Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (
voila l'habituer de la session virus revient
Cette fois c'est mon frere qui ma demander de mettre un jeux sur mon pc car sur le sien il ne marcher pas ^^ (lui est sous vista et moi Xp) .. et moi non plus ca marcher pas j'en ai tout de suite conclu que certain amis pas gentil sont venu a la place du jeu ^^
donc voici le log DiagHelp:
DiagHelp version v1.4 - http://www.malekal.com
excute le 2007-12-23 à 12:22:38.34
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->2007-12-23 12:22:36
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->2007-12-23 12:21:56
C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->2007-12-23 12:21:01
C:\WINDOWS\prefetch\FIREFOX.EXE-06188867.pf -->2007-12-23 12:19:41
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->2007-12-23 12:19:12
C:\WINDOWS\prefetch\NOTEPAD.EXE-2F2D61E1.pf -->2007-12-23 12:12:04
C:\WINDOWS\prefetch\HIJACKTHIS.EXE-20E21594.pf -->2007-12-23 12:11:27
C:\WINDOWS\prefetch\DRWTSN32.EXE-01DDCF15.pf -->2007-12-23 12:02:58
C:\WINDOWS\prefetch\AVSCAN.EXE-0A98540D.pf -->2007-12-23 12:01:43
C:\WINDOWS\prefetch\REGEDIT.EXE-2AE3423E.pf -->2007-12-23 11:59:42
C:\WINDOWS\System32\drivers\ComboFix.sys -->2007-12-17 22:14:21
C:\WINDOWS\System32\drivers\gmer.sys -->2007-12-17 20:59:34
C:\WINDOWS\System32\drivers\bc_tdi_f.sys -->2007-12-11 11:30:22
C:\WINDOWS\System32\drivers\bc_prt_f.sys -->2007-12-11 11:30:20
C:\WINDOWS\System32\drivers\bc_pat_f.sys -->2007-12-11 11:30:18
C:\WINDOWS\System32\drivers\bc_ip_f.sys -->2007-12-11 11:30:16
C:\WINDOWS\System32\drivers\bc_hash_f.sys -->2007-12-11 11:30:14
C:\WINDOWS\System32\Status.MPF -->2007-12-20 17:56:57
C:\WINDOWS\System32\dcads-remove.exe -->2007-12-18 19:00:41
C:\WINDOWS\System32\tmp.txt -->2007-12-16 10:25:51
C:\WINDOWS\System32\tmp.reg -->2007-12-16 10:25:51
C:\WINDOWS\System32\wpa.dbl -->2007-12-14 17:40:37
C:\WINDOWS\System32\swreg.exe -->2007-12-13 21:26:50
C:\WINDOWS\System32\IEDFix.exe -->2007-12-13 19:40:20
C:\WINDOWS\System32\FNTCACHE.DAT -->2007-11-25 10:25:00
C:\WINDOWS\System32\QuickTimeVR.qtx -->2007-11-14 23:43:22
C:\WINDOWS\System32\QuickTime.qts -->2007-11-14 23:43:22
C:\WINDOWS\System32\perfh00C.dat -->2007-11-14 18:16:13
C:\WINDOWS\System32\perfh009.dat -->2007-11-14 18:16:13
C:\WINDOWS\System32\perfc00C.dat -->2007-11-14 18:16:13
C:\WINDOWS\System32\perfc009.dat -->2007-11-14 18:16:13
C:\WINDOWS\System32\PerfStringBackup.INI -->2007-11-14 17:45:40
C:\WINDOWS\System32\CONFIG.NT -->2007-11-08 20:14:49
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->2007-10-24 18:06:31
C:\WINDOWS\System32\WhoisCL.exe -->2007-10-17 18:23:24
C:\WINDOWS\System32\WS2Fix.exe -->2007-10-03 23:36:46
C:\WINDOWS\System32\javaws.exe -->2007-09-24 22:31:42
C:\WINDOWS\System32\javacpl.cpl -->2007-09-24 22:31:42
C:\WINDOWS\System32\javaw.exe -->2007-09-24 21:30:30
C:\WINDOWS\System32\java.exe -->2007-09-24 21:30:28
C:\WINDOWS\System32\VCCLSID.exe -->2007-09-05 23:22:24
C:\WINDOWS\System32\msinet.OCX -->2007-07-20 08:05:38
C:\WINDOWS\0.log -->2007-12-23 10:48:37
C:\WINDOWS\wiadebug.log -->2007-12-23 10:48:20
