logitech Inc., 8.4.1.1092]
[C:\WINDOWS\system32\lvcomcx.dll] [Logitech Inc., 8.4.1.1092]
[C:\Program Files\Logitech\Video\FXSvrps.dll] [Logitech Inc., 8.4.6.1012]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[PID: 2116 / Jenny][C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.4043]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3440 / Jenny][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
[c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[PID: 1696 / Jenny][C:\Program Files\Unlocker\UnlockerAssistant.exe] [N/A, ]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 324 / Jenny][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 1020 / Jenny][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\MSIMG32.dll] [Patchou, 4, 50, 0, 312]
[C:\Program Files\MSN Messenger\MSNCore.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\MSACM32.dll] [iAvatars.com, 1, 0, 0, 4]
[C:\Program Files\MSN Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[C:\Program Files\MSN Messenger\ContactsUX.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll] [Patchou, 4, 50, 0, 312]
[C:\Program Files\Messenger Plus! Live\Detoured.dll] [N/A, ]
[C:\Program Files\StuffPlug3\StuffPlug3.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\msgsres.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll] [Patchou, 4, 50, 0, 312]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\Program Files\MSN Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\MSN Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\MSN Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\MSN Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00]
[C:\Program Files\Fake Webcam\Vcam.ax] [N/A, ]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\MSN Messenger\lmcdata.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\contact.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\dfsr.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\abssm.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\usnsvcps.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
[C:\WINDOWS\system32\mfplat.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[C:\PROGRA~1\BADGES~1.0\SHELL_~1.DLL] [Shedko software, 1.5.0.0]
[PID: 3652 / Jenny][C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe] [N/A, ]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[PID: 3744 / Jenny][C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE] [, 3.0.1.0]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3756 / Jenny][C:\Program Files\Winamp Remote\bin\OrbTray.exe] [Orb Networks, 2, 2007, 1022, 1730]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Winamp Remote\bin\LangRes.dll] [Orb Networks, 1, 2007, 1019, 1710]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Winamp Remote\bin\CabDirectory.dll] [Orb Networks, 1, 2007, 313, 1100]
[C:\Program Files\Winamp Remote\bin\Cab.dll] [, 1, 2007, 702, 1400]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Winamp Remote\bin\CabClient.dll] [Orb Networks, 2, 2007, 1015, 1630]
[C:\Program Files\Winamp Remote\bin\LIBEAY32.dll] [The OpenSSL Project, https://www.openssl.org/ 0.9.8e]
[C:\Program Files\Winamp Remote\bin\SSLEAY32.dll] [The OpenSSL Project, https://www.openssl.org/ 0.9.8e]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Winamp Remote\bin\ZLIB1.dll] [, 1.2.3]
[PID: 3800 / Jenny][C:\Program Files\Windows Media Player\WMPNSCFG.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Windows Media Player\wmpnssci.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3868 / Jenny][C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] [Logitech Inc., 2.52.21.16]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\backWeb.dll] [BackWeb Technologies Inc., Version 8.1.1 (Build 50R)]
[C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\bwsec.dll] [BackWeb Technologies Inc., Version 5.1.1 (Build 50R)]
[C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll] [N/A, ]
[C:\PROGRA~1\Logitech\DESKTO~1\8876480\811~1.50-\program\EN\ClientRC.dll] [BackWeb Technologies Inc., Version 8.1.1 (Build 50R)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfil
2008-01-09,18:47:17
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [(Verified)Microsoft Windows Publisher]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<IncrediMail><C:\Program Files\IncrediMail\bin\IncMail.exe /c> [IncrediMail, Ltd.]
