ComboFix 09-10-23.01 - Administrateur 24/10/2009 19:38.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.627 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\combo-fix.exe
AV: G Data InternetSecurity 2010 *On-access scanning disabled* (Updated) {71310606-6F3B-49F2-9A81-8315AA75FBB3}
FW: Pare-feu personnel G Data *disabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-117609710-706699826-839522115-500
c:\recycler\S-1-5-21-28903733-1857094543-1720423749-500
c:\windows\system32\AutoRun.inf
c:\windows\TEMP\logishrd\LVPrcInj01.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-24 au 2009-10-24 ))))))))))))))))))))))))))))))))))))
.
2009-10-24 09:46 . 2009-10-24 09:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-10-24 09:46 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-24 09:46 . 2009-10-24 09:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-24 09:46 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-24 09:46 . 2009-10-24 09:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-24 09:43 . 2009-10-24 09:43 4045528 ----a-w- c:\program files\mbam-setup.exe
2009-10-24 08:12 . 2009-10-24 09:37 -------- d-----w- C:\SDFix
2009-10-23 21:14 . 2009-10-23 21:14 579584 ----a-w- c:\windows\system32\dllcache\user32.dll
2009-10-23 21:10 . 2009-10-23 21:10 -------- d-----w- c:\windows\ERUNT
2009-10-19 19:08 . 2009-10-19 19:08 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\RapidShare_
2009-10-19 19:07 . 2009-10-19 19:07 -------- d-----w- c:\program files\RapidShare.Plus.v3.1
2009-10-19 17:37 . 2009-10-19 17:37 -------- d-----w- c:\documents and settings\Administrateur\Application Data\gtk-2.0
2009-10-19 17:35 . 2009-10-19 19:09 -------- d-----w- c:\documents and settings\Administrateur\.tucan
2009-10-19 17:34 . 2009-10-19 17:35 -------- d-----w- C:\Tucan
2009-10-19 17:34 . 2009-10-19 17:34 -------- d-----w- c:\program files\tucan-0.3.9-win32
2009-10-19 17:33 . 2009-10-19 17:34 9162157 ----a-w- c:\program files\tucan-0.3.9-win32.zip
2009-10-19 17:25 . 2009-10-19 17:25 -------- d-----w- c:\program files\Conduit
2009-10-19 17:25 . 2009-10-19 17:25 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Conduit
2009-10-19 17:25 . 2009-10-19 17:25 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Softonic_France
2009-10-19 17:25 . 2009-10-19 17:25 -------- d-----w- c:\program files\Softonic_France
2009-10-10 10:41 . 2009-10-10 10:42 -------- d-----w- c:\program files\Fast AVI MPEG Joiner
2009-10-09 20:29 . 2009-10-09 20:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-10-09 20:29 . 2009-10-09 20:29 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Office Genuine Advantage
2009-10-08 14:49 . 2009-10-08 14:49 -------- d-----w- c:\program files\avisplit
2009-10-08 14:49 . 2009-10-08 14:49 -------- d-----w- c:\program files\Avi Splitter and Serial
2009-10-08 14:32 . 2009-10-08 14:32 311727 ----a-w- c:\program files\XviD-Install.exe
2009-10-08 14:29 . 2009-10-08 14:36 -------- d-----w- c:\program files\Xvid
2009-10-08 14:21 . 2009-10-08 14:21 652794 ----a-w- c:\program files\Xvid-1.2.2-07062009.exe
2009-10-07 19:32 . 2009-10-07 19:32 -------- d-----w- c:\program files\AviSynth 2.5
2009-10-07 19:31 . 2009-10-07 19:33 -------- d-----w- c:\program files\AutoGK
2009-10-07 19:31 . 2009-10-07 19:31 9239213 ----a-w- c:\program files\auto-gordian-knot_auto_gordian_knot_2.45_anglais_18534.exe
2009-10-07 17:17 . 2009-10-07 17:20 -------- d-----w- c:\program files\avijoin
2009-10-07 17:16 . 2009-10-07 17:16 543999 ----a-w- c:\program files\avijoin.zip
2009-10-06 20:15 . 2009-10-06 20:15 -------- d-----w- c:\program files\VirtualDubMOD
2009-10-06 19:07 . 2008-05-06 06:01 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-10-06 19:07 . 2008-05-06 06:01 16512 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-10-06 19:06 . 2009-10-06 19:06 10116012 ----a-w- c:\program files\x-dvd-to-divx-converter5-fr.exe
2009-10-06 18:15 . 2009-10-06 18:15 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Xilisoft Corporation
