oua! je n'ai plus aucun message d'alerte!
voila le rapport:
ComboFix 08-04-13.3 - Bernard Jabet 2008-04-14 20:08:43.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.204 [GMT 2:00]
Endroit: C:\Documents and Settings\Bernard Jabet\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Bernard Jabet\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!FILE ::
C:\WINDOC:\WINDOWS\system32\yjsafljm.dll
C:\WINDOWS\system32\gteoocvn.VIR
C:\WINDOWS\system32\ovsbwpab.exe
C:\WINDOWS\system32\rqRJAQhH.dll
C:\WINDOWS\system32\ssqqQjii.dll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\AdVantage
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome.manifest
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\components\IMeMedia_FF.xpt
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\components\MeMedia_FF.dll
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\install.js
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\install.rdf
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\vssver2.scc
C:\WINDOWS\system32\gteoocvn.VIR
C:\WINDOWS\system32\rqRJAQhH.dll
C:\WINDOWS\system32\ssqqQjii.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-15 to 2008-04-15 ))))))))))))))))))))))))))))))))))))
.
2008-04-14 12:28 . 2008-04-14 12:28 8 --a------ C:\WINDOWS\system32\20625fb0
2008-04-13 22:36 . 2008-04-13 22:36 <REP> d-------- C:\VundoFix Backups
2008-04-13 18:10 . 2008-04-13 21:41 3,382 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-13 18:09 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-13 18:09 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-13 18:09 . 2008-04-12 17:34 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-13 18:09 . 2008-04-12 13:49 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-13 18:09 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-04-13 18:09 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-13 18:09 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-13 16:05 . 2008-04-13 16:05 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-04-13 15:43 . 2008-04-13 15:43 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-13 11:38 . 2008-04-13 11:45 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-04-12 16:40 . 2008-04-12 16:40 <REP> d-------- C:\Program Files\Avira
2008-04-12 16:40 . 2008-04-12 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-04-11 22:32 . 2008-04-11 22:32 3,648 --a------ C:\WINDOWS\system32\yjsafljm.dll
2008-04-11 09:29 . 2008-04-11 09:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\qlkfsvml
2008-04-10 22:59 . 2008-04-10 22:59 <REP> d-------- C:\Program Files\TOSHIBA
2008-04-10 22:34 . 2008-04-10 22:34 <REP> d-------- C:\Program Files\EzButton
2008-04-10 22:34 . 2008-04-10 22:34 77 --a------ C:\WINDOWS\EzButton.UNI
2008-04-10 22:33 . 2004-08-30 15:55 131,072 --a------ C:\WINDOWS\UNINST32.EXE
2008-04-10 22:33 . 2004-08-30 15:56 17,497 --a------ C:\WINDOWS\system32\drivers\DKbFltr.SYS
2008-04-10 22:31 . 2008-04-10 22:31 <REP> d-------- C:\WINDOWS\Drivers
2008-04-08 22:58 . 2008-04-08 23:10 <REP> d-------- C:\ConvertTemp
2008-04-07 13:10 . 2008-04-07 13:10 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-04-06 21:38 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-06 21:38 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-03-26 20:31 . 2005-05-26 16:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-03-26 20:31 . 2008-03-26 20:31 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-03-26 20:31 . 2008-03-26 20:31 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-03-20 19:03 . 2008-03-20 19:03 <REP> d-------- C:\Program Files\Logiciel Soliland
2008-03-20 19:03 . 2007-12-15 16:14 537,872 --a------ C:\WINDOWS\system32\msxml20.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-10 21:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-10 20:37 --------- d-----w C:\Program Files\Intel
2008-03-29 17:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-29 17:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-29 17:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-21 22:49 --------- d-----w C:\Documents and Settings\Bernard Jabet\Application Data\SolidWorks
2008-03-11 17:46 --------- d-----w C:\Program Files\Conquist
2008-03-07 15:28 --------- d-----w C:\Documents and Settings\Bernard Jabet\Application Data\DAEMON Tools
2008-03-06 12:41 --------- d--h--r C:\Documents and Settings\Bernard Jabet\Application Data\SecuROM
2008-03-06 10:08 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-27 00:05 --------- d-----w C:\Program Files\Windows Live
2008-02-24 16:05 --------- d-----w C:\Program Files\MSN Games
2008-02-24 16:03 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-24 16:03 --------- d-----w C:\Documents and Settings\Bernard Jabet\Application Data\iWin
2008-02-21 22:38 --------- d-----w C:\Program Files\QuickTime
2008-02-21 22:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-21 19:34 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-21 16:49 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-20 10:58 --------- d-----w C:\Program Files\VirginMega
2008-02-20 10:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-04-21 19:26 51,128 ----a-w C:\Documents and Settings\Bernard Jabet\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-04-14_13.25.50.14 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-14 11:16:56 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-15 00:36:22 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-15 00:36:30 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_7f0.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10F0C2A9-8E38-43e3-204D-45524C494E20}]
C:\Program Files\PC-Antispyware\IeExtension.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 00:38 802816]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 00:32 696320]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
"soliland"="C:\Program Files\Logiciel Soliland\SolilandUpdate.exe" [2007-12-24 02:49 148992]
