Se connecter / S'enregistrer
Votre question

trojan spy goldun

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Mai 2008 11:11:46

bonjour, je suis un peu inquiet car je sui infecté par un trojan nommé spy goldun que j'ai essayé de supprimer plusieurs fois avec Ad-ware mais il revient toujours,

un petit coup de main pour le dégager, svp?

Autres pages sur : trojan spy goldun

8 Mai 2008 12:39:35

Salut,

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer.
  • Accepte la licence en cliquant sur Yes.
  • Clique sur "Do a system scan and save a logfile".
  • Poste ici le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.
    8 Mai 2008 12:59:10

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:24:57, on 08/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    c:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
    c:\WINDOWS\system32\ifxspmgt.exe
    C:\WINDOWS\Explorer.EXE
    c:\WINDOWS\system32\ifxtcs.exe
    C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\PDF Complete\pdfsvc.exe
    c:\WINDOWS\system32\IfxPsdSv.exe
    C:\Novadigm\ManagementAgent\nvdkit.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    C:\WINDOWS\system32\AccelerometerSt.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\PDF Complete\pdfsty.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    c:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    D:\HL2\Steam.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Safari\Safari.exe
    c:\program files\avira\antivir personaledition classic\avcenter.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Etudiant\Bureau\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr&rlz=1B2RNFA_frFR251&btnG=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [IFXSPMGT] c:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [AdVantage Setup] C:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SysMetrix] C:\Program Files\SysMetrix\SysMetrix.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Etudiant\LOCALS~1\Temp\IXP000.TMP\"
    O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Etudiant\LOCALS~1\Temp\IXP000.TMP\"
    O4 - HKLM\..\RunOnce: [wextract_cleanup2] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Etudiant\LOCALS~1\Temp\IXP000.TMP\"
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SA5.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [LiveSticker] "C:\Program Files\Nosibay\Livesticker\launcher.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe"
    O4 - HKCU\..\Run: [Steam] "D:\HL2\Steam.exe" -silent
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Alienware News Feed.lnk = C:\Program Files\Stardock\DesktopGadgets\Alienware News Feed\Alienware News Feed.exe
    O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.webseurope.com/scan/Msie/bitdefender.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: APSHook.dll
    O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll
    O20 - Winlogon Notify: OneCard - c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Agent Central (AgentCDCP) - Devaxe Technologie - C:\CDGuide3\NTAgent.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe
    O23 - Service: Verrouillage des périphériques / Audition HP ProtectTools (FLCDLOCK) - Hewlett-Packard Ltd - c:\WINDOWS\system32\flcdlock.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\ifxspmgt.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\ifxtcs.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Personal Secure Drive service for encrypted drives (PersonalSecureDriveService) - Infineon Technologies AG - c:\WINDOWS\system32\IfxPsdSv.exe
    O23 - Service: Radia Management Agent (rma) - Unknown owner - C:/Novadigm/ManagementAgent/nvdkit.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 19310 bytes

    Contenus similaires
    8 Mai 2008 13:06:20

    Rien de visible.
    Tu as un nom de fichier, localisation pour le fichier détecté ?
    8 Mai 2008 13:58:42

    il est dans le dossier windows système 32
    8 Mai 2008 14:01:22

    Un nom stp :) 

    Poste moi le rapport Ad-Aware ;) 
    8 Mai 2008 14:59:24

    ad-ware n'indique rien de spécial,
    par contre, ma jauge CPU oscille entre minimum 45% et max. 100%,
    alors que je n'ai qu'une page internet ouverte
    avant, dans des conditions similaires c'est plutôt 4 à 15 %


    voila le dernier rapport:

    Ad-Aware 2007 Build
    Log File Created on: 2008-05-08 14:48:37

    This scan was aborted by the user, all infections might not have been logged.

    Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
    Computer name: POUDEVIGNE
    Name of user performing scan: SYSTEM

    System information
    ===========================
    Number of processors: 2
    Processor type: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
    Memory Available: 48%
    Total Physical Memory: 2146676736 Bytes
    Available Physical Memory: 1016172544 Bytes
    Total Page File Size: 4129255424 Bytes
    Available On Page File: 2967011328 Bytes
    Total Virtual Memory: 2147352576 Bytes
    Available Virtual Memory: 1910812672 Bytes
    OS: Microsoft Windows XP Service Pack 2 (Build 2600)

    Ad-Aware 2007 Settings
    ===========================
    Skipping files larger than 1048576 kB
    Ignoring infections with lower TAI than: 3


    Extended Ad-Aware 2007 Settings
    ===========================
    Unloading known modules during scan
    Ignoring spanned files when scanning cab archives
    Reanalyzing results after scanning before displaying results
    Trying to unload modules prior to removal
    Let Windows remove files currently in use at next reboot
    Removing quarantined objects after restore
    Deactivating Ad-Watch during scans
    Writeprotecting system files after repairs
    Include info about ignored objects in log file
    Including basic settings in log file
    Including advanced settings in log file
    Including user and computer name in log file
    Create and save WebUpdate log file

    Databaseinfo
    ===========================
    Version number: 77
    Build Number: 0
    Build Date and Time: 2008/05/07 11:42:07

    Scan Statistics
    ===========================
    Method: Full
    Scan tracking cookies.............................: On
    Scan ADS filestreams..............................: On

    Item Scanned: 356133
    Infections Detected: 0
    Infections Ignored: 0

    Scan detailed statistics
    ===========================
    Type Critical Total
    Process Scan....: 0 0
    Registry Scan...: 0 0
    Registry PE Scan: 0 0
    Hosts File Scan.: 0 0
    File Scan.......: 0 0
    Folder Scan.....: 0 0
    LSP Scan........: 0 0
    ADS Scan........: 0 0
    Cookie Scan.....: 0 0
    File Hash Scan..: 0 0

    Infections Found
    ===========================

    Items Ignored During Scan
    ===========================


    Listing of running processes
    ===========================
    C:\WINDOWS\SYSTEM32\SMSS.EXE
    c:\windows\system32\smss.exe

    c:\windows\system32\ntdll.dll

    C:\WINDOWS\SYSTEM32\CSRSS.EXE
    c:\windows\system32\csrss.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\csrsrv.dll

    c:\windows\system32\basesrv.dll

    c:\windows\system32\winsrv.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\sxs.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    C:\WINDOWS\SYSTEM32\WINLOGON.EXE
    c:\windows\system32\winlogon.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\authz.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\nddeapi.dll

    c:\windows\system32\profmap.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\regapi.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\version.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\msgina.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\odbc32.dll

    c:\windows\system32\comdlg32.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\odbcint.dll

    c:\windows\system32\shsvcs.dll

    c:\windows\system32\sfc.dll

    c:\windows\system32\sfc_os.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\msctfime.ime

    c:\program files\hewlett-packard\iam\bin\ocgina.dll

    c:\windows\system32\msvcr70.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\oleaut32.dll

    c:\program files\hewlett-packard\iam\bin\itmsg.dll

    c:\program files\hewlett-packard\iam\bin\fra\ocgina.dll

    c:\program files\hewlett-packard\iam\bin\hpbrand.dll

    c:\program files\hewlett-packard\iam\bin\fra\hpbrand.dll

    c:\program files\hewlett-packard\iam\bin\fra\itmsg.dll

    c:\windows\system32\sxs.dll

    c:\windows\system32\winscard.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\uxtheme.dll

    c:\program files\hewlett-packard\iam\bin\ittal.dll

    c:\program files\hewlett-packard\iam\bin\itreports.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\ati2evxx.dll

    c:\windows\system32\cscdll.dll

    c:\windows\system32\rsaenh.dll

    c:\program files\hewlett-packard\iam\bin\aswlnpkg.dll

    c:\windows\system32\wlnotify.dll

    c:\windows\system32\winspool.drv

    c:\windows\system32\mpr.dll

    c:\program files\hewlett-packard\iam\bin\authwiz.dll

    c:\program files\hewlett-packard\iam\bin\fra\authwiz.dll

    c:\windows\system32\xpsp2res.dll

    c:\program files\hewlett-packard\iam\bin\tpmauth.dll

    c:\program files\hewlett-packard\iam\bin\fra\tpmauth.dll

    c:\program files\hewlett-packard\iam\bin\tokenauth.dll

    c:\program files\hewlett-packard\iam\bin\ittalsnap.dll

    c:\program files\hewlett-packard\iam\bin\fra\ittalsnap.dll

    c:\program files\hewlett-packard\iam\bin\fra\tokenauth.dll

    c:\program files\hewlett-packard\iam\bin\itvcard.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\program files\hewlett-packard\iam\bin\aschnl.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\iphlpapi.dll

