Création
d'entreprise
Posez votre question Signaler

Je suis désepérée personne pour m'aider.... [Résolu]

cclrem 35Messages postés 1 avril 2008Date d'inscription - Dernière réponse le 9 avril 2008 à 19:40
Bonjour,
Pourriez vous m'aider j'ai chpé qlq chose j'arrive pas à m'en débarrasser
Merci
d'avance
Lire la suite 

Je suis désepérée personne pour m'aider »

66 réponses
Réponse
+5
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 3 avril 2008 à 00:31
Hello.

Tu penses à un rhume ou à la grippe ?
Je te recommande Afébryl et 2 cures d' Oscillo-Coccinum


Al.

Ajouter un commentaire
cclrem- 3 avril 2008 à 07:13
Bonjour,
je suis débutante mais qd même
je vois que je peux compter sur toi merci
Ajouter un commentaire
Réponse
+1
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 3 avril 2008 à 10:12
Bonjour,

Cit: « ...j'ai chpé qlq chose... »
Pourrions-nous savoir, à tout le moins, ce que ce PC t'affiche comme "message d'erreur" ?
Peux-tu nous en dire le minimum minimorum ? Ce serait un bon début.


Ensuite, peux-tu exécuter ceci :

A)- Merci de bien lire et suivre attentivement ce qui est écrit car tu dois appuyer sur une touche lors du scan..
Si tu ne le fais pas le rapport ne sera pas entier et tu devras recommencer donc :
- - -
Télécharge DiagHelp.zip < http://www.malekal.com/download/DiagHelp.zip > sur ton bureau
- - Ne double-clic pas dessus !!
==> Fais un clic-droit sur le fichier et extraire tout .
- - Un nouveau dossier va être créé DiagHelp
- - Ouvre-le et double-clic sur go.cmd (le .cmd peut ne pas apparaître) < http://img149.imageshack.us/img149/4927/screenshot173gl8.gif >
-Une fenêtre va s'ouvrir, choisis l'option 1
- - L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
- - Notes:

Lors du scan, une fenêtre "Sysinternals Software Licence Terms" va s'ouvrir > clique sur "Agree"
Tu vas certainement recevoir une alerte du pare-feu te demandant si tu acceptes que le processus "sigcheck.exe" puisse se connecter à Internet > "Accepte".

Pendant l'analyse, à la fin du rapport "catchme", il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran! N'oublie pas !

A la fin du scan tu seras dirigé vers la page de l'auteur afin d'expédier le fichier C:\upload_moi_xxxxx.zip ==> Envoie le fichier (c'est chez le concepteur) s’il te plaît.
Si tu reçois un message d'erreur ferme simplement la page internet et clique sur la touche [Enter]

- - - A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur...
Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-notes.
Ce dernier se trouve sur C:\resultat.txt
- Copie/colle le contenu du bloc-notes qui s'ouvre, pour cela :
« Dans le bloc-notes, cliquez sur le menu Edition / Sélectionner tout
- -- A nouveau menu Edition / copier »
… dans un nouveau message ici, faire un clic droit / coller.

- Tutoriel ici : < http://www.malekal.com/DiagHelp/DiagHelp.php >



B)- Supprime ta version actuelle de HijackThis via "Panneau de configuration" > "Ajout/Suppr. de programmes".
a)- Télécharge la version finale de Hijackthis (Trend Secure) ==> HijackThis™ 2.0 .2 < [ http://www.trendsecure.com/... ] > avec un installeur.
- Sur la page, choisis « Download HijackThis Installer » http://img265.imageshack.us/img265/4575/screenshot127sd3.png
et enregistre-le sur le bureau.
Tu dois voir une nouvelle icône « HJTInstall.exe » sur le bureau.
b)- Installation :
•- Se déconnecter du Net, soit en coupant la connexion de son modem (débranche-le),
- Ça peut être un routeur et tu es relié par un câble, tu débranches le cable.
- Ça peut être un mécanisme wifi. Tu l'arrêtes ou tu le débranches si c'est un dongle).
•- Clic-droit sur l’ icône « HJTInstall.exe » présente sur ton bureau et clic sur "Ouvrir" dans le menu contextuel.
- Ensuite, clic sur « Exécuter », puis sur « Install ».
- Accepte la licence en cliquant sur le bouton "I Accept"
- Le programme s’installe de lui-même dans un dossier dédié.
- Par défaut, il s'installera en C:\Program Files\Trend Micro\HijackThis
- Et un raccourci pour lancer l’analyse apparaît sur le bureau.
•- Reconnecte ton modem.
•- Arrête puis Redémarre ton PC impérativement.
c)- Puis, clic-droit sur le raccourci HJT créé sur le bureau (puis exécuter en tant qu'administrateur) , et clic sur "Do a system scan and save a logfile" pour lancer l'analyse.
e)- Tutoriel : < [ http://cybersecurite.xooit.com/t138-HijackThis-2-0-2.htm ] >
Tuto: http://bibou0007.forumpro.fr/tutos-f45/tutorial-de-hijackthis-v202-t108.htm
Poste le rapport SVP



Merci
NB Un tutoriel est un mode d'emploi à lire pour s'aider.
Al.

Ajouter un commentaire
cclrem- 3 avril 2008 à 19:07
Bonjour et désolée pour la première approche...
J'ai deux types d'alerte qui s'affiche
une sous le nom de abobate
et une sous le nom de trojan
elle s'affiche à tour de rôle...

j'ai essayé ta manip mais le hic c'est que le scan de démarre pas...
j'ai une erreur "52" puis " 75" qui s'affiche qd j'appuie sur une touche pour démarrer le scan

merci
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 3 avril 2008 à 19:49
Bon,

Sais-tu faire cette étape ?

« Télécharge DiagHelp.zip < http://www.malekal.com/download/DiagHelp.zip > sur ton bureau
- - Ne double-clic pas dessus !!
==> Fais un "clic-droit" sur le fichier et "extraire tout" .
- - Un nouveau dossier va être créé DiagHelp
- - Ouvre-le et double-clic sur go.cmd (le .cmd peut ne pas apparaître) < http://img149.imageshack.us/img149/4927/screenshot173gl8.gif > »


Merci
Al.

Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 3 avril 2008 à 22:57
Allo ?
Si tu y tiens vraiment, on pourra poursuivre.
Mais aujourd'hui, c'est fermé.
Al.

Ajouter un commentaire
cclrem- 3 avril 2008 à 23:27
desolée pas là ce soir, un peu de sport qd même..
pas de pb pour le telechargment du fichier sur le bureau, ni pour l'extraction, c'est ap ..
j'arrive bien à faire l'étape où il faut mettre 1..
il y alors une page d'explication et je dois appuyer sur un touche pour lancer le scan et c'est là qu'il une erreur " 52 "puis une erreur 75
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 4 avril 2008 à 01:06
Bien

A)- Essaie comme ceci, SVP:

1°- Désactive le UAC « contrôle des comptes utilisateurs » (tu le réactiveras après ta désinfection):
Explications, là: < http://www.zebulon.fr/astuces/220-desactiver-l-uac-dans-vista.html >
ou là; < http://www.generation-nt.com/... >
(Vas dans "démarrer" puis "panneau de configuration".
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide).
(toujours redémarrer le PC pour que ce soit effectif)

2°- Télécharge DiagHelp.zip < http://www.malekal.com/download/DiagHelp.zip > sur ton bureau
- - Ne double-clic pas dessus !!
==> Fais un "clic-droit" sur le fichier et "extraire tout" .
- - Un nouveau dossier va être créé DiagHelp
- - Ouvre-le et clic-droit sur go.cmd (le .cmd peut ne pas apparaître) < http://img149.imageshack.us/img149/4927/screenshot173gl8.gif >, puis choisir "Exécuter en temps qu'administrateur".

Et poursuivre comme indiqué à l'origine.



B)- Si ça ne va toujours pas (à cause de ce foutu VISTA), passe à l'analyse avec HIJACKTHIS.


C)- Télécharge System Repair Engineer - SREng (par Smallfrogs) sur ton Bureau :
http://www.kztechs.com/eng/download.html (tu devrais avoir une version mise à jour 2008)
Ici pour le choix du téléchargement: http://hiboox.com/lang-fr/resultat.php?img=88v5j1rt.png&error=0
Extrais tout son contenu sur ton Bureau
(clic-droit sur le fichier .zip >> "Extraire tout...")
Du dossier sreng2 qui se trouve maintenant sur ton Bureau, (l'ouvrir) clic-droit sur SREngPS.exe , choisir éventuellement "Exécuter en tant qu'administrateur" afin de lancer l'outil
Clique sur "Smart Scan"
Ensuite, clique sur le bouton [Scan]. L'analyse durera quelques instants.

Lorsque complété, clique sur le bouton [Save Reports]
Sauvegarde le rapport sur ton Bureau ("Fichier" > "Enregistrer sous.." > choisir "Bureau".
Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse, s'il te plait
Très bon outil, bien détaillé et qui plus est fonctionne sous Vista.


Bonne chance
Al.

Ajouter un commentaire
Ajouter un commentaire
Réponse
+1
moins plus
cclrem 4 avril 2008 à 20:22
Bonjour, comme convenu

Premier rapport
DiagHelp version v1.4 - http://www.malekal.com
excute le 04/04/2008 à 20:04:01,51


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\Windows\prefetch\CHCP.COM-61043047.pf -->04/04/2008 20:04:00
C:\Windows\prefetch\WMIADAP.EXE-F8DFDFA2.pf -->04/04/2008 20:03:56
C:\Windows\prefetch\SEARCHFILTERHOST.EXE-77482212.pf -->04/04/2008 20:03:35
C:\Windows\prefetch\WUAUCLT.EXE-70318591.pf -->04/04/2008 20:03:27
C:\Windows\prefetch\WMIPRVSE.EXE-1628051C.pf -->04/04/2008 20:02:55
C:\Windows\prefetch\LOGITECHUPDATE.EXE-4BEA6D6A.pf -->04/04/2008 20:02:42
C:\Windows\prefetch\LVPRCSRV.EXE-FC72999F.pf -->04/04/2008 20:02:36
C:\Windows\prefetch\DLLHOST.EXE-5E46FA0D.pf -->04/04/2008 20:02:36
C:\Windows\prefetch\VERCLSID.EXE-7C52E31C.pf -->04/04/2008 20:02:25
C:\Windows\prefetch\WLLOGINPROXY.EXE-9E0DCEF8.pf -->04/04/2008 20:01:43

C:\Windows\System32\drivers\mrxdav.sys -->14/02/2008 04:03:08
C:\Windows\System32\drivers\WdfLdr.sys -->14/02/2008 04:01:44
C:\Windows\System32\drivers\Wdf01000.sys -->14/02/2008 04:01:44
C:\Windows\System32\drivers\sermouse.sys -->14/02/2008 04:01:43
C:\Windows\System32\drivers\mouclass.sys -->14/02/2008 04:01:43
C:\Windows\System32\drivers\kbdclass.sys -->14/02/2008 04:01:43
C:\Windows\System32\drivers\i8042prt.sys -->14/02/2008 04:01:43

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -->04/04/2008 19:59:36
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -->04/04/2008 19:59:36
C:\Windows\System32\perfh00C.dat -->04/04/2008 19:54:56
C:\Windows\System32\PerfStringBackup.INI -->04/04/2008 19:54:55
C:\Windows\System32\perfh009.dat -->04/04/2008 19:54:55
C:\Windows\System32\perfc00C.dat -->04/04/2008 19:54:55
C:\Windows\System32\perfc009.dat -->04/04/2008 19:54:55
C:\Windows\System32\jupdate-1.6.0_05-b13.log -->29/03/2008 11:50:22
C:\Windows\System32\mrt.exe -->05/03/2008 18:30:54
C:\Windows\System32\javaws.exe -->22/02/2008 03:33:32
C:\Windows\System32\javaw.exe -->22/02/2008 02:23:39
C:\Windows\System32\java.exe -->22/02/2008 02:23:35
C:\Windows\System32\WebClnt.dll -->14/02/2008 04:03:08
C:\Windows\System32\wpd_ci.dll -->14/02/2008 04:01:47
C:\Windows\System32\clfs.sys -->14/02/2008 04:01:47
C:\Windows\System32\umpnpmgr.dll -->14/02/2008 04:01:46
C:\Windows\System32\drvinst.exe -->14/02/2008 04:01:46
C:\Windows\System32\cfgmgr32.dll -->14/02/2008 04:01:46
C:\Windows\System32\setupapi.dll -->14/02/2008 04:01:45
C:\Windows\System32\oleaut32.dll -->14/02/2008 04:01:45
C:\Windows\System32\kbd106n.dll -->14/02/2008 04:01:45
C:\Windows\System32\dpx.dll -->14/02/2008 04:01:45
C:\Windows\System32\f3ahvoas.dll -->14/02/2008 04:01:44
C:\Windows\System32\dispci.dll -->14/02/2008 04:01:44
C:\Windows\System32\batt.dll -->14/02/2008 04:01:44

C:\Windows\WindowsUpdate.log -->04/04/2008 20:03:52
C:\Windows\QTFont.qfn -->04/04/2008 20:00:24
C:\Windows\QTFont.for -->04/04/2008 20:00:24
C:\Windows\bootstat.dat -->04/04/2008 19:59:26
C:\Windows\.protected -->31/03/2008 21:38:53
C:\Windows\PFRO.log -->31/03/2008 20:27:58
C:\Windows\setupact.log -->23/03/2008 10:31:40
C:\Windows\DirectX.log -->27/02/2008 23:01:36
C:\Windows\WLXPGSS.SCR -->01/02/2008 12:17:40
C:\Windows\win.ini -->26/01/2008 13:18:24
C:\Windows\ODBC.INI -->11/01/2008 19:32:03
C:\Windows\EPSTPLOG.TXT -->26/11/2007 14:18:06
C:\Windows\EPSMTL32.TXT -->26/11/2007 14:17:05
C:\Windows\vbaddin.ini -->25/11/2007 15:14:19
C:\Windows\msxml4-KB941833-enu.LOG -->17/11/2007 22:13:23

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 912
Command line: C:\Windows\Explorer.EXE