2009-10-06 18:12 . 2009-10-06 19:06 -------- d-----w- c:\program files\Xilisoft
2009-10-03 14:11 . 2009-10-03 14:11 -------- d-----w- c:\program files\Microsoft
2009-09-25 08:16 . 2009-09-25 08:48 -------- d-----w- c:\program files\Free Video Converter
2009-09-25 08:14 . 2009-09-25 08:14 4107436 ----a-w- c:\program files\Setup_FreeVideoConverter.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-24 15:31 . 2009-01-06 18:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Soulseek
2009-10-24 14:50 . 2009-01-06 18:25 -------- d-----w- c:\program files\FlashFXP
2009-10-23 11:54 . 2009-01-30 22:45 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss
2009-10-21 12:50 . 2009-01-12 12:04 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-10-19 21:54 . 2009-01-06 17:26 86384 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-19 21:10 . 2008-01-23 01:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-19 20:46 . 2008-01-23 01:14 -------- d-----w- c:\program files\Microsoft Works
2009-10-19 19:06 . 2009-10-19 19:06 49537 ----a-w- c:\program files\RapidShare.Plus.v3.1.rar
2009-10-14 15:08 . 2004-08-17 08:20 88436 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-14 15:08 . 2004-08-17 08:20 522700 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-08 14:49 . 2009-10-08 14:49 925 ----a-w- c:\program files\Avi Splitter and Serial.torrent
2009-10-03 14:16 . 2009-01-10 15:43 -------- d-----w- c:\program files\Windows Live
2009-09-19 08:18 . 2009-08-17 11:25 68976 ----a-w- c:\windows\system32\drivers\GRD.sys
2009-09-16 18:35 . 2009-01-06 11:56 53320 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2009-09-16 18:35 . 2009-09-16 18:35 27720 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2009-09-16 18:33 . 2009-08-17 11:18 34632 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2009-09-16 18:32 . 2009-01-06 11:52 -------- d-----w- c:\program files\Fichiers communs\G DATA
2009-09-16 04:34 . 2009-08-17 11:16 51784 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2009-09-16 04:34 . 2009-08-17 11:16 22528 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys
2009-09-13 11:10 . 2009-09-13 11:10 -------- d-----w- c:\program files\vobm250
2009-09-13 11:09 . 2009-09-13 11:09 255670 ----a-w- c:\program files\vobm250.zip
2009-09-11 14:18 . 2004-08-05 08:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 05:12 . 2009-01-10 15:47 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-08 07:25 . 2009-09-07 13:29 -------- d-----w- c:\documents and settings\Administrateur\Application Data\HpUpdate
2009-09-04 21:04 . 2004-08-05 08:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 10:36 . 2009-09-03 10:36 -------- d-----w- c:\documents and settings\Administrateur\Application Data\HP
2009-09-03 07:54 . 2009-01-06 17:36 -------- d-----w- c:\program files\Opera
2009-08-30 09:39 . 2009-08-30 09:39 -------- d-----w- c:\program files\TVAnts
2009-08-30 09:37 . 2009-08-30 09:37 3006976 ----a-w- c:\program files\TvantsSetup.exe
2009-08-29 07:28 . 2004-08-05 08:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:28 . 2004-08-05 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:28 . 2004-08-05 08:00 17408 ------w- c:\windows\system32\corpol.dll
2009-08-28 09:56 . 2009-03-26 18:07 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-08-28 09:47 . 2009-03-26 18:14 -------- d-----w- c:\documents and settings\Administrateur\Application Data\AdobeUM
2009-08-27 12:42 . 2009-08-27 12:42 -------- d-----w- c:\program files\BitZipper
2009-08-27 12:42 . 2009-08-27 12:42 -------- d-----w- c:\documents and settings\Administrateur\Application Data\BitZipper
2009-08-27 12:41 . 2009-08-27 12:41 4543984 ----a-w- c:\program files\BitZipper2009TrialSetupFr.exe
2009-08-26 08:01 . 2004-08-05 08:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-23 15:06 . 2009-08-23 15:06 638976 ----a-w- c:\windows\system32\xvidcore.dll