C:\WINDOWS\WindowsUpdate.log -->2007-12-23 10:48:19
C:\WINDOWS\wiaservc.log -->2007-12-23 10:48:12
C:\WINDOWS\bootstat.dat -->2007-12-23 10:47:36
C:\WINDOWS\SchedLgU.Txt -->2007-12-23 00:03:27
C:\WINDOWS\setupapi.log -->2007-12-22 17:27:39
C:\WINDOWS\PowerReg.dat -->2007-12-21 18:36:47
C:\WINDOWS\setupact.log -->2007-12-20 20:21:50
C:\WINDOWS\gmer.ini -->2007-12-17 21:33:40
C:\WINDOWS\gmer_uninstall.cmd -->2007-12-17 20:59:33
C:\WINDOWS\gmer.dll -->2007-12-17 20:59:33
C:\WINDOWS\system.ini -->2007-12-17 18:00:17
C:\WINDOWS\wmsetup.log -->2007-12-04 19:07:42
C:\WINDOWS\DPINST.LOG -->2007-11-20 14:34:10
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - http://www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1860
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x01000000 0xf8000 6.00.2600.0000 C:\WINDOWS\Explorer.EXE
0x77be0000 0x53000 7.00.2600.0000 C:\WINDOWS\system32\msvcrt.dll
0x77290000 0x64000 6.00.2750.0167 C:\WINDOWS\system32\SHLWAPI.dll
0x77390000 0x802000 6.00.2600.0000 C:\WINDOWS\system32\SHELL32.dll
0x770e0000 0x8b000 3.50.5014.0000 C:\WINDOWS\system32\OLEAUT32.dll
0x71500000 0xfd000 6.00.2737.1600 C:\WINDOWS\System32\BROWSEUI.dll
0x71700000 0x148000 6.00.2750.0167 C:\WINDOWS\System32\SHDOCVW.dll
0x5b090000 0x34000 6.00.2600.0000 C:\WINDOWS\System32\UxTheme.dll
0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
0x77300000 0x8b000 5.82.2600.0000 C:\WINDOWS\system32\comctl32.dll
0x008c0000 0x17000 9.05.0000.1098 C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
0x7c620000 0x81000 2001.12.4414.0053 C:\WINDOWS\System32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0042 C:\WINDOWS\System32\COMRes.dll
0x5b950000 0x71000 6.00.2600.0000 C:\WINDOWS\System32\themeui.dll
0x746e0000 0x8f000 6.00.2600.0000 C:\WINDOWS\System32\MLANG.dll
0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL
0x74aa0000 0x43000 6.00.2600.0000 C:\WINDOWS\System32\webcheck.dll
0x74a60000 0x9000 6.00.2600.0000 C:\WINDOWS\System32\BatMeter.dll
0x74a40000 0x7000 6.00.2600.0000 C:\WINDOWS\System32\POWRPROF.dll
0x76250000 0x8a000 5.131.2600.1123 C:\WINDOWS\system32\CRYPT32.dll
0x01510000 0x2c6000 3.01.4000.2435 C:\WINDOWS\System32\msi.dll
0x10000000 0x8000 9.40.0000.0000 C:\PROGRA~1\MOUSEW~1\SYSTEM\LgMousHk.dll
0x00f00000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x01100000 0x8e000 6.00.2715.0400 C:\WINDOWS\System32\shdoclc.dll
0x63000000 0x96000 6.00.2737.0800 C:\WINDOWS\system32\WININET.dll
0x723a0000 0x13000 6.00.2600.0000 C:\WINDOWS\System32\browselc.dll
0x1a400000 0x7b000 6.00.2745.2300 C:\WINDOWS\system32\urlmon.dll
0x01a00000 0x2d000 C:\Program Files\WinRAR\rarext.dll
0x732d0000 0x52000 6.00.2600.0101 C:\WINDOWS\System32\zipfldr.dll
0x71ca0000 0x1b000 6.00.2600.0000 C:\WINDOWS\System32\ACTXPRXY.DLL
0x1c000000 0x24000 4.00.0005.0004 C:\Program Files\Ahead\InCD\incdshx.dll
0x01a30000 0x32000 3.00.0000.1132 C:\WINDOWS\System32\igfxpph.dll
0x019e0000 0x1d000 3.00.0000.1132 C:\WINDOWS\System32\hccutils.DLL
0x01a70000 0x21000 3.00.0000.1132 C:\WINDOWS\System32\igfxdev.dll
0x01ab0000 0x8f000 3.00.0000.1132 C:\WINDOWS\System32\igfxres.dll
