Analyse de mon log Hijackthis [Résolu]

Marin - Dernière réponse le 23 juin 2007 à 21:27

Bonjour,
Mon ordinateur est infecté de divers spyware. J'ai fais une analyse avec avast et avg anti spyware. Depuis quelque temps il s'arréte de façon intempestive.
Voici le log de Hijackthis, merci par avance.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:13:55, on 2007-06-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\lg_swupdate\autoupdate.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\LG Software\RMan\RMan.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE
F:\HiJackThis_v2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\irftp.exe
C:\Program Files\lg_swupdate\Gilautouc.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/2.5.0.113/fr/download
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02559246-DCAD-4EF3-BF06-022B103795BF} - C:\WINDOWS\system32\jkkjk.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavHook Object - {07D7F044-2F5F-41B2-BAA5-936814AF0163} - C:\Program Files\Pure Networks\Network Magic\nmbrhelp.dll
O2 - BHO: (no name) - {0C5F8E13-4386-484F-97BD-09CBB27B9447} - C:\WINDOWS\system32\ssqpm.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\hqwxadhq.dll (file missing)
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\sgnardsa.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7DC4B28A-24C9-4226-99CA-D4A663EE6312} - C:\WINDOWS\system32\gebyy.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: (no name) - {C72F5FE1-85FF-4BE1-AA6D-BC39456D39CB} - C:\WINDOWS\system32\pmnnlmm.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [RMan] C:\Program Files\LG Software\RMan\RMan.exe
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\tcnwvfyf.dll",realset
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C60 Series" /O5 "LPT1:" /M "Stylus C60"
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [msdlstat] C:\WINDOWS\system32\smbssldp.exe
O4 - HKCU\..\Run: [mstatdsa] C:\WINDOWS\system32\winagyvl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sysctlio] C:\WINDOWS\system32\winagyvl.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [rsalibz] C:\WINDOWS\system32\winagyvl.exe
O4 - HKCU\..\Run: [nvipctl] C:\WINDOWS\system32\winagyvl.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: gebyy - C:\WINDOWS\system32\gebyy.dll (file missing)
O20 - Winlogon Notify: jkkjk - C:\WINDOWS\system32\jkkjk.dll (file missing)
O20 - Winlogon Notify: pmnnlmm - pmnnlmm.dll (file missing)
O20 - Winlogon Notify: ssqpm - C:\WINDOWS\system32\ssqpm.dll (file missing)
O20 - Winlogon Notify: winxtx32 - winxtx32.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

Analyse de mon log Hijackthis »

Suggestions

Analyse de mon log Hijackthis
Analyse du log hijackthis SVP (Résolu) » Forum
Analyse de log HijackThis ... (Résolu) » Forum
Analyse de log HijackThis (Résolu) » Forum
Analyser un log hijackthis (Résolu) » Forum
Attaque virale : analyse de log hijackthis (Résolu) » Forum

Plus

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 20 juin 2007 à 01:33

Bonjour

Peux-tu remettre à jour AVG anti-spyware, faire un scan complet de ton système et coller le rapport ici stp

Si t'as besoin d'aide, tutoriel sur cette page :
--> http://redir.fr/gsel

Ajouter un commentaire - Site web

Réponse

marin 21 juin 2007 à 17:08

Voici le rapport de l"analyse d'avg :

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 23:08:00 2007-06-18

+ Résultat de l'analyse:

C:\WINDOWS\system32\cgnmsukw.dll -> Adware.BHO : Nettoyé.
C:\WINDOWS\system32\elsehqlx.dll -> Adware.BHO : Nettoyé.
C:\WINDOWS\system32\legpgijc.dll -> Adware.BHO : Nettoyé.
C:\WINDOWS\system32\smstiays.dll -> Adware.BHO : Nettoyé.
C:\WINDOWS\system32\tubtkbun.dll -> Adware.BHO : Nettoyé.
C:\WINDOWS\system32\xkopheve.dll -> Adware.BHO : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\mit1014.tmp.cab/Mirar_VC_Setup_876260_V58IE7.exe -> Adware.Mirar : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\mit1014.tmp/Mirar_VC_Setup_876260_V58IE7.exe -> Adware.Mirar : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\mit1C7.tmp.cab/Mirar_VC_Setup_876260_V58IE7.exe -> Adware.Mirar : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\mit1C7.tmp/Mirar_VC_Setup_876260_V58IE7.exe -> Adware.Mirar : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP184\A0068944.exe -> Adware.Mirar : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP184\A0068945.dll -> Adware.Mirar : Nettoyé.
C:\WINDOWS\system32\UpMedia\ContentTool.dll -> Adware.SmartShopper : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX00.609\patch.exe -> Adware.Virtumonde : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX08.218\patch.exe -> Adware.Virtumonde : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX09.375\patch.exe -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP156\A0059281.exe/crack.exe -> Adware.Virtumonde : Nettoyé.
[204] C:\WINDOWS\system32\gebyy.dll -> Adware.Virtumonde : Nettoyé.
[856] C:\WINDOWS\system32\gebyy.dll -> Adware.Virtumonde : Nettoyé.
D:\Logi Greg\Nero 7 premium with keygen\N7000\Nero7Keygen.exe -> Backdoor.Hupigon : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP151\A0058145.exe -> Backdoor.SdBot.ayk : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX00.609\keygen.exe -> Downloader.LoadAdv : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX08.218\keygen.exe -> Downloader.LoadAdv : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP156\A0059281.exe/keygen.exe -> Downloader.LoadAdv : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068284.exe -> Hijacker.Small.mw : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068298.dll -> Hijacker.Small.mw : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP156\A0059284.exe -> Logger.Agent.fr : Nettoyé.
C:\WINDOWS\Downloaded Program Files\USDR6V_0001_N19M2604NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.q : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP156\A0059285.exe -> Proxy.Slaper.p : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP184\A0068959.exe -> Proxy.Slaper.u : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP184\A0068960.exe -> Proxy.Slaper.u : Nettoyé.
:mozilla.38:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.39:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.40:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.41:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.107:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.6:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.8:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.9:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cupolaventures.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@marthastewart.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@pch.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@7search[2].txt -> TrackingCookie.7search : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Nettoyé.
:mozilla.502:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.503:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.504:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@4.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adengage[1].txt -> TrackingCookie.Adengage : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.520:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
:mozilla.521:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.174:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.175:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.51:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.226:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@france.bpath[1].txt -> TrackingCookie.Bpath : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ads.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.422:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Clickbank : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cz9.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cpvfeed[4].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.52:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@enhance[2].txt -> TrackingCookie.Enhance : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@e-2dj6wjnyejdzahp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.64:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.65:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.67:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.68:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.69:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.70:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.191:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@media.fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@findwhat[2].txt -> TrackingCookie.Findwhat : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@goclick[2].txt -> TrackingCookie.Goclick : Nettoyé.
:mozilla.248:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.329:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.240:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.241:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ehg-fxcm.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ehg-hollywood.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ehg-hollywoodmedia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@info[1].txt -> TrackingCookie.Info : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@web.info[1].txt -> TrackingCookie.Info : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@linksynergy[2].txt -> TrackingCookie.Linksynergy : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.421:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.28:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@paycounter[1].txt -> TrackingCookie.Paycounter : Nettoyé.
:mozilla.351:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@pro-market[2].txt -> TrackingCookie.Pro-market : Nettoyé.
:mozilla.235:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.236:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@realmedia[1].txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@realmedia[1].txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.16:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.17:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.18:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.19:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.20:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.21:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.22:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.23:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.378:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.379:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.71:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.72:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.73:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.74:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.75:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.76:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\WINDOWS\system32\config\systemprofile\Cookies\system@skype[2].txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.88:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.89:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.90:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.273:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.274:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.275:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.276:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.205:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.206:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.207:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.165:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.166:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@trafficmp[2].txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.43:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@reduxads.valuead[1].txt -> TrackingCookie.Valuead : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@web-stat[1].txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.91:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.92:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.95:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.96:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.198:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.199:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.200:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wjpjp7rt.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Invité\Cookies\invité@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068285.exe -> Trojan.Agent.anr : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068287.exe -> Trojan.Agent.anr : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068290.exe -> Trojan.Agent.anr : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068292.exe -> Trojan.Agent.anr : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068294.exe -> Trojan.Agent.anr : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068295.exe -> Trojan.Agent.anr : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP180\A0068296.exe -> Trojan.Agent.anr : Nettoyé.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX09.375\crack.exe -> Trojan.Agent.qt : Nettoyé.
C:\System Volume Information\_restore{27887B42-CEEB-4288-960C-804D375848ED}\RP153\A0059150.dll -> Trojan.Agent.qt : Nettoyé.
C:\Documents and Settings\Propriétaire\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-1a11bcd8-69d408c5.zip/Dex.class -> Trojan.ClassLoader.g : Nettoyé.
C:\Documents and Settings\Propriétaire\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-1a11bcd8-69d408c5.zip/Dix.class -> Trojan.ClassLoader.g : Nettoyé.
C:\Documents and Settings\Propriétaire\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-1a11bcd8-69d408c5.zip/Dux.class -> Trojan.ClassLoader.g : Nettoyé.

Fin du rapport

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 21 juin 2007 à 20:59

Bien, fais ceci maintenant :

¤ Fais ce nettoyage: à faire réguliérement

*Télécharge et installe CCleaner (n'installe pas la barre d'outil Yahoo)
---> http://www.infos-du-net.com/telecharger/CCleaner,0301-1039.html

- Dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis clic en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs" et tu auras un message pour sauvegarder ta base de registre tu clic "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites, tu pourras les supprimer si ton ordinateur n'a plus de problémes.

- Relance Ccleaner, vas dans l'onglet "nettoyeur" présent sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Si tu as besoin d'aide avec Ccleaner, regarde ce tutoriel :
http://redir.fr/gmll

¤ Télécharge Spywareblaster
----> spyware blaster

Puis exécute le logiciel pour lui appliquer les protections.
Si tu as besoin d'aide, regarde ce tutoriel pour Spywareblaster
--> http://redir.fr/ggll

¤ Télécharge VundoFix
---> http://www.atribune.org/ccount/click.php?id=4

Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..

double clic dessus choisis "start for vundo"
attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
un message te demandera si tu veux supprimes les fichiers sur "yes"
Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer si non, fais le par toi même
Une fois qu'il a redémarré colle le rapport C:\vundofix.txt et un nouveau rapport hijackthis stp

¤ Télécharge ce programme puis double clic dessus (ferme ton antivirus s'il te détecte quoi que ce soit)
http://www.suspectfile.com/systemscan/

* Coche uniquement ces cases, décoche tout le reste :

- Recent Files, 60 days
- Hidden objects
- suspucious files

Puis clic sur scan now, soit patient.
Une fois qu'il aura terminé, un rapport va s'ouvrir, copie et colle son contenu ici et vérifie qu'il soit bien en entier, si besoin crée deux messages.

Ajouter un commentaire - Site web

Réponse

marin 21 juin 2007 à 22:25

Voici les rapports que tu m'as demandé : vundofix, hijackthis et systemscan :

VundoFix V6.5.1

Checking Java version...

Java version is 1.5.0.8
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 15:32:07 2007-06-21

Listing files found while scanning....

C:\windows\system32\bqhldbjo.ini
C:\windows\system32\eyurfigg.ini
C:\windows\system32\fvrdfffu.dll
C:\windows\system32\fyfvwnct.ini
C:\windows\system32\ggifruye.dll
C:\windows\system32\jitlobun.dll
C:\WINDOWS\system32\jlefyara.dll
C:\windows\system32\lhqllukl.dll
C:\windows\system32\lkullqhl.ini
C:\windows\system32\mhaayfgw.dll
C:\windows\system32\mmwaoqjt.ini
C:\windows\system32\naocpmsy.ini
C:\windows\system32\nojqoesp.ini
C:\windows\system32\nuboltij.ini
C:\windows\system32\ojbdlhqb.dll
C:\windows\system32\pseoqjon.dll
C:\WINDOWS\system32\tcnwvfyf.dll
C:\windows\system32\tjqoawmm.dll
C:\windows\system32\ufffdrvf.ini
C:\windows\system32\vrofouix.ini
C:\windows\system32\wgfyaahm.ini
C:\windows\system32\wquieviy.dll
C:\windows\system32\xiuoforv.dll
C:\windows\system32\yiveiuqw.ini
C:\windows\system32\ysmpcoan.dll

VundoFix V6.5.1

Checking Java version...

