VIRUS !! BV:Autorun-E[Wrm] [Fermé]

Signaler
Messages postés
110
Date d'inscription
vendredi 2 novembre 2007
Statut
Membre
Dernière intervention
25 mai 2010
-
 hacharate -
J'ai mon antivirus avast qui me signale toute les vingts secondes un virus .. Nommé BV:Autorun-E[Wrm] Qui infecte c:\autorun.inf voici le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:54:14, on 16/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Game Accelerator\gamexl.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Steam\Steam.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\System32\alg.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\MSN Messenger\usnsvc.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\TEMP\tempo-79B.tmp
E:\WINDOWS\system32\svchost.exe
E:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: WinIss - {17D562A6-DA3D-4F87-B659-86CD06473AB5} - E:\WINDOWS\system32\psguax.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GameXL] "E:\Program Files\Game Accelerator\gamexl.exe"
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [E:\WINDOWS\system32\kdcwa.exe] E:\WINDOWS\system32\kdcwa.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "E:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A28B2DE-2E05-4EE5-972B-8C5CA6508C43}: NameServer = 85.255.112.100;85.255.112.217
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - E:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

7 réponses

Messages postés
7720
Date d'inscription
jeudi 1 mai 2008
Statut
Contributeur sécurité
Dernière intervention
3 janvier 2014
60
salut,

il me faut un log plus complet

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
http://images.malwareremoval.com/random/RSIT.exe
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Messages postés
110
Date d'inscription
vendredi 2 novembre 2007
Statut
Membre
Dernière intervention
25 mai 2010
35
Merci de ta réponse mais ton logiciel me dis (une fois que je cliques sur continue..)
Line -1:

Error:Errot parsing function call.

Encore merci de ta reponse
Messages postés
7720
Date d'inscription
jeudi 1 mai 2008
Statut
Contributeur sécurité
Dernière intervention
3 janvier 2014
60
zut,

bon pas grave ton log montre une partie de l'infection

Télécharge SREng (par Smallfrogs) de ce lien:
http://www.kztechs.com/eng/download.html

Extrais tout son contenu sur ton Bureau
Du dossier sreng2 qui se trouve maintenant sur ton Bureau, double clique sur SREng.exe afin de lancer l'outil
Clique sur Smart Scan
Ensuite, clique sur le bouton [Scan]

Lorsque complété, clique sur le bouton [Save Reports]
Sauvegarde le rapport sur ton Bureau
Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse
[CODE]

2008-11-16,17:26:34

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<SUPERAntiSpyware><C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe> [(Verified)SuperAdBlocker.com]
<ccleaner><"C:\Program Files\CCleaner\CCleaner.exe" /AUTO> [(Verified)Piriform Ltd]
<SalaatTime><C:\Program Files\Salaat Time\SalaatTime.exe> [Salaat Time - www.salaattime.com]
<IDMan><C:\Program Files\Internet Download Manager\IDMan.exe /onboot> [Tonec Inc.]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Publisher]
<BitTorrent DNA><"C:\Program Files\DNA\btdna.exe"> [(Verified)BitTorrent Inc]
<ares><"C:\Program Files\Ares\Ares.exe" -h> [Ares Development Group]
<Messenger (Yahoo!)><"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet> [(Verified)Yahoo! Inc.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<TweakMASTER><"C:\PROGRA~1\TWEAKM~1\TMTray.exe"> [Hagel Technologies Ltd]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [File is missing]
<BigDog305><C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)> [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [Microsoft Corporation]
<{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><C:\Program Files\SUPERAntiSpyware\SASSEH.DLL> [SuperAdBlocker.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [Microsoft Corporation]
<SysTray><C:\WINDOWS\system32\stobject.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
<WinlogonNotify: !SASWinLogon><C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL> [SUPERAntiSpyware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Personnalisation du navigateur><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Mise à jour du Bureau Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr> [Microsoft Corporation]