0x01b50000 0x45000 3.00.0000.1132 C:\WINDOWS\System32\igfxsrvc.dll
0x01bb0000 0x11000 5.00.0001.1200 C:\WINDOWS\System32\btncopy.dll
0x72380000 0x19000 6.00.2600.0000 C:\WINDOWS\System32\mydocs.dll
0x01c40000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL
0x01e50000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll
0x76340000 0x46000 6.00.2600.0000 C:\WINDOWS\system32\comdlg32.dll
0x72d50000 0x114000 8.20.8730.0001 C:\WINDOWS\System32\msxml3.dll
0x6b700000 0x90000 5.06.0000.8513 C:\WINDOWS\System32\jscript.dll
0x1f7b0000 0x31000 3.520.7713.0000 C:\WINDOWS\System32\ODBC32.dll
0x1f850000 0x18000 3.520.7713.0000 C:\WINDOWS\System32\odbcint.dll
0x73520000 0x41000 4.71.2600.0001 C:\WINDOWS\System32\mstask.dll
0x028f0000 0x12e000 5.00.0001.1200 C:\WINDOWS\System32\btneighborhood.dll
0x00aa0000 0xd0000 5.00.0001.1200 C:\WINDOWS\System32\wbtapi.dll
0x73d20000 0xf2000 6.00.8665.0000 C:\WINDOWS\System32\MFC42.DLL
0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
0x009a0000 0xb000 5.00.0001.1200 C:\WINDOWS\System32\btwpimif.dll
0x00c80000 0x20000 5.00.0001.1200 C:\WINDOWS\System32\btosif.dll
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\System32\MFC42LOC.DLL
0x03300000 0x305000 5.00.0001.1200 C:\WINDOWS\System32\btrez.dll
0x009f0000 0x10000 2.00.0039.0000 C:\WINDOWS\System32\CSH.dll
0x02010000 0x1c000 5.00.0001.1200 C:\WINDOWS\System32\BtXpPanel.Dll
0x5f140000 0x1a000 5.00.5014.0000 C:\WINDOWS\System32\OLEPRO32.DLL
0x76be0000 0x2b000 5.131.2600.0000 C:\WINDOWS\System32\WINTRUST.dll
0x0ffd0000 0x22000 5.01.2518.0000 C:\WINDOWS\System32\rsaenh.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - http://www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 880
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x6f000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x53000 7.00.2600.0000 C:\WINDOWS\system32\msvcrt.dll
0x76250000 0x8a000 5.131.2600.1123 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2b000 5.131.2600.0000 C:\WINDOWS\system32\WINTRUST.dll
0x77390000 0x802000 6.00.2600.0000 C:\WINDOWS\system32\SHELL32.dll
0x77290000 0x64000 6.00.2750.0167 C:\WINDOWS\system32\SHLWAPI.dll
0x77300000 0x8b000 5.82.2600.0000 C:\WINDOWS\system32\COMCTL32.dll
0x1f7b0000 0x31000 3.520.7713.0000 C:\WINDOWS\system32\ODBC32.dll
0x76340000 0x46000 6.00.2600.0000 C:\WINDOWS\system32\comdlg32.dll
0x008f0000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
0x1f850000 0x18000 3.520.7713.0000 C:\WINDOWS\system32\odbcint.dll
0x76b70000 0x1f000 6.00.2600.0000 C:\WINDOWS\system32\SHSVCS.dll
0x5b090000 0x34000 6.00.2600.0000 C:\WINDOWS\system32\uxtheme.dll
0x0ffd0000 0x22000 5.01.2518.0000 C:\WINDOWS\System32\rsaenh.dll
0x77000000 0xd4000 2001.12.4414.0042 C:\WINDOWS\system32\COMRes.dll
0x770e0000 0x8b000 3.50.5014.0000 C:\WINDOWS\system32\OLEAUT32.dll
0x7c620000 0x81000 2001.12.4414.0053 C:\WINDOWS\System32\CLBCATQ.DLL
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\WINDOWS\system32
2001-08-28 11:00 4,096 csrss.exe
1 fichier(s) 4,096 octets
0 Rép(s) 6,272,692,224 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\WINDOWS\Downloaded Program Files
2007-10-30 20:27 <REP> .