<RocketDock><"C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"> []
<LDM><C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe> [N/A]
<LogitechSoftwareUpdate><"C:\Program Files\Logitech\Video\ManifestEngine.exe" boot> [N/A]
<eMuleAutoStart><C:\Program Files\eMule\emule.exe -AutoStart> [N/A]
<Orb><"C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background> [Orb Networks]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SDTray><"C:\Program Files\Spyware Doctor\SDTrayApp.exe"> [(Verified)PC Tools]
<Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<ISUSPM Startup><C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup> [InstallShield Software Corporation]
<ISUSScheduler><"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start> [InstallShield Software Corporation]
<DVDLauncher><"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"> [CyberLink Corp.]
<VisualTooltip><C:\Program Files\Visual Tooltip\VisualToolTip.exe> [Christian Salmon]
<IAAnotif><"C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"> [(Verified)Intel Corporation]
<IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Persistence><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<FLMOFFICE4DMOUSE><C:\Program Files\Labtec\Mouse\2.1\moffice.exe> []
<DLA><C:\WINDOWS\System32\DLA\DLACTRLW.EXE> [Sonic Solutions]
<SigmatelSysTrayApp><stsystra.exe> [SigmaTel, Inc.]
<QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<LVCOMSX><C:\WINDOWS\system32\LVCOMSX.EXE> [Logitech Inc.]
<LogitechVideoRepair><C:\Program Files\Logitech\Video\ISStart.exe > [Logitech Inc.]
<LogitechVideoTray><C:\Program Files\Logitech\Video\LogiTray.exe> [Logitech Inc.]
<TkBellExe><"C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<TrayServer><C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe> [N/A]
<UVS11 Preload><C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe> [(Verified)"Ulead Systems, Inc."]
<WinampAgent><C:\Program Files\Winamp\wianmpa.exe> [N/A]
<spa_start><C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify> [N/A]
<UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe"> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PRISMAPI.DLL]
<WinlogonNotify: PRISMAPI.DLL><PRISMAPI.DLL> [Conexant Systems, Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
==================================
Startup Folders
[Logitech Desktop Messenger]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk --> C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [Logitech Inc.]><N>
[Microsoft Office]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[Outil de mise à jour Google]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk --> C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE [Google]><N>
[Utilitaire de carte WLAN sans fil USB 2.0]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de carte WLAN sans fil USB 2.0.lnk --> C:\PROGRA~1\DELLSA~1\PRISMCFG.exe [Dell Inc.]><N>
[Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk --> C:\PROGRA~1\SAGEMW~1.11G\WLANUTL.exe [ ]><N>
[RocketDock]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\ROCKET~1\ROCKET~1.EXE [N/A]><N>
[StarOffice 8]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\StarOffice 8.lnk --> C:\PROGRA~1\Sun\STAROF~1\program\QUICKS~1.EXE [N/A]><N>
[TransBar]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\TransBar.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [AKSoftware]><N>
[UberIcon]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [N/A]><N>
[Y'z Shadow]
<C:\Documents and Settings\Jenny\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\YzShadow\YzShadow.exe [Y'z@Home]><N>
==================================
Services
[Gestion d'applications / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
<C:\WINDOWS\system32\drivers\CDAC11BA.EXE><C-Dilla Ltd>
[Capture Device Service / Capture Device Service][Running/Auto Start]
<"C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe"><InterVideo Inc.>
[Firebird Server - MAGIX Instance / FirebirdServerMAGIXInstance][Stopped/Manual Start]
<C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe><MAGIX®>
[Google Updater Service / gusvc][Running/Auto Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Intel(R) Matrix Storage Event Monitor / IAANTMON][Running/Auto Start]
<C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe><Intel Corporation>
[PRISMSVC / PRISMSVC][Running/Auto Start]
<C:\WINDOWS\system32\PRISMSVC.EXE><Conexant Systems, Inc.>
[PC Tools Auxiliary Service / sdAuxService][Running/Auto Start]
<C:\Program Files\Spyware Doctor\svcntaux.exe><PC Tools>
