Virus inconnu (rapport HijackThis)

Voilà ! Tes instructions sont très claires, merci de ta sollicitude. Mon PC bien redémarré avant la compilation du rapport. Voici le rapport ComboFix :

ComboFix 08-06-11.7 - Jonathan 2008-06-13 20:42:01.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1388 [GMT 2:00]
Endroit: C:\Documents and Settings\Jonathan\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Jonathan\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\WINDOWS\system32\drivers\Hgfe40.sys
C:\WINDOWS\system32\jwzpqng.sys
C:\WINDOWS\system32\sddswuuw.tmp
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\owhjmpsv\
C:\Program Files\Malwarebytes' Anti-Malware
C:\Program Files\Malwarebytes' Anti-Malware\changes.rtf
C:\Program Files\Malwarebytes' Anti-Malware\Languages\albanian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\bulgarian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\catalan.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\danish.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\dutch.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\english.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\finnish.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\french.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\german.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\hungarian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\italian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\norwegian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\portugueseBR.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\romanian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\serbian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\slovak.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\slovenian.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\spanish.lng
C:\Program Files\Malwarebytes' Anti-Malware\Languages\swedish.lng
C:\Program Files\Malwarebytes' Anti-Malware\license.txt
C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe
C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
C:\Program Files\Malwarebytes' Anti-Malware\unins000.dat
C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\Program Files\Malwarebytes' Anti-Malware\unins000.msg
C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll
C:\VundoFix Backups
C:\WINDOWS\system32\drivers\Hgfe40.sys
C:\WINDOWS\system32\jwzpqng.sys
C:\WINDOWS\system32\sddswuuw.tmp

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_hgfe40
-------\Service_Hgfe40
-------\Service_jwzpqng


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-13 to 2008-06-13 ))))))))))))))))))))))))))))))))))))
.