2007-10-30 20:27 <REP> ..
2004-09-07 12:27 65 desktop.ini
2007-04-13 02:14 382,344 GAME_UNO1.dll
2007-01-17 15:44 316 GAME_UNO1.INF
2007-02-22 23:41 304,544 MessengerStatsPAClient.dll
2000-01-20 15:25 1,162 Microsoft XML Parser for Java.osd
2006-11-16 12:35 63,056 MusicManagerUnInstaller.exe
2006-11-09 14:36 5,019 swflash.inf
2003-06-30 22:41 1,689 WMV9VCM.inf
8 fichier(s) 758,195 octets
Total des fichiers listés :
8 fichier(s) 758,195 octets
2 Rép(s) 6,272,692,224 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-23 12:23:52
Windows 5.1.2600 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (http://www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
564 - LVCOMSX.EXE
612 - InCD.exe
856 - csrss.exe
880 - winlogon.exe
924 - services.exe
936 - lsass.exe
1084 - avgnt.exe
1092 - svchost.exe
1116 - svchost.exe
1188 - svchost.exe
1236 - svchost.exe
1400 - LVPrcSrv.exe
1416 - avguard.exe
1628 - alg.exe
1708 - incdsrv.exe
1804 - iTunesHelper.ex
1820 - slserv.exe
1844 - svchost.exe
1860 - explorer.exe
1972 - ALERTM~1.EXE
1992 - EM_EXEC.EXE
2068 - iPodService.exe
2104 - BTTray.exe
2440 - Watch.exe
2688 - usnsvc.exe
3340 - GestionnaireInt
3712 - cmd.exe
3792 - ComComp.exe
4040 - Toaster.exe
4052 - Inactivity.exe
4064 - PollingModule.e
Total number of processes = 32
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (http://www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D0000 - \WINDOWS\system32\ntoskrnl.exe
806B5000 - \WINDOWS\system32\hal.dll
FCA21000 - \WINDOWS\system32\KDCOM.DLL
FC931000 - \WINDOWS\system32\BOOTVID.dll
FC4D4000 - ACPI.sys
FCA23000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
FC521000 - pci.sys
FC531000 - isapnp.sys
FCA25000 - intelide.sys
FC7A1000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
FC541000 - MountMgr.sys
FC4B5000 - ftdisk.sys
FC7A9000 - PartMgr.sys
FC935000 - bc_ngn.sys
FC551000 - VolSnap.sys
FC49F000 - atapi.sys
FC561000 - disk.sys
FC571000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
FC48D000 - sr.sys
FC581000 - avgntmgr.sys
FC479000 - KSecDD.sys
FC3F6000 - Ntfs.sys
FC3CE000 - NDIS.sys
FC3B4000 - Mup.sys
FC661000 - \SystemRoot\System32\DRIVERS\p3.sys
FC323000 - \SystemRoot\System32\DRIVERS\i81xnt5.sys
FC671000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
FC681000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
FC691000 - \SystemRoot\System32\DRIVERS\L8042Pr2.sys
FC6A1000 - \SystemRoot\System32\DRIVERS\LMouFlt2.sys
FC809000 - \SystemRoot\System32\DRIVERS\mouclass.sys
FCA37000 - \SystemRoot\System32\DRIVERS\LKbdFlt2.sys
FC811000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
FC819000 - \SystemRoot\System32\DRIVERS\fdc.sys
FC6B1000 - \SystemRoot\System32\DRIVERS\serial.sys
FC9BD000 - \SystemRoot\System32\DRIVERS\serenum.sys
FC310000 - \SystemRoot\System32\DRIVERS\parport.sys
FC9C1000 - \SystemRoot\System32\DRIVERS\gameenum.sys
FCC1A000 - \SystemRoot\system32\drivers\msmpu401.sys