[PC Tools Security Service / sdCoreService][Running/Auto Start]
<C:\Program Files\Spyware Doctor\swdsvc.exe><PC Tools>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><>
==================================
Drivers
[AEGIS Protocol (IEEE 802.1x) v3.4.3.0 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[atksgt / atksgt][Running/Auto Start]
<system32\DRIVERS\atksgt.sys><N/A>
[catchme / catchme][Running/Manual Start]
<\??\C:\DOCUME~1\Jenny\LOCALS~1\Temp\catchme.sys><N/A>
[DLABOIOM / DLABOIOM][Running/Auto Start]
<System32\DLA\DLABOIOM.SYS><Sonic Solutions>
[DLACDBHM / DLACDBHM][Running/System Start]
<System32\Drivers\DLACDBHM.SYS><Sonic Solutions>
[DLADResN / DLADResN][Running/Auto Start]
<System32\DLA\DLADResN.SYS><Sonic Solutions>
[DLAIFS_M / DLAIFS_M][Running/Auto Start]
<System32\DLA\DLAIFS_M.SYS><Sonic Solutions>
[DLAOPIOM / DLAOPIOM][Running/Auto Start]
<System32\DLA\DLAOPIOM.SYS><Sonic Solutions>
[DLAPoolM / DLAPoolM][Running/Auto Start]
<System32\DLA\DLAPoolM.SYS><Sonic Solutions>
[DLARTL_N / DLARTL_N][Running/System Start]
<System32\Drivers\DLARTL_N.SYS><Sonic Solutions>
[DLAUDFAM / DLAUDFAM][Running/Auto Start]
<System32\DLA\DLAUDFAM.SYS><Sonic Solutions>
[DLAUDF_M / DLAUDF_M][Running/Auto Start]
<System32\DLA\DLAUDF_M.SYS><Sonic Solutions>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys><Ma-Config.com>
[drvmcdb / drvmcdb][Running/Boot Start]
<\SystemRoot\System32\Drivers\DRVMCDB.SYS><Sonic Solutions>
[drvnddm / drvnddm][Running/Auto Start]
<System32\Drivers\DRVNDDM.SYS><Sonic Solutions>
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start]
<system32\DRIVERS\e1e5132.sys><Intel Corporation>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[Intel RAID Controller / iastor][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>
[File Security Driver / IKFileSec][Running/Boot Start]
<\SystemRoot\system32\drivers\ikfilesec.sys><PCTools Research Pty Ltd.>
[System Filter Driver / IKSysFlt][Running/System Start]
<system32\drivers\iksysflt.sys><PCTools Research Pty Ltd.>
[System Security Driver / IKSysSec][Running/System Start]
<system32\drivers\iksyssec.sys><PCTools Research Pty Ltd.>
[lirsgt / lirsgt][Running/Auto Start]
<system32\DRIVERS\lirsgt.sys><N/A>
[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start]
<system32\drivers\lvusbsta.sys><Logitech Inc.>
[PCANDIS5 Protocol Driver / PCANDIS5][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[Volume Adapter / pepifilter][Running/Manual Start]
<system32\DRIVERS\lv302af.sys><Logitech Inc.>
[QuickCam IM(PID_08A0) / PID_08A0][Running/Manual Start]
<system32\DRIVERS\LV302AV.SYS><Logitech Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SAGEM 802.11g XG760 1211 Driver / SG760_XP][Stopped/Manual Start]
<system32\DRIVERS\WlanUZXP.sys><ZyDAS Technology Corporation>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><SigmaTel, Inc.>
[Codec Teletext standard / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[ZDCndis5 Protocol Driver / ZDCndis5][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\ZDCndis5.SYS><N/A>
[ZDPNDIS5 NDIS Protocol Driver / ZDPNDIS5][Running/Manual Start]
<\??\C:\WINDOWS\system32\ZDPNDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
==================================
Browser Add-ons
[Aide pour le lien d'Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Dcads Search Assistant]
{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} <C:\WINDOWS\system32\dcads_sidebar.dll, >
[Winamp Toolbar BHO]
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[VMN Toolbar]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} <C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL, Visicom Media Inc. >
[DriveLetterAccess]
{5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions>
[dcads]
{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} <C:\WINDOWS\system32\nsk17.dll, >
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[Java Plug-in 1.6.0_03]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[VMN Toolbar]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} <C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL, Visicom Media Inc. >
[Winamp Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[SysProWmi Class]
{01A88BB1-1174-41EC-ACCB-963509EAE56B} <C:\WINDOWS\system32\Dell\SystemProfiler\SysPro.ocx, Dell Computer Corp.>
[Java Plug-in 1.6.0_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_02]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Dell PC Checkup Installer Control]
{E856B973-45FD-4559-8F82-EAB539144667} <C:\WINDOWS\system32\gtdownde_110.ocx, Gteko Ltd.>
[SysProWmi Class]