Java version is 1.5.0.8
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 15:49:11 2007-06-21

Listing files found while scanning....

C:\windows\system32\bqhldbjo.ini
C:\windows\system32\eyurfigg.ini
C:\windows\system32\fvrdfffu.dll
C:\windows\system32\fyfvwnct.ini
C:\windows\system32\ggifruye.dll
C:\windows\system32\jitlobun.dll
C:\WINDOWS\system32\jlefyara.dll
C:\windows\system32\lhqllukl.dll
C:\windows\system32\lkullqhl.ini
C:\windows\system32\mhaayfgw.dll
C:\windows\system32\mmwaoqjt.ini
C:\windows\system32\naocpmsy.ini
C:\windows\system32\nojqoesp.ini
C:\windows\system32\nuboltij.ini
C:\windows\system32\ojbdlhqb.dll
C:\windows\system32\pseoqjon.dll
C:\WINDOWS\system32\tcnwvfyf.dll
C:\windows\system32\tjqoawmm.dll
C:\windows\system32\ufffdrvf.ini
C:\windows\system32\vrofouix.ini
C:\windows\system32\wgfyaahm.ini
C:\windows\system32\wquieviy.dll
C:\windows\system32\xiuoforv.dll
C:\windows\system32\yiveiuqw.ini
C:\windows\system32\ysmpcoan.dll

Beginning removal...

Attempting to delete C:\windows\system32\bqhldbjo.ini
C:\windows\system32\bqhldbjo.ini Has been deleted!

Attempting to delete C:\windows\system32\eyurfigg.ini
C:\windows\system32\eyurfigg.ini Has been deleted!

Attempting to delete C:\windows\system32\fvrdfffu.dll
C:\windows\system32\fvrdfffu.dll Has been deleted!

Attempting to delete C:\windows\system32\fyfvwnct.ini
C:\windows\system32\fyfvwnct.ini Has been deleted!

Attempting to delete C:\windows\system32\ggifruye.dll
C:\windows\system32\ggifruye.dll Has been deleted!

Attempting to delete C:\windows\system32\jitlobun.dll
C:\windows\system32\jitlobun.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jlefyara.dll
C:\WINDOWS\system32\jlefyara.dll Has been deleted!

Attempting to delete C:\windows\system32\lhqllukl.dll
C:\windows\system32\lhqllukl.dll Has been deleted!

Attempting to delete C:\windows\system32\lkullqhl.ini
C:\windows\system32\lkullqhl.ini Has been deleted!

Attempting to delete C:\windows\system32\mhaayfgw.dll
C:\windows\system32\mhaayfgw.dll Has been deleted!

Attempting to delete C:\windows\system32\mmwaoqjt.ini
C:\windows\system32\mmwaoqjt.ini Has been deleted!

Attempting to delete C:\windows\system32\naocpmsy.ini
C:\windows\system32\naocpmsy.ini Has been deleted!

Attempting to delete C:\windows\system32\nojqoesp.ini
C:\windows\system32\nojqoesp.ini Has been deleted!

Attempting to delete C:\windows\system32\nuboltij.ini
C:\windows\system32\nuboltij.ini Has been deleted!

Attempting to delete C:\windows\system32\ojbdlhqb.dll
C:\windows\system32\ojbdlhqb.dll Has been deleted!

Attempting to delete C:\windows\system32\pseoqjon.dll
C:\windows\system32\pseoqjon.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tcnwvfyf.dll
C:\WINDOWS\system32\tcnwvfyf.dll Has been deleted!

Attempting to delete C:\windows\system32\tjqoawmm.dll
C:\windows\system32\tjqoawmm.dll Has been deleted!

Attempting to delete C:\windows\system32\ufffdrvf.ini
C:\windows\system32\ufffdrvf.ini Has been deleted!

Attempting to delete C:\windows\system32\vrofouix.ini
C:\windows\system32\vrofouix.ini Has been deleted!

Attempting to delete C:\windows\system32\wgfyaahm.ini
C:\windows\system32\wgfyaahm.ini Has been deleted!

Attempting to delete C:\windows\system32\wquieviy.dll
C:\windows\system32\wquieviy.dll Has been deleted!

Attempting to delete C:\windows\system32\xiuoforv.dll
C:\windows\system32\xiuoforv.dll Has been deleted!

Attempting to delete C:\windows\system32\yiveiuqw.ini
C:\windows\system32\yiveiuqw.ini Has been deleted!

Attempting to delete C:\windows\system32\ysmpcoan.dll
C:\windows\system32\ysmpcoan.dll Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 16:18:55, on 2007-06-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\LG Software\RMan\RMan.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\lg_swupdate\tmcheck.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\sys93928.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\nsp1B.tmp\runme.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Mes documents\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/2.5.0.113/fr/download
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02559246-DCAD-4EF3-BF06-022B103795BF} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavHook Object - {07D7F044-2F5F-41B2-BAA5-936814AF0163} - C:\Program Files\Pure Networks\Network Magic\nmbrhelp.dll
O2 - BHO: (no name) - {0C5F8E13-4386-484F-97BD-09CBB27B9447} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7DC4B28A-24C9-4226-99CA-D4A663EE6312} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [RMan] C:\Program Files\LG Software\RMan\RMan.exe
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C60 Series" /O5 "LPT1:" /M "Stylus C60"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: gebyy - C:\WINDOWS\system32\gebyy.dll (file missing)
O20 - Winlogon Notify: jkkjk - C:\WINDOWS\system32\jkkjk.dll (file missing)
O20 - Winlogon Notify: pmnnlmm - pmnnlmm.dll (file missing)
O20 - Winlogon Notify: ssqpm - C:\WINDOWS\system32\ssqpm.dll (file missing)
O20 - Winlogon Notify: winxtx32 - winxtx32.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 22 juin 2007 à 00:10

Télécharge OTMoveIt sur ton bureau
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe

Double clic sur OTMoveIt.exe
Sélectionne et copie les lignes ci-dessous

C:\WINDOWS\system32\aelbmbyj.ini
C:\WINDOWS\system32\tduwkswk.ini
C:\WINDOWS\system32\nuyjgfax.ini
C:\WINDOWS\system32\yybeg.ini
C:\WINDOWS\system32\yybeg.bak1
C:\WINDOWS\system32\yfresbyt.ini
C:\WINDOWS\system32\bpbnhqfx.ini
C:\WINDOWS\system32\kjkkj.bak2
C:\WINDOWS\system32\neqlskpb.ini
C:\WINDOWS\system32\kjkkj.ini2
C:\WINDOWS\system32\unpmffll.ini
C:\WINDOWS\system32\unpmffll.tmp
C:\WINDOWS\system32\eeuivvdb.ini
C:\WINDOWS\system32\rsrljnyf.ini
C:\WINDOWS\system32\pnexxgmr.ini
C:\WINDOWS\system32\uauayudv.ini
C:\WINDOWS\system32\tkuxyyxb.ini
C:\WINDOWS\system32\yjxivori.ini
C:\WINDOWS\system32\hikotyrg.ini
C:\WINDOWS\system32\lvvgbubm.ini
C:\WINDOWS\system32\hjgmbnot.ini
C:\WINDOWS\system32\wswejpog.ini
C:\WINDOWS\system32\kjkkj.tmp
C:\WINDOWS\system32\ljklcnup.ini
C:\WINDOWS\system32\kjkkj.ini
C:\WINDOWS\system32\wquigdsm.ini
C:\WINDOWS\system32\gwspikfa.ini
C:\WINDOWS\system32\emlpvjww.ini
C:\WINDOWS\system32\ueljmeqp.ini
C:\WINDOWS\system32\dpxspiry.ini
C:\WINDOWS\system32\qlpbucnx.ini
C:\WINDOWS\system32\xlsacyni.ini
C:\WINDOWS\system32\fyeasdam.ini
C:\WINDOWS\system32\upstycyi.ini
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\mpqss.tmp
C:\WINDOWS\system32\mpqss.ini
C:\WINDOWS\system32\kqkonoxt.ini
C:\WINDOWS\system32\mpqss.ini2
C:\WINDOWS\system32\qreuknos.ini
C:\WINDOWS\system32\ibbtpojk.ini
C:\WINDOWS\system32\orqss.ini
C:\WINDOWS\system32\yymmgtbm.ini
C:\WINDOWS\system32\sfppbegc.ini
C:\WINDOWS\system32\ikoiqmtt.ini
C:\WINDOWS\system32\aqqkfvat.ini
C:\WINDOWS\system32\qnxneaqc.ini
C:\WINDOWS\system32\jkivrgwx.ini
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\rbkdiiel.ini
C:\WINDOWS\system32\hebqxfvh.ini

Retourne dans OTMoveit, fais un clic droit dans la fenêtre "Paste List of Files/Folders to be moved" et choisis "coller".
Clic sur le boutton rouge Moveit et ferme OTMoveIt
Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir l'exécution, si c'est le cas, clic sur "Yes"
Copie et colle le rapport qu'il va te générer ici stp. Le rapport d'OTMoveit se trouve dans ce dossier : C:\_OTMoveIt\MovedFiles

¤ Télécharge ce fichier
---> http://www.uploads.ejvindh.net/rustbfix.exe

Double clic rustbfix.exe
Si une infection est détectée, une invite t'indiquera qu'il est nécessaire de redémarrer l'ordi.
Ce redémarrage pourrait être plus long que d'habitude, et il est possible que deux redémarrages soient requis.
Suite au(x) redémarrage(s), deux rapports s'ouvriront : avenger.txt et pelog.txt
Copie et colle le contenu de ces deux rapports.

Ajouter un commentaire - Site web

Réponse

marin 22 juin 2007 à 00:26

rustbfix n'a rien détecté, seul le rapport pelog s'est ouvert. Je t'envoie donc le rapport de otmoveit et pelog.txt :
C:\WINDOWS\system32\aelbmbyj.ini moved successfully.
C:\WINDOWS\system32\tduwkswk.ini moved successfully.
C:\WINDOWS\system32\nuyjgfax.ini moved successfully.
C:\WINDOWS\system32\yybeg.ini moved successfully.
C:\WINDOWS\system32\yybeg.bak1 moved successfully.
C:\WINDOWS\system32\yfresbyt.ini moved successfully.
C:\WINDOWS\system32\bpbnhqfx.ini moved successfully.
C:\WINDOWS\system32\kjkkj.bak2 moved successfully.
C:\WINDOWS\system32\neqlskpb.ini moved successfully.
C:\WINDOWS\system32\kjkkj.ini2 moved successfully.
C:\WINDOWS\system32\unpmffll.ini moved successfully.
C:\WINDOWS\system32\unpmffll.tmp moved successfully.
C:\WINDOWS\system32\eeuivvdb.ini moved successfully.
C:\WINDOWS\system32\rsrljnyf.ini moved successfully.
C:\WINDOWS\system32\pnexxgmr.ini moved successfully.
C:\WINDOWS\system32\uauayudv.ini moved successfully.
C:\WINDOWS\system32\tkuxyyxb.ini moved successfully.
C:\WINDOWS\system32\yjxivori.ini moved successfully.
C:\WINDOWS\system32\hikotyrg.ini moved successfully.
C:\WINDOWS\system32\lvvgbubm.ini moved successfully.
C:\WINDOWS\system32\hjgmbnot.ini moved successfully.
C:\WINDOWS\system32\wswejpog.ini moved successfully.
C:\WINDOWS\system32\kjkkj.tmp moved successfully.
C:\WINDOWS\system32\ljklcnup.ini moved successfully.
C:\WINDOWS\system32\kjkkj.ini moved successfully.
C:\WINDOWS\system32\wquigdsm.ini moved successfully.
C:\WINDOWS\system32\gwspikfa.ini moved successfully.
C:\WINDOWS\system32\emlpvjww.ini moved successfully.
C:\WINDOWS\system32\ueljmeqp.ini moved successfully.
C:\WINDOWS\system32\dpxspiry.ini moved successfully.
C:\WINDOWS\system32\qlpbucnx.ini moved successfully.
C:\WINDOWS\system32\xlsacyni.ini moved successfully.
C:\WINDOWS\system32\fyeasdam.ini moved successfully.
C:\WINDOWS\system32\upstycyi.ini moved successfully.
C:\WINDOWS\system32\mpqss.bak1 moved successfully.
C:\WINDOWS\system32\mpqss.tmp moved successfully.
C:\WINDOWS\system32\mpqss.ini moved successfully.
C:\WINDOWS\system32\kqkonoxt.ini moved successfully.
C:\WINDOWS\system32\mpqss.ini2 moved successfully.
C:\WINDOWS\system32\qreuknos.ini moved successfully.
C:\WINDOWS\system32\ibbtpojk.ini moved successfully.
C:\WINDOWS\system32\orqss.ini moved successfully.
C:\WINDOWS\system32\yymmgtbm.ini moved successfully.
C:\WINDOWS\system32\sfppbegc.ini moved successfully.
C:\WINDOWS\system32\ikoiqmtt.ini moved successfully.
C:\WINDOWS\system32\aqqkfvat.ini moved successfully.
C:\WINDOWS\system32\qnxneaqc.ini moved successfully.
C:\WINDOWS\system32\jkivrgwx.ini moved successfully.
C:\WINDOWS\system32\kjkkj.bak1 moved successfully.
C:\WINDOWS\system32\rbkdiiel.ini moved successfully.
C:\WINDOWS\system32\hebqxfvh.ini moved successfully.