    c:\program files\hewlett-packard\iam\bin\itdac.dll

    c:\windows\system32\activeds.dll

    c:\windows\system32\adsldpc.dll

    c:\windows\system32\atl.dll

    c:\program files\hewlett-packard\iam\bin\itauth.dll

    c:\program files\hewlett-packard\iam\bin\itvcclient.dll

    c:\program files\hewlett-packard\iam\bin\trayicon.dll

    c:\program files\hewlett-packard\iam\bin\bioauth.dll

    c:\program files\hewlett-packard\iam\bin\fra\bioauth.dll

    c:\windows\system32\scarddlg.dll

    c:\windows\system32\mfc42u.dll

    c:\windows\system32\mfc42loc.dll

    c:\program files\hewlett-packard\iam\bin\stengine.dll

    c:\program files\hewlett-packard\iam\bin\asbioat.dll

    c:\windows\system32\xenroll.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\winrnr.dll

    c:\program files\bonjour\mdnsnsp.dll

    c:\windows\system32\rasadhlp.dll

    c:\program files\hewlett-packard\iam\bin\netadmin.dll

    c:\program files\hewlett-packard\iam\bin\fra\netadmin.dll

    c:\windows\system32\devicenp.dll

    c:\windows\system32\cscui.dll

    c:\windows\system32\es.dll

    c:\windows\system32\wdmaud.drv

    c:\windows\system32\msacm32.drv

    c:\windows\system32\msacm32.dll

    c:\windows\system32\midimap.dll

    C:\WINDOWS\SYSTEM32\SERVICES.EXE
    c:\windows\system32\services.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\scesrv.dll

    c:\windows\system32\authz.dll

    c:\windows\system32\umpnpmgr.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\ncobjapi.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acadproc.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\version.dll

    c:\windows\system32\eventlog.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wtsapi32.dll

    C:\WINDOWS\SYSTEM32\LSASS.EXE
    c:\windows\system32\lsass.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\lsasrv.dll

    c:\windows\system32\mpr.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\ntdsapi.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\samsrv.dll

    c:\windows\system32\cryptdll.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\msprivs.dll

    c:\windows\system32\kerberos.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\netlogon.dll

    c:\windows\system32\w32time.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\schannel.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\wdigest.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\setupapi.dll

    c:\windows\sbhpnp.dll

    c:\windows\system32\scecli.dll

    c:\program files\hewlett-packard\iam\bin\aswlnpkg.dll

    c:\windows\system32\msvcr70.dll

    c:\program files\hewlett-packard\iam\bin\itmsg.dll

    c:\windows\system32\ipsecsvc.dll

    c:\windows\system32\authz.dll

    c:\windows\system32\oakley.dll

    c:\windows\system32\winipsec.dll

    c:\windows\system32\pstorsvc.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\psbase.dll

    c:\windows\system32\dssenh.dll

    C:\WINDOWS\SYSTEM32\SVCHOST.EXE
    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\program files\hewlett-packard\iam\bin\aswlnpkg.dll

    c:\windows\system32\msvcr70.dll

    c:\program files\hewlett-packard\iam\bin\itmsg.dll

    c:\program files\hewlett-packard\iam\bin\aschnl.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\program files\hewlett-packard\iam\bin\bioauthsrv.dll

    c:\program files\hewlett-packard\iam\bin\itdac.dll

    c:\windows\system32\activeds.dll

    c:\windows\system32\adsldpc.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\atl.dll

    c:\program files\hewlett-packard\iam\bin\itreports.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\adsnt.dll

    c:\windows\system32\winspool.drv

    c:\windows\system32\mpr.dll

    c:\windows\system32\rassapi.dll

    c:\windows\system32\mprapi.dll

    c:\windows\system32\rtutils.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\sxs.dll

    c:\windows\system32\cscdll.dll

    c:\program files\hewlett-packard\iam\bin\itauth.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\program files\hewlett-packard\iam\bin\fra\itmsg.dll