2008-06-13 15:00 . 2008-06-13 15:00 <REP> d-------- C:\Deckard
2008-06-13 14:30 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-13 14:30 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-12 22:13 . 2008-06-12 22:13 <REP> d-------- C:\Program Files\Trend Micro
2008-06-12 22:07 . 2008-06-12 22:07 0 --a------ C:\owhjmpsv
2008-06-12 21:58 . 2008-06-12 21:58 <REP> d-------- C:\Program Files\Unlocker
2008-06-12 18:16 . 2008-06-12 18:17 <REP> d-------- C:\Program Files\Glary Utilities
2008-06-12 05:42 . 2008-06-12 07:30 209 --a------ C:\WINDOWS\wininit.ini
2008-06-11 12:53 . 2008-04-14 17:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 12:53 . 2008-05-08 16:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-09 20:59 . 2008-06-09 20:59 <REP> d-------- C:\Program Files\Free Download Manager
2008-06-09 20:59 . 2008-06-09 21:03 <REP> d-------- C:\Documents and Settings\Jonathan\Application Data\Free Download Manager
2008-06-09 20:59 . 2008-06-09 20:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-06-06 16:47 . 2008-06-06 16:48 <REP> d-------- C:\Documents and Settings\Jonathan\Application Data\beid-cache
2008-06-06 16:45 . 2008-06-06 16:45 <REP> d-------- C:\Program Files\EmvSmartCardReader
2008-06-06 16:45 . 2008-06-06 16:42 46 --a------ C:\WINDOWS\Hbci0606144556.bak
2008-06-06 16:42 . 2008-06-06 16:40 277 --a------ C:\WINDOWS\Hbci0606144256.bak
2008-06-06 16:40 . 2008-06-06 16:37 42 --a------ C:\WINDOWS\Hbci0606144036.bak
2008-06-06 16:37 . 2008-06-06 15:35 273 --a------ C:\WINDOWS\Hbci0606143743.bak
2008-06-06 16:33 . 2008-06-06 16:33 <REP> d-------- C:\Program Files\Belgium Identity Card
2008-06-06 16:33 . 2007-02-19 15:15 352,256 --a------ C:\WINDOWS\system32\eidlib.dll
2008-06-06 16:33 . 2007-02-19 15:16 114,688 --a------ C:\WINDOWS\system32\EIDLibCtrl.dll
2008-06-06 16:33 . 2006-05-29 14:32 77,905 --a------ C:\WINDOWS\system32\Belgium Identity Card PKCS11.dll
2008-06-06 16:33 . 2007-02-19 15:16 40,960 --a------ C:\WINDOWS\system32\eidlibj.dll
2008-06-06 15:35 . 2008-06-06 15:30 269 --a------ C:\WINDOWS\Hbci0606133531.bak
2008-06-06 15:35 . 2008-06-06 15:35 38 --a------ C:\WINDOWS\Hbci0606133532.bak
2008-06-06 15:30 . 2008-06-06 15:27 34 --a------ C:\WINDOWS\Hbci0606133048.bak
2008-06-06 15:27 . 2008-06-06 15:13 265 --a------ C:\WINDOWS\Hbci0606132745.bak
2008-06-06 15:13 . 2008-06-06 15:09 30 --a------ C:\WINDOWS\Hbci0606131327.bak
2008-06-06 15:09 . 2008-06-06 15:04 261 --a------ C:\WINDOWS\Hbci0606130940.bak
2008-06-06 15:04 . 2008-06-06 14:46 26 --a------ C:\WINDOWS\Hbci0606130441.bak
2008-06-06 14:46 . 2008-06-06 14:46 257 --a------ C:\WINDOWS\Hbci0606124645.bak
2008-06-06 14:46 . 2008-06-06 14:46 257 --a------ C:\WINDOWS\Hbci0606124644.bak
2008-06-06 14:46 . 2008-06-06 14:43 22 --a------ C:\WINDOWS\Hbci0606124642.bak
2008-06-06 14:43 . 2008-06-06 14:43 253 --a------ C:\WINDOWS\Hbci0606124317.bak
2008-06-06 14:43 . 2008-06-06 14:35 253 --a------ C:\WINDOWS\Hbci0606124316.bak
2008-06-06 14:35 . 2008-06-06 14:32 18 --a------ C:\WINDOWS\Hbci0606123537.bak
2008-06-06 14:32 . 2008-06-06 16:45 281 --a------ C:\WINDOWS\hbcitmp.ini
2008-06-06 14:32 . 2008-06-06 14:10 249 --a------ C:\WINDOWS\Hbci0606123231.bak
2008-06-06 14:10 . 2008-06-06 16:45 281 --a------ C:\WINDOWS\hbcikrnl.ini
2008-06-03 22:48 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-06-01 12:59 . 2008-06-01 13:00 <REP> d-------- C:\Program Files\Fichiers communs\Logishrd
2008-06-01 12:59 . 2008-05-02 02:38 301,656 --a------ C:\WINDOWS\system32\BtCoreIf.dll
2008-05-31 01:23 . 2008-05-31 01:23 8,835 --a------ C:\WINDOWS\system32\dpufr.qm
2008-05-29 00:00 . 2008-05-29 00:01 <REP> d-------- C:\Documents and Settings\Jonathan\.dvdcss
2008-05-28 23:16 . 2008-05-31 22:59 <REP> d-------- C:\Program Files\neodivxlazarus
2008-05-28 23:02 . 2008-05-31 22:59 <REP> d-------- C:\Program Files\Ripp-it_AM
2008-05-28 19:26 . 2008-05-28 19:26 <REP> d-------- C:\Program Files\Intel Corporation
2008-05-24 20:40 . 2008-05-24 20:40 <REP> d-------- C:\Documents and Settings\Jonathan\Application Data\Malwarebytes
2008-05-24 20:40 . 2008-05-24 20:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-23 00:22 . 2008-05-23 00:22 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-23 00:22 . 2008-05-23 00:22 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-05-23 00:22 . 2008-05-23 00:22 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
2008-05-23 00:22 . 2008-05-23 00:22 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-05-23 00:20 . 2008-05-23 00:20 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-23 00:20 . 2008-05-23 00:20 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-05-23 00:19 . 2008-05-23 00:19 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2008-05-23 00:19 . 2008-05-23 00:19 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2008-05-23 00:19 . 2008-05-23 00:19 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-23 00:19 . 2008-05-23 00:19 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-05-23 00:19 . 2008-05-23 00:19 3,067 --a------ C:\WINDOWS\system32\dtu_fr.qm
2008-05-23 00:19 . 2008-05-23 00:19 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
2008-05-23 00:19 . 2008-05-23 00:19 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
2008-05-23 00:18 . 2008-05-23 00:18 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-21 18:33 . 2008-05-21 18:33 <REP> d-------- C:\Program Files\Alwil Software
2008-05-20 21:29 . 2008-05-20 21:29 <REP> d-------- C:\Program Files\Audacity
2008-05-19 00:03 . 2008-06-11 21:33 <REP> d-------- C:\Program Files\eChanblard
2008-05-18 12:44 . 2008-05-18 12:44 <REP> d-------- C:\Program Files\Free Audio Pack
2008-05-18 12:44 . 2004-03-08 23:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-05-18 12:44 . 2004-03-08 23:00 224,016 --a------ C:\WINDOWS\system32\TABCTL32.OCX
2008-05-18 12:44 . 1998-06-24 00:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-05-18 12:44 . 1998-07-12 23:00 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-05-18 12:44 . 1998-07-12 23:00 59,904 --a------ C:\WINDOWS\system32\Mscc2fr.dll
2008-05-18 12:44 . 1998-07-12 19:00 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL
2008-05-18 12:44 . 1998-07-12 23:00 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL
2008-05-18 12:35 . 2000-10-06 07:17 163,600 --a------ C:\WINDOWS\system32\Wmaudsdk.dll
2008-05-13 21:53 . 2008-05-13 21:53 <REP> d-------- C:\Program Files\3ivx
2008-05-13 21:37 . 2008-05-13 21:37 <REP> d-------- C:\WINDOWS\system32\Logs