FC2EF000 - \SystemRoot\system32\drivers\portcls.sys
FC6E1000 - \SystemRoot\system32\drivers\drmk.sys
FC2CF000 - \SystemRoot\system32\drivers\ks.sys
FC6F1000 - \SystemRoot\System32\Drivers\Imapi.SYS
FC701000 - \SystemRoot\System32\DRIVERS\cdrom.sys
FC711000 - \SystemRoot\System32\DRIVERS\redbook.sys
FC821000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
FC829000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
FC831000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
FC2B0000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
FC298000 - \SystemRoot\system32\drivers\ac97intc.sys
FC26B000 - \SystemRoot\System32\DRIVERS\slntamr.sys
FC9CD000 - \SystemRoot\System32\DRIVERS\SlWdmSup.sys
FC256000 - \SystemRoot\System32\DRIVERS\Mtlmnt5.sys
FC839000 - \SystemRoot\System32\Drivers\Modem.SYS
FC189000 - \SystemRoot\System32\DRIVERS\btkrnl.sys
FC841000 - \SystemRoot\System32\DRIVERS\bcfilter.sys
FCC30000 - \SystemRoot\System32\DRIVERS\audstub.sys
FC781000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
FC9E1000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
FC14B000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
FC5B1000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
FC5C1000 - \SystemRoot\System32\DRIVERS\raspptp.sys
FC9E9000 - \SystemRoot\System32\DRIVERS\TDI.SYS
FC09A000 - \SystemRoot\System32\DRIVERS\psched.sys
FC5D1000 - \SystemRoot\System32\DRIVERS\msgpc.sys
FC849000 - \SystemRoot\System32\DRIVERS\ptilink.sys
FC851000 - \SystemRoot\System32\DRIVERS\raspti.sys
FC859000 - \SystemRoot\System32\DRIVERS\wanatw4.sys
FC5E1000 - \SystemRoot\System32\DRIVERS\termdd.sys
FCC38000 - \SystemRoot\System32\DRIVERS\swenum.sys
FC078000 - \SystemRoot\System32\DRIVERS\update.sys
FC5F1000 - \SystemRoot\System32\Drivers\NDProxy.SYS
FC889000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
FC651000 - \SystemRoot\System32\DRIVERS\usbhub.sys
FCA67000 - \SystemRoot\System32\DRIVERS\USBD.SYS
FC899000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
F7C2D000 - \SystemRoot\System32\DRIVERS\WlanBZXP.sys
FC721000 - \SystemRoot\system32\drivers\lvusbsta.sys
F7903000 - \SystemRoot\System32\DRIVERS\LV302AV.SYS
FC731000 - \SystemRoot\System32\DRIVERS\STREAM.SYS
FCA71000 - \SystemRoot\System32\DRIVERS\lv302af.sys
FC741000 - \SystemRoot\system32\drivers\usbaudio.sys
F76F0000 - \??\C:\WINDOWS\system32\drivers\Lvckap.sys
FCA79000 - \SystemRoot\System32\Drivers\bc_hash_f.SYS
FC8A1000 - \SystemRoot\System32\Drivers\bc_ip_f.SYS
FCA7B000 - \SystemRoot\System32\Drivers\bc_pat_f.SYS
FC169000 - \SystemRoot\System32\Drivers\bc_prt_f.SYS
FC165000 - \SystemRoot\System32\Drivers\bc_tdi_f.SYS
FC751000 - \SystemRoot\SYSTEM32\DRIVERS\avgntdd.sys
FCA7D000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
FCB00000 - \SystemRoot\System32\Drivers\Null.SYS
FCA7F000 - \SystemRoot\System32\Drivers\Beep.SYS
FC8B1000 - \SystemRoot\System32\drivers\vga.sys