==================================
Startup Folders
[Stardock ObjectDock]
<C:\Documents and Settings\haroun\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk --> C:\WINDOWS\BRICOP~1\VISTAI~1\OBJECT~1\OBJECT~1.EXE [Stardock]><N>
[Watch]
<C:\Documents and Settings\haroun\Menu Démarrer\Programmes\Démarrage\Watch.lnk --> C:\WINDOWS\twain_32\A4CIS600\WATCH.exe [Common Group]><N>

==================================
Services
[ADSLAutoconnect / ADSLAutoconnect][Running/Auto Start]
<"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z><>
[Ares Chatroom server / AresChatServer][Stopped/Manual Start]
<C:\Program Files\Ares\chatServer.exe><Ares Development Group>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Machine Debug Manager / MDM][Running/Auto Start]
<"C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe"><Microsoft Corporation>
[SbPF.Launcher / SbPF.Launcher][Running/Auto Start]
<"C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe"><Sunbelt Software, Inc.>
[Sunbelt Personal Firewall 4 / SPF4][Stopped/Auto Start]
<"C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe"><Sunbelt Software, Inc.>
[VideoAcceleratorService / VideoAcceleratorService][Running/Auto Start]
<C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm><Speedbit Ltd.>

==================================
Drivers
[aswFsBlk / aswFsBlk][Running/Auto Start]
<system32\DRIVERS\aswFsBlk.sys><ALWIL Software>
[Bluetooth Audio Service / BlueletAudio][Running/Manual Start]
<system32\DRIVERS\blueletaudio.sys><IVT Corporation.>
[Bluetooth SCO Audio Service / BlueletSCOAudio][Running/Manual Start]
<system32\DRIVERS\BlueletSCOAudio.sys><IVT Corporation.>
[Bluetooth PAN Network Adapter / BT][Running/Manual Start]
<system32\DRIVERS\btnetdrv.sys><IVT Corporation.>
[Bluetooth USB For Bluetooth Service / Btcsrusb][Stopped/Manual Start]
<System32\Drivers\btcusb.sys><IVT Corporation.>
[Bluetooth HID Enumerator / BTHidEnum][Running/Boot Start]
<\SystemRoot\System32\Drivers\vbtenum.sys><IVT Corporation.>
[Bluetooth HID Manager Service / BTHidMgr][Running/Boot Start]
<\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation.>
[cdspacex / cdspacex][Stopped/Manual Start]
<system32\DRIVERS\CDSPACEX.sys><N/A>
[Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet / FETNDIS][Running/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SASDIFSV / SASDIFSV][Running/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[SASENUM / SASENUM][Running/Manual Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[SASKUTIL / SASKUTIL][Running/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[sbbotdi / sbbotdi][Running/Auto Start]
<\??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys><SpeedBit Ltd.>
[SbFw / SbFw][Running/System Start]
<system32\drivers\SbFw.sys><Sunbelt Software, Inc.>
[Sunbelt Software Firewall NDIS IM Filter Miniport / SBFWIMCL][Running/Manual Start]
<system32\DRIVERS\sbfwim.sys><Sunbelt Software, Inc.>
[Sunbelt HIPS Driver / sbhips][Running/System Start]
<\SystemRoot\system32\drivers\sbhips.sys><Sunbelt Software, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SFC4 / SFC4][Running/Manual Start]
<System32\drivers\SFC4.sys><N/A>
[SiS315 / SiS315][Running/Manual Start]
<system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[Two Rabbits Live Bus / TwoRabts][Stopped/Manual Start]
<system32\DRIVERS\TwoRabts.sys><N/A>
[Virtual Serial port driver / VComm][Running/Manual Start]
<system32\DRIVERS\VComm.sys><IVT Corporation.>
[Bluetooth VComm Manager Service / VcommMgr][Running/Manual Start]
<System32\Drivers\VcommMgr.sys><IVT Corporation.>
[VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
<system32\drivers\viaudios.sys><VIA Technologies, Inc.>
[VIMICRO USB PC Camera 301D / ZSMC0305][Running/Manual Start]
<System32\Drivers\usbVM305.sys><Vimicro Corporation>
[ArcNet NDIS Protocol Driver / Ndisprot][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\Ndisprot.sys><Windows (R) Codename Longhorn DDK provider>