"EzButton"="C:\Program Files\EzButton\EzButton.EXE" [2004-08-30 15:55 712704]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2004-04-30 11:14 118784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-12 16:46 249896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
C:\Program Files\Deamon\daemon.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Documents and Settings\\Bernard Jabet\\Bureau\\Age Of Empire-II The Conquerors\\age2_x1.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Documents and Settings\\Bernard Jabet\\Bureau\\Age Of Empire-II The Conquerors\\empires2.exe"=
"C:\\Anno 1701\\Anno1701.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15643:TCP"= 15643:TCP:NortonAV
"13436:TCP"= 13436:TCP:NortonAV
"15692:TCP"= 15692:TCP:NortonAV
"12082:TCP"= 12082:TCP:NortonAV
"17954:TCP"= 17954:TCP:NortonAV
"16708:TCP"= 16708:TCP:NortonAV
"14287:TCP"= 14287:TCP:NortonAV
"16133:TCP"= 16133:TCP:NortonAV
"13134:TCP"= 13134:TCP:NortonAV
"12149:TCP"= 12149:TCP:NortonAV
"15482:TCP"= 15482:TCP:NortonAV
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\3o.exe
\Shell\explore\Command - F:\3o.exe
\Shell\open\Command - F:\3o.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04e6a0ac-630e-11dc-bbaa-000e35ed2a41}]
\Shell\AutoRun\command - E:\rthrw.com
\Shell\explore\Command - E:\rthrw.com
\Shell\open\Command - E:\rthrw.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47da60f8-d4f4-11dc-bcbc-000e35ed2a41}]
\Shell\AutoRun\command - E:\3wcxx91.cmd
\Shell\explore\Command - E:\3wcxx91.cmd
\Shell\open\Command - E:\3wcxx91.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48085ac4-bea8-11dc-bc81-000e35ed2a41}]
\Shell\AutoRun\command - u.bat
\Shell\explore\Command - u.bat
\Shell\open\Command - u.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d0eec80-6600-11dc-bbb2-000e35ed2a41}]
\Shell\AutoRun\command - F:\u.bat
\Shell\explore\Command - F:\u.bat
\Shell\open\Command - F:\u.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76cb731e-d415-11dc-bcb9-000e35ed2a41}]
\Shell\AutoRun\command - v.cmd
\Shell\explore\Command - v.cmd
\Shell\open\Command - v.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{81ad04f6-321d-11dc-bb88-000e35ed2a41}]
\Shell\AutoRun\command - setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9f9518cc-c385-11dc-bc8a-000e35ed2a41}]
\Shell\AutoRun\command - u2.cmd
\Shell\explore\Command - u2.cmd
\Shell\open\Command - u2.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3839ce3-f25e-11db-bb42-000e35ed2a41}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ba401b99-6543-11dc-bbb0-000e35ed2a41}]
\Shell\AutoRun\command - ntdelect.com
\Shell\explore\Command - utdetect.com
\Shell\open\Command - utdetect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{caed68e9-db5b-11db-b06c-000fb05a6e2a}]
\Shell\AutoRun\command - E:\b.com
\Shell\explore\Command - E:\b.com
\Shell\open\Command - E:\b.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce4dc4b4-bd56-11dc-bc7b-000e35ed2a41}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce4dc4b5-bd56-11dc-bc7b-000e35ed2a41}]
\Shell\AutoRun\command - wscript.exe .\`.vbs
\Shell\open\command - wscript.exe .\`.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cef036ee-ef43-11dc-bd1f-000e35ed2a41}]
\Shell\AutoRun\command - E:\b.com
\Shell\explore\Command - E:\b.com
\Shell\open\Command - E:\b.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cffbb528-a663-11dc-bc39-000e35ed2a41}]
\Shell\AutoRun\command - x6.bat
\Shell\explore\Command - x6.bat
\Shell\open\Command - x6.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f46c6fd0-e9e3-11db-b06f-000fb05a6e2a}]
\Shell\AutoRun\command - E:\3o.exe
\Shell\explore\Command - E:\3o.exe
\Shell\open\Command - E:\3o.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-10 21:33:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-04-15 02:37:17
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Avast\Avast4\aswUpdSv.exe
C:\Program Files\Avast\Avast4\ashServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Avast\Avast4\ashMaiSv.exe
C:\Program Files\Avast\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-15 2:44:50 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-15 00:44:38
ComboFix2.txt 2008-04-14 11:27:53
Pre-Run: 49,029,722,112 octets libres
Post-Run: 49,025,343,488 octets libres
.
2008-04-08 18:17:38 --- E O F ---
et le rapport HijckThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:51, on 15/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Avast\Avast4\aswUpdSv.exe
C:\Program Files\Avast\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast\Avast4\ashMaiSv.exe
C:\Program Files\Avast\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Logiciel Soliland\SolilandUpdate.exe
C:\Program Files\EzButton\EzButton.EXE
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\Rar$EX00.719\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PC-Antispyware Site Blocker Button - {10F0C2A9-8E38-43e3-204D-45524C494E20} - C:\Program Files\PC-Antispyware\IeExtension.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [soliland] C:\Program Files\Logiciel Soliland\SolilandUpdate.exe
O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: logiciel Soliland - {8354F0FE-550E-4E14-AFE1-E5CEF9009311} - C:\Program Files\Logiciel Soliland\soliland.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx2.mail.live.com/mail/w1/resou ... NPUpld.cabO16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) -
http://game03.zylom.com/activex/zylomgamesplayer.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{38135541-907D-4B4B-8BB9-00FDEA884AB0}: NameServer = 213.244.0.15,213.244.0.16
O17 - HKLM\System\CCS\Services\Tcpip\..\{64CE62BD-E789-42EE-B15E-B8CCB1C48249}: NameServer = 213.244.0.15,213.244.0.16
O17 - HKLM\System\CS1\Services\Tcpip\..\{38135541-907D-4B4B-8BB9-00FDEA884AB0}: NameServer = 213.244.0.15,213.244.0.16
O17 - HKLM\System\CS2\Services\Tcpip\..\{38135541-907D-4B4B-8BB9-00FDEA884AB0}: NameServer = 213.244.0.15,213.244.0.16
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
--
End of file - 7902 bytes