FCA81000 - \SystemRoot\System32\Drivers\mnmdd.SYS
FCA83000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
FCA85000 - \SystemRoot\System32\Drivers\InCDrec.SYS
F7693000 - \SystemRoot\System32\Drivers\InCDfs.SYS
FC8B9000 - \SystemRoot\System32\Drivers\Msfs.SYS
FC8C1000 - \SystemRoot\System32\Drivers\Npfs.SYS
FC161000 - \SystemRoot\System32\DRIVERS\rasacd.sys
FC761000 - \SystemRoot\System32\DRIVERS\ipsec.sys
F761B000 - \SystemRoot\System32\DRIVERS\tcpip.sys
FC771000 - \SystemRoot\System32\Drivers\bcftdi.SYS
F75F6000 - \SystemRoot\System32\DRIVERS\netbt.sys
FC13B000 - \SystemRoot\System32\DRIVERS\netbios.sys
FC8C9000 - \SystemRoot\System32\DRIVERS\ssmdrv.sys
F75CE000 - \SystemRoot\System32\DRIVERS\rdbss.sys
F756E000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
FC12B000 - \SystemRoot\System32\Drivers\Fips.SYS
FC11B000 - \SystemRoot\System32\DRIVERS\wanarp.sys
FC10B000 - \SystemRoot\System32\DRIVERS\avipbb.sys
FC0CB000 - \SystemRoot\System32\Drivers\Cdfs.SYS
F744D000 - \SystemRoot\System32\Drivers\dump_atapi.sys
FCA8F000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \??\C:\WINDOWS\system32\win32k.sys
F76EC000 - \??\C:\WINDOWS\system32\watchdog.sys
BFF80000 - \SystemRoot\System32\drivers\dxg.sys
FCB83000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9B8000 - \SystemRoot\System32\i81xdnt5.dll
F72F5000 - \SystemRoot\System32\drivers\afd.sys
F70EA000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
FCA3F000 - \SystemRoot\System32\Drivers\ParVdm.SYS
FC7F9000 - \??\C:\WINDOWS\System32\drivers\btserial.sys
F6FD2000 - \SystemRoot\System32\DRIVERS\secdrv.sys
F6E43000 - \SystemRoot\System32\DRIVERS\srv.sys
F6CC8000 - \SystemRoot\System32\DRIVERS\ipnat.sys
FC869000 - \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys
F6C88000 - \SystemRoot\system32\drivers\sysaudio.sys
F6AD4000 - \SystemRoot\system32\drivers\wdmaud.sys
FC861000 - \SystemRoot\System32\Drivers\ZDPSp50.sys
F6846000 - \??\C:\WINDOWS\System32\PCANDIS5.SYS
F6136000 - \SystemRoot\system32\drivers\kmixer.sys
FCC74000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 133
Liste des programmes installes
ABBYY FineReader 5.0 Sprint
Adobe Flash Player 9 ActiveX
Adobe Shockwave Player
Ahead InCD
Ahead NeroMediaPlayer
Ahead NeroVision Express
AOL France
Apple Software Update
Audacity 1.2.6
Avira AntiVir PersonalEdition Classic
Barre d'outils MSN
Browser Optimizer Dcads
Browser Optimizer Superiorads
CDex extraction audio
Correctif Windows XP - Article Base de Connaissances 834707
Correctif Windows XP - KB823559
Correctif Windows XP - KB828741
Correctif Windows XP - KB835732
Correctif Windows XP - KB842773
EA.com Update
ESD U10039_00 V2
EVEREST Home Edition v2.20
Free Ipod Video Converter V 2.4
Gestionnaire Internet
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
HijackThis 2.0.2
iTunes
J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 3
Jetico Personal Firewall 2.0
Le Maître de l'Olympe - Zeus.