Base Size Version Path
0x00ea0000 0x2cd000 6.00.6000.16549 C:\Windows\Explorer.EXE
0x76ff0000 0x11e000 6.00.6000.16386 C:\Windows\system32\ntdll.dll
0x759c0000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll
0x76360000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll
0x76070000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll
0x75d40000 0x4b000 6.00.6000.16386 C:\Windows\system32\GDI32.dll
0x75c50000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll
0x75fc0000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll
0x75aa0000 0x55000 6.00.6000.16386 C:\Windows\system32\SHLWAPI.dll
0x764a0000 0xace000 6.00.6000.16513 C:\Windows\system32\SHELL32.dll
0x75b00000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll
0x762d0000 0x8c000 6.00.6000.16609 C:\Windows\system32\OLEAUT32.dll
0x725e0000 0x107000 6.00.6000.16386 C:\Windows\system32\SHDOCVW.dll
0x74950000 0x3f000 6.00.6000.16386 C:\Windows\system32\UxTheme.dll
0x74c00000 0x1a000 6.00.6000.16386 C:\Windows\system32\POWRPROF.dll
0x73390000 0xc000 6.00.6000.16386 C:\Windows\system32\dwmapi.dll
0x74100000 0x1aa000 5.02.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll
0x75260000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll
0x73e70000 0xb7000 6.00.6000.16386 C:\Windows\system32\PROPSYS.dll
0x72490000 0x145000 6.00.6000.16386 C:\Windows\system32\BROWSEUI.dll
0x77110000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.dll
0x77160000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll
0x74920000 0x30000 6.00.6000.16386 C:\Windows\system32\DUser.dll
0x77150000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL
0x76420000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll
0x74650000 0x194000 6.10.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
0x73ae0000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll
0x72ef0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x75740000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll
0x75930000 0x84000 2001.12.6930.16386 C:\Windows\system32\CLBCatQ.DLL
0x74cd0000 0x38000 6.00.6000.16386 C:\Windows\system32\rsaenh.dll
0x71ec0000 0x5cd000 7.00.6000.16609 C:\Windows\system32\ieframe.dll
0x758a0000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75cf0000 0x45000 7.00.6000.16386 C:\Windows\system32\iertutil.dll
0x756e0000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll
0x71e00000 0x53000 6.00.6000.16386 C:\Windows\system32\actxprxy.dll
0x72f00000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x71d40000 0xb2000 6.00.6000.16549 C:\Windows\system32\timedate.cpl
0x73df0000 0x14000 3.05.2284.0000 C:\Windows\system32\ATL.DLL
0x75400000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll
0x740c0000 0x38000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x75760000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll
0x71e90000 0x2b000 6.00.6000.16386 C:\Windows\system32\msutb.dll
0x74d90000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x74080000 0x16000 6.00.6000.16386 C:\Windows\System32\shacct.dll
0x75690000 0x11000 6.00.6000.16386 C:\Windows\System32\SAMLIB.dll
0x71cc0000 0x3c000 6.00.6000.16404 C:\Windows\System32\msshsq.dll
0x71b20000 0xc5000 6.00.6000.16386 C:\Windows\System32\NaturalLanguage6.dll
0x752a0000 0xf1000 6.00.6000.16425 C:\Windows\System32\CRYPT32.dll
0x753e0000 0x12000 6.00.6000.16386 C:\Windows\System32\MSASN1.dll
0x71600000 0x28c000 6.00.6000.16386 C:\Windows\System32\NLSData000c.dll
0x70a00000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x74460000 0x1e7000 6.00.6000.16513 C:\Windows\system32\authui.dll
0x74bf0000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75e90000 0x127000 7.00.6000.16609 C:\Windows\system32\urlmon.dll
0x72ec0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x74fb0000 0x8000 6.00.6000.16386 C:\Windows\system32\VERSION.dll
0x718c0000 0x204000 4.00.6000.16386 C:\Windows\system32\msi.dll
0x74c20000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL
0x758e0000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll
0x758b0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll
0x77140000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll
0x742e0000 0x33000 6.00.6000.16386 C:\Windows\system32\WINMM.dll
0x71390000 0x4a000 6.00.6000.16386 C:\Windows\system32\ntshrui.dll
0x72b20000 0xa000 6.00.6000.16386 C:\Windows\system32\cscapi.dll
0x73980000 0x30000 6.00.6000.16386 C:\Windows\system32\wdmaud.drv
0x73970000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x73e60000 0x7000 6.00.6000.16386 C:\Windows\system32\AVRT.dll
0x742b0000 0x27000 6.00.6000.16386 C:\Windows\system32\MMDevAPI.DLL
0x76140000 0x189000 6.00.6000.16609 C:\Windows\system32\SETUPAPI.dll
0x74a50000 0x2d000 6.00.6000.16386 C:\Windows\system32\WINTRUST.dll
0x75e60000 0x29000 6.00.6000.16470 C:\Windows\system32\imagehlp.dll
0x71bf0000 0x9000 6.00.6000.16386 C:\Windows\system32\ExplorerFrame.dll
0x75d90000 0xcf000 7.00.6000.16609 C:\Windows\system32\WININET.dll
0x77130000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x73910000 0x21000 6.00.6000.16386 C:\Windows\System32\audioses.dll
0x733b0000 0x66000 6.00.6000.16386 C:\Windows\System32\audioeng.dll
0x748f0000 0x9000 6.00.6000.16386 C:\Windows\system32\msacm32.drv
0x74810000 0x15000 6.00.6000.16386 C:\Windows\system32\MSACM32.dll
0x74800000 0x7000 6.00.6000.16386 C:\Windows\system32\midimap.dll
0x6e990000 0x92000 6.00.6000.16386 C:\Windows\system32\stobject.dll
0x6e8d0000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x74a30000 0x9000 6.00.6000.16553 C:\Windows\system32\WTSAPI32.dll
0x74ca0000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll
0x73ba0000 0x45000 2001.12.6930.16386 C:\Windows\system32\es.dll
0x6eb80000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x02310000 0x17000 10.00.0000.1438 C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
0x6e7c0000 0x21000 6.00.6000.16386 C:\Windows\ehome\ehSSO.dll
0x73de0000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x74b30000 0x63000 6.00.6000.16501 C:\Windows\system32\FirewallAPI.dll
0x6deb0000 0x30b000 6.00.6000.16386 C:\Windows\System32\netshell.dll
0x75200000 0x19000 6.00.6000.16386 C:\Windows\System32\IPHLPAPI.DLL
0x751c0000 0x35000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc.DLL
0x756b0000 0x2b000 6.00.6000.16386 C:\Windows\System32\DNSAPI.dll
0x751b0000 0x7000 6.00.6000.16386 C:\Windows\System32\WINNSI.DLL
0x75190000 0x20000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc6.DLL
0x73e50000 0xf000 6.00.6000.16386 C:\Windows\System32\nlaapi.dll
0x6e260000 0x1bf000 6.00.6000.16386 C:\Windows\system32\pnidui.dll
0x6e510000 0x17000 6.00.6000.16386 C:\Windows\system32\QUtil.dll
0x75220000 0x3e000 6.00.6000.16386 C:\Windows\system32\wevtapi.dll
0x6ea40000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x70870000 0x27000 6.00.6000.16386 C:\Windows\system32\FunDisc.dll
0x6e820000 0x9000 6.00.6000.16386 C:\Windows\system32\fdproxy.dll
0x70430000 0x126000 8.90.1101.0000 C:\Windows\System32\msxml3.dll
0x6f870000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6e490000 0xe000 6.00.6000.16551 C:\Windows\system32\Wlanapi.dll
0x6d290000 0x2d000 6.00.6000.16386 C:\Windows\system32\OneX.DLL
0x6d400000 0xd000 6.00.6000.16386 C:\Windows\system32\eappprxy.dll
0x6d260000 0x28000 6.00.6000.16386 C:\Windows\system32\eappcfg.dll
0x75070000 0x44000 6.00.6000.16386 C:\Windows\system32\bcrypt.dll
0x6c210000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6c020000 0x23000 6.00.6000.16386 C:\Windows\system32\wpdshserviceobj.dll
0x72dc0000 0x5f000 6.00.6000.16386 C:\Windows\system32\WINHTTP.dll
0x6bfa0000 0x40000 6.00.6000.16386 C:\Windows\System32\srchadmin.dll
0x6bf60000 0x3c000 7.00.6000.16386 C:\Windows\system32\webcheck.dll
0x713e0000 0x21c000 6.00.6000.16386 C:\Windows\System32\SyncCenter.dll
0x6bfe0000 0x39000 6.00.6000.16386 C:\Windows\system32\wscntfy.dll
0x6c220000 0xb000 6.00.6000.16386 C:\Windows\system32\WSCAPI.dll
0x74f40000 0x3b000 6.00.6000.16386 C:\Windows\system32\mswsock.dll
0x74be0000 0x6000 6.00.6000.16386 C:\Windows\System32\wshtcpip.dll
0x74fa0000 0x6000 6.00.6000.16386 C:\Windows\System32\wship6.dll
0x6c1f0000 0xb000 6.00.6000.16386 C:\Windows\system32\mssprxy.dll
0x6e7f0000 0x2b000 6.00.6000.16386 C:\Windows\system32\PortableDeviceTypes.dll
0x71340000 0x46000 6.00.6000.16386 C:\Windows\system32\PortableDeviceApi.dll
0x732f0000 0x8000 6.00.6000.16386 C:\Windows\System32\winrnr.dll
0x732e0000 0xf000 6.00.6000.16386 C:\Windows\system32\napinsp.dll
0x75620000 0x5f000 6.00.6000.16386 C:\Windows\system32\SXS.DLL
0x732a0000 0x12000 6.00.6000.16386 C:\Windows\system32\pnrpnsp.dll
0x16080000 0x25000 1.00.0004.0012 C:\Program Files\Bonjour\mdnsNSP.dll
0x6bea0000 0x51000 6.00.6000.16386 C:\Windows\system32\imapi2.dll
0x73300000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c050000 0x2c000 6.00.6000.16386 C:\Windows\System32\QAgent.dll
0x72a90000 0x8a000 6.00.6000.16386 C:\Windows\System32\fwpuclnt.dll
0x6bc10000 0xf9000 6.00.6000.16386 C:\Windows\system32\bthprops.cpl
0x753a0000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll
0x10000000 0x6000 7.02.0000.0157 C:\Users\Ccil\AppData\Local\Temp\IadHide5.dll
0x6d340000 0x30000 6.00.6000.16386 C:\Windows\system32\MLANG.dll
0x06420000 0x185000 1.05.0000.0011 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x76f70000 0x74000 6.00.6000.16386 C:\Windows\system32\comdlg32.dll
0x73cf0000 0x7000 6.00.6000.16386 C:\Windows\system32\wsock32.dll
0x6f1a0000 0xdd000 6.00.6000.16386 C:\Windows\system32\wer.dll
0x708b0000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x6f330000 0x26000 6.00.6000.16386 C:\Windows\system32\faultrep.dll
0x6b000000 0x18000 6.00.6000.16386 C:\Windows\system32\olepro32.dll
0x6c200000 0xa000 7.00.6000.16609 C:\Windows\system32\jsproxy.dll
0x6ab30000 0x15000 1.01.1505.0000 C:\Program Files\Windows Defender\MpOav.dll
0x6a300000 0x2e000 6.00.6000.16386 C:\Windows\system32\syncui.dll
0x6ab10000 0x15000 6.00.6000.16386 C:\Windows\system32\SYNCENG.dll
0x64f00000 0x12000 4.07.1098.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll
0x6a8b0000 0x60000 6.00.6000.16386 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
0x748c0000 0x22000 1.01.1002.0000 C:\Windows\system32\xmllite.dll
0x6f290000 0x12000 6.00.6000.16386 C:\Windows\system32\thumbcache.dll
0x6ba60000 0x8000 4.00.6000.16386 C:\Windows\system32\MSISIP.DLL
0x6a2e0000 0x11000 5.07.0000.6000 C:\Windows\system32\wshext.dll
0x74060000 0x14000 6.00.6000.16386 C:\Windows\system32\Cabinet.dll
0x6e420000 0x6000 6.00.6000.16386 C:\Windows\system32\dciman32.dll

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 700
Command line: winlogon.exe

Base Size Version Path
0x001b0000 0x4e000 6.00.6000.16386 C:\Windows\system32\winlogon.exe
0x76ff0000 0x11e000 6.00.6000.16386 C:\Windows\system32\ntdll.dll
0x759c0000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll
0x76360000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll
0x76070000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll
0x75c50000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll
0x75d40000 0x4b000 6.00.6000.16386 C:\Windows\system32\GDI32.dll
0x75fc0000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll
0x75740000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll
0x74ca0000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll
0x758a0000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75760000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll
0x77110000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.DLL
0x77160000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll
0x77150000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL
0x76420000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll
0x756e0000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll
0x74c20000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL
0x758e0000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll
0x758b0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll
0x77140000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll
0x75690000 0x11000 6.00.6000.16386 C:\Windows\system32\SAMLIB.dll
0x75b00000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll
0x73bf0000 0x3e000 6.00.6000.16386 C:\Windows\system32\SHSVCS.dll
0x74950000 0x3f000 6.00.6000.16386 C:\Windows\system32\uxtheme.dll
0x74cd0000 0x38000 6.00.6000.16386 C:\Windows\system32\rsaenh.dll
0x73ae0000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll
0x75400000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll
0x75260000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll
0x753a0000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Windows\temp

26/10/2006 20:24 2 023 424 AsExec1.3.7.7.exe
1 fichier(s) 2 023 424 octets
0 Rép(s) 189 388 054 528 octets libres

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Windows\system32

02/11/2006 11:45 7 680 csrss.exe
1 fichier(s) 7 680 octets
0 Rép(s) 189 388 054 528 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Windows\Downloaded Program Files

01/12/2007 10:41 <REP> .
01/12/2007 10:41 <REP> ..
18/09/2006 23:26 65 desktop.ini
25/06/2006 13:50 1 793 erma.inf
11/06/2007 13:21 5 021 swflash.inf
3 fichier(s) 6 879 octets

Total des fichiers listés :
3 fichier(s) 6 879 octets
2 Rép(s) 189 388 058 624 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]



exports des policies
REGEDIT4

[System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[System\UIPI]

[System\UIPI\Clipboard]

[System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-04 20:06:06
Windows 6.0.6000 NTFS

scanning hidden services & system hive ...