==================================
Browser Add-ons
[IDMIEHlprObj Class]
{0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\Program Files\Internet Download Manager\IDMIECC.dll, (Signed) Tonec Inc.>
[Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Skype add-on (mastermind)]
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[RealPlayer Download and Record Plugin for Internet Explorer]
{3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[TweakMASTER PRO Component]
{7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} <C:\PROGRA~1\TWEAKM~1\TweakBHO.dll, (Signed) Hagel Technologies Ltd>
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_07]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Skype add-on (button)]
{77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[Yahoo! Toolbar avec bloqueur de fenêtres pop-up]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.>
[YInstStarter Class]
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} <C:\PROGRA~1\YAHOO!\Common\yinsthelper.dll, (Signed) Yahoo! Inc.>
[Java Plug-in 1.6.0_07]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.4.2_03]
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll, (Signed) Sun Microsystems, Inc.>
[IDMIEHlprObj Class]
{0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\Program Files\Internet Download Manager\IDMIECC.dll, (Signed) Tonec Inc.>
[Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[Skype add-on (mastermind)]
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.>
[RealPlayer Download and Record Plugin for Internet Explorer]
{3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[Microsoft Office Control]
{4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Skype add-on (button)]
{77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, (Signed) Skype Technologies S.A.>
[TweakMASTER PRO Component]
{7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} <C:\PROGRA~1\TWEAKM~1\TweakBHO.dll, (Signed) Hagel Technologies Ltd>
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, (Signed) Google Inc.>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, (Signed) Microsoft Corporation>
[Microsoft Office 12 Authorization Control]
{C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MICROS~2\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[Yahoo! Toolbar avec bloqueur de fenêtres pop-up]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Ajouter à &LinkFox]
<res://C:\PROGRA~1\TWEAKM~1\TweakBHO.dll/IESCRIPT, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>
[Télécharger avec IDM]
<C:\Program Files\Internet Download Manager\IEExt.htm, N/A>
[Télécharger le contenu de video FLV avec IDM]
<C:\Program Files\Internet Download Manager\IEGetVL.htm, N/A>
[Télécharger tous les liens avec IDM]
<C:\Program Files\Internet Download Manager\IEGetAll.htm, N/A>