Lecteur Windows Media 10
Lexmark X1100 Series
livebox
MediaBar
MFCDLL Shared Library - Retail Version
Micrografx Picture Publisher 7
Microsoft (R) C Runtime Library
Microsoft (R) C++ Runtime Library
Microsoft .NET Framework (French) v1.0.3705
Microsoft .NET Framework (French) v1.0.3705
Microsoft Office 2000 Premium
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (2.0.0.11)
MSXML 3.0
MSXML4 Parser
Nero - Burning Rom
Package du correctif Windows XP [voir Q329115 pour plus de détails]
Programme de gestion Camera de Logitech®
QuickTime
Réussir ses CV et Lettres de Motivation
Sagem Wi-Fi 11g USB adapter (driver)
Sagem Wi-Fi 11g USB adapter (utility)
TextBridge Classic
VideoLAN VLC media player 0.8.6d
Viewpoint Media Player (Remove Only)
WarBreeds
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows XP Hotfix (SP1) [See Q321178 for more information]
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
WinRAR archiver
XRELAIS 3.1 ( Evaluation )
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\Program Files
2007-12-22 13:16 <REP> .
2007-12-22 13:16 <REP> ..
2006-12-03 18:19 <REP> ABBYY FineReader 5.0 Sprint
2006-12-03 18:18 <REP> ABBYY FineReader 6.0
2004-09-07 20:37 <REP> Ahead
2007-11-05 23:24 <REP> Alwil Software
2007-12-01 12:19 <REP> Apple Software Update
2007-03-31 22:01 <REP> asc
2007-11-07 18:53 <REP> Avira
2004-09-07 12:26 <REP> ComPlus Applications
2007-11-05 23:57 <REP> DivX
2004-09-11 09:45 <REP> EACOM
2007-12-17 17:57 <REP> Fichiers communs
2007-11-08 19:50 <REP> Google
2007-11-14 18:15 <REP> Internet Explorer
2007-12-01 12:28 <REP> iPod
2007-12-05 15:39 <REP> Ipod Video Converter
2007-12-01 12:28 <REP> iTunes
2007-10-24 18:06 <REP> Java
2007-12-22 09:46 <REP> Jetico
2007-12-20 19:09 <REP> Lavalys
2006-09-27 10:23 <REP> LHSP
2006-10-06 12:17 <REP> Micro Application
2005-02-05 11:31 <REP> Micrografx
2004-09-09 14:45 <REP> microsoft frontpage
2007-08-13 10:34 <REP> Microsoft Games
2004-09-09 14:46 <REP> Microsoft Office
2004-09-09 14:49 <REP> Microsoft Visual Studio
2004-09-07 12:36 <REP> MouseWare
2004-09-07 12:27 <REP> Movie Maker
2007-12-23 12:19 <REP> Mozilla Firefox
2004-09-07 12:24 <REP> MSN
2005-06-15 14:01 <REP> MSN Apps
2004-09-07 12:24 <REP> MSN Gaming Zone
2007-11-20 14:33 <REP> MSN Messenger
2007-12-04 22:54 <REP> NCH Software
2007-12-04 22:43 <REP> NCH Swift Sound
2007-01-08 19:55 <REP> NetMeeting
2007-07-28 14:09 <REP> Network Associates
2004-09-07 12:26 <REP> Outlook Express
2007-12-01 12:24 <REP> QuickTime
2006-12-29 21:45 <REP> SAGEM
2006-12-29 21:45 <REP> SAGEM WiFi manager
2007-11-14 18:05 <REP> SDSComposants
2006-12-29 21:41 <REP> Securitoo
2004-09-07 12:25 <REP> Services en ligne
2005-02-05 11:38 <REP> TextBridge Classic
2004-09-07 19:25 <REP> Viewpoint
2007-12-23 12:24 <REP> Wanadoo
2007-02-13 11:17 <REP> WIDCOMM
2007-11-06 17:37 <REP> Windows Media Player
2004-09-07 12:24 <REP> Windows NT
2007-02-23 14:32 <REP> WinRAR
2004-09-07 12:30 <REP> xerox
0 fichier(s) 0 octets
54 Rép(s) 6,271,516,672 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\Program Files\fichiers communs
2007-12-17 17:57 <REP> .
2007-12-17 17:57 <REP> ..