IPC error: 87 Le fichier spécifié est introuvable.
scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0


KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Sorry, this version supports only Win2K/XP

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Sorry, this version supports only Win2K/XP

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files

31/03/2008 22:21 <REP> .
31/03/2008 22:21 <REP> ..
17/11/2007 22:02 <REP> Alwil Software
27/02/2008 21:51 <REP> Apple Software Update
27/02/2008 21:53 <REP> Bonjour
30/03/2008 14:23 <REP> CDBurnerXP
31/03/2008 19:42 <REP> Common Files
26/11/2007 15:02 <REP> epson
03/12/2007 20:32 <REP> Google
23/11/2007 00:34 <REP> Intel
27/02/2008 21:52 <REP> Internet Explorer
09/10/2007 15:29 <REP> InterVideo
09/10/2007 15:29 <REP> InterVideo Information Service
27/02/2008 21:54 <REP> iPod
27/02/2008 21:54 <REP> iTunes
29/03/2008 11:50 <REP> Java
31/03/2008 19:43 <REP> Lavasoft
17/11/2007 21:42 <REP> Logitech
17/11/2007 22:13 <REP> Microsoft CAPICOM 2.1.0.2
25/11/2007 15:12 <REP> Microsoft FrontPage
02/11/2006 14:37 <REP> Microsoft Games
25/11/2007 15:10 <REP> Microsoft Office
03/12/2007 20:47 <REP> Microsoft SQL Server Compact Edition
25/11/2007 15:12 <REP> Microsoft Visual Studio
02/11/2006 14:42 <REP> Movie Maker
02/11/2006 14:37 <REP> MSBuild
02/11/2006 14:37 <REP> MSN
17/11/2007 21:54 <REP> MSXML 4.0
27/02/2008 21:52 <REP> QuickTime
02/11/2006 14:37 <REP> Reference Assemblies
29/03/2008 14:25 <REP> Safari
12/02/2007 23:45 <REP> SIFXINST
09/10/2007 15:34 <REP> SigmaTel
31/03/2008 19:02 <REP> Spybot - Search & Destroy
25/12/2007 21:29 <REP> TomTom DesktopSuite
25/12/2007 21:32 <REP> TomTom HOME 2
17/11/2007 21:48 <REP> Windows Calendar
02/11/2006 14:42 <REP> Windows Collaboration
17/11/2007 21:48 <REP> Windows Defender
02/11/2006 14:42 <REP> Windows Journal
27/02/2008 23:01 <REP> Windows Live
11/12/2007 08:20 <REP> Windows Live Favorites
11/12/2007 08:20 <REP> Windows Live Toolbar
12/03/2008 04:07 <REP> Windows Mail
17/11/2007 21:48 <REP> Windows Media Player
17/11/2007 21:12 <REP> Windows NT
02/11/2006 14:42 <REP> Windows Photo Gallery
09/01/2008 07:52 <REP> Windows Sidebar
0 fichier(s) 0 octets
48 Rép(s) 189 064 343 552 octets libres
Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files\fichiers communs

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

25/11/2007 15:12 <REP> .
25/11/2007 15:12 <REP> ..
12/02/1999 23:43 532 537 MSONSEXT.DLL
17/03/1999 23:22 122 936 MSOWS409.DLL
08/04/1999 22:49 127 032 MSOWS40C.dll
18/03/1999 07:37 593 977 RAGENT.DLL
4 fichier(s) 1 376 482 octets
2 Rép(s) 189 064 339 456 octets libres
Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files\common files

31/03/2008 19:42 <REP> .
31/03/2008 19:42 <REP> ..
01/12/2007 10:50 <REP> Adobe
27/02/2008 21:49 <REP> Apple
25/11/2007 15:12 <REP> Designer
09/10/2007 15:30 <REP> InstallShield
09/10/2007 15:29 <REP> InterVideo
09/10/2007 15:28 <REP> Java
17/11/2007 21:26 <REP> logishrd
17/11/2007 21:38 <REP> Logitech
25/11/2007 15:12 <REP> microsoft shared
12/02/2007 23:45 <REP> New Boundary
02/11/2006 13:18 <REP> Services
02/11/2006 13:18 <REP> SpeechEngines
25/11/2007 15:12 <REP> System
09/10/2007 15:29 <REP> Ulead
09/10/2007 15:30 <REP> Ulead Systems
31/03/2008 19:42 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
18 Rép(s) 189 064 339 456 octets libres




c:\Users\Ccil\Documents\installer-49966-845-Open-Office-complet-en-francais-French.exe

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_PC-de-Ccil.tar.gz a l'adresse http://upload.malekal.com

et le second

[CODE]

2008-04-04,20:20:43

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Premium Edition (Build 6000) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows]
<LDM><C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe> [Logitech]
<MsnMsgr><"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<ehTray.exe><C:\Windows\ehome\ehTray.exe> [(Verified)Microsoft Windows]
<AdobeUpdater><C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe> [N/A]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows]
<utugzyfy><C:\ProgramData\utugzyfy\shiponkb.exe> []
<0PHK9nxvhb><C:\ProgramData\idazwden\gpiriheb.exe> []
<SpybotSD TeaTimer><C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe> [(Verified)Safer Networking Ltd.]
<coeiekrk><C:\ProgramData\coeiekrk\xstwzyrc.exe> []
<hagdphnu><C:\ProgramData\hagdphnu\dorshwdu.exe> []
<ykldxlrd><C:\ProgramData\ykldxlrd\dohylwdi.exe> []
<lsghnjhc><C:\ProgramData\lsghnjhc\xutajixq.exe> []
<rixwmjrh><C:\ProgramData\rixwmjrh\pijmfobg.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<SigmatelSysTrayApp><sttray.exe> [SigmaTel, Inc.]
<LogitechCommunicationsManager><"C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"> [(Verified)"Logitech, Inc."]
<LogitechQuickCamRibbon><"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide> [(Verified)"Logitech, Inc."]
<LVCOMSX><"C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"> [(Verified)"Logitech, Inc."]
<LogitechSetup><E:\Setup\Setup.exe /restart /l:fra> [N/A]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<TomTomHOME.exe><"C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s> [(Verified)TomTom International BV]
<QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<IgfxTray><C:\Windows\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HotKeysCmds><C:\Windows\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Persistence><C:\Windows\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<0PHK9nxvhb><C:\ProgramData\idazwden\gpiriheb.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [N/A]

==================================
Startup Folders
[Logitech Desktop Messenger]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk --> C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [Logitech]><N>
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Reboot]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe --> [N/A]><N>
[Logitech Desktop Messenger]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk --> C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [Logitech]><N>
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Reboot]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe --> [N/A]><N>

==================================
Services
[Ad-Aware 2007 Service / aawservice][Running/Auto Start]
<"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"><Lavasoft>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[Service Bonjour / Bonjour Service][Running/Auto Start]
<"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Service de l'iPod / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Logitech Process Monitor / LVPrcSrv][Running/Auto Start]
<c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe><Logitech Inc.>
[LVSrvLauncher / LVSrvLauncher][Stopped/Auto Start]
<C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe><Logitech Inc.>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<C:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[PrismXL / PrismXL][Running/Auto Start]
<C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS><New Boundary Technologies, Inc.>
[SBSD Security Center Service / SBSDWSCService][Running/Auto Start]
<C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe><Safer Networking Ltd.>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>

==================================
Drivers
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[aswMonFlt / aswMonFlt][Running/Auto Start]
<system32\DRIVERS\aswMonFlt.sys><ALWIL Software>
[blbdrive / blbdrive][Stopped/Disabled]
<\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Pilote de la connexion réseau Intel(R) PRO/1000 PCI Express / e1express][Stopped/Manual Start]
<system32\DRIVERS\e1e6032.sys><Intel Corporation>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[ialm / ialm][Stopped/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[igfx / igfx][Running/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[IVI ASPI Shell / Iviaspi][Running/Manual Start]
<system32\drivers\iviaspi.sys><InterVideo, Inc.>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[Logitech AEC Driver / LVcKap][Stopped/Manual Start]
<system32\DRIVERS\LVcKap.sys><Logitech Inc.>
[Logitech Machine Vision Engine Loader / LVMVDrv][Stopped/Manual Start]
<system32\DRIVERS\LVMVDrv.sys><Logitech Inc.>
[Logitech LVPr2Mon Driver / LVPr2Mon][Running/Manual Start]
<system32\drivers\LVPr2Mon.sys><>
[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start]
<system32\drivers\LVUSBSta.sys><Logitech Inc.>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[Volume Adapter / pepifilter][Running/Manual Start]
<system32\DRIVERS\lv302af.sys><Logitech Inc.>
[Logitech QuickCam IM(PID_PEPI) / PID_PEPI][Running/Manual Start]
<system32\DRIVERS\LV302V32.SYS><Logitech Inc.>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[Pilote Realtek 10/100 NIC Family NDIS x86 / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\stwrt.sys><SigmaTel, Inc.>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>

==================================
Browser Add-ons
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Java Plug-in 1.6.0_05]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, Microsoft Corporation>
[Spybot-S&D IE Protection]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\Windows\system32\macromed\Shockwave 10\Download.dll, N/A>
[Java Plug-in 1.6.0_05]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_01]
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_05]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_05]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\Windows\system32\icardie.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[Microsoft Shell UI Helper]
{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, N/A>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[]
{B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Windows Live\Messenger\msgsc.8.5.1302.1018.dll, Microsoft Corporation>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, N/A>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[Contrôle de l'Assistant de connexion Windows Live]
{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Add to Windows &Live Favorites]
<http://favorites.live.com/quickadd.aspx, N/A>

==================================
Running Processes
[PID: 360 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 496 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 540 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 552 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 584 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 596 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 604 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 700 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 796 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 856 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 904 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B307066B-41D0-4D4C-A7F6-BC148FF8099F}\mpengine.dll] [Microsoft Corporation, 1.1.3408.0]
[PID: 972 / SERVICE LOCAL][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\stapo.dll] [SigmaTel, Inc., 1.0.5511.0 nd595 cp1]
[PID: 1028 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1072 / SYSTEM][c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe] [Logitech Inc., 10.0.0.1438]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1108 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1204 / SERVICE RÉSEAU][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
[PID: 1248 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1380 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1460 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft, 7,0,2,7]
[C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft, 7,0,2,6]
[C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll] [PKWARE, Inc., 8.4.1045.0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1492 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 1508 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[C:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 1836 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\System32\E_FLMAEE.DLL] [SEIKO EPSON CORPORATION, 5, 7, 0, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1860 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 488 / Ccil][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 7.14.10.1409]
[PID: 576 / Ccil][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igfxTMM.dll] [Intel Corporation, 7.14.10.1409]
[PID: 912 / Ccil][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Wi

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+1
moins plus
cclrem 4 avril 2008 à 20:23
Bonjour, comme convenu

Premier rapport
DiagHelp version v1.4 - http://www.malekal.com
excute le 04/04/2008 à 20:04:01,51


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\Windows\prefetch\CHCP.COM-61043047.pf -->04/04/2008 20:04:00
C:\Windows\prefetch\WMIADAP.EXE-F8DFDFA2.pf -->04/04/2008 20:03:56
C:\Windows\prefetch\SEARCHFILTERHOST.EXE-77482212.pf -->04/04/2008 20:03:35
C:\Windows\prefetch\WUAUCLT.EXE-70318591.pf -->04/04/2008 20:03:27
C:\Windows\prefetch\WMIPRVSE.EXE-1628051C.pf -->04/04/2008 20:02:55
C:\Windows\prefetch\LOGITECHUPDATE.EXE-4BEA6D6A.pf -->04/04/2008 20:02:42
C:\Windows\prefetch\LVPRCSRV.EXE-FC72999F.pf -->04/04/2008 20:02:36
C:\Windows\prefetch\DLLHOST.EXE-5E46FA0D.pf -->04/04/2008 20:02:36
C:\Windows\prefetch\VERCLSID.EXE-7C52E31C.pf -->04/04/2008 20:02:25
C:\Windows\prefetch\WLLOGINPROXY.EXE-9E0DCEF8.pf -->04/04/2008 20:01:43

C:\Windows\System32\drivers\mrxdav.sys -->14/02/2008 04:03:08
C:\Windows\System32\drivers\WdfLdr.sys -->14/02/2008 04:01:44
C:\Windows\System32\drivers\Wdf01000.sys -->14/02/2008 04:01:44
C:\Windows\System32\drivers\sermouse.sys -->14/02/2008 04:01:43
C:\Windows\System32\drivers\mouclass.sys -->14/02/2008 04:01:43
C:\Windows\System32\drivers\kbdclass.sys -->14/02/2008 04:01:43
C:\Windows\System32\drivers\i8042prt.sys -->14/02/2008 04:01:43

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -->04/04/2008 19:59:36
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -->04/04/2008 19:59:36
C:\Windows\System32\perfh00C.dat -->04/04/2008 19:54:56
C:\Windows\System32\PerfStringBackup.INI -->04/04/2008 19:54:55
C:\Windows\System32\perfh009.dat -->04/04/2008 19:54:55
C:\Windows\System32\perfc00C.dat -->04/04/2008 19:54:55
C:\Windows\System32\perfc009.dat -->04/04/2008 19:54:55
C:\Windows\System32\jupdate-1.6.0_05-b13.log -->29/03/2008 11:50:22
C:\Windows\System32\mrt.exe -->05/03/2008 18:30:54
C:\Windows\System32\javaws.exe -->22/02/2008 03:33:32
C:\Windows\System32\javaw.exe -->22/02/2008 02:23:39
C:\Windows\System32\java.exe -->22/02/2008 02:23:35
C:\Windows\System32\WebClnt.dll -->14/02/2008 04:03:08
C:\Windows\System32\wpd_ci.dll -->14/02/2008 04:01:47
C:\Windows\System32\clfs.sys -->14/02/2008 04:01:47
C:\Windows\System32\umpnpmgr.dll -->14/02/2008 04:01:46
C:\Windows\System32\drvinst.exe -->14/02/2008 04:01:46
C:\Windows\System32\cfgmgr32.dll -->14/02/2008 04:01:46
C:\Windows\System32\setupapi.dll -->14/02/2008 04:01:45
C:\Windows\System32\oleaut32.dll -->14/02/2008 04:01:45
C:\Windows\System32\kbd106n.dll -->14/02/2008 04:01:45
C:\Windows\System32\dpx.dll -->14/02/2008 04:01:45
C:\Windows\System32\f3ahvoas.dll -->14/02/2008 04:01:44
C:\Windows\System32\dispci.dll -->14/02/2008 04:01:44
C:\Windows\System32\batt.dll -->14/02/2008 04:01:44

C:\Windows\WindowsUpdate.log -->04/04/2008 20:03:52
C:\Windows\QTFont.qfn -->04/04/2008 20:00:24
C:\Windows\QTFont.for -->04/04/2008 20:00:24
C:\Windows\bootstat.dat -->04/04/2008 19:59:26
C:\Windows\.protected -->31/03/2008 21:38:53
C:\Windows\PFRO.log -->31/03/2008 20:27:58
C:\Windows\setupact.log -->23/03/2008 10:31:40
C:\Windows\DirectX.log -->27/02/2008 23:01:36
C:\Windows\WLXPGSS.SCR -->01/02/2008 12:17:40
C:\Windows\win.ini -->26/01/2008 13:18:24
C:\Windows\ODBC.INI -->11/01/2008 19:32:03
C:\Windows\EPSTPLOG.TXT -->26/11/2007 14:18:06
C:\Windows\EPSMTL32.TXT -->26/11/2007 14:17:05
C:\Windows\vbaddin.ini -->25/11/2007 15:14:19
C:\Windows\msxml4-KB941833-enu.LOG -->17/11/2007 22:13:23

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 912
Command line: C:\Windows\Explorer.EXE