Created on 06-21-2007 18:18:23

pelog.txt :

************************* Rustock.b-fix v. 1.01 -- By ejvindh *************************
2007-06-21 18:22:13,03

No Rustock.b-rootkits found

******************************* End of Logfile ********************************

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 22 juin 2007 à 01:12

Télécharge ceci :
http://greatis.com/reanimator.zip

Dézippe le contenu.
Double clic sur reanimator.exe
Clic sur Scan for virus. Dès qu'il a terminé clic sur "Fix problems".
Clic en haut à gauche sur "file" puis "save log to file"
Enregistre le rapport ou tu le trouveras facilement, ferme le logiciel puis copie et colle ici le contenu de ce même rapport, il se peut qu'il soit long vérifie que le contenu soit en entier ;-)

Ajouter un commentaire - Site web

Réponse

marin 22 juin 2007 à 01:34

voici le rapport :
SpyHolesList Version:2.1
2007-06-21 19:29:06
WinDir=C:\WINDOWS
Startup=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\
Common Startup=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
Microsoft Windows XP Service Pack 2 (5.1.2600)
Internet Explorer 7.0.5730.11
[Internet Explorer]
[Default Home Page] :HKLM Default_Page_URL=http://go.microsoft.com/fwlink/?LinkId=69157
[Current Home Page] :HKCU Start Page=http://mail.google.com/...
[Current Home Page] :HKCU HOMEOldSP=""
[Search URL Template] :HKLM 1=www.%s.com
[Search URL Template] :HKLM 2=www.%s.org
[Search URL Template] :HKLM 3=www.%s.net
[Search URL Template] :HKLM 4=www.%s.edu
[All Users Search] :HKLM Default_Search_URL=http://go.microsoft.com/fwlink/?LinkId=54896
[All Users Search] :HKLM Search Page=http://go.microsoft.com/fwlink/?LinkId=54896
[Current Users Search] :HKCU Search Page=http://www.google.com
[Current Users Search] :HKCU Search Bar=http://www.google.com/ie
[IE Local Blank Page] :HKCU Local Page=C:\WINDOWS\system32\blank.htm
[IE Local Blank Page] :HKLM Local Page=%SystemRoot%\system32\blank.htm
[Browser Helper Objects] {02559246-DCAD-4EF3-BF06-022B103795BF}
[Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
[Browser Helper Objects] {07D7F044-2F5F-41B2-BAA5-936814AF0163}=C:\Program Files\Pure Networks\Network Magic\nmbrhelp.dll
[Browser Helper Objects] {0C5F8E13-4386-484F-97BD-09CBB27B9447}=C:\Program Files\Pure Networks\Network Magic\nmbrhelp.dll
[Browser Helper Objects] {22BF413B-C6D2-4d91-82A9-A0F997BA588C}=C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
[Browser Helper Objects] {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
[Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
[Browser Helper Objects] {7DC4B28A-24C9-4226-99CA-D4A663EE6312}=C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
[Browser Helper Objects] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[Browser Helper Objects] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll
[Browser Helper Objects] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
[Auto Search URL] :HKCU provider=""
[Auto Search URL] :HKCU "Default Value"=""
[Search Assistant] :HKCU SearchAssistant=""
[Search Assistant] :HKLM SearchAssistant=http://www.google.com/ie
[Search Assistant] :HKCU CustomizeSearch=""
[Search Assistant] :HKLM CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
[CustomizeSearch] :HKLM CustomizeSearch=""
[URLSearchHook] :HKCU {CFBFAE00-17A6-11D0-99CB-00C04FD64497}=C:\WINDOWS\system32\ieframe.dll
[Default Prefix] :HKLM "Default Value"=http://
[URL Default Prefixes] :HKLM ftp=ftp://
[URL Default Prefixes] :HKLM gopher=gopher://
[URL Default Prefixes] :HKLM home=http://
[URL Default Prefixes] :HKLM mosaic=http://
[URL Default Prefixes] :HKLM www=http://
[Safe Sites] :HKLM ie.search.msn.com=http://ie.search.msn.com/*
[AboutURLs] :HKLM NavigationFailure=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM DesktopItemNavigationFailure=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM NavigationCanceled=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM OfflineInformation=res://ieframe.dll/offcancl.htm
[AboutURLs] :HKLM Home=270
[AboutURLs] :HKLM blank=res://mshtml.dll/blank.htm
[AboutURLs] :HKLM PostNotCached=res://ieframe.dll/repost.htm
[AboutURLs] :HKLM NoAdd-ons=res://ieframe.dll/noaddon.htm
[AboutURLs] :HKLM NoAdd-onsInfo=res://ieframe.dll/noaddoninfo.htm
[AboutURLs] :HKLM SecurityRisk=res://ieframe.dll/securityatrisk.htm
[AboutURLs] :HKLM Tabs=res://ieframe.dll/tabswelcome.htm
[User Style Sheet] :HKCU User Stylesheet=""
[User Style Sheet] :HKUS User Stylesheet=""
[User Style Sheet] :HKCU Use My Stylesheet=0
[User Style Sheet] :HKUS Use My Stylesheet=0
[Execute unsigned ActiveX in My Computer Zone] :HKCU 1201=1
[Execute unsigned ActiveX in My Computer Zone] :HKLM 1201=1
[Execute unsigned ActiveX in Local Intranet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Local Intranet Zone] :HKLM 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKLM 1201=3
[Links Toolbar] :HKCU LinksFolderName=Liens
[Toolbars] :HKLM {2318C2B1-4965-11d4-9B18-009027A5CD4F}=c:\program files\google\googletoolbar2.dll
[Explorer Bars] :HKLM {4D5C8C25-D075-11d0-B416-00C04FB90376}=%SystemRoot%\system32\shdocvw.dll
[IE Extensions - All Users] :HKLM {08B0E5C0-4FCB-11CF-AAA5-00401C608501}=%SystemRoot%\system32\shdocvw.dll
[IE Extensions - All Users] :HKLM {77BF5300-1474-4EC7-9980-D32B190E9B07}=%SystemRoot%\system32\shdocvw.dll
[IE Extensions - All Users] :HKLM {92780B25-18CC-41C8-B9BE-3C9C571A8263}=C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
[IE Extensions - All Users] :HKLM {e2e2dd38-d088-4134-82b7-f2ba38496583}=%windir%\Network Diagnostic\xpnetdiag.exe
[IE Extensions - All Users] :HKLM {FB5F1910-F110-11d2-BB9E-00C04F795683}=C:\Program Files\Messenger\msmsgs.exe
[Proxy] :HKCU ProxyServer=""
[Proxy] :HKCU ProxyEnable=0
[Network Settings]
[Hosts File Path] :HKLM DataBasePath=%SystemRoot%\System32\drivers\etc
[Hosts File Contents] :HKLM 127.0.0.1 localhost
[Domain Name] :HKLM Domain=""
[Name Server] {30914C43-61F9-4532-B9CB-99F893E7EAEC}=192.168.0.1
[WinSock2 Components] :HKLM mswsock.dll=%SystemRoot%\System32\mswsock.dll
[WinSock2 Components] :HKLM winrnr.dll=%SystemRoot%\System32\winrnr.dll
[WinSock2 Components] :HKLM rsvpsp.dll=%SystemRoot%\system32\rsvpsp.dll
[Software Components]
[Internet Components] :HKLM C:\WINDOWS\system32\LegitCheckControl.DLL=C:\WINDOWS\system32\LegitCheckControl.DLL
[Internet Components] :HKLM C:\WINDOWS\system32\muweb.dll=C:\WINDOWS\system32\muweb.dll
[Windows Shell]
[Display Scrap's Extensions] :HKLM NeverShowExt=""
[ScreenSaver] :HKCU SCRNSAVE.EXE=C:\WINDOWS\system32\ssmypics.scr
[System.ini] shell=Explorer.exe
[Main File Extensions] :HKLM .exe="%1" %*
[Main File Extensions] :HKLM .com="%1" %*
[Main File Extensions] :HKLM .pif="%1" %*
[Main File Extensions] :HKLM .cmd="%1" %*
[Main File Extensions] :HKLM .scr="%1" /S
[Main File Extensions] :HKLM .jpg=rundll32.exe C:\WINDOWS\system32\shimgvw.dll,ImageView_Fullscreen %1
[Main File Extensions] :HKLM .jpeg=rundll32.exe C:\WINDOWS\system32\shimgvw.dll,ImageView_Fullscreen %1
[Shell Execute Hooks] :HKLM {AEB6717E-7E19-11d0-97EE-00C04FD91972}=shell32.dll
[Shell Execute Hooks] :HKLM {C72F5FE1-85FF-4BE1-AA6D-BC39456D39CB}=shell32.dll
[Shell Execute Hooks] :HKLM {57B86673-276A-48B2-BAE7-C6DBB3020EB8}=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
[UserInit Value] :HKLM UserInit=C:\WINDOWS\system32\userinit.exe,
[Winlogon Notification] :HKLM AtiExtEvent=Ati2evxx.dll
[Winlogon Notification] :HKLM crypt32chain=crypt32.dll
[Winlogon Notification] :HKLM cryptnet=cryptnet.dll
[Winlogon Notification] :HKLM cscdll=cscdll.dll
[Winlogon Notification] :HKLM gebyy=C:\WINDOWS\system32\gebyy.dll
[Winlogon Notification] :HKLM jkkjk=C:\WINDOWS\system32\jkkjk.dll
[Winlogon Notification] :HKLM pmnnlmm=pmnnlmm.dll
[Winlogon Notification] :HKLM ScCertProp=wlnotify.dll
[Winlogon Notification] :HKLM Schedule=wlnotify.dll
[Winlogon Notification] :HKLM sclgntfy=sclgntfy.dll
[Winlogon Notification] :HKLM SensLogn=WlNotify.dll
[Winlogon Notification] :HKLM ssqpm=C:\WINDOWS\system32\ssqpm.dll
[Winlogon Notification] :HKLM termsrv=wlnotify.dll
[Winlogon Notification] :HKLM WgaLogon=WgaLogon.dll
[Winlogon Notification] :HKLM wlballoon=wlnotify.dll
[Shell Services DelayLoad] :HKLM PostBootReminder=%SystemRoot%\system32\SHELL32.dll
[Shell Services DelayLoad] :HKLM CDBurn=%SystemRoot%\system32\SHELL32.dll
[Shell Services DelayLoad] :HKLM WebCheck=C:\WINDOWS\system32\webcheck.dll
[Shell Services DelayLoad] :HKLM SysTray=C:\WINDOWS\system32\stobject.dll
[Shell Services DelayLoad] :HKLM WPDShServiceObj=C:\WINDOWS\system32\WPDShServiceObj.dll
[Prevents Display in Control Panel from running.] :HKCU NoDispCpl=0
[Disable Registry Tools] :HKCU DisableRegistryTools =0
[SharedTaskScheduler] :HKLM {438755C2-A8BA-11D1-B96B-00A0C90312E1}=%SystemRoot%\system32\browseui.dll
[SharedTaskScheduler] :HKLM {8C7461EF-2B13-11d2-BE35-3078302C2030}=%SystemRoot%\system32\browseui.dll
[Kernel Auto Boot]
[ActiveSetup] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95}=C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[Bootexecute] :HKLM BootExecute=Partizan
autocheck autochk *
[KnownDLLs] :HKLM advapi32=advapi32.dll
[KnownDLLs] :HKLM comdlg32=comdlg32.dll
[KnownDLLs] :HKLM DllDirectory=%SystemRoot%\system32
[KnownDLLs] :HKLM gdi32=gdi32.dll
[KnownDLLs] :HKLM imagehlp=imagehlp.dll
[KnownDLLs] :HKLM kernel32=kernel32.dll
[KnownDLLs] :HKLM lz32=lz32.dll
[KnownDLLs] :HKLM ole32=ole32.dll
[KnownDLLs] :HKLM oleaut32=oleaut32.dll
[KnownDLLs] :HKLM olecli32=olecli32.dll
[KnownDLLs] :HKLM olecnv32=olecnv32.dll
[KnownDLLs] :HKLM olesvr32=olesvr32.dll
[KnownDLLs] :HKLM olethk32=olethk32.dll
[KnownDLLs] :HKLM rpcrt4=rpcrt4.dll
[KnownDLLs] :HKLM shell32=shell32.dll
[KnownDLLs] :HKLM url=url.dll
[KnownDLLs] :HKLM urlmon=urlmon.dll
[KnownDLLs] :HKLM user32=user32.dll
[KnownDLLs] :HKLM version=version.dll
[KnownDLLs] :HKLM wininet=wininet.dll
[KnownDLLs] :HKLM wldap32=wldap32.dll
[Environment - Path] :HKLM Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
[List of Injected DLLs] :HKLM AppInit_DLLs=C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
[Auto Services] aswUpdSv
[Auto Services] Ati HotKey Poller
[Auto Services] AudioSrv
[Auto Services] avast! Antivirus
[Auto Services] AVG Anti-Spyware Guard
[Auto Services] Browser
[Auto Services] CLTNetCnService
[Auto Services] CryptSvc
[Auto Services] DcomLaunch
[Auto Services] Dhcp
[Auto Services] Dnscache
[Auto Services] ERSvc
[Auto Services] Eventlog
[Auto Services] gusvc
[Auto Services] helpsvc
[Auto Services] HidServ
[Auto Services] Irmon
[Auto Services] lanmanserver
[Auto Services] lanmanworkstation
[Auto Services] LmHosts
[Auto Services] nmservice
[Auto Services] PlugPlay
[Auto Services] PolicyAgent
[Auto Services] ProtectedStorage
[Auto Services] RpcSs
[Auto Services] SamSs
[Auto Services] Schedule
[Auto Services] seclogon
[Auto Services] SENS
[Auto Services] SharedAccess
[Auto Services] ShellHWDetection
[Auto Services] Spooler
[Auto Services] srservice
[Auto Services] stisvc
[Auto Services] Themes
[Auto Services] TrkWks
[Auto Services] W32Time
[Auto Services] WebClient
[Auto Services] winmgmt
[Auto Services] wuauserv
[Auto Services] WZCSVC
[Drivers] ntkrnlpa.exe=C:\WINDOWS\SYSTEM32\NTKRNLPA.EXE
[Drivers] hal.dll=C:\WINDOWS\SYSTEM32\HAL.DLL
[Drivers] KDCOM.DLL=C:\WINDOWS\SYSTEM32\KDCOM.DLL
[Drivers] BOOTVID.dll=C:\WINDOWS\SYSTEM32\BOOTVID.DLL
[Drivers] ACPI.sys=C:\WINDOWS\system32\DRIVERS\ACPI.sys
[Drivers] WMILIB.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS
[Drivers] pci.sys=C:\WINDOWS\system32\DRIVERS\pci.sys
[Drivers] isapnp.sys=C:\WINDOWS\system32\DRIVERS\isapnp.sys
[Drivers] ohci1394.sys=C:\WINDOWS\system32\DRIVERS\ohci1394.sys
[Drivers] 1394BUS.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\1394BUS.SYS
[Drivers] compbatt.sys=C:\WINDOWS\system32\DRIVERS\compbatt.sys
[Drivers] BATTC.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\BATTC.SYS
[Drivers] pciide.sys=C:\WINDOWS\system32\DRIVERS\pciide.sys
[Drivers] PCIIDEX.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS
[Drivers] intelide.sys=C:\WINDOWS\system32\DRIVERS\intelide.sys
[Drivers] pcmcia.sys=C:\WINDOWS\system32\DRIVERS\pcmcia.sys
[Drivers] MountMgr.sys=C:\WINDOWS\system32\DRIVERS\MountMgr.sys
[Drivers] ftdisk.sys=C:\WINDOWS\system32\DRIVERS\ftdisk.sys
[Drivers] ACPIEC.sys=C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
[Drivers] OPRGHDLR.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\OPRGHDLR.SYS
[Drivers] PartMgr.sys=C:\WINDOWS\system32\DRIVERS\PartMgr.sys
[Drivers] VolSnap.sys=C:\WINDOWS\system32\DRIVERS\VolSnap.sys
[Drivers] atapi.sys=C:\WINDOWS\system32\DRIVERS\atapi.sys
[Drivers] disk.sys=C:\WINDOWS\system32\DRIVERS\disk.sys
[Drivers] CLASSPNP.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS
[Drivers] fltMgr.sys=C:\WINDOWS\system32\DRIVERS\fltMgr.sys
[Drivers] PxHelp20.sys=C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
[Drivers] KSecDD.sys=C:\WINDOWS\system32\DRIVERS\KSecDD.sys
[Drivers] Ntfs.sys=C:\WINDOWS\system32\DRIVERS\Ntfs.sys
[Drivers] NDIS.sys=C:\WINDOWS\system32\DRIVERS\NDIS.sys
[Drivers] Mup.sys=C:\WINDOWS\system32\DRIVERS\Mup.sys
[Drivers] nic1394.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS
[Drivers] intelppm.sys=C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
[Drivers] wmiacpi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS
[Drivers] CmBatt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS
[Drivers] ati2mtag.sys=C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS
[Drivers] VIDEOPRT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS
[Drivers] HDAudBus.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
[Drivers] yk51x86.sys=C:\WINDOWS\SYSTEM32\DRIVERS\YK51X86.SYS
[Drivers] usbuhci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
[Drivers] USBPORT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS
[Drivers] usbehci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
[Drivers] tifm.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TIFM.SYS
[Drivers] w29n51.sys=C:\WINDOWS\SYSTEM32\DRIVERS\W29N51.SYS
[Drivers] serial.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
[Drivers] serenum.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
[Drivers] parport.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
[Drivers] smcirda.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SMCIRDA.SYS
[Drivers] irenum.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
[Drivers] i8042prt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
[Drivers] kbdclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
[Drivers] SynTP.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS
[Drivers] USBD.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS
[Drivers] mouclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
[Drivers] imapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
[Drivers] pfc.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PFC.SYS
[Drivers] cdrom.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
[Drivers] redbook.sys=C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
[Drivers] ks.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KS.SYS
[Drivers] GEARAspiWDM.sys=C:\WINDOWS\SYSTEM32\DRIVERS\GEARASPIWDM.SYS
[Drivers] audstub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
[Drivers] rasirda.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASIRDA.SYS
[Drivers] TDI.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS
[Drivers] rasl2tp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
[Drivers] ndistapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
[Drivers] ndiswan.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
[Drivers] raspppoe.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
[Drivers] raspptp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
[Drivers] psched.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
[Drivers] msgpc.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
[Drivers] ptilink.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
[Drivers] raspti.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
[Drivers] termdd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
[Drivers] swenum.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
[Drivers] update.sys=C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
[Drivers] mssmbios.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
[Drivers] NDProxy.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS
[Drivers] cmudax.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CMUDAX.SYS
[Drivers] portcls.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS
[Drivers] drmk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS
[Drivers] lgsnd_filter.sys=C:\WINDOWS\SYSTEM32\DRIVERS\LGSND_FILTER.SYS
[Drivers] AGRSM.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AGRSM.SYS
[Drivers] Modem.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MODEM.SYS
[Drivers] usbhub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
[Drivers] Fs_Rec.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
[Drivers] Null.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
[Drivers] Beep.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS
[Drivers] AvgAsCln.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AVGASCLN.SYS
[Drivers] HIDPARSE.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\HIDPARSE.SYS
[Drivers] vga.sys=C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
[Drivers] mnmdd.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS
[Drivers] RDPCDD.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
[Drivers] Msfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS
[Drivers] Npfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS
[Drivers] rasacd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
[Drivers] ipsec.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
[Drivers] tcpip.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[Drivers] aswTdi.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWTDI.SYS
[Drivers] netbt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
[Drivers] ndisipo.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISIPO.SYS
[Drivers] afd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
[Drivers] netbios.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
[Drivers] rdbss.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
[Drivers] mrxsmb.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
[Drivers] Fips.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS
[Drivers] ipnat.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
[Drivers] wanarp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
[Drivers] arp1394.sys=C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS
[Drivers] eeCtrl.sys=C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\EENGINE\EECTRL.SYS
[Drivers] guard.sys=C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.SYS
[Drivers] Aavmker4.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\AAVMKER4.SYS
[Drivers] hidusb.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
[Drivers] HIDCLASS.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\HIDCLASS.SYS
[Drivers] mouhid.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
[Drivers] Cdfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS
[Drivers] kbdhid.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS
[Drivers] atapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DUMP_ATAPI.SYS
[Drivers] WMILIB.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\DUMP_WMILIB.SYS
[Drivers] win32k.sys=C:\WINDOWS\SYSTEM32\WIN32K.SYS
[Drivers] Dxapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS
[Drivers] watchdog.sys=C:\WINDOWS\SYSTEM32\WATCHDOG.SYS
[Drivers] dxg.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXG.SYS
[Drivers] dxgthk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS
[Drivers] ati2dvag.dll=C:\WINDOWS\SYSTEM32\ATI2DVAG.DLL
[Drivers] ati2cqag.dll=C:\WINDOWS\SYSTEM32\ATI2CQAG.DLL
[Drivers] atikvmag.dll=C:\WINDOWS\SYSTEM32\ATIKVMAG.DLL
[Drivers] ati3duag.dll=C:\WINDOWS\SYSTEM32\ATI3DUAG.DLL
[Drivers] ativvaxx.dll=C:\WINDOWS\SYSTEM32\ATIVVAXX.DLL
[Drivers] irda.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IRDA.SYS
[Drivers] ndisuio.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
[Drivers] purendis.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PURENDIS.SYS
[Drivers] aswMon2.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWMON2.SYS
[Drivers] mrxdav.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
[Drivers] wdmaud.sys=C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
[Drivers] sysaudio.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
[Drivers] ParVdm.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
[Drivers] srv.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
[Drivers] aswRdr.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS
[Drivers] HTTP.sys=C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
[Drivers] kmixer.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
[Drivers] ntdll.dll=C:\WINDOWS\SYSTEM32\NTDLL.DLL
[Services detected by Partizan] :HKLM Aavmker4
[Services detected by Partizan] :HKLM Abiosdsk
[Services detected by Partizan] :HKLM abp480n5
[Services detected by Partizan] :HKLM ACPI=system32\DRIVERS\ACPI.sys
[Services detected by Partizan] :HKLM ACPIEC=system32\DRIVERS\ACPIEC.sys
[Services detected by Partizan] :HKLM Adobe LM Service="C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe"
[Services detected by Partizan] :HKLM adpu160m
[Services detected by Partizan] :HKLM aec=system32\drivers\aec.sys
[Services detected by Partizan] :HKLM AFD=\SystemRoot\System32\drivers\afd.sys
[Services detected by Partizan] :HKLM AgereSoftModem=system32\DRIVERS\AGRSM.sys
[Services detected by Partizan] :HKLM Aha154x
[Services detected by Partizan] :HKLM aic78u2
[Services detected by Partizan] :HKLM aic78xx
[Services detected by Partizan] :HKLM Alerter=%SystemRoot%\system32\svchost.exe -k LocalService
[Services detected by Partizan] :HKLM ALG=%SystemRoot%\System32\alg.exe
[Services detected by Partizan] :HKLM AliIde
[Services detected by Partizan] :HKLM amsint
[Services detected by Partizan] :HKLM AppMgmt=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Arp1394=system32\DRIVERS\arp1394.sys
[Services detected by Partizan] :HKLM asc
[Services detected by Partizan] :HKLM asc3350p
[Services detected by Partizan] :HKLM asc3550
[Services detected by Partizan] :HKLM aswMon2
[Services detected by Partizan] :HKLM aswRdr
[Services detected by Partizan] :HKLM aswTdi
[Services detected by Partizan] :HKLM aswUpdSv="C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
[Services detected by Partizan] :HKLM AsyncMac=system32\DRIVERS\asyncmac.sys
[Services detected by Partizan] :HKLM atapi=system32\DRIVERS\atapi.sys
[Services detected by Partizan] :HKLM Atdisk
[Services detected by Partizan] :HKLM Ati HotKey Poller=%SystemRoot%\system32\Ati2evxx.exe
[Services detected by Partizan] :HKLM ati2mtag=system32\DRIVERS\ati2mtag.sys
