Me revoilà, j'a ieu des choses à faire entre temps...
voici le rapport VirtumundoBeGone :
[10/31/2007, 16:50:00] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\HP_Administrateur\Bureau\VirtumundoBeGone.exe" )
[10/31/2007, 16:50:09] - Detected System Information:
[10/31/2007, 16:50:09] - Windows Version: 5.1.2600, Service Pack 2
[10/31/2007, 16:50:09] - Current Username: HP_Administrateur (Admin)
[10/31/2007, 16:50:09] - Windows is in NORMAL mode.
[10/31/2007, 16:50:09] - Searching for Browser Helper Objects:
[10/31/2007, 16:50:09] - BHO 1: {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 2: {00000012-890e-4aac-afd9-eff6954a34dd} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 3: {029e02f0-a0e5-4b19-b958-7bf2db29fb13} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 4: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[10/31/2007, 16:50:09] - BHO 5: {06dfedaa-6196-11d5-bfc8-00508b4a487d} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 6: {12F02779-6D88-4958-8AD3-83C12D86ADC7} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 7: {1adbcce8-cf84-441e-9b38-afc7a19c06a4} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 8: {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 9: {51641ef3-8a7a-4d84-8659-b0911e947cc8} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 10: {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 11: {54645654-2225-4455-44A1-9F4543D34546} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 12: {669695bc-a811-4a9d-8cdf-ba8c795f261e} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:09] - No filename found. Continuing.
[10/31/2007, 16:50:09] - BHO 13: {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} ()
[10/31/2007, 16:50:09] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 14: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
[10/31/2007, 16:50:10] - BHO 15: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[10/31/2007, 16:50:10] - BHO 16: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[10/31/2007, 16:50:10] - BHO 17: {944864a5-3916-46e2-96a9-a2e84f3f1208} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 18: {a4a435cf-3583-11d4-91bd-0048546a1450} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 19: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[10/31/2007, 16:50:10] - BHO 20: {AE7CD045-E861-484f-8273-0445EE161910} (Adobe PDF Conversion Toolbar Helper)
[10/31/2007, 16:50:10] - BHO 21: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[10/31/2007, 16:50:10] - BHO 22: {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 23: {bb936323-19fa-4521-ba29-eca6a121bc78} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 24: {c2680e10-1655-4a0e-87f8-4259325a84b7} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 25: {c4ca6559-2cf1-48b6-96b2-8340a06fd129} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 26: {c5af2622-8c75-4dfb-9693-23ab7686a456} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 27: {ca1d1b05-9c66-11d5-a009-000103c1e50b} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 28: {d8efadf1-9009-11d6-8c73-608c5dc19089} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 29: {e9147a0a-a866-4214-b47c-da821891240f} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - BHO 30: {e9306072-417e-43e3-81d5-369490beef7c} ()
[10/31/2007, 16:50:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/31/2007, 16:50:10] - No filename found. Continuing.
[10/31/2007, 16:50:10] - Finished Searching Browser Helper Objects
[10/31/2007, 16:50:10] - Finishing up...
[10/31/2007, 16:50:10] - Nothing found! Exiting...
Voici celui de Combofix :