==================================
Running Processes
[PID: 1276 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\winsrv.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1300 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL] [SUPERAntiSpyware.com, 1, 0, 0, 1048]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1344 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1356 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1496 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1576 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1616 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\netshell.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\RASDLG.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1704 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1832 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1948 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 144 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 304 / haroun][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\themeui.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\webcheck.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\stobject.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Download Manager\idmmkb.dll] [Tonec Inc., 4, 0, 0, 1]
[C:\WINDOWS\system32\RASDLG.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL] [SUPERAntiSpyware.com, 1, 0, 0, 1004]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\ashShell.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL] [SuperAdBlocker.com, 1, 0, 0, 1012]
[C:\Program Files\Internet Download Manager\IDMIECC.dll] [Tonec Inc., 5, 14, 5, 0]
[C:\PROGRA~1\TWEAKM~1\TweakBHO.dll] [Hagel Technologies Ltd, 2.50 Build R2822]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shimgvw.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\printui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\zipfldr.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\mpg2splt.ax] [, ]
[C:\WINDOWS\system32\RealMediaSplitter.ax] [Gabest, 1, 0, 1, 1]
[C:\Program Files\Fichiers communs\Ahead\DSFilter\NeVideo.ax] [Ahead Software AG, 2, 0, 2, 3]
[C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr.dll] [Ahead Software AG, 1,0,15, 2132]
[C:\WINDOWS\system32\mstask.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\occache.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\iColorFolder\CMExt.dll] [Revenger inc., 1.2.1.2]
[PID: 420 / haroun][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 8, 1201, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 8, 1227, 0]
[c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\Program Files\Internet Download Manager\idmmkb.dll] [Tonec Inc., 4, 0, 0, 1]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\actskin4.ocx] [, 4, 2, 7, 3]
[PID: 428 / haroun][C:\PROGRA~1\TWEAKM~1\TMTray.exe] [Hagel Technologies Ltd, 2.50 Build R2822]
[C:\WINDOWS\system32\shell32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 476 / haroun][C:\WINDOWS\VM305_STI.EXE] [Vimicro, 4, 3, 625, 61]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\VM305Prp.Ax] [Vimicro, 4.3. 625.61]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508 / haroun][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.1.0178.00]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\VM305Prp.Ax] [Vimicro, 4.3. 625.61]
[C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Download Manager\idmmkb.dll] [Tonec Inc., 4, 0, 0, 1]
[PID: 540 / haroun][C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] [SUPERAntiSpyware.com, 4, 21, 0, 1004]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\SUPERAntiSpyware\deupx.dll] [SuperAntiSpyware.com, 1, 0, 0, 2]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Fichiers communs\Microsoft Shared\INK\SKCHUI.DLL] [Microsoft Corporation, 1.0.1038.0]
[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL] [SuperAdBlocker.com, 1, 0, 0, 1012]
[PID: 556 / haroun][C:\Program Files\Salaat Time\SalaatTime.exe] [Salaat Time - www.salaattime.com, 2.00]
[C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9782]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SalaatTime.dll] [Salaat Time - www.salaattime.com, 2, 0, 0, 0]
[C:\Program Files\Internet Download Manager\idmmkb.dll] [Tonec Inc., 4, 0, 0, 1]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 608 / haroun][C:\Program Files\Internet Download Manager\IDMan.exe] [Tonec Inc., 5.14.5.0]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Download Manager\idmmkb.dll] [Tonec Inc., 4, 0, 0, 1]
[C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 616 / haroun][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 628 / haroun][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3000]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636 / haroun][C:\Program Files\DNA\btdna.exe] [BitTorrent, Inc., 2.0.2.12223]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 644 / haroun][C:\Program Files\Ares\Ares.exe] [Ares Development Group, 2.0.9.3030]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shell32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Fichiers communs\Microsoft Shared\INK\SKCHUI.DLL] [Microsoft Corporation, 1.0.1038.0]
[PID: 780 / haroun][C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe] [Stardock, v1.11.517u]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\CrashRpt.dll] [, 3.0.2.2]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\dbghelp.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\zlib.dll] [, 1.1.3]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ODImg.dll] [N/A, ]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Internet Download Manager\idmmkb.dll] [Tonec Inc., 4, 0, 0, 1]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 792 / haroun][C:\WINDOWS\twain_32\A4CIS600\WATCH.exe] [Common Group, 1, 1, 2, 0]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1228 / SYSTEM][C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe] [Microsoft Corporation, 7.10.3077]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\1036\mdmui.dll] [Microsoft Corporation, 7.10.3077]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 196 / SYSTEM][C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe] [Sunbelt Software, Inc., 4.6.1845.0]
[C:\Program Files\Sunbelt Software\Personal Firewall\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Sunbelt Software\Personal Firewall\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2064 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2108 / SYSTEM][C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe] [Speedbit Ltd., 2, 2, 4, 9]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2184 / SYSTEM][C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe] [Speedbit Ltd., 2, 2, 4, 9]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\SPEEDB~1\Accelerator.dll] [Speedbit Ltd., 2, 2, 4, 8]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2440 / SYSTEM][C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe] [, 2, 0, 6, 7]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\ADSL Autoconnect\lang\res.dll] [, 2, 0, 6, 7]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2716 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 8, 1201, 0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Alwil Software\Avast4\French\langmai.dll] [ALWIL Software, 4, 8, 1201, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2752 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 8, 1229, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 8, 1201, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 8, 1227, 0]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2812 / haroun][C:\Program Files\Internet Download Manager\IEMonitor.exe] [Tonec Inc., 5, 12, 8, 0]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll] [N/A, ]
[C:\Program Files\Internet Download Manager\idmmkb.dll] [Tonec Inc., 4, 0, 0, 1]
[C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3132 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation,
Messages postés
110
Date d'inscription
vendredi 2 novembre 2007
Statut
Membre
Dernière intervention
25 mai 2010
35
Merci de ta réponse voici le log :