2009-08-23 14:43 . 2009-08-23 14:43 163840 ----a-w- c:\windows\system32\xvidvfw.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 17:24 . 2004-08-05 08:00 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2004-08-05 08:00 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2008-10-16 13:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2004-08-05 08:00 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2004-08-05 08:00 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-05 08:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2004-08-05 08:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2009-01-11 08:45 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 17:23 . 2009-01-11 08:45 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 17:23 . 2004-08-05 08:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:00 . 2004-08-05 08:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 17:27 . 2004-08-05 08:00 2147328 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:27 . 2004-08-05 08:00 2025984 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-06-16 16:49 . 2009-06-16 16:48 7433016 ----a-w- c:\program files\o100s_1589.exe
2009-06-03 20:48 . 2009-06-03 20:48 1614 ----a-w- c:\program files\DVD Audio Extractor 4.5.1.torrent
2009-06-03 19:59 . 2009-06-03 19:59 1656496 ----a-w- c:\program files\dvdaudioextractor.exe
2009-05-08 11:27 . 2009-05-08 11:27 2045027 ----a-w- c:\program files\installer_cool_edit_pro_Français_French.exe
2009-05-06 15:36 . 2009-05-06 15:35 12195936 ----a-w- c:\program files\pal_install_r17715.exe
2009-04-29 12:19 . 2009-04-29 12:18 9287008 ----a-w- c:\program files\winzip120fr.exe
2009-04-29 08:29 . 2009-04-29 08:29 4037915 ----a-w- c:\program files\IZArc4b1.exe
2009-04-29 08:22 . 2009-04-29 08:22 836783 ----a-w- c:\program files\7z442.exe
2009-04-14 09:15 . 2009-04-14 09:15 162970 ----a-w- c:\program files\qsfv234.exe
2009-04-07 18:12 . 2009-04-07 18:12 2245159 ----a-w- c:\program files\cdex_170b2_enu_nonunicode.exe
2009-03-31 10:43 . 2009-03-31 10:38 4068647 ----a-w- c:\program files\divxmachine.zip
2009-03-31 10:17 . 2009-03-31 10:07 8907760 ----a-w- c:\program files\VOB2AVI-v1.00.exe
2009-03-29 09:07 . 2009-03-29 09:07 6818213 ----a-w- c:\program files\free-mp3-wma-converter_free_mp3_wma_converter_1.6.3_francais_34863.exe
2009-03-28 22:08 . 2009-03-28 22:08 41878 ----a-w- c:\program files\300 National Geographic Wallpapers 1024 X 768 [Collection 6 of 6] (www.allwallpapersfree.blogspot.com).torrent
2009-03-26 20:45 . 2009-03-26 20:45 3195869 ----a-w- c:\program files\cdbxp_setup_4.2.4.1272.exe
2009-03-26 18:10 . 2009-03-26 18:07 18810320 ----a-w- c:\program files\AdbeRdr60_fra_full.exe
2009-03-23 08:22 . 2009-03-23 08:22 305664 ----a-w- c:\program files\Xtremsplit.exe
2009-03-16 11:13 . 2009-03-16 11:13 944687 ----a-w- c:\program files\General-CleanTool.zip
2009-03-15 18:33 . 2009-03-15 18:33 1362977 ----a-w- c:\program files\BitLord_1.01.exe
2009-03-07 19:32 . 2009-03-07 19:32 7562568 ----a-w- c:\program files\Opera_964_int_Setup.exe
2009-02-22 22:18 . 2009-02-22 22:18 2995452 ----a-w- c:\program files\foobar2000_foobar2000_0.9.6.2_anglais_11022.exe
2009-02-05 10:29 . 2009-02-05 10:29 7671126 ----a-w- c:\program files\peekbox3v1.68.zip
2009-02-04 22:21 . 2009-02-04 22:21 411509 ----a-w- c:\program files\GSpot270a.zip
2009-01-26 21:35 . 2009-01-26 21:34 69076264 ----a-w- c:\program files\iTunesSetup.exe
2009-01-24 16:32 . 2009-01-24 15:57 5012881 ----a-w- c:\program files\WhereIsIt.v3.84.715-YAG.rar
2009-01-14 10:58 . 2009-01-14 10:58 1379946 ----a-w- c:\program files\VirtualDub-1.8.8.zip
2009-01-14 10:13 . 2009-01-14 10:13 734160 ----a-w- c:\program files\VobSub_2.23.exe
2009-01-10 15:34 . 2009-01-10 15:34 1842024 ----a-w- c:\program files\Installation_WLMessenger2009.exe
2009-01-10 15:28 . 2009-01-10 15:28 128127 ----a-w- c:\program files\install_wlsetup-custom.exe
2009-01-07 18:32 . 2009-01-07 18:24 15083520 ----a-w- c:\program files\spybotsd160.exe
2009-01-07 18:12 . 2009-01-07 18:12 7771584 ----a-w- c:\program files\windows-kb890830-v2.5.exe
2009-01-07 11:52 . 2009-01-07 11:52 497371 ----a-w- c:\program files\ifoedit_ifoedit_0.97.1_anglais_11917.zip