{01A88BB1-1174-41EC-ACCB-963509EAE56B} <C:\WINDOWS\system32\Dell\SystemProfiler\SysPro.ocx, Dell Computer Corp.>
[Aide pour le lien d'Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Dcads Search Assistant]
{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} <C:\WINDOWS\system32\dcads_sidebar.dll, >
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Winamp Toolbar BHO]
{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[VMN Toolbar]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} <C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL, Visicom Media Inc. >
[DriveLetterAccess]
{5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\System32\DLA\DLASHX_W.DLL, Sonic Solutions>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[dcads]
{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} <C:\WINDOWS\system32\nsk17.dll, >
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[browser optimizer superiorads]
{8E015787-B1E3-404A-95DE-3E71E1FA0305} <C:\WINDOWS\system32\spads.dll, N/A>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[Windows Live Sign-in Control]
{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Dell PC Checkup Installer Control]
{E856B973-45FD-4559-8F82-EAB539144667} <C:\WINDOWS\system32\gtdownde_110.ocx, Gteko Ltd.>
[Winamp Toolbar]
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[&Add animation to IncrediMail Style Box]
<C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm, N/A>
[&Winamp Toolbar Search]
<C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 604 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 652 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 676 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\PRISMAPI.DLL] [Conexant Systems, Inc., 2.03.17]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 720 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 732 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 924 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 992 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1088 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1160 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1300 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1412 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1488 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1852 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1936 / Jenny][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\PROGRA~1\BADGES~1.0\SHELL_~1.DLL] [Shedko software, 1.5.0.0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll] [Sun Microsystems, Inc., 8.0.0.9118]
[C:\Program Files\Sun\StarOffice 8\program\uwinapi.dll] [Sun Microsystems, Inc., 8.0.0.9180]
[C:\Program Files\Sun\StarOffice 8\program\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Sun\StarOffice 8\program\stlport_vc7145.dll] [STLport Consulting, Inc., 4.5.2003.0120]
[C:\Program Files\Sun\StarOffice 8\program\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
[PID: 1944 / Jenny][C:\WINDOWS\system32\PRISMSVR.EXE] [Conexant Systems, Inc., 2.03.17]
[C:\WINDOWS\system32\PRISME5.DLL] [Meetinghouse Data Communications, 3, 0, 11, 0]
[C:\WINDOWS\system32\PRISMAPI.DLL] [Conexant Systems, Inc., 2.03.17]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 1608 / SYSTEM][C:\WINDOWS\system32\drivers\CDAC11BA.EXE] [C-Dilla Ltd, 4.11.050]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 220 / SYSTEM][C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe] [InterVideo Inc., 1.0.0.1]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 288 / SYSTEM][C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe] [Google, 2.2.824.5515.beta]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 400 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 444 / SYSTEM][C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_FRA.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 488 / SYSTEM][C:\WINDOWS\system32\PRISMSVC.EXE] [Conexant Systems, Inc., 2.03.17]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 504 / SYSTEM][C:\Program Files\Spyware Doctor\svcntaux.exe] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\ikdll.dll] [PCTools Research Pty Ltd., 5.0.2.1035]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 872 / SYSTEM][C:\Program Files\Spyware Doctor\swdsvc.exe] [PC Tools, 5.0.5.23]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\ikdll.dll] [PCTools Research Pty Ltd., 5.0.2.1035]