CODE]

2008-11-16,17:46:25

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<MsnMsgr><"E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<Steam><"E:\Program Files\Steam\Steam.exe" -silent> [(Verified)Valve]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SunJavaUpdateSched><"E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<NvCplDaemon><RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<Adobe Reader Speed Launcher><"E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<GameXL><"E:\Program Files\Game Accelerator\gamexl.exe"> [DefendGate Inc.]
<avast!><E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<E:\WINDOWS\system32\kdcwa.exe><E:\WINDOWS\system32\kdcwa.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><E:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><E:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Publisher]
<SysTray><E:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Windows Media Player><E:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Personnalisation du navigateur><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection E:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Mise à jour du Bureau Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><E:\WINDOWS\system32\Rundll32.exe E:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]

==================================
Startup Folders
N/A

==================================
Services
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"E:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Stopped/Manual Start]
<"E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[Ma-Config Service / maconfservice][Stopped/Manual Start]
<"E:\Program Files\ma-config.com\maconfservice.exe"><CybelSoft>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<E:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[SolidWorks Licensing Service / SolidWorks Licensing Service][Stopped/Manual Start]
<"E:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe"><SolidWorks>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Running/Auto Start]
<E:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[aswFsBlk / aswFsBlk][Running/Auto Start]
<system32\DRIVERS\aswFsBlk.sys><ALWIL Software>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys><Ma-Config.com>
[ArcNet NDIS Protocol Driver / Ndisprot][Running/Manual Start]
<\??\E:\WINDOWS\system32\drivers\Ndisprot.sys><Windows (R) Codename Longhorn DDK provider>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[Pilote du protocole TCP/IP / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
<system32\DRIVERS\wudfrd.sys><Microsoft Corporation>

==================================
Browser Add-ons
[WinIss]
{17D562A6-DA3D-4F87-B659-86CD06473AB5} <E:\WINDOWS\system32\psguax.dll, >
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_07]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
{85e1f530-48f4-11d9-9629-08ff2ffc9f67} <, >
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Java Plug-in 1.6.0_07]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_11]
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} <E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <E:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll, (Signed) Sun Microsystems, Inc.>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[WinIss]
{17D562A6-DA3D-4F87-B659-86CD06473AB5} <E:\WINDOWS\system32\psguax.dll, >
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <E:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <E:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <E:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Windows Media Services DRM Storage object]
{760C4B83-E211-11D2-BF3E-00805FBE84A6} <E:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[]
{85E1F530-48F4-11D9-9629-08FF2FFC9F67} <, >
[HardwareDetection Control]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} <E:\PROGRA~1\MA-CON~1.COM\HARDWA~1.OCX, (Signed) CybelSoft>
[Navigateur Web Microsoft]
{8856F961-340A-11D0-A96B-00C04FD705A2} <E:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <E:\WINDOWS\system32\macromed\flash\flash.ocx, (Signed) Adobe Systems, Inc.>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >

==================================
Running Processes
[PID: 696 / SYSTEM][\??\E:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720 / SYSTEM][\??\E:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 768 / SYSTEM][E:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 780 / SYSTEM][E:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 964 / SYSTEM][E:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1044 / SERVICE RÉSEAU][E:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1112 / SYSTEM][E:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[e:\windows\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1144 / SYSTEM][E:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[e:\windows\system32\wudfsvc.dll] [Microsoft Corporation, 6.0.5716.32 (winmain(wmbla).060928-1756)]
[e:\windows\system32\WUDFPlatform.dll] [Microsoft Corporation, 6.0.5716.32 (winmain(wmbla).060928-1756)]
[PID: 1280 / SERVICE LOCAL][E:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1320 / SYSTEM][E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[E:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1281, 0]
[PID: 1456 / Administrateur][E:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\mydocs.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\psguax.dll] [ , 1, 0, 0, 1]
[E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 9.0.0.0]
[E:\Program Files\WinRAR\rarext.dll] [N/A, ]
[E:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.0.0.2008061100]
[E:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[E:\Program Files\Alwil Software\Avast4\ashShell.dll] [ALWIL Software, 4, 8, 1281, 0]
[PID: 1528 / SYSTEM][E:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[E:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 8, 1281, 0]
[PID: 1628 / Administrateur][E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.70.6]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1696 / Administrateur][E:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.10.9136]
[E:\WINDOWS\system32\NVRSFR.DLL] [NVIDIA Corporation, 6.14.10.9136]
[PID: 1704 / Administrateur][E:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 59]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1732 / Administrateur][E:\Program Files\Game Accelerator\gamexl.exe] [DefendGate Inc., 7.01.0095]
[E:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9782]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\system32\shell32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[PID: 1748 / Administrateur][E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[E:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[e:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[e:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 8, 1281, 0]
[e:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 8, 1281, 0]
[e:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 8, 1281, 0]
[e:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 8, 1281, 0]
[e:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 8, 1281, 0]
[e:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AavmGuih.dll] [ALWIL Software, 4, 8, 1281, 0]
[PID: 1776 / Administrateur][E:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.1.0178.00]
[E:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\Program Files\MSN Messenger\MSIMG32.dll] [Patchou, 4, 70, 0, 334]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\Program Files\Messenger Plus! Live\MsgPlusLive.dll] [Patchou, 4, 70, 2, 334]
[E:\Program Files\Messenger Plus! Live\Detoured.dll] [N/A, ]
[E:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll] [Patchou, 4, 70, 0, 334]
[E:\WINDOWS\system32\msdmo.dll] [, ]
[E:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[E:\Program Files\Messenger Plus! Live\libsndfile.dll] [N/A, ]
[E:\Program Files\Messenger Plus! Live\lame_enc.dll] [N/A, ]
[PID: 1832 / Administrateur][E:\Program Files\Steam\Steam.exe] [Valve Corporation, 1.0.0.0]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\Program Files\Steam\Steam.dll] [Valve Corporation, 2.0.0.0]
[E:\Program Files\Steam\SteamUI.dll] [Valve Corporation, 1, 0, 0, 1]
[E:\Program Files\Steam\vstdlib_s.dll] [Valve Corporation, 3, 0, 0, 1]
[E:\Program Files\Steam\tier0_s.dll] [Valve Corporation, 1, 0, 0, 1]
[E:\Program Files\Steam\bin\FileSystem_Steam.dll] [Valve Corporation, 3, 0, 0, 1]
[E:\Program Files\Steam\bin\vgui2.dll] [Valve Corporation, 3, 0, 0, 1]
[E:\Program Files\Steam\steamclient.dll] [Valve Corporation, 3, 0, 0, 1]
[E:\Program Files\Steam\bin\p2pvoice.dll] [Valve Corporation, 1, 0, 0, 1]
[E:\Program Files\Steam\bin\mss32_s.dll] [N/A, ]
[E:\Program Files\Steam\bin\SteamService.dll] [Valve Corporation, 1, 0, 0, 1]
[e:\program files\steam\bin\friendsui.dll] [Valve Corporation, 3, 0, 0, 1]
[e:\program files\steam\bin\serverbrowser.dll] [Valve Corporation, 1, 0, 0, 1]
[E:\WINDOWS\system32\macromed\flash\flash.ocx] [Adobe Systems, Inc., 9,0,28,0]
[PID: 172 / SYSTEM][E:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.9136]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 1016 / SYSTEM][E:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[E:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[E:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 8, 1281, 0]
[E:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 8, 1281, 0]
[PID: 2212 / SERVICE LOCAL][E:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 2700 / SYSTEM][E:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 2836 / SYSTEM][E:\Program Files\MSN Messenger\usnsvc.exe] [Microsoft Corporation, 8.1.0178.00]
[PID: 2620 / Administrateur][E:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\system32\psguax.dll] [ , 1, 0, 0, 1]
[E:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 9.0.0.2008061100]
[E:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 1376 / SYSTEM][E:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\system32\dll.dll] [N/A, ]
[E:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3172 / SYSTEM][E:\WINDOWS\TEMP\tempo-79B.tmp] [N/A, ]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[PID: 2588 / Administrateur][E:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.0.4]
[E:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.0.4]
[E:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.5.9]
[E:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000]
[E:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[E:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.7.1]
[E:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.1.1 Basic ECC]
[E:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.1.1 Basic ECC]
[E:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.1.1 Basic ECC]
[E:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.7.1]
[E:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.7.1]
[E:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.1.1 Basic ECC]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.0.4]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.0.4]
[E:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.1.0 Basic ECC]
[E:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.1.0 Basic ECC]
[E:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.1.0 Basic ECC]
[E:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.72]
[E:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.0.4]
[PID: 2192 / SERVICE RÉSEAU][E:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[PID: 3124 / Administrateur][E:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[E:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2156 / Administrateur][E:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.828\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210]
[PID: 556 / Administrateur][E:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.828\SREb0ff13c3.EXE] [Smallfrogs Studio, 2.7.0.1210]
[E:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)]
[E:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2523 (xpsp.040919-1030)]
[E:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.828\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["E:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
[C:\]
[autorun]
shellexecute="resycled\boot.com c:"
shell\Open\command="resycled\boot.com c:"
shell=Open
[E:\]
[autorun]
shellexecute="resycled\boot.com e:"
shell\Open\command="resycled\boot.com e:"
shell=Open