[Services detected by Partizan] :HKLM Atierecord
[Services detected by Partizan] :HKLM Atmarpc=system32\DRIVERS\atmarpc.sys
[Services detected by Partizan] :HKLM AudioSrv=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM audstub=system32\DRIVERS\audstub.sys
[Services detected by Partizan] :HKLM avast! Antivirus="C:\Program Files\Alwil Software\Avast4\ashServ.exe"
[Services detected by Partizan] :HKLM avast! Mail Scanner="C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
[Services detected by Partizan] :HKLM avast! Web Scanner="C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
[Services detected by Partizan] :HKLM AVG Anti-Spyware Driver=\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
[Services detected by Partizan] :HKLM AVG Anti-Spyware Guard=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
[Services detected by Partizan] :HKLM AvgAsCln=System32\DRIVERS\AvgAsCln.sys
[Services detected by Partizan] :HKLM BattC
[Services detected by Partizan] :HKLM Beep
[Services detected by Partizan] :HKLM BITS=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Browser=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM cbidf2k
[Services detected by Partizan] :HKLM CCDECODE=system32\DRIVERS\CCDECODE.sys
[Services detected by Partizan] :HKLM cd20xrnt
[Services detected by Partizan] :HKLM Cdaudio
[Services detected by Partizan] :HKLM Cdfs
[Services detected by Partizan] :HKLM Cdrom=system32\DRIVERS\cdrom.sys
[Services detected by Partizan] :HKLM Changer
[Services detected by Partizan] :HKLM CiSvc=%SystemRoot%\system32\cisvc.exe
[Services detected by Partizan] :HKLM ClipSrv=%SystemRoot%\system32\clipsrv.exe
[Services detected by Partizan] :HKLM CLTNetCnService="C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon
[Services detected by Partizan] :HKLM CmBatt=system32\DRIVERS\CmBatt.sys
[Services detected by Partizan] :HKLM CmdIde
[Services detected by Partizan] :HKLM cmudax=system32\drivers\cmudax.sys
[Services detected by Partizan] :HKLM Compbatt=system32\DRIVERS\compbatt.sys
[Services detected by Partizan] :HKLM COMSysApp=C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[Services detected by Partizan] :HKLM ContentFilter
[Services detected by Partizan] :HKLM ContentIndex
[Services detected by Partizan] :HKLM Cpqarray
[Services detected by Partizan] :HKLM CryptSvc=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM dac2w2k
[Services detected by Partizan] :HKLM dac960nt
[Services detected by Partizan] :HKLM DcomLaunch=%SystemRoot%\system32\svchost -k DcomLaunch
[Services detected by Partizan] :HKLM Dhcp=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Disk=system32\DRIVERS\disk.sys
[Services detected by Partizan] :HKLM dmadmin=%SystemRoot%\System32\dmadmin.exe /com
[Services detected by Partizan] :HKLM dmboot=System32\drivers\dmboot.sys
[Services detected by Partizan] :HKLM dmio=System32\drivers\dmio.sys
[Services detected by Partizan] :HKLM dmload=System32\drivers\dmload.sys
[Services detected by Partizan] :HKLM dmserver=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM DMusic=system32\drivers\DMusic.sys
[Services detected by Partizan] :HKLM Dnscache=%SystemRoot%\system32\svchost.exe -k NetworkService
[Services detected by Partizan] :HKLM dpti2o
[Services detected by Partizan] :HKLM drmkaud=system32\drivers\drmkaud.sys
[Services detected by Partizan] :HKLM eeCtrl=\??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys
[Services detected by Partizan] :HKLM ERSvc=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Eventlog=%SystemRoot%\system32\services.exe
[Services detected by Partizan] :HKLM EventSystem=C:\WINDOWS\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Fastfat
[Services detected by Partizan] :HKLM FastUserSwitchingCompatibility=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Fdc
[Services detected by Partizan] :HKLM Fips
[Services detected by Partizan] :HKLM Flpydisk
[Services detected by Partizan] :HKLM FltMgr=system32\DRIVERS\fltMgr.sys
[Services detected by Partizan] :HKLM Fs_Rec
[Services detected by Partizan] :HKLM Ftdisk=system32\DRIVERS\ftdisk.sys
[Services detected by Partizan] :HKLM GEARAspiWDM=System32\Drivers\GEARAspiWDM.sys
[Services detected by Partizan] :HKLM GoogleDesktopManager="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
[Services detected by Partizan] :HKLM Gpc=system32\DRIVERS\msgpc.sys
[Services detected by Partizan] :HKLM gusvc="C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
[Services detected by Partizan] :HKLM HdAudAddService=system32\drivers\HdAudio.sys
[Services detected by Partizan] :HKLM HDAudBus=system32\DRIVERS\HDAudBus.sys
[Services detected by Partizan] :HKLM helpsvc=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM HidServ=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM hidusb=system32\DRIVERS\hidusb.sys
[Services detected by Partizan] :HKLM hpn
[Services detected by Partizan] :HKLM HTTP=System32\Drivers\HTTP.sys
[Services detected by Partizan] :HKLM HTTPFilter=%SystemRoot%\System32\svchost.exe -k HTTPFilter
[Services detected by Partizan] :HKLM i2omgmt
[Services detected by Partizan] :HKLM i2omp
[Services detected by Partizan] :HKLM i8042prt=system32\DRIVERS\i8042prt.sys
[Services detected by Partizan] :HKLM Imapi=system32\DRIVERS\imapi.sys
[Services detected by Partizan] :HKLM ImapiService=C:\WINDOWS\system32\imapi.exe
[Services detected by Partizan] :HKLM inetaccs
[Services detected by Partizan] :HKLM ini910u
[Services detected by Partizan] :HKLM Inport
[Services detected by Partizan] :HKLM IntelIde=system32\DRIVERS\intelide.sys
[Services detected by Partizan] :HKLM intelppm=system32\DRIVERS\intelppm.sys
[Services detected by Partizan] :HKLM Ip6Fw=system32\DRIVERS\Ip6Fw.sys
[Services detected by Partizan] :HKLM IpFilterDriver=system32\DRIVERS\ipfltdrv.sys
[Services detected by Partizan] :HKLM IpInIp=system32\DRIVERS\ipinip.sys
[Services detected by Partizan] :HKLM IpNat=system32\DRIVERS\ipnat.sys
[Services detected by Partizan] :HKLM iPod Service="C:\Program Files\iPod\bin\iPodService.exe"
[Services detected by Partizan] :HKLM IPOperator
[Services detected by Partizan] :HKLM IPSec=system32\DRIVERS\ipsec.sys
[Services detected by Partizan] :HKLM irda=system32\DRIVERS\irda.sys
[Services detected by Partizan] :HKLM IRENUM=system32\DRIVERS\irenum.sys
[Services detected by Partizan] :HKLM Irmon=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM ISAPISearch
[Services detected by Partizan] :HKLM isapnp=system32\DRIVERS\isapnp.sys
[Services detected by Partizan] :HKLM Kbdclass=system32\DRIVERS\kbdclass.sys
[Services detected by Partizan] :HKLM kbdhid=system32\DRIVERS\kbdhid.sys
[Services detected by Partizan] :HKLM kmixer=system32\drivers\kmixer.sys
[Services detected by Partizan] :HKLM KSecDD
[Services detected by Partizan] :HKLM lanmanserver=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM lanmanworkstation=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM lbrtfdc
[Services detected by Partizan] :HKLM ldap
[Services detected by Partizan] :HKLM LGCPU100
[Services detected by Partizan] :HKLM lgsnd_filter=system32\drivers\lgsnd_filter.sys
[Services detected by Partizan] :HKLM LG_Wallpaper
[Services detected by Partizan] :HKLM LicenseService
[Services detected by Partizan] :HKLM LmHosts=%SystemRoot%\system32\svchost.exe -k LocalService
[Services detected by Partizan] :HKLM Messenger=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM mnmdd
[Services detected by Partizan] :HKLM mnmsrvc=C:\WINDOWS\system32\mnmsrvc.exe
[Services detected by Partizan] :HKLM Modem
[Services detected by Partizan] :HKLM Mouclass=system32\DRIVERS\mouclass.sys
[Services detected by Partizan] :HKLM mouhid=system32\DRIVERS\mouhid.sys
[Services detected by Partizan] :HKLM MountMgr
[Services detected by Partizan] :HKLM mraid35x
[Services detected by Partizan] :HKLM MRxDAV=system32\DRIVERS\mrxdav.sys
[Services detected by Partizan] :HKLM MRxSmb=system32\DRIVERS\mrxsmb.sys
[Services detected by Partizan] :HKLM MSDTC=C:\WINDOWS\system32\msdtc.exe
[Services detected by Partizan] :HKLM Msfs
[Services detected by Partizan] :HKLM MSIServer=C:\WINDOWS\system32\msiexec.exe /V
[Services detected by Partizan] :HKLM MSKSSRV=system32\drivers\MSKSSRV.sys
[Services detected by Partizan] :HKLM MSPCLOCK=system32\drivers\MSPCLOCK.sys
[Services detected by Partizan] :HKLM MSPQM=system32\drivers\MSPQM.sys
[Services detected by Partizan] :HKLM mssmbios=system32\DRIVERS\mssmbios.sys
[Services detected by Partizan] :HKLM MSTEE=system32\drivers\MSTEE.sys
[Services detected by Partizan] :HKLM Mup
[Services detected by Partizan] :HKLM NABTSFEC=system32\DRIVERS\NABTSFEC.sys
[Services detected by Partizan] :HKLM NDIS
[Services detected by Partizan] :HKLM NdisIP=system32\DRIVERS\NdisIP.sys
[Services detected by Partizan] :HKLM Ndisipo=system32\DRIVERS\ndisipo.sys
[Services detected by Partizan] :HKLM NdisTapi=system32\DRIVERS\ndistapi.sys
[Services detected by Partizan] :HKLM Ndisuio=system32\DRIVERS\ndisuio.sys
[Services detected by Partizan] :HKLM NdisWan=system32\DRIVERS\ndiswan.sys
[Services detected by Partizan] :HKLM NDProxy
[Services detected by Partizan] :HKLM NetBIOS=system32\DRIVERS\netbios.sys
[Services detected by Partizan] :HKLM NetBT=system32\DRIVERS\netbt.sys
[Services detected by Partizan] :HKLM NetDDE=%SystemRoot%\system32\netdde.exe
[Services detected by Partizan] :HKLM NetDDEdsdm=%SystemRoot%\system32\netdde.exe
[Services detected by Partizan] :HKLM Netlogon=%SystemRoot%\system32\lsass.exe
[Services detected by Partizan] :HKLM Netman=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM NIC1394=system32\DRIVERS\nic1394.sys
[Services detected by Partizan] :HKLM Nla=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM nmraapache="C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice
[Services detected by Partizan] :HKLM nmservice="C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe"
[Services detected by Partizan] :HKLM Npfs
[Services detected by Partizan] :HKLM Ntfs
[Services detected by Partizan] :HKLM NtLmSsp=%SystemRoot%\system32\lsass.exe
[Services detected by Partizan] :HKLM NtmsSvc=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Null
[Services detected by Partizan] :HKLM NwlnkFlt=system32\DRIVERS\nwlnkflt.sys
[Services detected by Partizan] :HKLM NwlnkFwd=system32\DRIVERS\nwlnkfwd.sys
[Services detected by Partizan] :HKLM ohci1394=system32\DRIVERS\ohci1394.sys
[Services detected by Partizan] :HKLM ose="C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
[Services detected by Partizan] :HKLM Parport=system32\DRIVERS\parport.sys
[Services detected by Partizan] :HKLM Partizan=system32\drivers\Partizan.sys
[Services detected by Partizan] :HKLM PartMgr
[Services detected by Partizan] :HKLM ParVdm
[Services detected by Partizan] :HKLM PCI=system32\DRIVERS\pci.sys
[Services detected by Partizan] :HKLM PCIDump
[Services detected by Partizan] :HKLM PCIIde=system32\DRIVERS\pciide.sys
[Services detected by Partizan] :HKLM Pcmcia=system32\DRIVERS\pcmcia.sys
[Services detected by Partizan] :HKLM PDCOMP
[Services detected by Partizan] :HKLM PDFRAME
[Services detected by Partizan] :HKLM PDRELI
[Services detected by Partizan] :HKLM PDRFRAME
[Services detected by Partizan] :HKLM perc2
[Services detected by Partizan] :HKLM perc2hib
[Services detected by Partizan] :HKLM PerfDisk
[Services detected by Partizan] :HKLM PerfNet
[Services detected by Partizan] :HKLM PerfOS
[Services detected by Partizan] :HKLM PerfProc