2007-09-07 22:11 <REP> Adobe
2007-08-09 15:51 <REP> Adobe Systems Shared
2004-09-07 20:37 <REP> Ahead
2004-09-07 19:25 <REP> aolshare
2004-09-09 14:49 <REP> Designer
2006-12-30 11:24 <REP> InstallShield
2006-12-30 10:49 <REP> Java
2007-01-02 12:13 <REP> Logitech
2007-11-20 14:33 <REP> Microsoft Shared
2004-09-07 12:26 <REP> MSSoap
2004-09-07 19:14 <REP> Network Associates
2005-05-30 08:28 <REP> NSV
2005-05-30 08:25 <REP> Nullsoft
2004-09-07 12:19 <REP> ODBC
2007-01-27 17:01 <REP> Real
2004-09-07 12:26 <REP> Services
2004-09-07 12:19 <REP> SpeechEngines
2004-09-09 14:48 <REP> System
0 fichier(s) 0 octets
20 Rép(s) 6,271,516,672 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
2004-09-07 12:35 <REP> .
2004-09-07 12:35 <REP> ..
2001-05-18 16:57 561,209 MSONSEXT.DLL
1999-06-03 13:09 122,937 MSOWS409.DLL
2001-03-07 08:00 127,033 MSOWS40c.DLL
1999-03-18 05:37 593,977 RAGENT.DLL
4 fichier(s) 1,405,156 octets
2 Rép(s) 6,271,516,672 octets libres
c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe
c:\Documents and Settings\Jean-François\Bureau\Jean-françois\esd12version98NTXP2000\_ISDEL.EXE
c:\Documents and Settings\Jean-François\Bureau\Jean-françois\esd12version98NTXP2000\SETUP.EXE
c:\Documents and Settings\Yoann\Bureau\HiJackThis.exe
c:\Documents and Settings\Yoann\Bureau\jpf.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\Ad-Aware.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\unregaaw.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\UNWISE.EXE
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\Lang\pllangs.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\Lang\Plugins\Langs\UNWISE.EXE
c:\Documents and Settings\Yoann\Bureau\yoann\divers\audacity\audacity-win-1.2.6.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\audacity\Audacity\audacity.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\audacity\Audacity\unins000.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\cdex\cdex_170b2_enu_nonunicode.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\cdex\CDex_170b2\CDex.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\cdex\CDex_170b2\uninstall.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Itunes\iTunes75Setup.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Jetico\jpf2setup.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\X-relais\install X-relais\instmsia.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\X-relais\install X-relais\instmsiw.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\X-relais\install X-relais\setup.exe
c:\Documents and Settings\Yoann\Bureau\yoann\dossier yoann\Install_Messenger.exe
c:\Documents and Settings\Yoann\Bureau\yoann\free ipod converter\Setup_FreeIpodConverter.exe
c:\Documents and Settings\Yoann\Bureau\yoann\free ipod converter\Ipod Video Converter\IPODConverter.exe
c:\Documents and Settings\Yoann\Bureau\yoann\free ipod converter\Ipod Video Converter\unins000.exe
c:\Documents and Settings\Yoann\Bureau\yoann\VLC\uninstall.exe
c:\Documents and Settings\Yoann\Bureau\yoann\VLC\vlc.exe
c:\Documents and Settings\Yoann\Bureau\yoann\VLC\instal VLC\vlc-0.8.6d-win32.exe
c:\Documents and Settings\Yoann\Local Settings\Application Data\Shareaza\Incomplete\ARSENAL Taste The Power.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\aupd.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\tmp10.tmp.exe
c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_YOANN.tar.gz a l'adresse http://upload.malekal.com
Aussi pour diagHelp euh il ma fait sonner antivir sur un fichier :
C:\WINDOWS\systeme32\IEDFIX.EXE ===> virus indiquer : TR/BHO.agh
(mis en quarantaine)
voici le log Hijack This:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48, on 2007-12-23
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Yoann\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.planetis.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\jpf.exe"
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Icône AOL.lnk = C:\Program Files\AOL 7.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jetico Personal Firewall server - Jetico, Inc. - C:\Program Files\Jetico\Jetico Personal Firewall\jpfsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 7602 bytes