[C:\Program Files\Spyware Doctor\CommOM.dll] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\vcl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\CommLib.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\commhlpr.dll] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\RegHelper.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\inethlpr.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\filehlpr.dll] [PC Tools, 5.0.5.21]
[C:\Program Files\Spyware Doctor\sdcore.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Spyware Doctor\FileStorage.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\Settings.sdp] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\IDBLib.sdp] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\SDInfo.sdp] [PC Tools, 5.0.5.8]
[C:\Program Files\Spyware Doctor\SDExtra.sdp] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\PCTWSC.dll] [PC Tools, 1, 0, 0, 7]
[C:\Program Files\Spyware Doctor\Immunizer.sdp] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\Localizer.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\NfyMan.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\quarantine.sdp] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\BH.dll] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\RebootManager.sdp] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\scaneng.sdp] [PC Tools, 5.0.5.5]
[C:\Program Files\Spyware Doctor\stasks.sdp] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\SystemMonitor.sdp] [PC Tools, 5.0.5.44]
[C:\Program Files\Spyware Doctor\whitelist.sdp] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\plugins\Browsers.SDP] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\plugins\grfiles.SDP] [PC Tools, 5.0.5.27]
[C:\Program Files\Spyware Doctor\plugins\grregistry.SDP] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\PCToolsComponents.bpl] [PC Tools, 5.0.5.3]
[C:\Program Files\Spyware Doctor\SH.dll] [PC Tools, 5.0.5.3]
[C:\Program Files\Spyware Doctor\plugins\Network.SDP] [PC Tools, 5.0.5.12]
[C:\Program Files\Spyware Doctor\plugins\Process.SDP] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\plugins\ScriptEngine.SDP] [PC Tools, 5.0.5.0]
[C:\Program Files\Spyware Doctor\plugins\StartUp.SDP] [PC Tools, 5.0.5.2]
[PID: 1052 / Jenny][C:\Program Files\Spyware Doctor\SDTrayApp.exe] [PC Tools, 5.0.5.31]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\ikdll.dll] [PCTools Research Pty Ltd., 5.0.2.1035]
[C:\Program Files\Spyware Doctor\vcl100.bpl] [Borland Software Corporation, 10.0.2288.42451]
[C:\Program Files\Spyware Doctor\CommOM.dll] [PC Tools, 5.0.5.4]
[C:\Program Files\Spyware Doctor\CommLib.dll] [PC Tools, 5.0.5.1]
[C:\Program Files\Spyware Doctor\PCToolsComponents.bpl] [PC Tools, 5.0.5.3]
[C:\Program Files\Spyware Doctor\cdialogs.dll] [PC Tools, 5.0.5.23]
[C:\Program Files\Spyware Doctor\pwindow.dll] [PC Tools, 5.0.5.2]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 1064 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\eswia30.dll] [SEIKO EPSON CORP., 1.12]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1128 / SYSTEM][C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 5]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 1684 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\WMPNetwk.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\wmpmde.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\MFPlat.DLL] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\wmpps.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\wmdrmdev.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Documents and Settings\All Users\DRM\Cache\Indiv01.key] [Microsoft Corporation, 11.0.6000.7000]
[C:\WINDOWS\system32\wmdrmnet.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[PID: 2828 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\langmai.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 2884 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 3096 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 2968 / Jenny][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 2992 / Jenny][C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe] [InstallShield Software Corporation, 3, 10, 100, 1155]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[PID: 3144 / Jenny][C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe] [CyberLink Corp., 3.00.0000]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3184 / Jenny][C:\Program Files\Visual Tooltip\VisualToolTip.exe] [Christian Salmon, 2.2.0.0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[PID: 3232 / Jenny][C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_FRA.dll] [Intel Corporation, 7.6.0.1011]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3248 / Jenny][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3260 / Jenny][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3280 / Jenny][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3288 / Jenny][C:\Program Files\Labtec\Mouse\2.1\moffice.exe] [, 1, 0, 0, 1]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Labtec\Mouse\2.1\ofmdll.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3304 / Jenny][C:\WINDOWS\system32\igfxsrvc.exe] [Intel Corporation, 6.14.10.4859]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4859]