Base Size Version Path
0x00ea0000 0x2cd000 6.00.6000.16549 C:\Windows\Explorer.EXE
0x76ff0000 0x11e000 6.00.6000.16386 C:\Windows\system32\ntdll.dll
0x759c0000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll
0x76360000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll
0x76070000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll
0x75d40000 0x4b000 6.00.6000.16386 C:\Windows\system32\GDI32.dll
0x75c50000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll
0x75fc0000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll
0x75aa0000 0x55000 6.00.6000.16386 C:\Windows\system32\SHLWAPI.dll
0x764a0000 0xace000 6.00.6000.16513 C:\Windows\system32\SHELL32.dll
0x75b00000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll
0x762d0000 0x8c000 6.00.6000.16609 C:\Windows\system32\OLEAUT32.dll
0x725e0000 0x107000 6.00.6000.16386 C:\Windows\system32\SHDOCVW.dll
0x74950000 0x3f000 6.00.6000.16386 C:\Windows\system32\UxTheme.dll
0x74c00000 0x1a000 6.00.6000.16386 C:\Windows\system32\POWRPROF.dll
0x73390000 0xc000 6.00.6000.16386 C:\Windows\system32\dwmapi.dll
0x74100000 0x1aa000 5.02.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll
0x75260000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll
0x73e70000 0xb7000 6.00.6000.16386 C:\Windows\system32\PROPSYS.dll
0x72490000 0x145000 6.00.6000.16386 C:\Windows\system32\BROWSEUI.dll
0x77110000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.dll
0x77160000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll
0x74920000 0x30000 6.00.6000.16386 C:\Windows\system32\DUser.dll
0x77150000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL
0x76420000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll
0x74650000 0x194000 6.10.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
0x73ae0000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll
0x72ef0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x75740000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll
0x75930000 0x84000 2001.12.6930.16386 C:\Windows\system32\CLBCatQ.DLL
0x74cd0000 0x38000 6.00.6000.16386 C:\Windows\system32\rsaenh.dll
0x71ec0000 0x5cd000 7.00.6000.16609 C:\Windows\system32\ieframe.dll
0x758a0000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75cf0000 0x45000 7.00.6000.16386 C:\Windows\system32\iertutil.dll
0x756e0000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll
0x71e00000 0x53000 6.00.6000.16386 C:\Windows\system32\actxprxy.dll
0x72f00000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x71d40000 0xb2000 6.00.6000.16549 C:\Windows\system32\timedate.cpl
0x73df0000 0x14000 3.05.2284.0000 C:\Windows\system32\ATL.DLL
0x75400000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll
0x740c0000 0x38000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x75760000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll
0x71e90000 0x2b000 6.00.6000.16386 C:\Windows\system32\msutb.dll
0x74d90000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x74080000 0x16000 6.00.6000.16386 C:\Windows\System32\shacct.dll
0x75690000 0x11000 6.00.6000.16386 C:\Windows\System32\SAMLIB.dll
0x71cc0000 0x3c000 6.00.6000.16404 C:\Windows\System32\msshsq.dll
0x71b20000 0xc5000 6.00.6000.16386 C:\Windows\System32\NaturalLanguage6.dll
0x752a0000 0xf1000 6.00.6000.16425 C:\Windows\System32\CRYPT32.dll
0x753e0000 0x12000 6.00.6000.16386 C:\Windows\System32\MSASN1.dll
0x71600000 0x28c000 6.00.6000.16386 C:\Windows\System32\NLSData000c.dll
0x70a00000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x74460000 0x1e7000 6.00.6000.16513 C:\Windows\system32\authui.dll
0x74bf0000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x75e90000 0x127000 7.00.6000.16609 C:\Windows\system32\urlmon.dll
0x72ec0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x74fb0000 0x8000 6.00.6000.16386 C:\Windows\system32\VERSION.dll
0x718c0000 0x204000 4.00.6000.16386 C:\Windows\system32\msi.dll
0x74c20000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL
0x758e0000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll
0x758b0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll
0x77140000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll
0x742e0000 0x33000 6.00.6000.16386 C:\Windows\system32\WINMM.dll
0x71390000 0x4a000 6.00.6000.16386 C:\Windows\system32\ntshrui.dll
0x72b20000 0xa000 6.00.6000.16386 C:\Windows\system32\cscapi.dll
0x73980000 0x30000 6.00.6000.16386 C:\Windows\system32\wdmaud.drv
0x73970000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x73e60000 0x7000 6.00.6000.16386 C:\Windows\system32\AVRT.dll
0x742b0000 0x27000 6.00.6000.16386 C:\Windows\system32\MMDevAPI.DLL
0x76140000 0x189000 6.00.6000.16609 C:\Windows\system32\SETUPAPI.dll
0x74a50000 0x2d000 6.00.6000.16386 C:\Windows\system32\WINTRUST.dll
0x75e60000 0x29000 6.00.6000.16470 C:\Windows\system32\imagehlp.dll
0x71bf0000 0x9000 6.00.6000.16386 C:\Windows\system32\ExplorerFrame.dll
0x75d90000 0xcf000 7.00.6000.16609 C:\Windows\system32\WININET.dll
0x77130000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x73910000 0x21000 6.00.6000.16386 C:\Windows\System32\audioses.dll
0x733b0000 0x66000 6.00.6000.16386 C:\Windows\System32\audioeng.dll
0x748f0000 0x9000 6.00.6000.16386 C:\Windows\system32\msacm32.drv
0x74810000 0x15000 6.00.6000.16386 C:\Windows\system32\MSACM32.dll
0x74800000 0x7000 6.00.6000.16386 C:\Windows\system32\midimap.dll
0x6e990000 0x92000 6.00.6000.16386 C:\Windows\system32\stobject.dll
0x6e8d0000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x74a30000 0x9000 6.00.6000.16553 C:\Windows\system32\WTSAPI32.dll
0x74ca0000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll
0x73ba0000 0x45000 2001.12.6930.16386 C:\Windows\system32\es.dll
0x6eb80000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x02310000 0x17000 10.00.0000.1438 C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
0x6e7c0000 0x21000 6.00.6000.16386 C:\Windows\ehome\ehSSO.dll
0x73de0000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x74b30000 0x63000 6.00.6000.16501 C:\Windows\system32\FirewallAPI.dll
0x6deb0000 0x30b000 6.00.6000.16386 C:\Windows\System32\netshell.dll
0x75200000 0x19000 6.00.6000.16386 C:\Windows\System32\IPHLPAPI.DLL
0x751c0000 0x35000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc.DLL
0x756b0000 0x2b000 6.00.6000.16386 C:\Windows\System32\DNSAPI.dll
0x751b0000 0x7000 6.00.6000.16386 C:\Windows\System32\WINNSI.DLL
0x75190000 0x20000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc6.DLL
0x73e50000 0xf000 6.00.6000.16386 C:\Windows\System32\nlaapi.dll
0x6e260000 0x1bf000 6.00.6000.16386 C:\Windows\system32\pnidui.dll
0x6e510000 0x17000 6.00.6000.16386 C:\Windows\system32\QUtil.dll
0x75220000 0x3e000 6.00.6000.16386 C:\Windows\system32\wevtapi.dll
0x6ea40000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x70870000 0x27000 6.00.6000.16386 C:\Windows\system32\FunDisc.dll
0x6e820000 0x9000 6.00.6000.16386 C:\Windows\system32\fdproxy.dll
0x70430000 0x126000 8.90.1101.0000 C:\Windows\System32\msxml3.dll
0x6f870000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6e490000 0xe000 6.00.6000.16551 C:\Windows\system32\Wlanapi.dll
0x6d290000 0x2d000 6.00.6000.16386 C:\Windows\system32\OneX.DLL
0x6d400000 0xd000 6.00.6000.16386 C:\Windows\system32\eappprxy.dll
0x6d260000 0x28000 6.00.6000.16386 C:\Windows\system32\eappcfg.dll
0x75070000 0x44000 6.00.6000.16386 C:\Windows\system32\bcrypt.dll
0x6c210000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6c020000 0x23000 6.00.6000.16386 C:\Windows\system32\wpdshserviceobj.dll
0x72dc0000 0x5f000 6.00.6000.16386 C:\Windows\system32\WINHTTP.dll
0x6bfa0000 0x40000 6.00.6000.16386 C:\Windows\System32\srchadmin.dll
0x6bf60000 0x3c000 7.00.6000.16386 C:\Windows\system32\webcheck.dll
0x713e0000 0x21c000 6.00.6000.16386 C:\Windows\System32\SyncCenter.dll
0x6bfe0000 0x39000 6.00.6000.16386 C:\Windows\system32\wscntfy.dll
0x6c220000 0xb000 6.00.6000.16386 C:\Windows\system32\WSCAPI.dll
0x74f40000 0x3b000 6.00.6000.16386 C:\Windows\system32\mswsock.dll
0x74be0000 0x6000 6.00.6000.16386 C:\Windows\System32\wshtcpip.dll
0x74fa0000 0x6000 6.00.6000.16386 C:\Windows\System32\wship6.dll
0x6c1f0000 0xb000 6.00.6000.16386 C:\Windows\system32\mssprxy.dll
0x6e7f0000 0x2b000 6.00.6000.16386 C:\Windows\system32\PortableDeviceTypes.dll
0x71340000 0x46000 6.00.6000.16386 C:\Windows\system32\PortableDeviceApi.dll
0x732f0000 0x8000 6.00.6000.16386 C:\Windows\System32\winrnr.dll
0x732e0000 0xf000 6.00.6000.16386 C:\Windows\system32\napinsp.dll
0x75620000 0x5f000 6.00.6000.16386 C:\Windows\system32\SXS.DLL
0x732a0000 0x12000 6.00.6000.16386 C:\Windows\system32\pnrpnsp.dll
0x16080000 0x25000 1.00.0004.0012 C:\Program Files\Bonjour\mdnsNSP.dll
0x6bea0000 0x51000 6.00.6000.16386 C:\Windows\system32\imapi2.dll
0x73300000 0x6000 6.00.6000.16386 C:\Windows\system32\rasadhlp.dll
0x6c050000 0x2c000 6.00.6000.16386 C:\Windows\System32\QAgent.dll
0x72a90000 0x8a000 6.00.6000.16386 C:\Windows\System32\fwpuclnt.dll
0x6bc10000 0xf9000 6.00.6000.16386 C:\Windows\system32\bthprops.cpl
0x753a0000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll
0x10000000 0x6000 7.02.0000.0157 C:\Users\Ccil\AppData\Local\Temp\IadHide5.dll
0x6d340000 0x30000 6.00.6000.16386 C:\Windows\system32\MLANG.dll
0x06420000 0x185000 1.05.0000.0011 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x76f70000 0x74000 6.00.6000.16386 C:\Windows\system32\comdlg32.dll
0x73cf0000 0x7000 6.00.6000.16386 C:\Windows\system32\wsock32.dll
0x6f1a0000 0xdd000 6.00.6000.16386 C:\Windows\system32\wer.dll
0x708b0000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x6f330000 0x26000 6.00.6000.16386 C:\Windows\system32\faultrep.dll
0x6b000000 0x18000 6.00.6000.16386 C:\Windows\system32\olepro32.dll
0x6c200000 0xa000 7.00.6000.16609 C:\Windows\system32\jsproxy.dll
0x6ab30000 0x15000 1.01.1505.0000 C:\Program Files\Windows Defender\MpOav.dll
0x6a300000 0x2e000 6.00.6000.16386 C:\Windows\system32\syncui.dll
0x6ab10000 0x15000 6.00.6000.16386 C:\Windows\system32\SYNCENG.dll
0x64f00000 0x12000 4.07.1098.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll
0x6a8b0000 0x60000 6.00.6000.16386 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
0x748c0000 0x22000 1.01.1002.0000 C:\Windows\system32\xmllite.dll
0x6f290000 0x12000 6.00.6000.16386 C:\Windows\system32\thumbcache.dll
0x6ba60000 0x8000 4.00.6000.16386 C:\Windows\system32\MSISIP.DLL
0x6a2e0000 0x11000 5.07.0000.6000 C:\Windows\system32\wshext.dll
0x74060000 0x14000 6.00.6000.16386 C:\Windows\system32\Cabinet.dll
0x6e420000 0x6000 6.00.6000.16386 C:\Windows\system32\dciman32.dll

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 700
Command line: winlogon.exe

Base Size Version Path
0x001b0000 0x4e000 6.00.6000.16386 C:\Windows\system32\winlogon.exe
0x76ff0000 0x11e000 6.00.6000.16386 C:\Windows\system32\ntdll.dll
0x759c0000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll
0x76360000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll
0x76070000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll
0x75c50000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll
0x75d40000 0x4b000 6.00.6000.16386 C:\Windows\system32\GDI32.dll
0x75fc0000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll
0x75740000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll
0x74ca0000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll
0x758a0000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75760000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll
0x77110000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.DLL
0x77160000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll
0x77150000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL
0x76420000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll
0x756e0000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll
0x74c20000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL
0x758e0000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll
0x758b0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll
0x77140000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll
0x75690000 0x11000 6.00.6000.16386 C:\Windows\system32\SAMLIB.dll
0x75b00000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll
0x73bf0000 0x3e000 6.00.6000.16386 C:\Windows\system32\SHSVCS.dll
0x74950000 0x3f000 6.00.6000.16386 C:\Windows\system32\uxtheme.dll
0x74cd0000 0x38000 6.00.6000.16386 C:\Windows\system32\rsaenh.dll
0x73ae0000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll
0x75400000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll
0x75260000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll
0x753a0000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Windows\temp

26/10/2006 20:24 2 023 424 AsExec1.3.7.7.exe
1 fichier(s) 2 023 424 octets
0 Rép(s) 189 388 054 528 octets libres

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Windows\system32

02/11/2006 11:45 7 680 csrss.exe
1 fichier(s) 7 680 octets
0 Rép(s) 189 388 054 528 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Windows\Downloaded Program Files

01/12/2007 10:41 <REP> .
01/12/2007 10:41 <REP> ..
18/09/2006 23:26 65 desktop.ini
25/06/2006 13:50 1 793 erma.inf
11/06/2007 13:21 5 021 swflash.inf
3 fichier(s) 6 879 octets

Total des fichiers listés :
3 fichier(s) 6 879 octets
2 Rép(s) 189 388 058 624 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]



exports des policies
REGEDIT4

[System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[System\UIPI]

[System\UIPI\Clipboard]

[System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-04 20:06:06
Windows 6.0.6000 NTFS

scanning hidden services & system hive ...