ComboFix 07-10-29.1 - HP_Administrateur 2007-10-31 17:10:12.1 - NTFSx86 MINIMAL
Running from: C:\Documents and Settings\HP_Administrateur\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin1.zip
C:\Program Files\3721
C:\Program Files\3721\assist\asbar.dll
C:\Program Files\3721\helper.dll
C:\Program Files\Accoona
C:\Program Files\Accoona\ASearchAssist.dll
C:\Program Files\akl
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\curlog.htm
C:\Program Files\akl\keylog.txt
C:\Program Files\akl\readme.txt
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.dat
C:\Program Files\akl\unsetup.exe
C:\Program Files\amsys
C:\Program Files\amsys\awmsg.dat
C:\Program Files\amsys\guid.dat
C:\Program Files\amsys\ijl15.dll
C:\Program Files\amsys\mfc42.dll
C:\Program Files\amsys\msvcrt.dll
C:\Program Files\amsys\unins000.dat
C:\Program Files\amsys\unis000.exe
C:\Program Files\amsys\winam.dat
C:\Program Files\e-zshopper
C:\Program Files\e-zshopper\BarLcher.dll
C:\Program Files\p2pnetworks
C:\Program Files\p2pnetworks\amp2pl.exe
C:\WINDOWS\764.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\aconti.exe
C:\WINDOWS\adbar.dll
C:\WINDOWS\cbinst$.exe
C:\WINDOWS\daxtime.dll
C:\WINDOWS\dp0.dll
C:\WINDOWS\eventlowg.dll
C:\WINDOWS\fhfmm-Uninstaller.exe
C:\WINDOWS\fhfmm.exe
C:\WINDOWS\flt.dll
C:\WINDOWS\hcwprn.exe
C:\WINDOWS\hotporn.exe
C:\WINDOWS\ie_32.exe
C:\WINDOWS\iexplorr23.dll
C:\WINDOWS\jd2002.dll
C:\WINDOWS\kkcomp$.exe
C:\WINDOWS\kkcomp.dll
C:\WINDOWS\kkcomp.exe
C:\WINDOWS\kvnab$.exe
C:\WINDOWS\kvnab.dll
C:\WINDOWS\kvnab.exe
C:\WINDOWS\liqad$.exe
C:\WINDOWS\liqad.dll
C:\WINDOWS\liqad.exe
C:\WINDOWS\liqui-Uninstaller.exe
C:\WINDOWS\liqui.dll
C:\WINDOWS\liqui.exe
C:\WINDOWS\ngd.dll
C:\WINDOWS\pbar.dll
C:\WINDOWS\pbsysie.dll
C:\WINDOWS\settn.dll
C:\WINDOWS\spredirect.dll
C:\WINDOWS\system32\drivers\4_stars.gif
C:\WINDOWS\system32\drivers\5_stars.gif
C:\WINDOWS\system32\drivers\alert_icon.gif
C:\WINDOWS\system32\drivers\arrow.gif
C:\WINDOWS\system32\drivers\buy_btn.gif
C:\WINDOWS\system32\drivers\close_icon.gif
C:\WINDOWS\system32\drivers\detect.htm
C:\WINDOWS\system32\drivers\download_btn.gif
C:\WINDOWS\system32\drivers\features.gif
C:\WINDOWS\system32\drivers\header_bg.gif
C:\WINDOWS\system32\drivers\icon_warning.gif
C:\WINDOWS\system32\drivers\logo_bg.gif
C:\WINDOWS\system32\drivers\perfect_cleaner_box.jpg
C:\WINDOWS\system32\drivers\perfect_cleaner_box_small.jpg
C:\WINDOWS\system32\drivers\perfect_cleaner_header.gif
C:\WINDOWS\system32\drivers\perfect_cleaner_header_small.gif
C:\WINDOWS\system32\drivers\protect.gif
C:\WINDOWS\system32\drivers\pt.htm
C:\WINDOWS\system32\drivers\s_detect.htm
C:\WINDOWS\system32\drivers\secuity_center_logo.gif
C:\WINDOWS\system32\drivers\spy_away_box.jpg
C:\WINDOWS\system32\drivers\spy_away_box_small.jpg
C:\WINDOWS\system32\drivers\spy_away_header.gif
C:\WINDOWS\system32\drivers\spy_away_header_small.gif
C:\WINDOWS\system32\drivers\users_rating.gif
C:\WINDOWS\system32\drivers\v.gif
C:\WINDOWS\system32\drivers\x.gif
C:\WINDOWS\system32\ESHOPEE.exe
C:\WINDOWS\system32\gtv_sd.bin
C:\WINDOWS\system32\ldpackage.dll
C:\WINDOWS\system32\model.dat
C:\WINDOWS\system32\msole32.exe
C:\WINDOWS\system32\vxddsk.exe
C:\WINDOWS\system32\wml.exe
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\wbeCheck.exe
C:\WINDOWS\wbeInst$.exe
C:\WINDOWS\wml.exe
C:\WINDOWS\xadbrk.dll
C:\WINDOWS\xadbrk.exe
C:\WINDOWS\xadbrk_.exe
C:\WINDOWS\xxxvideo.exe
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\npf
((((((((((((((((((((((((((((( Fichiers créés 2007-09-28 to 2007-10-31 ))))))))))))))))))))))))))))))))))))
.