==================================
HOSTS File
127.0.0.1 localhost
127.0.0.1 mpa.one.microsoft.com

==================================
Process Privileges Scan
Special Privileges Enabled: SeSystemtimePrivilege [PID = 1456, E:\WINDOWS\EXPLORER.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 1456, E:\WINDOWS\EXPLORER.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1456, E:\WINDOWS\EXPLORER.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 1704, E:\WINDOWS\SOUNDMAN.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 1704, E:\WINDOWS\SOUNDMAN.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1704, E:\WINDOWS\SOUNDMAN.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 1732, E:\PROGRAM FILES\GAME ACCELERATOR\GAMEXL.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 1732, E:\PROGRAM FILES\GAME ACCELERATOR\GAMEXL.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1732, E:\PROGRAM FILES\GAME ACCELERATOR\GAMEXL.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3172, E:\WINDOWS\TEMP\TEMPO-79B.TMP]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 3172, E:\WINDOWS\TEMP\TEMPO-79B.TMP]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 3124, E:\PROGRAM FILES\WINRAR\WINRAR.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 3124, E:\PROGRAM FILES\WINRAR\WINRAR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3124, E:\PROGRAM FILES\WINRAR\WINRAR.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 2156, E:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX01.828\SRENGLDR.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 2156, E:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX01.828\SRENGLDR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2156, E:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX01.828\SRENGLDR.EXE]

==================================
Scheduled Tasks
N/A

==================================
API HOOK
Entrypoint Error: NtQueryDirectoryFile (Dangerous Level: High, Hooked by Module: 0x00156AF4)
Entrypoint Error: NtSetValueKey (Dangerous Level: High, Hooked by Module: 0x001568D9)
Entrypoint Error: ZwQueryDirectoryFile (Dangerous Level: High, Hooked by Module: 0x00156AF4)
Entrypoint Error: ZwSetValueKey (Dangerous Level: High, Hooked by Module: 0x001568D9)