IPC error: 87 Le fichier spécifié est introuvable.
scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0


KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Sorry, this version supports only Win2K/XP

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Sorry, this version supports only Win2K/XP

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files

31/03/2008 22:21 <REP> .
31/03/2008 22:21 <REP> ..
17/11/2007 22:02 <REP> Alwil Software
27/02/2008 21:51 <REP> Apple Software Update
27/02/2008 21:53 <REP> Bonjour
30/03/2008 14:23 <REP> CDBurnerXP
31/03/2008 19:42 <REP> Common Files
26/11/2007 15:02 <REP> epson
03/12/2007 20:32 <REP> Google
23/11/2007 00:34 <REP> Intel
27/02/2008 21:52 <REP> Internet Explorer
09/10/2007 15:29 <REP> InterVideo
09/10/2007 15:29 <REP> InterVideo Information Service
27/02/2008 21:54 <REP> iPod
27/02/2008 21:54 <REP> iTunes
29/03/2008 11:50 <REP> Java
31/03/2008 19:43 <REP> Lavasoft
17/11/2007 21:42 <REP> Logitech
17/11/2007 22:13 <REP> Microsoft CAPICOM 2.1.0.2
25/11/2007 15:12 <REP> Microsoft FrontPage
02/11/2006 14:37 <REP> Microsoft Games
25/11/2007 15:10 <REP> Microsoft Office
03/12/2007 20:47 <REP> Microsoft SQL Server Compact Edition
25/11/2007 15:12 <REP> Microsoft Visual Studio
02/11/2006 14:42 <REP> Movie Maker
02/11/2006 14:37 <REP> MSBuild
02/11/2006 14:37 <REP> MSN
17/11/2007 21:54 <REP> MSXML 4.0
27/02/2008 21:52 <REP> QuickTime
02/11/2006 14:37 <REP> Reference Assemblies
29/03/2008 14:25 <REP> Safari
12/02/2007 23:45 <REP> SIFXINST
09/10/2007 15:34 <REP> SigmaTel
31/03/2008 19:02 <REP> Spybot - Search & Destroy
25/12/2007 21:29 <REP> TomTom DesktopSuite
25/12/2007 21:32 <REP> TomTom HOME 2
17/11/2007 21:48 <REP> Windows Calendar
02/11/2006 14:42 <REP> Windows Collaboration
17/11/2007 21:48 <REP> Windows Defender
02/11/2006 14:42 <REP> Windows Journal
27/02/2008 23:01 <REP> Windows Live
11/12/2007 08:20 <REP> Windows Live Favorites
11/12/2007 08:20 <REP> Windows Live Toolbar
12/03/2008 04:07 <REP> Windows Mail
17/11/2007 21:48 <REP> Windows Media Player
17/11/2007 21:12 <REP> Windows NT
02/11/2006 14:42 <REP> Windows Photo Gallery
09/01/2008 07:52 <REP> Windows Sidebar
0 fichier(s) 0 octets
48 Rép(s) 189 064 343 552 octets libres
Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files\fichiers communs

Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

25/11/2007 15:12 <REP> .
25/11/2007 15:12 <REP> ..
12/02/1999 23:43 532 537 MSONSEXT.DLL
17/03/1999 23:22 122 936 MSOWS409.DLL
08/04/1999 22:49 127 032 MSOWS40C.dll
18/03/1999 07:37 593 977 RAGENT.DLL
4 fichier(s) 1 376 482 octets
2 Rép(s) 189 064 339 456 octets libres
Le volume dans le lecteur C s'appelle Partition_1
Le numéro de série du volume est 6CFE-88B1

Répertoire de C:\Program Files\common files

31/03/2008 19:42 <REP> .
31/03/2008 19:42 <REP> ..
01/12/2007 10:50 <REP> Adobe
27/02/2008 21:49 <REP> Apple
25/11/2007 15:12 <REP> Designer
09/10/2007 15:30 <REP> InstallShield
09/10/2007 15:29 <REP> InterVideo
09/10/2007 15:28 <REP> Java
17/11/2007 21:26 <REP> logishrd
17/11/2007 21:38 <REP> Logitech
25/11/2007 15:12 <REP> microsoft shared
12/02/2007 23:45 <REP> New Boundary
02/11/2006 13:18 <REP> Services
02/11/2006 13:18 <REP> SpeechEngines
25/11/2007 15:12 <REP> System
09/10/2007 15:29 <REP> Ulead
09/10/2007 15:30 <REP> Ulead Systems
31/03/2008 19:42 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
18 Rép(s) 189 064 339 456 octets libres




c:\Users\Ccil\Documents\installer-49966-845-Open-Office-complet-en-francais-French.exe

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_PC-de-Ccil.tar.gz a l'adresse http://upload.malekal.com

et le second

[CODE]

2008-04-04,20:20:43

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Premium Edition (Build 6000) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows]
<LDM><C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe> [Logitech]
<MsnMsgr><"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<ehTray.exe><C:\Windows\ehome\ehTray.exe> [(Verified)Microsoft Windows]
<AdobeUpdater><C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe> [N/A]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows]
<utugzyfy><C:\ProgramData\utugzyfy\shiponkb.exe> []
<0PHK9nxvhb><C:\ProgramData\idazwden\gpiriheb.exe> []
<SpybotSD TeaTimer><C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe> [(Verified)Safer Networking Ltd.]
<coeiekrk><C:\ProgramData\coeiekrk\xstwzyrc.exe> []
<hagdphnu><C:\ProgramData\hagdphnu\dorshwdu.exe> []
<ykldxlrd><C:\ProgramData\ykldxlrd\dohylwdi.exe> []
<lsghnjhc><C:\ProgramData\lsghnjhc\xutajixq.exe> []
<rixwmjrh><C:\ProgramData\rixwmjrh\pijmfobg.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<SigmatelSysTrayApp><sttray.exe> [SigmaTel, Inc.]
<LogitechCommunicationsManager><"C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"> [(Verified)"Logitech, Inc."]
<LogitechQuickCamRibbon><"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide> [(Verified)"Logitech, Inc."]
<LVCOMSX><"C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"> [(Verified)"Logitech, Inc."]
<LogitechSetup><E:\Setup\Setup.exe /restart /l:fra> [N/A]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<TomTomHOME.exe><"C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s> [(Verified)TomTom International BV]
<QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<IgfxTray><C:\Windows\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HotKeysCmds><C:\Windows\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Persistence><C:\Windows\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<0PHK9nxvhb><C:\ProgramData\idazwden\gpiriheb.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [N/A]

==================================
Startup Folders
[Logitech Desktop Messenger]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk --> C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [Logitech]><N>
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Reboot]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe --> [N/A]><N>
[Logitech Desktop Messenger]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk --> C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [Logitech]><N>
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Reboot]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe --> [N/A]><N>

==================================
Services
[Ad-Aware 2007 Service / aawservice][Running/Auto Start]
<"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"><Lavasoft>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[Service Bonjour / Bonjour Service][Running/Auto Start]
<"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Service de l'iPod / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Logitech Process Monitor / LVPrcSrv][Running/Auto Start]
<c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe><Logitech Inc.>
[LVSrvLauncher / LVSrvLauncher][Stopped/Auto Start]
<C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe><Logitech Inc.>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<C:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[PrismXL / PrismXL][Running/Auto Start]
<C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS><New Boundary Technologies, Inc.>
[SBSD Security Center Service / SBSDWSCService][Running/Auto Start]
<C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe><Safer Networking Ltd.>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>

==================================
Drivers
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[aswMonFlt / aswMonFlt][Running/Auto Start]
<system32\DRIVERS\aswMonFlt.sys><ALWIL Software>
[blbdrive / blbdrive][Stopped/Disabled]
<\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Pilote de la connexion réseau Intel(R) PRO/1000 PCI Express / e1express][Stopped/Manual Start]
<system32\DRIVERS\e1e6032.sys><Intel Corporation>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[ialm / ialm][Stopped/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[igfx / igfx][Running/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[IVI ASPI Shell / Iviaspi][Running/Manual Start]
<system32\drivers\iviaspi.sys><InterVideo, Inc.>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[Logitech AEC Driver / LVcKap][Stopped/Manual Start]
<system32\DRIVERS\LVcKap.sys><Logitech Inc.>
[Logitech Machine Vision Engine Loader / LVMVDrv][Stopped/Manual Start]
<system32\DRIVERS\LVMVDrv.sys><Logitech Inc.>
[Logitech LVPr2Mon Driver / LVPr2Mon][Running/Manual Start]
<system32\drivers\LVPr2Mon.sys><>
[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start]
<system32\drivers\LVUSBSta.sys><Logitech Inc.>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[Volume Adapter / pepifilter][Running/Manual Start]
<system32\DRIVERS\lv302af.sys><Logitech Inc.>
[Logitech QuickCam IM(PID_PEPI) / PID_PEPI][Running/Manual Start]
<system32\DRIVERS\LV302V32.SYS><Logitech Inc.>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[Pilote Realtek 10/100 NIC Family NDIS x86 / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\stwrt.sys><SigmaTel, Inc.>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>

==================================
Browser Add-ons
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Java Plug-in 1.6.0_05]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, Microsoft Corporation>
[Spybot-S&D IE Protection]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\Windows\system32\macromed\Shockwave 10\Download.dll, N/A>
[Java Plug-in 1.6.0_05]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_01]
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_05]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_05]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\Windows\system32\icardie.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[Microsoft Shell UI Helper]
{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, N/A>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[]
{B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Windows Live\Messenger\msgsc.8.5.1302.1018.dll, Microsoft Corporation>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, N/A>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[Contrôle de l'Assistant de connexion Windows Live]
{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Add to Windows &Live Favorites]
<http://favorites.live.com/quickadd.aspx, N/A>

==================================
Running Processes
[PID: 360 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 496 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 540 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 552 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 584 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 596 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 604 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 700 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 796 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 856 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 904 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B307066B-41D0-4D4C-A7F6-BC148FF8099F}\mpengine.dll] [Microsoft Corporation, 1.1.3408.0]
[PID: 972 / SERVICE LOCAL][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\stapo.dll] [SigmaTel, Inc., 1.0.5511.0 nd595 cp1]
[PID: 1028 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1072 / SYSTEM][c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe] [Logitech Inc., 10.0.0.1438]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1108 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1204 / SERVICE RÉSEAU][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
[PID: 1248 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1380 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1460 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft, 7,0,2,7]
[C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft, 7,0,2,6]
[C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll] [PKWARE, Inc., 8.4.1045.0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1492 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 1508 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1098, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[C:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 7, 1098, 0]
[PID: 1836 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\System32\E_FLMAEE.DLL] [SEIKO EPSON CORPORATION, 5, 7, 0, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1860 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 488 / Ccil][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 7.14.10.1409]
[PID: 576 / Ccil][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igfxTMM.dll] [Intel Corporation, 7.14.10.1409]
[PID: 912 / Ccil][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Wi

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 4 avril 2008 à 23:05
Hello,

Bravo pour les analyses ==> mais pas besoin de poster 2 fois les mêmes rapports (surtout quand ils prennent autant de place).

A)- Il manque le rapport de l'analyse avec HIJACKTHIS (comme je l'ai indiqué ==> mais pour l'installation, fais comme ceci:
Installation :
- Clic-droit sur l’ icône « HJTInstall.exe » présente sur ton bureau et choisis : "Exécuter en tant qu'administrateur" dans le menu contextuel.- Ensuite, clic sur « Exécuter », puis sur « Install ».
- Accepte la licence en cliquant sur le bouton "I Accept"
- Le programme s’installe de lui-même dans un dossier dédié.
- Par défaut, il s'installera en C:\Program Files\Trend Micro\HijackThis
- Et un raccourci pour lancer l’analyse apparaît sur le bureau. )


B)- Retrouve le rapport DiagHelp, et envoie le fichier chez Malekal_morte, comme il est demandé:
« Veuillez svp envoyer le fichier C:\upload_moi_PC-de-Ccil.tar.gz à l'adresse http://upload.malekal.com »


C)- C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe
C'est un prog espion qui soi-disant sert à faire des mises a jour...mais rien n'est prouvé et il semblerait qu'il soit plus espion que programme de mise à jour.
-Mais il peut aussi se trouver dans d'autres programmes.
- Le problème majeur étant qu'il provoque une faille de sécurité.
-• Pour résoudre ce type de problèmes en dehors du fait qu'il expose votre vie privée aux fournisseurs:
-Désinstaller "Logitech Desktop Messenger" dans « Panneau de Configuration » > "Ajout/Suppr.de programmes" et le prog « backweb-8876480.exe » disparaîtra.
-Il ne sert pas à grand-chose sinon à bouffer de la mémoire et de la bande passante internet.
- Les mises à jour de logiciels "Logitech" se font aisément à partir des progs eux-mêmes ( en manuel : tu cliques sur la miniature de ta WebCam près de l’horloge ), donc pas de soucis de ce côté.



D)- C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll ==> grosse faille de sécurité !
Ta version n’est pas mis à jour.
Rends-toi sur ce lien < http://www.java.com/fr/download/index.jsp > afin de télécharger une version à jour.
Ensuite, vas dans "Panneau de configuration" > "Ajout/suppr.de programmes", et supprime tes anciennes versions



E)- [Ad-Aware 2007 Service / aawservice][Running/Auto Start]
<"C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"><Lavasoft>
Je te conseille de désinstaller Ad-Aware 2007.
•- La version gratuite n'offre pas de protection en temps réel, ça reste un scanneur donc l'efficacité est plus qu'à douter, voir : [ http://forum.malekal.com/viewtopic.php?f=45&t=8046 ]
•- Et pour exclure ce service inutile aawservice, il suffit de faire ainsi:
Clic sur « Démarrer » > « Exécuter » ; ensuite, dans la lucarne de saisie, coller (recommencer pour chacune des trois commandes suivantes) :
1°- sc stop aawservice > valider par [OK]
2°- sc config aawservice start= disabled > valider par [OK]
3°- sc delete aawservice > valider par [OK]



F)- C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1098, 0]
Je constate que Avast ne te sert pas à grand-chose (sinon à t'avertir qu'il a laissé infecter ton PC !!).
Alors, fais-moi plaisir; applique ceci:

1)- Télécharger ANTIVIR sur le site de l'éditeur pour avoir la dernière version qui est celle-ci pour xp: < http://www.free-av.com/down/windows/antivir_workstation_win7u_en_h.exe >
et qui prend en compte la case Rootkit.

TUTORIELS :
< http://www.astucesinternet.com/modules/news/article.php?storyid=253 > ==> enregistre-le sur ton bureau pour y accéder facilement.
- ou < http://www.malekal.com/tutorial_antivir.html >
- ou < http://www.libellules.ch/tuto_antivir.php >

2)- Désinstaller AVAST: <
http://www.avast.com/fre/avast-uninstall-utility.html >

3)- Attention, après le téléchargement, il faut se déconnecter du Net ( débrancher éventuellement le modem ) avant de lancer l'installation.

- Attention :
Sers-toi du tutoriel pour installer ANTIVIR,
http://www.vista-xp.fr/forum/topic227.html

4)- Procédure d'utilisation:
Après l'installation du programme et avant de lancer l'analyse, ...
...il faut redémarrer le PC en mode sans échec, comme ceci:
< http://www.coupdepoucepc.com/modules/news/article.php?storyid=253 >

Branche les disques amovibles (DDexterne et Clé USB) si tu en as.
Lancer Antivir en Scan complet ( analyse avancée )
Poster le rapport SVP.

L'analyse:
- Lancer Antivir en Scan complet (analyse avancée) en faisant un click-droit sur l’icône d’Antivir dans la « barre des taches » en bas à droite (= Systray, à côté de l’horloge) puis clic sur « start Antivir »
- Cliquer sur l’onglet « scanner »
- Vérifier pour « RootKit search » et « Manuelle détection » (en développant avec la petite croix devant chacun d'eux) que tous les disques durs soient bien cochés, puis cliquer sur la loupe (en dessous de statut)
- Une fenêtre va s’ouvrir « Luke Filewalker »
- Le scan va démarrer.
- Mettre tout ce qu il trouve en "quarantine"

Le rapport:
Une fois le scan achevé, fermer les deux fenêtres d'Antivir et sauvegarder sur le bureau le rapport qui vient d'apparaître.
Redémarrer en mode normal puis poster le rapport d'Antivir (qui est sur le bureau).