[Services detected by Partizan] :HKLM pfc=system32\drivers\pfc.sys
[Services detected by Partizan] :HKLM PlugPlay=%SystemRoot%\system32\services.exe
[Services detected by Partizan] :HKLM PolicyAgent=%SystemRoot%\system32\lsass.exe
[Services detected by Partizan] :HKLM PptpMiniport=system32\DRIVERS\raspptp.sys
[Services detected by Partizan] :HKLM ProtectedStorage=%SystemRoot%\system32\lsass.exe
[Services detected by Partizan] :HKLM PSched=system32\DRIVERS\psched.sys
[Services detected by Partizan] :HKLM Ptilink=system32\DRIVERS\ptilink.sys
[Services detected by Partizan] :HKLM purendis=system32\DRIVERS\purendis.sys
[Services detected by Partizan] :HKLM PxHelp20=System32\Drivers\PxHelp20.sys
[Services detected by Partizan] :HKLM ql1080
[Services detected by Partizan] :HKLM Ql10wnt
[Services detected by Partizan] :HKLM ql12160
[Services detected by Partizan] :HKLM ql1240
[Services detected by Partizan] :HKLM ql1280
[Services detected by Partizan] :HKLM RasAcd=system32\DRIVERS\rasacd.sys
[Services detected by Partizan] :HKLM RasAuto=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Rasirda=system32\DRIVERS\rasirda.sys
[Services detected by Partizan] :HKLM Rasl2tp=system32\DRIVERS\rasl2tp.sys
[Services detected by Partizan] :HKLM RasMan=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM RasPppoe=system32\DRIVERS\raspppoe.sys
[Services detected by Partizan] :HKLM Raspti=system32\DRIVERS\raspti.sys
[Services detected by Partizan] :HKLM Rdbss=system32\DRIVERS\rdbss.sys
[Services detected by Partizan] :HKLM RDPCDD=System32\DRIVERS\RDPCDD.sys
[Services detected by Partizan] :HKLM RDPDD
[Services detected by Partizan] :HKLM RDPNP
[Services detected by Partizan] :HKLM RDPWD
[Services detected by Partizan] :HKLM RDSessMgr=C:\WINDOWS\system32\sessmgr.exe
[Services detected by Partizan] :HKLM redbook=system32\DRIVERS\redbook.sys
[Services detected by Partizan] :HKLM RemoteAccess=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM RMan
[Services detected by Partizan] :HKLM RpcLocator=%SystemRoot%\system32\locator.exe
[Services detected by Partizan] :HKLM RpcSs=%SystemRoot%\system32\svchost -k rpcss
[Services detected by Partizan] :HKLM RSVP=%SystemRoot%\system32\rsvp.exe
[Services detected by Partizan] :HKLM SamSs=%SystemRoot%\system32\lsass.exe
[Services detected by Partizan] :HKLM SCardSvr=%SystemRoot%\System32\SCardSvr.exe
[Services detected by Partizan] :HKLM Schedule=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Secdrv=system32\DRIVERS\secdrv.sys
[Services detected by Partizan] :HKLM seclogon=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM SENS=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM serenum=system32\DRIVERS\serenum.sys
[Services detected by Partizan] :HKLM Serial=system32\DRIVERS\serial.sys
[Services detected by Partizan] :HKLM Sfloppy
[Services detected by Partizan] :HKLM SharedAccess=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM ShellHWDetection=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Simbad
[Services detected by Partizan] :HKLM SLIP=system32\DRIVERS\SLIP.sys
[Services detected by Partizan] :HKLM SMCIRDA=system32\DRIVERS\smcirda.sys
[Services detected by Partizan] :HKLM Sparrow
[Services detected by Partizan] :HKLM splitter=system32\drivers\splitter.sys
[Services detected by Partizan] :HKLM Spooler=%SystemRoot%\system32\spoolsv.exe
[Services detected by Partizan] :HKLM sr=\SystemRoot\system32\DRIVERS\sr.sys
[Services detected by Partizan] :HKLM srservice=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Srv=system32\DRIVERS\srv.sys
[Services detected by Partizan] :HKLM SSDPSRV=%SystemRoot%\system32\svchost.exe -k LocalService
[Services detected by Partizan] :HKLM stisvc=%SystemRoot%\system32\svchost.exe -k imgsvc
[Services detected by Partizan] :HKLM streamip=system32\DRIVERS\StreamIP.sys
[Services detected by Partizan] :HKLM swenum=system32\DRIVERS\swenum.sys
[Services detected by Partizan] :HKLM swmidi=system32\drivers\swmidi.sys
[Services detected by Partizan] :HKLM SwPrv=C:\WINDOWS\system32\dllhost.exe /Processid:{7B06F0E1-5FA9-4BCA-BF53-B24A4DFD2308}
[Services detected by Partizan] :HKLM symc810
[Services detected by Partizan] :HKLM symc8xx
[Services detected by Partizan] :HKLM sym_hi
[Services detected by Partizan] :HKLM sym_u3
[Services detected by Partizan] :HKLM SynTP=system32\DRIVERS\SynTP.sys
[Services detected by Partizan] :HKLM sysaudio=system32\drivers\sysaudio.sys
[Services detected by Partizan] :HKLM SysmonLog=%SystemRoot%\system32\smlogsvc.exe
[Services detected by Partizan] :HKLM TapiSrv=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Tcpip=system32\DRIVERS\tcpip.sys
[Services detected by Partizan] :HKLM TDPIPE
[Services detected by Partizan] :HKLM TDTCP
[Services detected by Partizan] :HKLM TermDD=system32\DRIVERS\termdd.sys
[Services detected by Partizan] :HKLM TermService=%SystemRoot%\System32\svchost -k DComLaunch
[Services detected by Partizan] :HKLM Themes=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM tifm=system32\drivers\tifm.sys
[Services detected by Partizan] :HKLM TosIde
[Services detected by Partizan] :HKLM TrkWks=%SystemRoot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM TSDDD
[Services detected by Partizan] :HKLM Udfs
[Services detected by Partizan] :HKLM ultra
[Services detected by Partizan] :HKLM Update=system32\DRIVERS\update.sys
[Services detected by Partizan] :HKLM upnphost=%SystemRoot%\system32\svchost.exe -k LocalService
[Services detected by Partizan] :HKLM UPS=%SystemRoot%\System32\ups.exe
[Services detected by Partizan] :HKLM usbehci=system32\DRIVERS\usbehci.sys
[Services detected by Partizan] :HKLM usbhub=system32\DRIVERS\usbhub.sys
[Services detected by Partizan] :HKLM USBSTOR=system32\DRIVERS\USBSTOR.SYS
[Services detected by Partizan] :HKLM usbuhci=system32\DRIVERS\usbuhci.sys
[Services detected by Partizan] :HKLM usnsvc=C:\WINDOWS\system32\svchost.exe -k usnsvc
[Services detected by Partizan] :HKLM VgaSave=\SystemRoot\System32\drivers\vga.sys
[Services detected by Partizan] :HKLM ViaIde
[Services detected by Partizan] :HKLM VolSnap
[Services detected by Partizan] :HKLM VSS=%SystemRoot%\System32\vssvc.exe
[Services detected by Partizan] :HKLM VXD
[Services detected by Partizan] :HKLM w29n51=system32\DRIVERS\w29n51.sys
[Services detected by Partizan] :HKLM W32Time=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM W3SVC
[Services detected by Partizan] :HKLM Wanarp=system32\DRIVERS\wanarp.sys
[Services detected by Partizan] :HKLM WDICA
[Services detected by Partizan] :HKLM wdmaud=system32\drivers\wdmaud.sys
[Services detected by Partizan] :HKLM WebClient=%SystemRoot%\system32\svchost.exe -k LocalService
[Services detected by Partizan] :HKLM winmgmt=%systemroot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM Winsock
[Services detected by Partizan] :HKLM WinSock2
[Services detected by Partizan] :HKLM WinTrust
[Services detected by Partizan] :HKLM WmdmPmSN=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM WmiAcpi=system32\DRIVERS\wmiacpi.sys
[Services detected by Partizan] :HKLM WmiApRpl
[Services detected by Partizan] :HKLM WmiApSrv=C:\WINDOWS\system32\wbem\wmiapsrv.exe
[Services detected by Partizan] :HKLM WMPNetworkSvc="C:\Program Files\Windows Media Player\WMPNetwk.exe"
[Services detected by Partizan] :HKLM WS2IFSL=\SystemRoot\System32\drivers\ws2ifsl.sys
[Services detected by Partizan] :HKLM wscsvc=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM WSTCODEC=system32\DRIVERS\WSTCODEC.SYS
[Services detected by Partizan] :HKLM wuauserv=%systemroot%\system32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM WudfPf=system32\DRIVERS\WudfPf.sys
[Services detected by Partizan] :HKLM WudfRd=system32\DRIVERS\wudfrd.sys
[Services detected by Partizan] :HKLM WudfSvc=%SystemRoot%\system32\svchost.exe -k WudfServiceGroup
[Services detected by Partizan] :HKLM WZCSVC=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM xmlprov=%SystemRoot%\System32\svchost.exe -k netsvcs
[Services detected by Partizan] :HKLM yukonwxp=system32\DRIVERS\yk51x86.sys
[Services detected by Partizan] :HKLM {30914C43-61F9-4532-B9CB-99F893E7EAEC}
[Services detected by Partizan] :HKLM {32469DC6-18E9-4E94-AE6A-EC49B2BDF37E}
[Services detected by Partizan] :HKLM {55A62DFA-6926-4820-B525-EEFFB082782C}
[Services detected by Partizan] :HKLM {5F3B1B36-1DF9-453C-8AF7-4CEC9DFB2988}
[Auto Start Apps]
[Registry Run] :HKCU EPSON Stylus C60 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C60 Series" /O5 "LPT1:" /M "Stylus C60"
[Registry Run] :HKCU ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
[Registry Run] :HKCU swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[Registry Run] :HKLM ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[Registry Run] :HKLM LG Intelligent Update="C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
[Registry Run] :HKLM Raccourci vers la page des propriétés de High Definition Audio=HDAShCut.exe
[Registry Run] :HKLM Cmaudio=RunDll32 cmicnfg.cpl,CMICtrlWnd
[Registry Run] :HKLM SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[Registry Run] :HKLM SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[Registry Run] :HKLM AGRSMMSG=AGRSMMSG.exe
[Registry Run] :HKLM RMan=C:\Program Files\LG Software\RMan\RMan.exe
[Registry Run] :HKLM IPO3="C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
[Registry Run] :HKLM batterymiser="C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
[Registry Run] :HKLM QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
[Registry Run] :HKLM iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
[Registry Run] :HKLM RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
[Registry Run] :HKLM NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
[Registry Run] :HKLM nmapp="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
[Registry Run] :HKLM SunJavaUpdateSched="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
[Registry Run] :HKLM KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
[Registry Run] :HKLM Adobe Photo Downloader="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
[Registry Run] :HKLM Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[Registry Run] :HKLM avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[Registry Run] :HKLM !AVG Anti-Spyware="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[Registry RunOnceEx] :HKLM @Regrun2
[Win.ini] load=""
[Win.ini] run=""
[Common Startup Folder] Adobe Gamma.lnk=C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
[Common Startup Folder] Adobe Reader Synchronizer.lnk=C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
[In memory]
[Running Processes] C:\WINDOWS\SYSTEM32\SMSS.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\WINLOGON.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\SERVICES.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\LSASS.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
[Running Processes] C:\WINDOWS\EXPLORER.EXE
[Running Processes] C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
[Running Processes] C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
[Running Processes] C:\RANIMA~1\REANIM~1.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
[Running Processes] C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE
[Running Processes] C:\PROGRAM FILES\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Running Processes] C:\PROGRAM FILES\PURE NETWORKS\NETWORK MAGIC\NMSRVC.EXE
[Running Processes] C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