2009-01-06 18:32 . 2009-01-06 18:35 952682 ----a-w- c:\program files\slsk157NS13c.exe
2008-01-31 18:20 . 2009-02-05 10:30 1614 ----a-w- c:\program files\peekbox3.html
2008-01-29 18:30 . 2009-02-05 10:30 3834663 ----a-w- c:\program files\MaJ-Vers1.68_PB3-SANS-FM.zip
2008-01-29 18:30 . 2009-02-05 10:30 3835339 ----a-w- c:\program files\MaJ-Vers1.68_PB3-FM.zip
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{364d4e0c-543f-4b85-abe3-19551139da4f}"= "c:\program files\Softonic_France\tbSoft.dll" [2009-10-01 2166296]
[HKEY_CLASSES_ROOT\clsid\{364d4e0c-543f-4b85-abe3-19551139da4f}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{364d4e0c-543f-4b85-abe3-19551139da4f}]
2009-10-01 15:29 2166296 ----a-w- c:\program files\Softonic_France\tbSoft.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{364d4e0c-543f-4b85-abe3-19551139da4f}"= "c:\program files\Softonic_France\tbSoft.dll" [2009-10-01 2166296]
[HKEY_CLASSES_ROOT\clsid\{364d4e0c-543f-4b85-abe3-19551139da4f}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-05-11 472632]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512]
"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2007-01-24 124928]
"RoxWatchTray"="c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2008-05-20 244208]
"DMXLauncher"="c:\program files\Roxio\CinePlayer\DMXLauncher.exe" [2008-04-07 113136]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2009-08-12 1124424]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2009-09-07 925768]
"SystrayORAHSS"="c:\program files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208]
"ORAHSSSessionManager"="c:\program files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"MsmqIntCert"="mqrt.dll" - c:\windows\system32\mqrt.dll [2008-04-14 177152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-1-6 385024]
c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-1-6 385024]
c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-1-6 385024]
c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-1-6 385024]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2009-1-6 192512]
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-4-25 11057664]
c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-1-6 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ SbHpNp scecli ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"c:\\Program Files\\FlashFXP\\flashfxp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [16/09/2009 20:35 27720]
R0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [17/08/2009 13:16 22528]
R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [22/04/2007 17:24 100095]
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [09/10/2006 14:31 44720]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [29/03/2007 17:54 13696]
R1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [09/07/2009 12:33 244608]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [17/08/2009 13:25 68976]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [22/04/2007 17:25 5808]
R2 ASBroker;Courtier de session de connexion;c:\windows\System32\svchost.exe -k Cognizance [05/08/2004 10:00 14336]
R2 ASChannel;Canal de communication local;c:\windows\System32\svchost.exe -k Cognizance [05/08/2004 10:00 14336]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [08/05/2009 10:41 1046088]
R2 AVKService;Planificateur G Data;c:\program files\G Data\InternetSecurity\AVK\AVKService.exe [08/05/2009 10:41 397896]
R2 AVKWCtl;G Data Gardien;c:\program files\G Data\InternetSecurity\AVK\AVKWCtl.exe [07/05/2009 02:53 1244760]
R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [17/08/2009 13:16 51784]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [22/04/2007 17:32 221184]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [23/01/2008 03:15 540448]
R3 GDFwSvc;Pare-feu personnel G Data;c:\program files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [10/03/2009 03:31 1538352]
R3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [06/01/2009 13:56 53320]