G)- Il faudra faire analyser ces fichiers ( en gras ) chez VirusTotal, comme ceci:

C:\ProgramData\utugzyfy\shiponkb.exe
C:\ProgramData\idazwden\gpiriheb.exe
C:\ProgramData\coeiekrk\xstwzyrc.exe
C:\ProgramData\hagdphnu\dorshwdu.exe
C:\ProgramData\ykldxlrd\dohylwdi.exe
C:\ProgramData\lsghnjhc\xutajixq.exe
C:\ProgramData\rixwmjrh\pijmfobg.exe
C:\Windows\.protected <-- le dossier
C:\Windows\system32\drivers\blbdrive.sys
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe

1°- Assure-toi d'avoir accès aux dossiers/fichiers cachés :
Pour activer cette fonction, ouvre l’explorateur et clique sur le menu "Organiser" => "Options des dossiers et de recherche" > onglet "Affichage"
et là :
cocher la case devant les lignes:
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher la case devant les lignes:
- masquer les extensions des fichiers dont le type est connu
- masquer les fichiers protégés du système d'exploitation
Tu vas recevoir un message qui te dit que cela peut endommager le système,
n'en tiens pas compte.
Puis cliquer "APPLIQUER à TOUS les Dossiers" > [OK]
Si tu n'es pas à l'aise dans la navigation des dossiers, je t'invite à suivre ce tutorial : < http://www.malekal.com/rechercher_fichiers.php >

2°- Ensuite vas là :< http://www.virustotal.com/ >
< http://www.virustotal.com/en/indexf.html >
•- sur la page qui s'affiche tu cliques sur "parcourir"
•- ensuite sur la nouvelle page qui s'affiche, tu suis le chemin du premier fichier C:\ProgramData\utugzyfy\ et tu ouvres le dossier utugzyfy
- quand tu as trouvé dedans le premier fichier shiponkb.exe</gras, tu clique sur "ouvrir" ( sur cette dernière page affichée)
•- le fichier <gras>shiponkb.exese retrouve alors ainsi dans la fenêtre de Virustotal, pour l'analyse
•- là, tu cliques sur "send file" = « Envoyer » ( de la page de Virustotal )
•- et tu attends le résultat (il faut parfois patienter)
• vous aurez dans l'encadré: Situation actuelle: terminé, cliquer sur Formaté
• Une nouvelle fenêtre de votre navigateur apparaîtra...
• Dans la nouvelle fenêtre, cliquer sur cette image : < http://img215.imageshack.us/img215/6039/virustotalpourcopierip3.jpg >
• Faire un clic droit sur la page, choisir => Sélectionner tout, puis encore clic droit => Copier... Enfin , clic droit => Coller le(s) résultat(s) dans le WordPad ou Bloc-Notes.

(Virustotal va analyser un par un, à ta demande; puisque tu devras recommencer la procédure "parcourir", fichier par fichier )
DONC, tu refais la manipulation fichier par fichier dont tu colles le rapport à chaque fois, à la suite dans WordPad.

• Pour ta prochaine réponse sur le forum, tu reprends WordPad ou Bloc-Notes (qui contient le résultat d’analyse des fichiers litigieux analysés), tu appuies sur (CTRL+A), puis (CTRL+C) et en réponse sur CCM tu termines par (CTRL+V) pour coller les analyses sur le forum.

Merci pour ta collaboration



Ton PC a vraiment une sale infection.
Donc, fais bien tout ce que je dis.
Il faut éliminer ces failles de sécurité pour où elle a pu passer !

En fonction des rapports que tu t'appliqueras à me poster, j'établirer la procédure de nettoyage.
Courage
Évite de jouer avec ton PC la durée de la désinfection, SVP.
Merci

Al.

Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
cclrem 35Messages postés 1 avril 2008Date d'inscription 4 avril 2008 à 23:07
ok je m'en occupe de suite

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 4 avril 2008 à 23:13
(suite)
Fais à ton aise.
Ne brûle pas les étapes.
Commence par le rapport HijackThis, s'il te plaît.
Suis bien l'ordre des tâches.
Merci.
Espérons que le PC te laisse travailler.

Al.

Ajouter un commentaire
Afficher les 4 commentaires
cclrem- 4 avril 2008 à 23:31
je crois que c'est ce qu'il te manquait

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:28:47, on 04/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\idazwden\gpiriheb.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\ProgramData\idazwden\gpiriheb.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\ProgramData\coeiekrk\xstwzyrc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
C:\Program Files\Microsoft Office\Office\OSA9.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe
C:\Windows\ehome\ehmsas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechSetup] E:\Setup\Setup.exe /restart /l:fra
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [utugzyfy] C:\ProgramData\utugzyfy\shiponkb.exe
O4 - HKCU\..\Run: [0PHK9nxvhb] C:\ProgramData\idazwden\gpiriheb.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [coeiekrk] C:\ProgramData\coeiekrk\xstwzyrc.exe
O4 - HKCU\..\Run: [hagdphnu] C:\ProgramData\hagdphnu\dorshwdu.exe
O4 - HKCU\..\Run: [ykldxlrd] C:\ProgramData\ykldxlrd\dohylwdi.exe
O4 - HKCU\..\Run: [lsghnjhc] C:\ProgramData\lsghnjhc\xutajixq.exe
O4 - HKCU\..\Run: [rixwmjrh] C:\ProgramData\rixwmjrh\pijmfobg.exe
O4 - HKLM\..\Policies\Explorer\Run: [0PHK9nxvhb] C:\ProgramData\idazwden\gpiriheb.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Reboot.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B6FB86D3-9056-4F4D-B965-84B22C049E9E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
cclrem- 5 avril 2008 à 01:14
ci-dessous le rapport antivir
J'ai rencontré un pb qd j'ai redémarré pc en "mode sans échec" il ne me propose pas cette option même en appuyant sur f8. ceux sont des options en langage? je ne sais pas à vrai dire alors j'espère que c'est bon...



AntiVir PersonalEdition Classic
Report file date: samedi 5 avril 2008 00:31

Scanning for 835736 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: Ccil
Computer name: PC-DE-CCIL

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 13:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 13:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 13:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 16:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: J:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 5 avril 2008 00:31

Starting search for hidden objects.
'68472' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'WMIADAP.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'mobsync.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'shiponkb.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PRISMXL.SYS' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'HOMERunner.exe' - '1' Module(s) have been scanned
Scan process 'LVComSX.exe' - '1' Module(s) have been scanned
Scan process 'QuickCam10.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'sttray.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
68 processes with 68 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Boot sector 'J:\'
[NOTE] In the drive 'J:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '23' files ).


Starting the file scan:

Begin scan in 'C:\' <Partition_1>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\ProgramData\idazwden\gpiriheb.exe.bak
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '485faeda.qua'!
C:\Users\Ccil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXVN0O7J\PCAntispyware_Installer[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '4837aeda.qua'!
C:\Users\Ccil\AppData\Local\Temp\029685de.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '482faee6.qua'!
C:\Users\Ccil\AppData\Local\Temp\1755d211.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '482baef1.qua'!
C:\Users\Ccil\AppData\Local\Temp\3b022720.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '4826af29.qua'!
C:\Users\Ccil\AppData\Local\Temp\68d0749b.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '485aaf0e.qua'!
C:\Users\Ccil\AppData\Local\Temp\7c067406.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '4826af3e.qua'!
C:\Users\Ccil\AppData\Local\Temp\d834a04c.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '4829af1d.qua'!
C:\Users\Ccil\AppData\Local\Temp\f077e902.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '482daf19.qua'!
Begin scan in 'D:\' <RECOVERY>
Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'F:\' <MightyDrive>
Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'J:\'
Search path J:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: samedi 5 avril 2008 00:58
Used time: 26:55 min

The scan has been done completely.

12855 Scanning directories
178565 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
9 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
178556 Files not concerned
955 Archives were scanned
2 Warnings
0 Notes
68472 Objects were scanned with rootkit scan
0 Hidden objects were found

merci
cclrem- 5 avril 2008 à 01:41
re moi...
étape suivante...je deviens une pro...nan c'est pas vrai je n'ai pas trouvé certains fichiers même en tapant les noms manuellement...
il manque:
c:\programData\idazwden... le fichier est vide
c:\windows\.protected....introuvable
c:\widows\system32\drivers\blb... introuvable

rapport de virustotal

Fichier nynmfile.exe.vir reçu le 2008.04.02 03:39:17 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.1.2 2008.04.01 -
AntiVir 7.6.0.78 2008.04.01 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.04.02 -
Avast 4.7.1098.0 2008.04.01 -
AVG 7.5.0.516 2008.04.01 Downloader.Obfuskated
BitDefender 7.2 2008.04.02 -
CAT-QuickHeal 9.50 2008.04.02 -
ClamAV None 2008.04.02 -
DrWeb 4.44.0.09170 2008.04.01 -
eSafe 7.0.15.0 2008.04.01 -
eTrust-Vet 31.3.5661 2008.04.01 -
Ewido 4.0 2008.04.01 -
F-Prot 4.4.2.54 2008.04.01 -
F-Secure 6.70.13260.0 2008.04.02 -
FileAdvisor 1 2008.04.02 -
Fortinet 3.14.0.0 2008.04.01 -
Ikarus T3.1.1.20 2008.04.02 -
Kaspersky 7.0.0.125 2008.04.02 -
McAfee 5264 2008.04.01 -
Microsoft 1.3301 2008.04.01 TrojanDownloader:Win32/Agent.ZZC
NOD32v2 2993 2008.04.01 -
Norman 5.80.02 2008.04.01 W32/Smalltroj.DRSH
Panda 9.0.0.4 2008.04.01 -
Prevx1 V2 2008.04.02 Generic.Malware
Rising 20.38.12.00 2008.04.01 -
Sophos 4.28.0 2008.04.02 Mal/Generic-A
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.04.02 -
TheHacker 6.2.92.262 2008.04.02 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.04.01 -
Webwasher-Gateway 6.6.2 2008.04.01 Trojan.Crypt.XPACK.Gen

Information additionnelle
File size: 94208 bytes
MD5: 5aa03a99c3196f3d9088df46be1f97ee
SHA1: aa986b018e14d3b3128deb6ab5549c4ca3f46a67
PEiD: -
Prevx info: http://info.prevx.com/...


Fichier afwbyjez.exe reçu le 2008.03.31 22:18:43 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - TR/Crypt.XPACK.Gen
Authentium - - -
Avast - - -
AVG - - Downloader.Obfuskated
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - TrojanDownloader:Win32/Agent.ZZC
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - Generic.Malware
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Trojan.Crypt.XPACK.Gen

Information additionnelle
MD5: d646d8f489b808e8d587d6b8b66e7998
SHA1: 63fcb57ff2e7a46149061d8da672044c7cab81f1
SHA256: 75eba4a1c7b302c4f4ee9c9941b19099d6b318479462ba9cfd754327ee781de0
SHA512: 19f5d99da8606a9eae4a73e5677db3c83ed9badcc1b579a0601f5f3cc6126ac35156e5ec753388eea96890fde3d2a1656a980e19059e7e1bac15eea6f7f05f32


Fichier dorshwdu.exe reçu le 2008.04.04 16:52:57 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - TR/Crypt.XPACK.Gen
Authentium - - -
Avast - - -
AVG - - Downloader.Obfuskated
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - TrojanDownloader:Win32/Agent.ZZC
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - Downloader.Obfuskated
Rising - - -
Sophos - - -
Symantec - - Trojan.Zlob
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Trojan.Crypt.XPACK.Gen

Information additionnelle
MD5: 7b3ac8612ced6d3f923a11c4d96c434d
SHA1: 198328bca1a72fb815fb31912b1eb63bf7df4a96
SHA256: 49e349c07140d8633c6335c2cfa8176d5a6c2851d673e880ac5948eb9b0409c0
SHA512: e3495f06110d780140d4be26110f9e69402515f177d7bc98b93e6bdcca31ca6dbff9d355b0b19fa9c1ee9b03e5a97b072fd0fd683445eb486830111824d3f62d


Fichier dohylwdi.exe reçu le 2008.04.02 00:11:42 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - TR/Crypt.XPACK.Gen
Authentium - - -
Avast - - -
AVG - - Downloader.Obfuskated
BitDefender - - -
CAT-QuickHeal - - Win32.Trojan.Obfuscated.gx.3
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - TrojanDownloader:Win32/Agent.ZZC
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - Heuristic: Suspicious File With Bad Parent Associations
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Trojan.Crypt.XPACK.Gen

Information additionnelle
MD5: a1873c796428d96875c387c565513361
SHA1: cf958295bac720cc51ba65c8c6ad9b47e99574a5
SHA256: 4e9f7609d4b8c451cef3f1df1a7f18cb23c8e0d4d349c4f10df3d87183ee028c
SHA512: 979c997247f48a6e2a3c02152d8ef0484f4a4e92682c8f8f4b4767525942b1628e91c8c20ff916f274111be00ad3780bb3a98db88cfa884341034aea351c62c0


Fichier xutajixq.exe reçu le 2008.04.04 16:52:54 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - TR/Crypt.XPACK.Gen
Authentium - - -
Avast - - -
AVG - - Downloader.Obfuskated
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - TrojanDownloader:Win32/Agent.ZZC
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - Downloader.Obfuskated
Rising - - -
Sophos - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Trojan.Crypt.XPACK.Gen

Information additionnelle
MD5: 3fcf013375e8064413bfeab2de9d2510
SHA1: ae4be35141e934a4cbcf5439f9bc770813348d1f
SHA256: 8c9323a83d4dd18d600ae3a0991cbcd6eada861a7753126f5cfa892aaa7b5f54
SHA512: 3233616222d8b9001668e55dbeba49732f53e45527783ef0a9bed996d1b44b29cb771be23c553579e8ce3fbd2ade498a174ab8cc8606923b0a29cec94d2eb468


Fichier pijmfobg.exe reçu le 2008.04.03 23:18:00 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - TR/Crypt.XPACK.Gen
Authentium - - -
Avast - - -
AVG - - Downloader.Obfuskated
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - TrojanDownloader:Win32/Agent.ZZC
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - Heuristic: Suspicious File With Bad Parent Associations
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Trojan.Crypt.XPACK.Gen

Information additionnelle
MD5: baf1a4bf3d8667d6b7bd8afb3ad9bb4b
SHA1: b784567e2559b3f9c36efd4d9fa9c8fe3ab46a37
SHA256: a717a9f03cf7d690d892f7c01872834c3fded0ad5568f3d2f7c2f5eef8923f7b
SHA512: 99be96ca3b2824bd46de336a370c6c9619ef1b387dc8a1b4e18501193c822f3a61099e97815a9434bbd7a9f2e3c7ac79fe59a0610fae9c0c9b6c6d0b0dac75ce


a bientôt pour de nouvelles aventures!!!
Ccil
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 5 avril 2008 à 02:22
Encore un :

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe <-- ??

Je vais au lit
Al

Ajouter un commentaire
cclrem- 5 avril 2008 à 10:26
bonjour....
j'espère que tous mes rapports ont été bons..
que dois je faire avec le dernier fichier envoyé.. tu veux que je l'envoi à virustotal?
merci
bonne journée
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 5 avril 2008 à 12:06
Bonjour,

Oui
Lis post #11 G)
Merci

Avais-tu branché clé USB (éventuelle) lors du Scan Antivir ?