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-13 18:11 296,950 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-06-12 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-06-12 20:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-12 03:17 --------- d-----w C:\Program Files\PowerArchiver
2008-06-11 20:38 --------- d-----w C:\Program Files\ewido anti-spyware 4.0
2008-06-11 20:30 --------- d-----w C:\Documents and Settings\Jonathan\Application Data\Azureus
2008-06-11 20:11 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-06-09 18:56 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-08 10:44 --------- d-----w C:\Program Files\DivX
2008-06-01 10:59 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-30 13:35 --------- d-----w C:\Program Files\SpeedFan
2008-05-28 21:03 --------- d-----w C:\Program Files\AviSynth 2.5
2008-05-24 10:55 --------- d-----w C:\Program Files\IEPro
2008-05-20 16:12 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-17 16:40 --------- d-----w C:\Documents and Settings\Jonathan\Application Data\Tunebite
2008-05-13 18:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\RapidSolution
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:11 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-05 21:04 --------- d-----w C:\Program Files\Personal Reminder
2008-05-02 21:49 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-02 00:40 84,496 ----a-w C:\WINDOWS\system32\KemXML.dll
2008-05-02 00:40 117,264 ----a-w C:\WINDOWS\system32\KemWnd.dll
2008-05-02 00:39 170,512 ----a-w C:\WINDOWS\system32\kemutb.dll
2008-05-02 00:39 145,936 ----a-w C:\WINDOWS\system32\KemUtil.dll
2008-04-30 20:49 --------- d-----w C:\Program Files\Astase
2008-04-27 21:23 --------- d-----w C:\Program Files\EAGLE-4.16r2
2008-04-25 20:38 --------- d-----w C:\Program Files\GXTranscoder.net AWE
2008-04-23 19:37 --------- d-----w C:\Documents and Settings\Jonathan\Application Data\AccurateRip
2008-04-23 19:32 4,230,520 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-22 20:34 --------- d-----w C:\Documents and Settings\Jonathan\Application Data\ma-config.com
2008-04-22 20:26 --------- d-----w C:\Program Files\ma-config.com
2008-04-20 19:48 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-04-20 19:48 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-04-20 19:48 22,328 ----a-w C:\Documents and Settings\Jonathan\Application Data\PnkBstrK.sys
2008-04-20 19:48 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-04-20 16:59 --------- d-----w C:\Program Files\Azureus
2008-04-15 19:40 --------- d-----w C:\Program Files\eRightSoft
2008-04-14 15:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 02:50 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 02:37 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 02:33 98,816 ----a-w C:\WINDOWS\system32\psbase.dll
2008-04-14 02:32 764,416 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 02:32 76,288 ----a-w C:\WINDOWS\system32\uniime.dll
2008-04-14 02:32 61,471 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 02:32 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 02:07 2,147,328 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 02:07 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 02:06 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 02:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 02:04 93,184 ----a-w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 02:03 81,920 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 02:03 40,576 ------w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 02:02 50,688 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 02:00 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 01:59 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 01:58 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 01:58 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-14 01:57 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 01:54 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 12:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-12_22.46.37.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-12 20:42:14 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-13 18:47:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-18 22:29 68856]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45 1211176]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
"Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 10:42 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 04:34 110592 C:\WINDOWS\system32\bthprops.cpl]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 03:12 76304 C:\WINDOWS\KHALMNPR.Exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 03:12 76304 C:\WINDOWS\KHALMNPR.Exe]
"beidsystemtray"="C:\Program Files\Belgium Identity Card\beidsystemtray.exe" [2007-02-19 15:15 188416]
"SmartMon"="C:\Program Files\EmvSmartCardReader\SmartMON.exe" [2006-12-04 15:18 73826]
"BePCSC"="C:\Program Files\EmvSmartCardReader\BePCSC.exe" [2007-05-03 11:56 27136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2008-05-02 02:42 72208 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"H/PC Connection Agent"="C:\PROGRA~1\MICROS~4\wcescomm.exe"
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\IEPro\\MiniDM.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"33515:TCP"= 33515:TCP:Windows Update Service Helper