[Running Processes] C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
[Loaded DLLs] C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll
[Loaded DLLs] C:\WINDOWS\system32\OLEACC.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll
[Loaded DLLs] C:\WINDOWS\system32\security.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\French\langmai.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\French\Lang.dll
[Loaded DLLs] C:\WINDOWS\system32\MFC71.DLL
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\XT1922.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\ashUInt.dll
[Loaded DLLs] C:\WINDOWS\system32\SSDPAPI.dll
[Loaded DLLs] C:\WINDOWS\system32\upnp.dll
[Loaded DLLs] C:\WINDOWS\system32\wuapi.dll
[Loaded DLLs] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
[Loaded DLLs] C:\WINDOWS\system32\Normaliz.dll
[Loaded DLLs] C:\Program Files\Pure Networks\Network Magic\nmrasv.dll
[Loaded DLLs] C:\Program Files\Pure Networks\Network Magic\svcrsrc.dll
[Loaded DLLs] C:\Program Files\Pure Networks\Network Magic\nmcore.dll
[Loaded DLLs] C:\Program Files\Pure Networks\Network Magic\nmagnt.dll
[Loaded DLLs] C:\WINDOWS\system32\MSVCR70.dll
[Loaded DLLs] C:\WINDOWS\system32\MSVCP70.dll
[Loaded DLLs] C:\WINDOWS\system32\actxprxy.dll
[Loaded DLLs] c:\windows\system32\mscms.dll
[Loaded DLLs] c:\windows\system32\CFGMGR32.dll
[Loaded DLLs] c:\windows\system32\wiaservc.dll
[Loaded DLLs] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll
[Loaded DLLs] C:\WINDOWS\system32\inetpp.dll
[Loaded DLLs] C:\WINDOWS\system32\NETRAP.dll
[Loaded DLLs] C:\WINDOWS\system32\win32spl.dll
[Loaded DLLs] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
[Loaded DLLs] C:\WINDOWS\system32\usbmon.dll
[Loaded DLLs] C:\WINDOWS\system32\tcpmon.dll
[Loaded DLLs] C:\WINDOWS\system32\pjlmon.dll
[Loaded DLLs] C:\WINDOWS\system32\mdimon.dll
[Loaded DLLs] C:\WINDOWS\system32\EBPMON3.DLL
[Loaded DLLs] C:\WINDOWS\system32\cnbjmon.dll
[Loaded DLLs] C:\WINDOWS\system32\localspl.dll
[Loaded DLLs] C:\WINDOWS\system32\SPOOLSS.DLL
[Loaded DLLs] C:\WINDOWS\system32\mstask.dll
[Loaded DLLs] C:\WINDOWS\system32\ntshrui.dll
[Loaded DLLs] C:\WINDOWS\system32\LINKINFO.dll
[Loaded DLLs] C:\WINDOWS\system32\RICHED20.dll
[Loaded DLLs] C:\WINDOWS\system32\RICHED32.DLL
[Loaded DLLs] C:\WINDOWS\system32\OLEPRO32.DLL
[Loaded DLLs] C:\WINDOWS\system32\SHFOLDER.DLL
[Loaded DLLs] C:\WINDOWS\system32\urlmon.dll
[Loaded DLLs] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
[Loaded DLLs] C:\WINDOWS\system32\bmpsap.dll
[Loaded DLLs] C:\WINDOWS\system32\MLANG.dll
[Loaded DLLs] C:\WINDOWS\system32\iernonce.dll
[Loaded DLLs] C:\WINDOWS\system32\perfos.dll
[Loaded DLLs] C:\WINDOWS\system32\ICMP.DLL
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\AhResWS.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\AhResStd.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\ahResP2P.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\AhResOut.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\AhResNS.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\ahResMes.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\AhResMai.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\French\Base.dll
[Loaded DLLs] C:\WINDOWS\system32\dbghelp.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\Aavm4h.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswIdle.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswInteg.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\ashTask.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\ashBase.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswScan.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswEngin.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswAux.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswCmnB.dll
[Loaded DLLs] C:\WINDOWS\system32\MSVCR71.dll
[Loaded DLLs] C:\WINDOWS\system32\MSVCP71.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll
[Loaded DLLs] C:\Program Files\Alwil Software\Avast4\aswCmnS.dll
[Loaded DLLs] C:\WINDOWS\system32\MSIMG32.dll
[Loaded DLLs] C:\WINDOWS\system32\themeui.dll
[Loaded DLLs] C:\WINDOWS\system32\Normaliz.dll
[Loaded DLLs] C:\WINDOWS\system32\SHDOCVW.dll
[Loaded DLLs] C:\WINDOWS\system32\BROWSEUI.dll
[Loaded DLLs] C:\WINDOWS\system32\Ati2edxx.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wbemprox.dll
[Loaded DLLs] C:\WINDOWS\system32\msi.dll
[Loaded DLLs] C:\WINDOWS\system32\advpack.dll
[Loaded DLLs] C:\WINDOWS\System32\winrnr.dll
[Loaded DLLs] C:\WINDOWS\System32\rastls.dll
[Loaded DLLs] C:\WINDOWS\System32\raschap.dll
[Loaded DLLs] C:\WINDOWS\System32\ntlsapi.dll
[Loaded DLLs] C:\WINDOWS\System32\rasppp.dll
[Loaded DLLs] C:\WINDOWS\System32\hidphone.tsp
[Loaded DLLs] C:\WINDOWS\system32\wups2.dll
[Loaded DLLs] C:\WINDOWS\System32\h323.tsp
[Loaded DLLs] C:\WINDOWS\System32\ipconf.tsp
[Loaded DLLs] C:\WINDOWS\System32\ndptsp.tsp
[Loaded DLLs] C:\WINDOWS\System32\kmddsp.tsp
[Loaded DLLs] C:\WINDOWS\system32\modemui.dll
[Loaded DLLs] C:\WINDOWS\System32\unimdmat.dll
[Loaded DLLs] C:\WINDOWS\System32\uniplat.dll
[Loaded DLLs] C:\WINDOWS\System32\unimdm.tsp
[Loaded DLLs] C:\WINDOWS\System32\rastapi.dll
[Loaded DLLs] c:\windows\system32\tapisrv.dll
[Loaded DLLs] C:\WINDOWS\System32\netcfgx.dll
[Loaded DLLs] C:\WINDOWS\System32\rasmans.dll
[Loaded DLLs] C:\WINDOWS\System32\rasadhlp.dll
[Loaded DLLs] C:\WINDOWS\system32\msxml3.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\ncprov.dll
[Loaded DLLs] C:\WINDOWS\system32\wups.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wbemess.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wmiprvsd.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\repdrvfs.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wmiutils.dll
[Loaded DLLs] C:\WINDOWS\system32\wbem\wbemsvc.dll
[Loaded DLLs] C:\WINDOWS\System32\Wbem\FastProx.dll
[Loaded DLLs] C:\WINDOWS\System32\Wbem\wbemcomn.dll
[Loaded DLLs] C:\WINDOWS\System32\Wbem\esscli.dll
[Loaded DLLs] C:\WINDOWS\System32\Wbem\wbemcore.dll
[Loaded DLLs] c:\windows\system32\browser.dll
[Loaded DLLs] c:\windows\system32\ipnathlp.dll
[Loaded DLLs] c:\windows\system32\sens.dll
[Loaded DLLs] C:\WINDOWS\System32\RESUTILS.DLL
[Loaded DLLs] C:\WINDOWS\System32\CLUSAPI.DLL
[Loaded DLLs] C:\WINDOWS\system32\WSOCK32.dll
[Loaded DLLs] C:\WINDOWS\system32\MTXCLU.DLL
[Loaded DLLs] C:\WINDOWS\system32\colbact.DLL
[Loaded DLLs] C:\WINDOWS\system32\comsvcs.dll
[Loaded DLLs] c:\windows\pchealth\helpctr\binaries\pchsvc.dll
[Loaded DLLs] c:\windows\system32\HID.DLL
[Loaded DLLs] c:\windows\system32\hidserv.dll
[Loaded DLLs] c:\windows\system32\srvsvc.dll
[Loaded DLLs] c:\windows\system32\credui.dll
[Loaded DLLs] c:\windows\system32\netshell.dll
[Loaded DLLs] c:\windows\system32\netman.dll
[Loaded DLLs] c:\windows\system32\seclogon.dll
[Loaded DLLs] c:\windows\system32\POWRPROF.dll
[Loaded DLLs] c:\windows\system32\srsvc.dll
[Loaded DLLs] c:\windows\system32\trkwks.dll
[Loaded DLLs] C:\WINDOWS\System32\mspatcha.dll
[Loaded DLLs] C:\WINDOWS\System32\Cabinet.dll
[Loaded DLLs] C:\WINDOWS\System32\WINHTTP.dll
[Loaded DLLs] C:\WINDOWS\system32\wuaueng.dll
[Loaded DLLs] C:\WINDOWS\system32\VSSAPI.DLL
[Loaded DLLs] c:\windows\system32\wbem\wmisvc.dll
[Loaded DLLs] c:\windows\system32\wuauserv.dll
[Loaded DLLs] c:\windows\system32\ersvc.dll
[Loaded DLLs] c:\windows\system32\es.dll
[Loaded DLLs] c:\windows\system32\certcli.dll
[Loaded DLLs] c:\windows\system32\cryptsvc.dll
[Loaded DLLs] c:\windows\system32\wkssvc.dll
[Loaded DLLs] c:\windows\system32\audiosrv.dll
[Loaded DLLs] C:\WINDOWS\System32\MSIDLE.DLL
[Loaded DLLs] c:\windows\system32\schedsvc.dll
[Loaded DLLs] C:\WINDOWS\System32\WZCSAPI.DLL
[Loaded DLLs] C:\WINDOWS\System32\TAPI32.dll
[Loaded DLLs] C:\WINDOWS\System32\rasman.dll
[Loaded DLLs] C:\WINDOWS\System32\RASAPI32.dll
[Loaded DLLs] C:\WINDOWS\System32\MPRAPI.dll
[Loaded DLLs] C:\WINDOWS\system32\iertutil.dll
[Loaded DLLs] C:\WINDOWS\system32\Normaliz.dll
[Loaded DLLs] C:\WINDOWS\system32\WININET.dll
[Loaded DLLs] C:\WINDOWS\system32\CRYPTUI.dll
[Loaded DLLs] C:\WINDOWS\System32\wshirda.dll
[Loaded DLLs] c:\windows\system32\irmon.dll
[Loaded DLLs] c:\windows\system32\ESENT.dll
[Loaded DLLs] c:\windows\system32\WMI.dll
[Loaded DLLs] c:\windows\system32\rtutils.dll
[Loaded DLLs] c:\windows\system32\wzcsvc.dll
[Loaded DLLs] c:\windows\system32\dhcpcsvc.dll
[Loaded DLLs] c:\windows\system32\ATL.DLL
[Loaded DLLs] c:\windows\system32\adsldpc.dll
[Loaded DLLs] c:\windows\system32\ACTIVEDS.dll
[Loaded DLLs] c:\windows\system32\mstlsapi.dll
[Loaded DLLs] c:\windows\system32\ICAAPI.dll
[Loaded DLLs] c:\windows\system32\termsrv.dll
[Loaded DLLs] C:\WINDOWS\system32\xpsp2res.dll
[Loaded DLLs] c:\windows\system32\rpcss.dll
[Loaded DLLs] C:\WINDOWS\system32\Ati2edxx.dll
[Loaded DLLs] C:\WINDOWS\system32\dssenh.dll
[Loaded DLLs] C:\WINDOWS\system32\psbase.dll
[Loaded DLLs] C:\WINDOWS\System32\wshtcpip.dll
[Loaded DLLs] C:\WINDOWS\system32\hnetcfg.dll
[Loaded DLLs] C:\WINDOWS\system32\mswsock.dll
[Loaded DLLs] C:\WINDOWS\system32\pstorsvc.dll
[Loaded DLLs] C:\WINDOWS\system32\WINIPSEC.DLL
[Loaded DLLs] C:\WINDOWS\system32\oakley.DLL
[Loaded DLLs] C:\WINDOWS\system32\ipsecsvc.dll
[Loaded DLLs] C:\WINDOWS\system32\scecli.dll
[Loaded DLLs] C:\WINDOWS\system32\wdigest.dll
[Loaded DLLs] C:\WINDOWS\system32\schannel.dll
[Loaded DLLs] C:\WINDOWS\system32\w32time.dll
[Loaded DLLs] C:\WINDOWS\system32\netlogon.dll
[Loaded DLLs] C:\WINDOWS\system32\kerberos.dll
[Loaded DLLs] C:\WINDOWS\system32\msprivs.dll
[Loaded DLLs] C:\WINDOWS\AppPatch\AcGenral.DLL
[Loaded DLLs] C:\WINDOWS\system32\cryptdll.dll
[Loaded DLLs] C:\WINDOWS\system32\SAMSRV.dll
[Loaded DLLs] C:\WINDOWS\system32\DNSAPI.dll
[Loaded DLLs] C:\WINDOWS\system32\NTDSAPI.dll
[Loaded DLLs] C:\WINDOWS\system32\LSASRV.dll
[Loaded DLLs] C:\WINDOWS\system32\eventlog.dll
[Loaded DLLs] C:\WINDOWS\AppPatch\AcAdProc.dll
[Loaded DLLs] C:\WINDOWS\system32\ShimEng.dll
[Loaded DLLs] C:\WINDOWS\system32\MSVCP60.dll
[Loaded DLLs] C:\WINDOWS\system32\NCObjAPI.DLL
[Loaded DLLs] C:\WINDOWS\system32\umpnpmgr.dll
[Loaded DLLs] C:\WINDOWS\system32\SCESRV.dll
[Loaded DLLs] C:\WINDOWS\system32\midimap.dll
[Loaded DLLs] C:\WINDOWS\system32\MSACM32.dll
[Loaded DLLs] C:\WINDOWS\system32\msacm32.drv
[Loaded DLLs] C:\WINDOWS\system32\wdmaud.drv
[Loaded DLLs] C:\WINDOWS\system32\xpsp2res.dll
[Loaded DLLs] C:\WINDOWS\system32\cscui.dll
[Loaded DLLs] C:\WINDOWS\system32\iphlpapi.dll
[Loaded DLLs] C:\WINDOWS\system32\msv1_0.dll
[Loaded DLLs] C:\WINDOWS\system32\COMRes.dll
[Loaded DLLs] C:\WINDOWS\system32\CLBCATQ.DLL
[Loaded DLLs] C:\WINDOWS\system32\SAMLIB.dll
[Loaded DLLs] C:\WINDOWS\system32\WLDAP32.dll
[Loaded DLLs] C:\WINDOWS\system32\NTMARTA.DLL
[Loaded DLLs] C:\WINDOWS\system32\OLEAUT32.dll
[Loaded DLLs] C:\WINDOWS\system32\WgaLogon.dll
[Loaded DLLs] C:\WINDOWS\system32\MPR.dll
[Loaded DLLs] C:\WINDOWS\system32\WINSPOOL.DRV
[Loaded DLLs] C:\WINDOWS\system32\WlNotify.dll
[Loaded DLLs] C:\WINDOWS\system32\cscdll.dll
[Loaded DLLs] C:\WINDOWS\system32\rsaenh.dll
[Loaded DLLs] C:\WINDOWS\system32\Ati2evxx.dll
[Loaded DLLs] C:\WINDOWS\system32\WINMM.dll
[Loaded DLLs] C:\WINDOWS\system32\uxtheme.dll
[Loaded DLLs] C:\WINDOWS\system32\WTSAPI32.dll
[Loaded DLLs] C:\WINDOWS\system32\WINSCARD.DLL
[Loaded DLLs] C:\WINDOWS\system32\sxs.dll
[Loaded DLLs] C:\WINDOWS\system32\msctfime.ime
[Loaded DLLs] C:\WINDOWS\system32\Apphelp.dll
[Loaded DLLs] C:\WINDOWS\system32\ole32.dll
[Loaded