Al

Ajouter un commentaire
cclrem- 5 avril 2008 à 12:14
j'espère que tu as bien dormi...
oui une clé usb
ci-joint le rapport
Fichier Reboot.exeCommon_Startup reçu le 2008.03.23 20:00:29 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.3.22.1 2008.03.21 -
AntiVir 7.6.0.75 2008.03.23 SPR/Tool.Reboot.G
Authentium 4.93.8 2008.03.22 -
Avast 4.7.1098.0 2008.03.23 -
AVG 7.5.0.516 2008.03.22 Potentially harmful program Tool.AX
BitDefender 7.2 2008.03.23 -
CAT-QuickHeal 9.50 2008.03.21 -
ClamAV 0.92.1 2008.03.23 PUA.Tool.Reboot-1
DrWeb 4.44.0.09170 2008.03.23 -
eSafe 7.0.15.0 2008.03.18 RiskTool.Win32.Reboo
eTrust-Vet 31.3.5633 2008.03.21 -
Ewido 4.0 2008.03.23 -
F-Prot 4.4.2.54 2008.03.22 -
F-Secure 6.70.13260.0 2008.03.23 Suspicious:W32/Malware!Gemini
FileAdvisor 1 2008.03.23 -
Fortinet 3.14.0.0 2008.03.23 HackerTool/Reboot
Ikarus T3.1.1.20 2008.03.23 Trojan.Win32.Tambu.a
Kaspersky 7.0.0.125 2008.03.23 not-a-virus:RiskTool.Win32.Reboot.g
McAfee 5257 2008.03.21 -
Microsoft 1.3301 2008.03.23 -
NOD32v2 2967 2008.03.21 -
Norman 5.80.02 2008.03.20 -
Panda 9.0.0.4 2008.03.23 -
Prevx1 V2 2008.03.23 -
Rising 20.36.62.00 2008.03.23 -
Sophos 4.27.0 2008.03.23 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.23 -
TheHacker 6.2.92.252 2008.03.22 -
VBA32 3.12.6.3 2008.03.21 -
VirusBuster 4.3.26:9 2008.03.22 RiskTool.Reboot.L
Webwasher-Gateway 6.6.2 2008.03.23 Riskware.Tool.Reboot.G

Information additionnelle
Tamano archivo: 409088 bytes
MD5: 91e955e797b9dae35e455121baaf3394
SHA1: 3712fb39158cc2add1301910ed9818c259e7fbdc
PEiD: BobSoft Mini Delphi -> BoB / BobSoft
Ajouter un commentaire
Réponse
+1
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 5 avril 2008 à 13:44
(suite)

Je vais te donner une manip très claire (je l'espère !) que tu devras suivre à la lettre.
ATTENTION: Ne te trompe pas (dans le doute, tu stoppes tout !!)

A)- Faire une sauvegarde de la Base de Registres (BdR)
Cliquer sur "Démarrer" > "Exécuter" > copier/coller : regedit /e Sav.reg , puis clic sur [Ok]
Le fichier de sauvegarde se trouve ici C:\Documents and Settings\<Le nom de ta session>\Sav.reg



B)-Télécharge IceSword sur ton Bureau (durée ± 5 minutes), du lien suivant :
http://202.38.64.10/%7Ejfpan/download/IceSword120_en.zip

1) Double-clique sur le fichier du bureau IceSword120_en.zip pour obtenir cette page http://img503.imageshack.us/img503/7100/screenshot322an1.png ; puis, comme sur l'image, au menu "Fichier" choisir "Extraire tout". On obtient une nouvelle page IceSword120_en http://img260.imageshack.us/img260/7798/screenshot323yv2.png ; là, comme sur l'image, clic-droit sur le dossier dézippé IceSword120_en , puis "Explorer" pour obtenir le contenu sur une nouvelle page .

2) Clic-droit sur l'icône épée > Créer un raccourci IceSword.exe et le déplacer sur le bureau > puis double-clic dessus pour lancer l'outil. Clic ensuite sur [Exécuter] ( ou sur "Exécuter en tant qu'administrateur" si le petit menu contextuel s'affiche) ==> autoriser et accepter les alertes successives des protections PC installées.

3) Agrandir la fenêtre de l'outil en plein écran.

4) Regarde bien cette capture écran http://img223.imageshack.us/img223/4756/screenshot324nb2.png .
Dans le menu de gauche, vers le haut, appuie sur la touche [Functions] pour les développer; tu peux t'aider du curseur vertical pour faciliter la lecture de son total contenu.
- Note: Tu peux agrandir le volet de gauche (en déplaçant la ligne de séparation verticale), afin de mieux visualiser son contenu (juste le nécessaire; sinon ce sera au détriment de la lecture de la plage de droite).

5) Choisis le bouton radio [Win32 Services], laisse afficher tous les services dans la plage de droite.
Ensuite retrouve Add to Windows &Live Favorites que tu supprimes.
Si tu vois d'autres services de couleur rouge, rapporte-les moi.

6) Au bas de ce menu gauche, cliquer sur le bouton radio [File]
- Il faut naviguer (clic sur les + devant les répertoires ad hoc) dans l'arborescence (volet de gauche) jusqu'à atteindre le dossier contenant les fichiers infectés à supprimer.

•- Pour C:\ProgramData\utugzyfy\shiponkb.exe :
(Clic sur + devant C:\, puis + devant ProgramData\, puis clic sur le "dossier utugzyfy" (je n'ai pas dit de cliquer sur le + devant !!) pour l'ouvrir ==> tu vois ainsi tous ses fichiers dans la plage de droite ==> retrouve le fichier shiponkb.exe ==> faire un clic-droit dessus et choisir "Delete".
NOTE: Mais peut-être est-ce là que tu as trouvé ce fichier nynmfile.exe.vir analysé chez VirusTotal en lieu et place de shiponkb.exe comme demandé ?? Si c'est le cas, supprime les deux si tu les trouves.

•- Faire la même chose (même principe de recherche de fichier) avec : C:\ProgramData\coeiekrk\xstwzyrc.exe .
NOTE: Mais peut-être est-ce également là que tu as trouvé ce fichier afwbyjez.exe analysé chez VirusTotal en lieu et place de xstwzyrc.exe comme demandé ??
Si c'est le cas, supprime les deux si tu les trouves.

•- Faire la même chose (même principe de recherche de fichier) avec:
C:\ProgramData\idazwden\gpiriheb.exe <-- il doit être parti avec Antivir.
C:\ProgramData\hagdphnu\dorshwdu.exe
C:\ProgramData\ykldxlrd\dohylwdi.exe
C:\ProgramData\lsghnjhc\xutajixq.exe
C:\ProgramData\rixwmjrh\pijmfobg.exe

Si tu ne te sens toujours pas à l'aise, ou bien que tu ne vois pas, demande et je vais voir si je peux t'éclairer d'une autre façon. Mais fais d'abord l'effort.

•- Même principe pour ce fichier en gras C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Reboot.exe <---- Delete = Supprimer

7) Termine par celles-ci (en gras):
O4 - HKCU\..\Run: [utugzyfy] C:\ProgramData\utugzyfy\shiponkb.exe
O4 - HKCU\..\Run: [0PHK9nxvhb] C:\ProgramData\idazwden\gpiriheb.exe
O4 - HKCU\..\Run: [coeiekrk] C:\ProgramData\coeiekrk\xstwzyrc.exe
O4 - HKCU\..\Run: [hagdphnu] C:\ProgramData\hagdphnu\dorshwdu.exe
O4 - HKCU\..\Run: [ykldxlrd] C:\ProgramData\ykldxlrd\dohylwdi.exe
O4 - HKCU\..\Run: [lsghnjhc] C:\ProgramData\lsghnjhc\xutajixq.exe
O4 - HKCU\..\Run: [rixwmjrh] C:\ProgramData\rixwmjrh\pijmfobg.exe
O4 - HKLM\..\Policies\Explorer\Run: [0PHK9nxvhb] C:\ProgramData\idazwden\gpiriheb

comme ceci: au bas du menu des fonctions, appuie sur la touche [Registry].
Tu vois s'afficher l'arborescence de la base de registres dans laquelle il faut naviguer, comme ceci:

1°- Pour la première ligne HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\utugzyfy
en cliquant sur le signe + devant HKEY_CURRENT_USER,
puis descendre jusque SOFTWARE > et cliquer sur +,
puis descendre jusque Microsoft > et cliquer sur +,
puis descendre jusque Windows > +
puis CurrentVersion > +
puis Run > + ==> clic-droit > supprimer utugzyfy qui dois se trouver dans le panneau de gauche sous la sous-clé "Run".

(Si ce n'est pas le cas, ouvre "Run" et regarde dans la plage de droite si tu les trouves sous "Nom" (en valeur) ==> idem: clic-droit dessus et supprime). ==> rapporte-moi cette étape, svp.

2°- Idem pour
O4 - HKCU\..\Run: [0PHK9nxvhb]
O4 - HKCU\..\Run: [coeiekrk]
O4 - HKCU\..\Run: [hagdphnu]
O4 - HKCU\..\Run: [ykldxlrd]
O4 - HKCU\..\Run: [lsghnjhc]
O4 - HKCU\..\Run: [rixwmjrh]
Pas besoin de relancer toute la procédure de navigation, puisque tout se trouve sous Run.

3°- Pour celle-ci HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
tu navigues de la même façon, et sous Run, tu supprimes 0PHK9nxvhb

Poste le rapport obtenu.
Relance ensuite une analyse SREng suivi de HijackThis.


Courage
Al.

PS: Je m'absente un moment.

Ajouter un commentaire
cclrem- 5 avril 2008 à 14:23
je suis désolée mais bloque au premier stade pas la manip our la sauvegarde de la bdr
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 5 avril 2008 à 15:11
Bon,

Sauvegarde de toute la base de registre :
• Cliquez sur Démarrer / Exécuter
• Dans le champ « Ouvrir » tapez : « regedit » et cliquez sur « OK ».
• Ne sélectionnez rien d'autre que ( = mettre en surbrillance ) le « Poste de travail ».
( Ici, dans la suite logique, le Poste de travail , est celui en tête de la liste des clés du registre ; puisqu’à cette étape, on est dans l’éditeur de registres )
• Dans le menu « Fichier » cliquez sur « Exporter.... »
• Dans « Enregistrer dans », choisissez le dossier de sauvegarde. C’est-à-dire : BUREAU.
• Dans le champ "Nom de fichier" : tapez le nom de votre fichier de sauvegarde. (ex : registre1)
• Dans le champ déroulant Type , choisissez "Fichiers d’enregistrement (*.reg)".
< http://img252.imageshack.us/img252/8522/screenshot258es5.gif >
• Cochez la case ( le bouton ratio ) « Tout ».
• Cliquez sur [Enregistrer].
Puis Quitter le registre.
L'icône du fichier de sauvegarde du Registre est sur le bureau.


Désolé, je quitte jusque ce soir ==> obligations
Al

Ajouter un commentaire
cclrem- 5 avril 2008 à 16:12
bon j'en suis à l'étape B 2 j'arrive a crée le raccourci mais qd je veux l'ouvrir et ap avoir appuyé sur éxecuter... j'ai un message d'erreur "initialize failed (1)

moi pas là ce soir
merci de ton aidre
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 5 avril 2008 à 22:33
Re,

Je viens juste de rentrer et je vais passer à table.

En attendant, as-tu suivi cette directive en B) 2°-
« ... Clic ensuite sur [Exécuter] ( ou "Clic-droit" puis "Exécuter en tant qu'administrateur" si le petit menu contextuel s'affiche) ... » ?

Ton UAC est-il toujurs désactivé ? ==> lire post # 8 A)-

Merci
Al

Ajouter un commentaire
cclrem- 5 avril 2008 à 23:22
déjà UAC toujours désactivé no soucy, j'ai vérifié...
j'ai fait les 2 manip et toujours le même message à l'écran que précedt
cclrem- 5 avril 2008 à 23:43
je suis bien ds win32services mais pas le fichier add to windows...
est ce normal
Ajouter un commentaire
Réponse
+0
moins plus
g!rly 18216Messages postés 17 août 2007Date d'inscription 17 mai 2012Dernière intervention 5 avril 2008 à 23:24
FO ETRE PATIENT DANS LA VIE...

Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 5 avril 2008 à 23:31
Hello g!rly hyvää iltaa ,

Pour cclrem,
Essaie avec ce lien de téléchargement de IceSword http://www.antirootkit.com/software/IceSword.htm
Dernière version.
Même procédure.

Al.

Ajouter un commentaire
cclrem- 5 avril 2008 à 23:38
ok ça marche je continue la procédure...
je te joins le rapport asp
cette nuit à mon avis...
merci encore...
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 5 avril 2008 à 23:58
Ouf!
Merci.
Bonne chance.
Mais je suis trop épuisé pour ce soir.
Je passerai de temps en temps pour voir si tu as des questions.
Al.

Ajouter un commentaire
cclrem- 5 avril 2008 à 23:59
juste est ce normal ci pas le premier fichier add to....
cclrem- 6 avril 2008 à 00:19
trop facile cette étape:-(

Bon deux ou trois trucs avant les rapports...

Je n'ai pas retrouvé add windows and live favorites...

impossible de supprimer un des fichiers
c:....dorshwdu.exe j'ai essayé plusieus fois mais ça ne fonctionne pas...
pour le reste c'est ok...

tu veux quels rapports Sreng et hijack this???

c'est ça...

merci bonne nuit
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 6 avril 2008 à 00:28
Re,

Oui, les deux.

Al

Ajouter un commentaire
cclrem- 6 avril 2008 à 12:43
Bonjour ci-joint les deux rapports..
petite question sur antivir qd il détecte un virus il vaut mieux mettre en quarantaine ou refusé l'accès?

[CODE]

2008-04-06,12:39:38

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Premium Edition (Build 6000) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows]
<MsnMsgr><"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<ehTray.exe><C:\Windows\ehome\ehTray.exe> [(Verified)Microsoft Windows]
<AdobeUpdater><C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe> [N/A]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows]
<SpybotSD TeaTimer><C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe> [(Verified)Safer Networking Ltd.]
<rsvcmyyd><C:\Windows\system32\kfqpedkf.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows]
<SigmatelSysTrayApp><sttray.exe> [SigmaTel, Inc.]
<LogitechCommunicationsManager><"C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"> [(Verified)"Logitech, Inc."]
<LogitechQuickCamRibbon><"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide> [(Verified)"Logitech, Inc."]
<LVCOMSX><"C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"> [(Verified)"Logitech, Inc."]
<LogitechSetup><E:\Setup\Setup.exe /restart /l:fra> [N/A]
<TomTomHOME.exe><"C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s> [(Verified)TomTom International BV]
<QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<IgfxTray><C:\Windows\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HotKeysCmds><C:\Windows\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Persistence><C:\Windows\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<avgnt><"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min> [Avira GmbH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [N/A]

==================================
Startup Folders
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>

==================================
Services
[AntiVir PersonalEdition Classic Scheduler / AntiVirScheduler][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"><Avira GmbH>
[AntiVir PersonalEdition Classic Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"><Avira GmbH>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[Service Bonjour / Bonjour Service][Running/Auto Start]
<"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Service de l'iPod / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Logitech Process Monitor / LVPrcSrv][Running/Auto Start]
<c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe><Logitech Inc.>
[LVSrvLauncher / LVSrvLauncher][Stopped/Auto Start]
<C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe><Logitech Inc.>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<C:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[PrismXL / PrismXL][Running/Auto Start]
<C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS><New Boundary Technologies, Inc.>
[SBSD Security Center Service / SBSDWSCService][Running/Auto Start]
<C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe><Safer Networking Ltd.>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>

==================================
Drivers
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><AVIRA GmbH>
[blbdrive / blbdrive][Stopped/Disabled]
<\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Pilote de la connexion réseau Intel(R) PRO/1000 PCI Express / e1express][Stopped/Manual Start]
<system32\DRIVERS\e1e6032.sys><Intel Corporation>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
<System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[ialm / ialm][Stopped/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[igfx / igfx][Running/Manual Start]
<system32\DRIVERS\igdkmd32.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[IVI ASPI Shell / Iviaspi][Running/Manual Start]
<system32\drivers\iviaspi.sys><InterVideo, Inc.>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[Logitech AEC Driver / LVcKap][Stopped/Manual Start]
<system32\DRIVERS\LVcKap.sys><Logitech Inc.>
[Logitech Machine Vision Engine Loader / LVMVDrv][Stopped/Manual Start]
<system32\DRIVERS\LVMVDrv.sys><Logitech Inc.>
[Logitech LVPr2Mon Driver / LVPr2Mon][Running/Manual Start]
<system32\drivers\LVPr2Mon.sys><>
[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start]
<system32\drivers\LVUSBSta.sys><Logitech Inc.>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvraid / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[Volume Adapter / pepifilter][Running/Manual Start]
<system32\DRIVERS\lv302af.sys><Logitech Inc.>
[Logitech QuickCam IM(PID_PEPI) / PID_PEPI][Running/Manual Start]
<system32\DRIVERS\LV302V32.SYS><Logitech Inc.>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[Pilote Realtek 10/100 NIC Family NDIS x86 / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\stwrt.sys><SigmaTel, Inc.>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>