==================================
Hidden Process
N/A

==================================


/CODE
Messages postés
7720
Date d'inscription
jeudi 1 mai 2008
Statut
Contributeur sécurité
Dernière intervention
3 janvier 2014
60
ok,

on va devoir passer quelque tools pour démolir l'infection,en plus tu es redirigé vers l'ukraine(quel beau voyage,hein!)

pour commencer,fais ceci

Télécharge UsbFix sur ton bureau


--> Lance l'installation avec les paramêtres par défaut

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptibles d'avoir été infectées sans les ouvrir.

--> Double clic sur le raccourci UsbFix sur ton bureau

--> Le pc va redémarer

-->Après redémarrage poste le rapport UsbFix.txt

ensuite

Télécharge SmitFraudfix de S!Ri, balltrap34 et moe31
http://siri.urz.free.fr/Fix/SmitfraudFix.zip -
en cas de problème avec le premier lien,
mirroir: http://72.232.135.12/siri/SmitfraudFix.php

voila à quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
une aide en vidéo (merci à balltrap34)
http://pagesperso-orange.fr/rginformatique/section%20virus/smitfraudfix.htm

Désactive les logiciels de protections(antivirus et antispyware)
-- Fais un clic droit puis Extraire tout sur le fichier SmitfraudFix.zip, cela va tout décompresser dans un nouveau dossier SmitFraudfix
-- Ouvre le dossier SmitfraudFix double-clique sur SmitfraudFix.cmd (le .cmd peut ne pas être présent)
-- Choisis l'option 1 et appuie sur Entrée
-- Réponds o (Oui) aux deux questions suivantes si elles sont posées
-- Un rapport sera généré; sauvegarde le dans un dossier.
-- Copie/colle le contenu du rapport ici

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide!
Merci chimay8 pour la réponse je vous envoie le rapports txt
j'ai fait le 1 detection puis 2 nettoyage
donc 2 rapport
rapport 1
SmitFraudFix v2.375

Rapport fait à 15:50:46,00, 17/11/2008
Executé à partir de C:\Documents and Settings\haroun\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows Xp
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\TWEAKM~1\TMTray.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\haroun


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\haroun\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\haroun\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\haroun\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Google\googletoolbar1.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"="kdjgj.exe"

kdjgj.exe détecté !
utilisez un scanner de Rootkit


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Carte VIA PCI 10/100Mo Fast Ethernet - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.113;85.255.112.73

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 85.255.112.113;85.255.112.73

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Bluetooth PAN Network Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.113;85.255.112.73

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: NameServer=85.255.112.113;85.255.112.73


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Rapport 2
SmitFraudFix v2.375

Rapport fait à 15:53:48,00, 17/11/2008
Executé à partir de C:\Documents and Settings\haroun\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows Xp
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\Program Files\Google\googletoolbar1.dll supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Carte VIA PCI 10/100Mo Fast Ethernet - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.113;85.255.112.73

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 85.255.112.113;85.255.112.73

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Bluetooth PAN Network Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.112.113;85.255.112.73

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4B78B601-D774-4370-AA84-7AA37847A791}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6504C6DB-FBA2-4D96-BE22-E41271C2FFE8}: NameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: DhcpNameServer=85.255.112.113;85.255.112.73
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B9E50311-29C0-4F90-9CB5-F0832CABAE54}: NameServer=85.255.112.113;85.255.112.73


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"="kdjgj.exe"

kdjgj.exe détecté !
utilisez un scanner de Rootkit


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


MERCI que faut il faire
Messages postés
110
Date d'inscription
vendredi 2 novembre 2007
Statut
Membre
Dernière intervention
25 mai 2010
35
Merci de ta réponce mais .. J'ai eu le temps de formater Windows :D ^^
J'ai pas le droit au voyage en Ukraine ? Oooh xD mais merci quand meme :D