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 22 juin 2007 à 10:03

Ton rapport est incomplet ;-)

¤ Fais ceci :

Clic sur démarrer, panneau de configuration, connexions et réseau internet, options internet, vas dans l'onglet:
- "Sécurité" et clique sur "niveau par défaut"
- même chose avec l'onglet "Confidentialité"
- puis dans l'onglet "Avancé" clique sur "paramétres par défaut"

Appliquer, puis ok.

¤ Fais ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

http://www.bitdefender.com/scan8/ie.html

Ajouter un commentaire - Site web

Réponse

marin 22 juin 2007 à 21:09

Merci beaucoup de me consacrer tout ce temps, je ne m'en serai jamais tiré tout seul !
Voici le rapport :

BitDefender Online Scanner

Scan report generated at: Fri, Jun 22, 2007 - 14:52:40

Scan path: C:\;D:\;E:\;

Statistics

Time
01:06:30

Files
214080

Folders
5841

Boot Sectors
4

Archives
2626

Packed Files
14332

Results

Identified Viruses
1

Infected Files
1

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
1

Engines Info

Virus Definitions
570793

Engine build
AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\VundoFix Backups\pseoqjon.dll.bad
Infected with: GenPack:Trojan.Vundo.DLZ

C:\VundoFix Backups\pseoqjon.dll.bad
Disinfection failed

C:\VundoFix Backups\pseoqjon.dll.bad
Deleted

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 23 juin 2007 à 03:33

Ou en est ton problème ?

Ajouter un commentaire - Site web

Réponse

Marin 23 juin 2007 à 05:39

Ma foi, l'ordi a l'air de refonctionner normalement, avec ton accord je vais marquer la discussion comme résolue. En tout cas, vraiment, merci beaucoup, sans ton aide j'aurai dût me taper le formatage et ce qui s'en suit...pas drôle.

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 23 juin 2007 à 05:42

Je vien de relire :

Dis moi où est ton pare-feu et as-tu encore des logiciels Symantec d'installer sur ton PC ?

Le formatage est vraiment une option de secours ;-)
http://kerio.probb.fr/...

Ajouter un commentaire - Site web

Réponse

Marin 23 juin 2007 à 06:25

Mon pare feu est celui de windows (sp2), je ne sais pas précisément ou il se situe. Je n'ai plus de logiciels symantec.
Merci pour lien kerio.

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 23 juin 2007 à 06:30

Oki, donc installe un vrai pare-feu ça te protégera des "pirates" et sécurisera les ports de ton PC

Désactive le pare-feu de Windows(SP2) il ne sert à rien puis installe Kerio pour plus de sécurité (démarrer, panneau de configuration, centre de sécurité, désactivé le pare-feu windows)

Téléchargeable et tutoriel sur cette page :
--> http://redir.fr/gbom

Plus d'info :
-> http://kerio.probb.fr/...

Puis remet un rapport hijacktis que l'on enléve les choses inutiles ;-)

Ajouter un commentaire - Site web

Réponse

Marin 23 juin 2007 à 08:44

Voici le rapport :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 02:42:17, on 2007-06-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\LG Software\RMan\RMan.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Documents and Settings\Propriétaire\Mes documents\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/2.5.0.113/fr/download
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02559246-DCAD-4EF3-BF06-022B103795BF} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavHook Object - {07D7F044-2F5F-41B2-BAA5-936814AF0163} - C:\Program Files\Pure Networks\Network Magic\nmbrhelp.dll
O2 - BHO: (no name) - {0C5F8E13-4386-484F-97BD-09CBB27B9447} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7DC4B28A-24C9-4226-99CA-D4A663EE6312} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [RMan] C:\Program Files\LG Software\RMan\RMan.exe
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C60 Series" /O5 "LPT1:" /M "Stylus C60"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: gebyy - C:\WINDOWS\system32\gebyy.dll (file missing)
O20 - Winlogon Notify: jkkjk - C:\WINDOWS\system32\jkkjk.dll (file missing)
O20 - Winlogon Notify: pmnnlmm - pmnnlmm.dll (file missing)
O20 - Winlogon Notify: ssqpm - C:\WINDOWS\system32\ssqpm.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 23 juin 2007 à 09:15

¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/2.5.0.113/fr/download
O2 - BHO: (no name) - {02559246-DCAD-4EF3-BF06-022B103795BF} - (no file)
O2 - BHO: (no name) - {0C5F8E13-4386-484F-97BD-09CBB27B9447} - (no file)
O2 - BHO: (no name) - {7DC4B28A-24C9-4226-99CA-D4A663EE6312} - (no file)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {65683480-5699-11D4-9D2C-525400E80BD5} (GlobFXCtl Class) - http://www.globfx.com/webplayer/globfx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: gebyy - C:\WINDOWS\system32\gebyy.dll (file missing)
O20 - Winlogon Notify: jkkjk - C:\WINDOWS\system32\jkkjk.dll (file missing)
O20 - Winlogon Notify: pmnnlmm - pmnnlmm.dll (file missing)
O20 - Winlogon Notify: ssqpm - C:\WINDOWS\system32\ssqpm.dll (file missing)

¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"

Symantec Lic NetConnect service
Google Updater Service
AVG Anti-Spyware Guard

Voilà, n'hésite pas à redémarré ton PC ça devrait aller un peu mieux ;-)

Ajouter un commentaire - Site web

Réponse

Marin 23 juin 2007 à 21:00

Je n'ai pas retrouvé la ligne :
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/2.5.0.113/fr/download

A part ça tout se passe bien. Peux tu me dire quel est mon anti spyware, avg est desactivé, c'est bien ça ?

Ajouter un commentaire

Réponse

boulepate62 23346Messages postés 14 mars 2006Date d'inscription 4 avril 2012Dernière intervention 23 juin 2007 à 21:10

Oui AVG et SpywareBLaster te seront utile, le reste tu peux supprimer ce que je t'ai fais télécharger.

Oui, je t'ai fais désactivé AVG ça empêche pas qu'il continuera à fonctionner ;-)

Ajouter un commentaire - Site web

Réponse

Marin 23 juin 2007 à 21:27

Merci encore, et bonne saint jean !

Ajouter un commentaire

Répondre au sujet

Posez votre question

Dossier à la une

Passage au tout numérique : quel coût pour les particuliers ?

Passage au tout numérique : quel coût pour les particuliers ?

Combien cela coûte-t-il au total ? Quelles aides apportent l'état et les acteurs du marché pour alléger cette charge non choisie ? Tous les détails sur Commentçamarche.net.

Analyse de mon log Hijackthis [Résolu]

Analyse de mon log Hijackthis »

Passage au tout numérique : quel coût pour les particuliers ?