R3 GDScan;G Data Scanner;c:\program files\Fichiers communs\G DATA\GDScan\GDScan.exe [10/03/2009 03:47 300616]
R3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [17/08/2009 13:18 34632]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [19/09/2006 18:58 36608]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Roxio MyDVD Basic v9\Digital Home 10\RoxioUpnpService10.exe [20/05/2008 10:15 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [20/05/2008 10:13 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [20/05/2008 10:13 166384]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Roxio MyDVD Basic v9\Digital Home 10\RoxioUPnPRenderer10.exe [20/05/2008 10:15 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [20/05/2008 10:12 1120752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker ASChannel
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
2009-10-24 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
2009-10-24 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-08 20:18]
.
.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
Trusted Zone: orange.fr\www
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
HKLM-Run-RestartNeroSetup - f:\installation\Setupx.exe
AddRemove-HijackThis - c:\docume~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-10-24 19:54
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@
Recherche de fichiers cachés ...
c:\documents and settings\Administrateur\Application Data\Microsoft\MSN Messenger\sqmnoopt02.sqm
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(972)
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\windows\SbHpNp.DLL
c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\bin\FRA\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\bin\FRA\ItMsg.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll
- - - - - - - > 'lsass.exe'(1028)
c:\windows\SbHpNp.dll
c:\program files\Hewlett-Packard\IAM\bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
- - - - - - - > 'explorer.exe'(5788)
c:\windows\system32\APSHook.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\btncopy.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\msdtc.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\mqsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\combo-fix\CF28691.exe
c:\windows\system32\igfxsrvc.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
c:\program files\G Data\InternetSecurity\Firewall\Admin.exe
c:\windows\system32\dwwin.exe
c:\combo-fix\PEV.cfxxe
.
**************************************************************************
.
Heure de fin: 2009-10-24 20:06 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-24 18:06
Avant-CF: 22 408 359 936 octets libres
Après-CF: 24 856 887 296 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
- - End Of File - - 02896BA0BAD3AE75AA36C8A284A14A48
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:54, on 24/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\AccelerometerSt.exe
C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
C:\Documents and Settings\Administrateur\Bureau\hijackthis-2.0.2.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hijackthis-2.0.2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Softonic France Toolbar - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic France Toolbar - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O3 - Toolbar: Softonic France Toolbar - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=
http://www.hp.com
O15 - Trusted Zone:
http://www.orange.fr
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\Windows\system32\APSHook.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: Planificateur G Data (AVKService) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Gardien (AVKWCtl) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Pare-feu personnel G Data (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Roxio MyDVD Basic v9\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Roxio MyDVD Basic v9\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