2007-10-31 17:08 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-31 14:18 <REP> d-------- C:\HiJackThis
2007-10-31 14:18 318,369 --a------ C:\HiJackThis.zip
2007-10-31 13:40 <REP> d-------- C:\WINDOWS\system32\acespy
2007-10-29 16:59 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2007-10-29 16:58 <REP> d-------- C:\Program Files\Spyware Terminator
2007-10-29 16:58 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Spyware Terminator
2007-10-29 16:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2007-10-28 23:06 23,552 --a------ C:\WINDOWS\system32\ace16win.dll
2007-10-28 18:30 <REP> d-------- C:\WINDOWS\ERUNT
2007-10-28 16:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-10-28 16:18 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-10-28 16:16 <REP> d-------- C:\WINDOWS\Internet Logs
2007-10-28 15:08 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-28 14:38 <REP> d-------- C:\WINDOWS\system32\ActiveScan
2007-10-28 13:16 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-10-28 02:30 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Grisoft
2007-10-28 02:26 5,388 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-28 02:24 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-10-28 02:24 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-10-28 02:24 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-28 02:24 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-28 02:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-28 02:12 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-10-28 00:57 284,150 --a------ C:\WINDOWS\system32\avtmd.exe
2007-10-28 00:57 131,592 --a------ C:\WINDOWS\system32\qiawpbjj.exe
2007-10-28 00:57 32,256 --a------ C:\WINDOWS\system32\tmrsr.exe
2007-10-28 00:57 4 --a------ C:\WINDOWS\system32\prrbpgbr.sys
2007-10-28 00:57 2 --a------ C:\WINDOWS\system32\faxwin32.bin
2007-10-27 17:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2007-10-21 14:36 <REP> d-------- C:\Program Files\Fichiers communs\NSV
2007-10-19 12:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2007-10-19 12:49 <REP> d-------- C:\Program Files\Winamp Remote
2007-10-09 18:56 <REP> d-------- C:\Program Files\TablEdit
2007-10-09 13:18 <REP> d-------- C:\Program Files\Musetools
2007-10-07 00:19 <REP> d-------- C:\Program Files\Fichiers communs\Kodak
2007-10-07 00:19 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2007-10-07 00:19 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-10-07 00:15 <REP> d-------- C:\Program Files\Kodak
2007-10-07 00:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kodak
2007-09-28 17:08 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-28 17:07 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 17:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-09-28 17:07 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-09-28 17:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-09-28 14:31 <REP> d-------- C:\Program Files\Fichiers communs\SmartCom
2007-09-28 14:31 35,328 --a------ C:\WINDOWS\system32\drivers\wpxt.sys
2007-09-28 14:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartCom
2007-09-28 14:13 241,664 --a------ C:\WINDOWS\system32\SerialPortLib.dll
2007-09-28 14:13 65,536 --a------ C:\WINDOWS\system32\DragnDropCopyHook.dll
2007-09-28 14:07 <REP> d-------- C:\Program Files\SmartCom
2007-09-17 17:26 <REP> d-------- C:\Program Files\Guitar Pro 5
2007-09-08 17:55 <REP> d-------- C:\Program Files\Visicom Media
2007-09-03 14:42 <REP> d-------- C:\Program Files\inKline Global
2007-09-03 14:24 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\ALLCapture
2007-09-03 14:23 <REP> d-------- C:\Program Files\ALLCapture 2.0
2007-09-03 12:54 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\POP Peeper
2007-09-03 12:53 <REP> d-------- C:\Program Files\POP Peeper
2007-09-02 19:37 <REP> d-------- C:\Program Files\Capturino 1.4
2007-09-02 19:21 58 --a------ C:\WINDOWS\system32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2007-09-02 19:20 <REP> d-------- C:\Program Files\ScreenshotCaptor
2007-09-01 19:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-09-01 19:28 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-09-01 13:53 <REP> d-------- C:\Program Files\Windows Defender
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-31 13:45 --------- d-----w C:\Program Files\eMule
2007-10-28 23:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-27 23:49 --------- d-----w C:\Program Files\DivX
2007-10-27 17:17 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\utorrent
2007-10-27 12:23 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-10-19 11:50 --------- d-----w C:\Program Files\Winamp
2007-10-19 07:52 --------- d-----w C:\Program Files\Java
2007-10-10 01:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-09 12:17 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-10-06 23:26 --------- d-----w C:\Program Files\QuickTime
2007-10-06 23:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-09-08 20:19 --------- d-----w C:\Program Files\Blender Foundation
2007-09-06 16:50 --------- d-----w C:\Program Files\Google
2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-09-03 13:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-02 13:52 --------- d-----w C:\Program Files\PC-Doctor 5 for Windows
2007-09-02 13:52 --------- d-----w C:\Program Files\Microsoft Works
2007-09-02 13:52 --------- d-----w C:\Program Files\MagicISO
2007-09-02 13:52 --------- d-----w C:\Program Files\GemMasterFrench
2007-09-02 13:52 --------- d-----w C:\Program Files\FrenchOtto
2007-09-01 18:28 --------- d-----w C:\Program Files\Windows Live
2007-09-01 18:28 --------- d-----w C:\Program Files\MSN Messenger
2007-08-30 21:45 --------- d-----w C:\Program Files\SAMSUNG
2007-08-30 16:51 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\HP
2007-08-30 16:48 --------- d-----w C:\Program Files\AIDA32 - Personal System Information
2007-08-30 12:27 --------- d-----w C:\Program Files\Lavalys