[C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 6.14.10.4859]
[PID: 3328 / Jenny][C:\WINDOWS\System32\DLA\DLACTRLW.EXE] [Sonic Solutions, 5.20.12a]
[C:\WINDOWS\system32\DLAAPI_W.DLL] [Sonic Solutions, 5.20.12a]
[C:\WINDOWS\System32\DLA\DLACResW.dll] [Sonic Solutions, 5.20.12a]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\VxBlock.dll] [Sonic Solutions, 1.00.83a]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3340 / Jenny][C:\WINDOWS\stsystra.exe] [SigmaTel, Inc., 1.0.4991.0 nd444 cp1]
[C:\WINDOWS\system32\STLang.dll] [SigmaTel, Inc., 1.6.4947.0 nd229 cp1]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\stacapi.dll] [SigmaTel, Inc., 1.0.4991.0 nd444 cp1]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 3372 / Jenny][C:\WINDOWS\system32\LVCOMSX.EXE] [Logitech Inc., 8.4.1.1092]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\WINDOWS\system32\lvmaenum.dll] [Logitech Inc., 8.4.1.1092]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\system32\lvcomcx.dll] [Logitech Inc., 8.4.1.1092]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3392 / Jenny][C:\Program Files\Logitech\Video\LogiTray.exe] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Logitech\Video\QCUI2.dll] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Logitech\Video\LTWVC12n.dll] [LEAD Technologies, Inc., 12.1.0.058]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Logitech\Video\LTFIL12n.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LTKRN12n.dll] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LQCUI2.dll] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Logitech\Video\LLogTray.dll] [Logitech Inc., 8.4.6.1012]
[C:\Program Files\Logitech\Video\LTDIS12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LTIMG12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LTEFX12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LFFAX12N.DLL] [LEAD Technologies, Inc., 12.1.0.020]
[C:\Program Files\Logitech\Video\LFCMP12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LFTIF12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\Program Files\Logitech\Video\LFBMP12N.DLL] [LEAD Technologies, Inc., 12.1.0.058]
[C:\WINDOWS\system32\lvmaenum.dll] [Logitech Inc., 8.4.1.1092]
[C:\WINDOWS\system32\lvcomcx.dll] [Logitech Inc., 8.4.1.1092]
[C:\Program Files\Logitech\Video\FXSvrps.dll] [Logitech Inc., 8.4.6.1012]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[PID: 2116 / Jenny][C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.4043]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3440 / Jenny][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\WINDOWS\system32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
[c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 1098, 0]
[c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[PID: 1696 / Jenny][C:\Program Files\Unlocker\UnlockerAssistant.exe] [N/A, ]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[PID: 324 / Jenny][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 1020 / Jenny][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\MSIMG32.dll] [Patchou, 4, 50, 0, 312]
[C:\Program Files\MSN Messenger\MSNCore.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\MSACM32.dll] [iAvatars.com, 1, 0, 0, 4]
[C:\Program Files\MSN Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[C:\Program Files\MSN Messenger\ContactsUX.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll] [Patchou, 4, 50, 0, 312]
[C:\Program Files\Messenger Plus! Live\Detoured.dll] [N/A, ]
[C:\Program Files\StuffPlug3\StuffPlug3.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\msgsres.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll] [Patchou, 4, 50, 0, 312]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\Program Files\MSN Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\MSN Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\MSN Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\MSN Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00]