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\icmpsettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 11:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 11:21]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 eID CRL Service;eID CRL Service;C:\WINDOWS\system32\beidservicecrl.exe [2007-02-19 15:16]
R2 eID Privacy Service;eID Privacy Service;C:\WINDOWS\system32\beidservicepcsc.exe [2007-02-19 15:16]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 04:34]
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-05-07 15:15]
R3 EMVSCARD;EMVSCARD;C:\WINDOWS\system32\Drivers\EMVSCARD.sys [2006-09-18 15:12]
S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 11:21]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-02-27 08:14]
S3 NRKCTL32;NRKCTL32;C:\Documents and Settings\Jonathan\Bureau\Nouveau dossier\NRKCTL32.SYS []
S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 16:54]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 16:54]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 16:54]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 16:54]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 16:54]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04b5bafe-f736-11db-b03a-0015e9a33727}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08d97d80-ffbb-11db-b064-0015e9a33727}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-13 18:47:56 C:\WINDOWS\Tasks\GlaryInitialize.job"
- C:\Program Files\Glary Utilities\initialize.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-13 20:49:49
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\scardsvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-13 20:52:41 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-13 18:52:34
ComboFix2.txt 2008-06-13 14:29:53
ComboFix3.txt 2008-06-12 20:47:38

Pre-Run: 205,192,343,552 octets libres
Post-Run: 205,169,258,496 octets libres

399 --- E O F --- 2008-06-11 10:57:27

Le nouveau rapport DSS :

Deckard's System Scanner v20071014.68
Run by Jonathan on 2008-06-13 20:55:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Jonathan.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:00, on 13/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\beidservicecrl.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\beidservicepcsc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Belgium Identity Card\beidsystemtray.exe
C:\Program Files\EmvSmartCardReader\SmartMON.exe
C:\Program Files\EmvSmartCardReader\BePCSC.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Jonathan\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jonathan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe
O4 - HKLM\..\Run: [SmartMon] C:\Program Files\EmvSmartCardReader\SmartMON.exe
O4 - HKLM\..\Run: [BePCSC] C:\Program Files\EmvSmartCardReader\BePCSC.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Rechercher sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://gathol.forumgaming.fr/
O15 - Trusted Zone: http://drenai.realbb.net
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: https://www.slayersonline.net/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_4_13.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

Bonjour,
Je vous envoie ce mess a tout hazard j'ai un soucis au démarrage de windows une fenetre s'ouvre avec en haut a gauche marqué reader_sl.exe puis un message qui dit l'application n'a pas pu démarrer correctement erreur 0xc0000103 ca me le faisait quand je veut telecharger msn messenger merci d'avance