2007-08-30 12:07 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\OpenOffice.org2
2007-08-29 22:56 --------- d-----w C:\Program Files\Fichiers communs\Control Panels
2007-08-29 22:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\ALM
2007-08-29 22:27 --------- d-----w C:\Program Files\Bonjour
2007-08-29 22:21 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2007-08-29 17:28 --------- d-----w C:\Program Files\MSBuild
2007-08-28 10:21 --------- d-----w C:\Program Files\PowerISO
2007-08-28 01:38 --------- d-----w C:\Program Files\OOoHG
2007-08-28 01:38 --------- d-----w C:\Program Files\AddOnsOO2
2007-08-28 01:36 --------- d-----w C:\Program Files\OpenOffice.org 2.0
2007-07-08 13:49 14 ----a-w C:\Documents and Settings\HP_Administrateur\getfile.dat
2007-07-10 20:49:42 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000000-d9e3-4bc6-a0bd-3d0ca4be5271}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000012-890e-4aac-afd9-eff6954a34dd}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{029e02f0-a0e5-4b19-b958-7bf2db29fb13}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06dfedaa-6196-11d5-bfc8-00508b4a487d}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1adbcce8-cf84-441e-9b38-afc7a19c06a4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{51641ef3-8a7a-4d84-8659-b0911e947cc8}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53C330D6-A4AB-419B-B45D-FD4411C1FEF4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54645654-2225-4455-44A1-9F4543D34546}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6abc861a-31e7-4d91-b43b-d3c98f22a5c0}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{944864a5-3916-46e2-96a9-a2e84f3f1208}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a4a435cf-3583-11d4-91bd-0048546a1450}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2680e10-1655-4a0e-87f8-4259325a84b7}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c4ca6559-2cf1-48b6-96b2-8340a06fd129}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af2622-8c75-4dfb-9693-23ab7686a456}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d8efadf1-9009-11d6-8c73-608c5dc19089}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9147a0a-a866-4214-b47c-da821891240f}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9306072-417e-43e3-81d5-369490beef7c}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 20:34]
"ftutil2"="ftutil2.dll" [2004-06-07 13:05 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-12 01:23 C:\WINDOWS\RTHDCPL.EXE]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 22:51]
"nwiz"="nwiz.exe" [2005-12-14 22:51 C:\WINDOWS\system32\nwiz.exe]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 07:35]
"DMAScheduler"="c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 09:01]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 22:14]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 01:29]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"LifeChat"="C:\Program Files\Microsoft LifeChat\LifeChat.exe" [2007-01-26 13:31]
"OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-06-28 22:01]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 13:23]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 21:46]
"Adobe_ID0EYTHM"="C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 15:40]
"Name of App"="C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe" [2006-03-10 08:07]
"HerculesCamService"="C:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe" [2006-10-04 17:44]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2007-10-29 16:59]
"ISUSPM Startup"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2005-08-11 15:30]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 12:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-08 16:59]
"POP Peeper"="C:\Program Files\POP Peeper\POPPeeper.exe" [2006-11-16 05:02]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:55]
"WindowsLivePhone"="C:\PROGRA~1\MSNMES~1\DEVICE~1\msgrdvmn.exe" [2006-12-04 09:33]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 06:23:26]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk
backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Mon Assistant Internet.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Mon Assistant Internet.lnk
backup=C:\WINDOWS\pss\Mon Assistant Internet.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^OneNote 2007 - Capture d'écran et lancement.lnk]
path=C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\OneNote 2007 - Capture d'écran et lancement.lnk
backup=C:\WINDOWS\pss\OneNote 2007 - Capture d'écran et lancement.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeVersionCue]
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen 3.5]
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HerculesCamService]
C:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsLivePhone]
"C:\PROGRA~1\MSNMES~1\DEVICE~1\msgrdvmn.exe" /AutoRun
R0 WPXT;WinPcap Packet Driver (WPXT);C:\WINDOWS\system32\drivers\WPXT.sys
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 APL531;Hercules Blog Webcam;C:\WINDOWS\system32\Drivers\BLvid.sys
S3 camfilt;camfilt;C:\WINDOWS\system32\Drivers\camfilt.sys
S3 hitmanpro2;Hitman Pro 2 Driver;\??\C:\Program Files\Hitman Pro\hitmanpro2.sys
S3 UsbSagCom;Mobile Device Full USB Driver;C:\WINDOWS\system32\DRIVERS\UsbSagCom.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-07-22 10:45:16 C:\WINDOWS\Tasks\LifeChatTask.job"
"2007-10-31 16:30:23 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************
catchme 0.3.1239 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-31 17:28:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
et le nouveau rapport HijackThis...il y a toujours les 02 - BHO - no name .... qui reviennent, c'est normal non??
C:\HiJackThis\HijackThis.exe
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\MSNMES~1\DEVICE~1\msgrdvmn.exe" /AutoRun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