[C:\Program Files\Fake Webcam\Vcam.ax] [N/A, ]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\MSN Messenger\lmcdata.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\contact.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\dfsr.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\abssm.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\usnsvcps.dll] [Microsoft Corporation, 8.1.0178.00]
[C:\Program Files\MSN Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
[C:\WINDOWS\system32\mfplat.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[C:\PROGRA~1\BADGES~1.0\SHELL_~1.DLL] [Shedko software, 1.5.0.0]
[PID: 3652 / Jenny][C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe] [N/A, ]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[PID: 3744 / Jenny][C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE] [, 3.0.1.0]
[C:\Program Files\Labtec\Mouse\2.1\MOUDL32A.DLL] [, 3, 0, 2, 0]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3756 / Jenny][C:\Program Files\Winamp Remote\bin\OrbTray.exe] [Orb Networks, 2, 2007, 1022, 1730]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Winamp Remote\bin\LangRes.dll] [Orb Networks, 1, 2007, 1019, 1710]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Winamp Remote\bin\CabDirectory.dll] [Orb Networks, 1, 2007, 313, 1100]
[C:\Program Files\Winamp Remote\bin\Cab.dll] [, 1, 2007, 702, 1400]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[C:\Program Files\Winamp Remote\bin\CabClient.dll] [Orb Networks, 2, 2007, 1015, 1630]
[C:\Program Files\Winamp Remote\bin\LIBEAY32.dll] [The OpenSSL Project, https://www.openssl.org/ 0.9.8e]
[C:\Program Files\Winamp Remote\bin\SSLEAY32.dll] [The OpenSSL Project, https://www.openssl.org/ 0.9.8e]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Winamp Remote\bin\ZLIB1.dll] [, 1.2.3]
[PID: 3800 / Jenny][C:\Program Files\Windows Media Player\WMPNSCFG.exe] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Windows Media Player\wmpnssci.dll] [Microsoft Corporation, 11.0.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll] [, 1, 9, 0, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll] [N/A, ]
[PID: 3868 / Jenny][C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe] [Logitech Inc., 2.52.21.16]
[C:\Program Files\Spyware Doctor\smumhook.dll] [PC Tools, 5.0.5.24]
[C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\backWeb.dll] [BackWeb Technologies Inc., Version 8.1.1 (Build 50R)]
[C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\bwsec.dll] [BackWeb Technologies Inc., Version 5.1.1 (Build 50R)]
[C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll] [N/A, ]
[C:\PROGRA~1\Logitech\DESKTO~1\8876480\811~1.50-\program\EN\ClientRC.dll] [BackWeb Technologies Inc., Version 8.1.1 (Build 50R)]
[C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll] [N/A, ]
[C:\Program Files\Visual Tooltip\VisualTooltip.dll] [Christian Salmon, 1, 0, 0, 1]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfil
le second rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:58, on 09/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Visual Tooltip\VisualToolTip.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Dell sans fil\PRISMCFG.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Documents and Settings\Jenny\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\Visual Tooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Utilitaire de carte WLAN sans fil USB 2.0.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:58, on 09/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Visual Tooltip\VisualToolTip.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Dell sans fil\PRISMCFG.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Documents and Settings\Jenny\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\Visual Tooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Utilitaire de carte WLAN sans fil USB 2.0.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Re,
1/ * Télécharge OTMoveIt (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\Documents and Settings\All Users\Application Data\1Þ13.sys
C:\WINDOWS\system32\nsk17.dll
C:\WINDOWS\system32\dcads_sidebar.dll
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
2/ Ouvre Hijackthis>"Do a scan only" et coche ceci :
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Clique sur fix/réparer.
3/ Télécharge Ccleaner Basic https://www.ccleaner.com/ccleaner/download
Ouvre Ccleaner, clique sur "lancer le nettoyage".
4/ Télécharge AVGantispyware : https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
5/ Edite les rapports suivants :
OTMoveIt, AVGantispyware et un nouveau rapport Hijackthis.