==================================
Browser Add-ons
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Java Plug-in 1.6.0_05]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, Sun Microsystems, Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, Microsoft Corporation>
[Spybot-S&D IE Protection]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\Windows\system32\macromed\Shockwave 10\Download.dll, N/A>
[Java Plug-in 1.6.0_05]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_05]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_05]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\Windows\system32\icardie.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[Microsoft Shell UI Helper]
{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, N/A>
[Java Plug-in 1.6.0_05]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll, Sun Microsystems, Inc.>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[]
{B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Windows Live\Messenger\msgsc.8.5.1302.1018.dll, Microsoft Corporation>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, N/A>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[Contrôle de l'Assistant de connexion Windows Live]
{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Add to Windows &Live Favorites]
<http://favorites.live.com/quickadd.aspx, N/A>

==================================
Running Processes
[PID: 424 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 488 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 532 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 544 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 576 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 588 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 596 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 668 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 784 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 844 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 892 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B307066B-41D0-4D4C-A7F6-BC148FF8099F}\mpengine.dll] [Microsoft Corporation, 1.1.3408.0]
[PID: 976 / SERVICE LOCAL][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\stapo.dll] [SigmaTel, Inc., 1.0.5511.0 nd595 cp1]
[PID: 1048 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1084 / SYSTEM][c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe] [Logitech Inc., 10.0.0.1438]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1108 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1196 / SERVICE RÉSEAU][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
[PID: 1256 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1404 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1568 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\System32\E_FLMAEE.DLL] [SEIKO EPSON CORPORATION, 5, 7, 0, 0]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[PID: 1608 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe] [Avira GmbH, 7.00.00.82]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.dll] [Avira GmbH, 7.00.00.01]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardmsg.dll] [Avira GmbH, 7.00.11.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL] [Avira GmbH, 7.00.02.02]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL] [Avira GmbH, 1.02.00.17]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPACK32.DLL] [Avira GmbH, 7.06.00.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\unacev2.dll] [N/A, ]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVEWIN32.DLL] [Avira GmbH, 7.6.0.81]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[PID: 1628 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2044 / Ccil][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igfxTMM.dll] [Intel Corporation, 7.14.10.1409]
[PID: 320 / Ccil][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 7.14.10.1409]
[PID: 468 / Ccil][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll] [Avira GmbH, 7.00.00.10]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 5, 0, 11]
[C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[PID: 1248 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe] [Avira GmbH, 7.00.00.62]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\schedr.dll] [Avira GmbH, 7.00.24.00]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 7.00.00.20]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3, 3, 17, 1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[PID: 1808 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0]
[PID: 448 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,4,12]
[PID: 2132 / SYSTEM][C:\Program Files\CDBurnerXP\NMSAccessU.exe] [N/A, ]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2168 / Ccil][C:\Program Files\Windows Defender\MSASCui.exe] [Microsoft Corporation, 1.1.1505.0]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2184 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2196 / SYSTEM][C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS] [New Boundary Technologies, Inc., 5.0]
[PID: 2204 / Ccil][C:\Windows\sttray.exe] [SigmaTel, Inc., 1.0.5511.0 nd595 cp1]
[C:\Windows\system32\STLang.dll] [SigmaTel, Inc., 1.0.5511.0 nd595 cp1]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\stapi32.dll] [SigmaTel, Inc., 1.0.5511.0 nd595 cp1]
[PID: 2232 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2264 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 2280 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2328 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2336 / Ccil][C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe] [Logitech Inc., 1.0.0.1362]
[C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LComMgr\LVMaEnum.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Common Files\Logitech\LComMgr\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Logitech\LComMgr\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Logitech\LComMgr\LVComCX.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Common Files\Logitech\LComMgr\BRSkypePlugin.dll] [Logitech Inc., 1.0.0.1362]
[C:\Program Files\Common Files\Logitech\LComMgr\AolPlugin.dll] [Logitech Inc., 1.0.0.1362]
[C:\Program Files\Common Files\Logitech\LComMgr\YahooPlugin.dll] [Logitech Inc., 1.0.0.1362]
[C:\Program Files\Logitech\QuickCam10\COCIManagerPS.dll] [Logitech Inc., 10.0.0.1439]
[PID: 2452 / Ccil][C:\Program Files\Logitech\QuickCam10\QuickCam10.exe] [, ]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Logitech\QuickCam10\Quickcam10Res.dll] [, ]
[C:\Program Files\Logitech\QuickCam10\LogiMail.dll] [Logitech Inc., 10.0.0.1439]
[C:\Program Files\Windows Live\Mail\smapi.dll] [Microsoft Corporation, 12.0.1606]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Logitech\QuickCam10\COCIManagerPS.dll] [Logitech Inc., 10.0.0.1439]
[PID: 2472 / Ccil][C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe] [Logitech Inc., 10.0.0.1438]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LComMgr\LVMaEnum.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Common Files\Logitech\LComMgr\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Logitech\LComMgr\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Logitech\LComMgr\LVComCX.dll] [Logitech Inc., 10.0.0.1438]
[PID: 2484 / Ccil][C:\Program Files\TomTom HOME 2\HOMERunner.exe] [TomTom, 2.1.2.121]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2516 / Ccil][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.6.1.9]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.6.1.1]
[C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.6.1.9]
[C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.4.1]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 6, 120, 1]
[PID: 2548 / SERVICE LOCAL][C:\Windows\system32\WUDFHost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2560 / Ccil][C:\Windows\System32\igfxtray.exe] [Intel Corporation, 7.14.10.1409]
[C:\Windows\System32\hccutils.DLL] [Intel Corporation, 7.14.10.1409]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igfxsrvc.dll] [Intel Corporation, 7.14.10.1409]
[C:\Windows\System32\igfxres.dll] [Intel Corporation, 7.14.10.1409]
[C:\Windows\System32\igfxress.dll] [Intel Corporation, 7.14.10.1409]
[PID: 2592 / Ccil][C:\Windows\System32\hkcmd.exe] [Intel Corporation, 7.14.10.1409]
[C:\Windows\System32\hccutils.DLL] [Intel Corporation, 7.14.10.1409]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\igfxsrvc.dll] [Intel Corporation, 7.14.10.1409]
[C:\Windows\System32\igfxres.dll] [Intel Corporation, 7.14.10.1409]
[PID: 2612 / Ccil][C:\Windows\System32\igfxpers.exe] [Intel Corporation, 7.14.10.1409]
[C:\Windows\system32\igfxsrvc.dll] [Intel Corporation, 7.14.10.1409]
[PID: 2620 / SYSTEM][C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe] [Safer Networking Ltd., 1, 0, 0, 11]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2788 / Ccil][C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.50.13]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2920 / Ccil][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe] [Avira GmbH, 7.02.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclib.dll] [Avira GmbH, 7.02.00.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[c:\program files\avira\antivir personaledition classic\ccgen.dll] [Avira GmbH, 7.02.00.10]
[c:\program files\avira\antivir personaledition classic\ccgenrc.dll] [Avira GmbH, 7.02.04.02]
[c:\program files\avira\antivir personaledition classic\ccguard.dll] [Avira GmbH, 7.00.01.35]
[c:\program files\avira\antivir personaledition classic\ccgrdrc.dll] [Avira GmbH, 7.00.06.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.00.00.04]
[c:\program files\avira\antivir personaledition classic\ccupdate.dll] [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition classic\ccupdrc.dll] [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition classic\cclic.dll] [Avira GmbH, 7.02.00.04]
[c:\program files\avira\antivir personaledition classic\cclicrc.dll] [Avira GmbH, 7.02.01.00]
[c:\program files\avira\antivir personaledition classic\ccmsg.dll] [Avira GmbH, 7.00.00.00]
[PID: 2928 / Ccil][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0.6000.16615 (vista_gdr.071215-2230)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 7.14.10.1409]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2936 / Ccil][C:\Windows\system32\igfxsrvc.exe] [Intel Corporation, 7.14.10.1409]
[C:\Windows\system32\igfxsrvc.dll] [Intel Corporation, 7.14.10.1409]
[C:\Windows\system32\igfxdev.dll] [Intel Corporation, 7.14.10.1409]
[PID: 3012 / Ccil][C:\Program Files\Windows Live\Messenger\msnmsgr.exe] [Microsoft Corporation, 8.5.1302.1018]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Windows Live\Messenger\MSNCore.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[C:\Program Files\Windows Live\Messenger\ContactsUX.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Windows Live\Messenger\msgrvsta.thm] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\msgslang.8.5.1302.1018.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\Windows Live\Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\Windows Live\Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
[C:\Program Files\Windows Live\Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Windows\system32\sirenacm.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[C:\Program Files\Windows Live\Messenger\lmcdata.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\contact.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\abssm.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\dfsr.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Windows Live\Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
[C:\Windows\system32\Macromed\Flash\Flash9e.ocx] [Adobe Systems, Inc., 9,0,115,0]
[C:\Windows\system32\Macromed\Common\SwSupport.dll] [Adobe Systems, Inc., 10.1.4r20]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 7.14.10.1409]
[C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll] [Microsoft Corporation, 8.5.1302.1018]
[PID: 3028 / Ccil][C:\Windows\ehome\ehtray.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3144 / Ccil][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] [Google Inc., 1, 2, 1128, 5462]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_fr.dll] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll] [Google Inc., 1, 2, 1128, 5462]
[PID: 3180 / Ccil][C:\Program Files\Windows Media Player\wmpnscfg.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3200 / SYSTEM][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3276 / Ccil][C:\Windows\System32\mobsync.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[PID: 3296 / Ccil][C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] [Safer Networking Limited, 1, 5, 2, 16]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Spybot - Search & Destroy\advcheck.dll] [Safer Networking Limited, 1, 5, 4, 5]
[PID: 3924 / Ccil][C:\Windows\ehome\ehmsas.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[PID: 3952 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[PID: 2828 / Ccil][C:\Program Files\Logitech\QuickCam10\COCIManager.exe] [Logitech Inc., 10.0.0.1439]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Logitech\QuickCam10\COCIManagerPS.dll] [Logitech Inc., 10.0.0.1439]
[C:\Program Files\Common Files\Logitech\LComMgr\LVMaEnum.dll] [Logitech Inc., 10.0.0.1438]
[C:\Program Files\Common Files\Logitech\LComMgr\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Logitech\LComMgr\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Logitech\LComMgr\LVComCX.dll] [Logitech Inc., 10.0.0.1438]
[PID: 2288 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.6.1.9]
[C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.6.1.1]
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.6.1.9]
[PID: 5360 / SYSTEM][C:\Program Files\Windows Live\Messenger\usnsvc.exe] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1302.1018]
[PID: 5700 / Ccil][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Windows Live Toolbar\msntb.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\fr-fr\mtbres.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
[C:\Program Files\Windows Live Toolbar\mtbres.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\Tem.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\fr-fr\searchboxRes.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
[C:\Program Files\Windows Live Toolbar\searchboxRes.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\Components\fr-fr\hvres.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
[C:\Program Files\Windows Live Toolbar\Components\hvres.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\fr-fr\CMRes.dll.mui] [Microsoft Corporation, 03.00.0001.2032]
[C:\Program Files\Windows Live Toolbar\CMRes.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Favorites\wlfext.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\fr-fr\msn_slrs.DLL.mui] [Microsoft Corporation, 03.00.0001.2012]
[C:\Program Files\Windows Live Toolbar\msn_slrs.DLL] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\Components\fr-fr\MSNExtensionRes.dll.mui] [Microsoft Corporation, 03.00.0001.2012]
[C:\Program Files\Windows Live Toolbar\Components\MSNExtensionRes.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\Components\fr-fr\SmaMenRes.dll.mui] [Microsoft Corporation., 03.00.0001.2012]
[C:\Program Files\Windows Live Toolbar\Components\SmaMenRes.dll] [Microsoft Corporation., 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\fr-fr\CBRes.dll.mui] [Microsoft Corporation, 03.01.0000.0032]
[C:\Program Files\Windows Live Toolbar\CBRes.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\Components\msnHiliteViewer.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 5, 0, 11]
[C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll] [Sun Microsystems, Inc., 6.0.50.13]
[C:\Program Files\Java\jre1.6.0_05\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll] [Microsoft Corporation, 4.200.520.1]
[C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll] [Microsoft Corporation, 4.200.520.1]
[C:\Program Files\Windows Live Toolbar\searchbox.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\stmain.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\cm.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\msn_slps.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\Components\WLExtension.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\Components\smamen.dll] [Microsoft Corporation., 03.01.0000.0146]
[C:\Program Files\Windows Live Toolbar\CB.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Program Files\Windows Live Favorites\WLFExtRes.dll] [Microsoft Corporation, 03.00.0001.2012]
[C:\Program Files\Windows Live Favorites\TBIDCRL.dll] [Microsoft Corporation, 03.01.0000.0146]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Windows Live Toolbar\Components\COMCRF\COMCRF.dll] [Microsoft Corporation., 03.01.0000.0146]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]
[C:\Windows\system32\igdumd32.dll] [Intel Corporation, 7.14.10.1409]
[C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL] [Microsoft Corporation, 8.5.1302.1018]
[PID: 5836 / Ccil][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe] [Microsoft Corporation, 4.200.520.1]
[C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll] [Microsoft Corporation, 4.200.520.1]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[PID: 3608 / SYSTEM][C:\Windows\servicing\TrustedInstaller.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\cbscore.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\wdscore.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\wcp.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\DrUpdate.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\wrpint.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 4436 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2536 / SYSTEM][C:\Windows\system32\SearchProtocolHost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 4828 / SYSTEM][C:\Windows\system32\SearchFilterHost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 5100 / Ccil][C:\Users\Ccil\Desktop\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 10.0.0.1438]
[C:\Users\Ccil\Desktop\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9003Messages postés 10 octobre 2005Date d'inscription 5 mai 2012Dernière intervention 6 avril 2008 à 01:19
Info:

Au post # 22 « A)- Faire une sauvegarde de la Base de Registres (BdR) comme ceci:
Cliquer sur "Démarrer" > "Exécuter" > copier/coller : regedit /e Sav.reg
==> au lieu d'écrire « puis clic sur [Ok] », et puisque tu as VISTA, j'aurais dû écrire : « puis enfonce la combinaison des touches suivantes : [Ctrl + Shift + Entrée] ».

C'est valable pour chaque invite de commande via "Démarrer" > "Exécuter" (par exemple CMD).
Désolé, mais je suis distant de VISTA.

Al.


Ajouter un commentaire
Ajouter un commentaire
1 2 Suivant
Posez votre question
Ce document intitulé « je suis désepérée personne pour m'aider.... » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?
je suis désepérée personne pour m'aider.... - page 2