FillPCA
1/ * Télécharge OTMoveIt (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\Documents and Settings\All Users\Application Data\1Þ13.sys
C:\WINDOWS\system32\nsk17.dll
C:\WINDOWS\system32\dcads_sidebar.dll
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
2/ Ouvre Hijackthis>"Do a scan only" et coche ceci :
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Clique sur fix/réparer.
3/ Télécharge Ccleaner Basic https://www.ccleaner.com/ccleaner/download
Ouvre Ccleaner, clique sur "lancer le nettoyage".
4/ Télécharge AVGantispyware : https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
5/ Edite les rapports suivants :
OTMoveIt, AVGantispyware et un nouveau rapport Hijackthis.
FillPCA
File/Folder C:\Documents and Settings\All Users\Application Data\1ޝ13.sys not found.
C:\WINDOWS\system32\nsk17.dll unregistered successfully.
C:\WINDOWS\system32\nsk17.dll moved successfully.
C:\WINDOWS\system32\dcads_sidebar.dll NOT unregistered.
C:\WINDOWS\system32\dcads_sidebar.dll moved successfully.
Created on 01/09/2008 19:08:18
C:\WINDOWS\system32\nsk17.dll unregistered successfully.
C:\WINDOWS\system32\nsk17.dll moved successfully.
C:\WINDOWS\system32\dcads_sidebar.dll NOT unregistered.
C:\WINDOWS\system32\dcads_sidebar.dll moved successfully.
Created on 01/09/2008 19:08:18
j'ai fait ce que tu m'as dit pour HiJackThis, mais
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
n'existaient pas. J'ai quand même fait pour les deux autres...
O2 - BHO: Dcads Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk17.dll
n'existaient pas. J'ai quand même fait pour les deux autres...
OTMoveIt
File/Folder C:\Documents and Settings\All Users\Application Data\1ޝ13.sys not found.
C:\WINDOWS\system32\nsk17.dll unregistered successfully.
C:\WINDOWS\system32\nsk17.dll moved successfully.
C:\WINDOWS\system32\dcads_sidebar.dll NOT unregistered.
C:\WINDOWS\system32\dcads_sidebar.dll moved successfully.
Created on 01/09/2008 19:08:18
AVGantispyware
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:06:52 09/01/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Jenny\Bureau\catchme.zip/ATHPRX.DLL -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
C:\SDFix\backups\backups.zip/backups/ATHPRX.dll -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{9372C367-F237-4DC1-A4F2-73A691C7D8D8}\RP19\A0012576.dll -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{9372C367-F237-4DC1-A4F2-73A691C7D8D8}\RP19\A0012587.dll -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
nouveau rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:06, on 09/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Visual Tooltip\VisualToolTip.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Dell sans fil\PRISMCFG.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Jenny\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\Visual Tooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Utilitaire de carte WLAN sans fil USB 2.0.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
File/Folder C:\Documents and Settings\All Users\Application Data\1ޝ13.sys not found.
C:\WINDOWS\system32\nsk17.dll unregistered successfully.
C:\WINDOWS\system32\nsk17.dll moved successfully.
C:\WINDOWS\system32\dcads_sidebar.dll NOT unregistered.
C:\WINDOWS\system32\dcads_sidebar.dll moved successfully.
Created on 01/09/2008 19:08:18
AVGantispyware
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 20:06:52 09/01/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Jenny\Bureau\catchme.zip/ATHPRX.DLL -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
C:\SDFix\backups\backups.zip/backups/ATHPRX.dll -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{9372C367-F237-4DC1-A4F2-73A691C7D8D8}\RP19\A0012576.dll -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{9372C367-F237-4DC1-A4F2-73A691C7D8D8}\RP19\A0012587.dll -> Trojan.BHO.abo : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
nouveau rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:06, on 09/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\PRISMSVC.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Visual Tooltip\VisualToolTip.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Dell sans fil\PRISMCFG.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Jenny\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\Visual Tooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Utilitaire de carte WLAN sans fil USB 2.0.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