    c:\program files\hewlett-packard\iam\bin\hpbrand.dll

    c:\program files\hewlett-packard\iam\bin\fra\hpbrand.dll

    c:\program files\hewlett-packard\iam\bin\authwiz.dll

    c:\program files\hewlett-packard\iam\bin\fra\authwiz.dll

    c:\program files\hewlett-packard\iam\bin\itvcserver.dll

    c:\program files\hewlett-packard\iam\bin\itvcard.dll

    c:\program files\hewlett-packard\iam\bin\netadmin.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\program files\hewlett-packard\iam\bin\fra\netadmin.dll

    c:\program files\hewlett-packard\iam\bin\petpm.dll

    c:\program files\hewlett-packard\iam\bin\fra\petpm.dll

    c:\program files\hewlett-packard\iam\bin\pesched.dll

    c:\windows\system32\iphlpapi.dll

    c:\program files\hewlett-packard\iam\bin\fra\pesched.dll

    c:\program files\hewlett-packard\iam\bin\peactiverule.dll

    c:\program files\hewlett-packard\iam\bin\fra\peactiverule.dll

    c:\program files\hewlett-packard\iam\bin\pecustom.dll

    c:\program files\hewlett-packard\iam\bin\fra\pecustom.dll

    c:\program files\hewlett-packard\iam\bin\peauth.dll

    c:\program files\hewlett-packard\iam\bin\fra\peauth.dll

    C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
    c:\windows\system32\ati2evxx.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\powrprof.dll

    c:\windows\system32\cfgmgr32.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\ati2edxx.dll

    c:\windows\system32\atipdlxx.dll

    c:\windows\system32\uxtheme.dll

    C:\WINDOWS\SYSTEM32\SVCHOST.EXE
    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\rpcss.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\termsrv.dll

    c:\windows\system32\icaapi.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\authz.dll

    c:\windows\system32\mstlsapi.dll

    c:\windows\system32\activeds.dll

    c:\windows\system32\adsldpc.dll

    c:\windows\system32\atl.dll

    c:\windows\system32\regapi.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\msi.dll

    C:\PROGRAM FILES\HEWLETT-PACKARD\DRIVE ENCRYPTION\HPFKCRYPT.EXE
    c:\program files\hewlett-packard\drive encryption\hpfkcrypt.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    C:\WINDOWS\SYSTEM32\SVCHOST.EXE
    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\rpcss.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\winrnr.dll

    c:\windows\system32\wldap32.dll

    c:\program files\bonjour\mdnsnsp.dll

    c:\windows\system32\rasadhlp.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\shsvcs.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\dhcpcsvc.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\wzcsvc.dll

    c:\windows\system32\rtutils.dll

    c:\windows\system32\wmi.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\esent.dll

    c:\windows\system32\atl.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\rastls.dll

    c:\windows\system32\cryptui.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\mprapi.dll

    c:\windows\system32\activeds.dll

    c:\windows\system32\adsldpc.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\rasapi32.dll

    c:\windows\system32\rasman.dll

    c:\windows\system32\tapi32.dll

    c:\windows\system32\schannel.dll

    c:\windows\system32\winscard.dll

    c:\windows\system32\raschap.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\schedsvc.dll

    c:\windows\system32\ntdsapi.dll

    c:\windows\system32\msidle.dll

    c:\windows\system32\audiosrv.dll

    c:\windows\system32\wkssvc.dll

    c:\windows\system32\qmgr.dll

    c:\windows\system32\mpr.dll

    c:\windows\system32\shfolder.dll

    c:\windows\system32\winhttp.dll

    c:\windows\system32\cryptsvc.dll

    c:\windows\system32\certcli.dll

    c:\windows\system32\es.dll

    c:\windows\system32\dmserver.dll

    c:\windows\system32\ersvc.dll

    c:\windows\system32\hidserv.dll

    c:\windows\system32\hid.dll

    c:\windows\pchealth\helpctr\binaries\pchsvc.dll

    c:\windows\system32\srvsvc.dll

    c:\windows\system32\netman.dll

    c:\windows\system32\netshell.dll

    c:\windows\system32\credui.dll

    c:\windows\system32\wzcsapi.dll

    c:\windows\system32\seclogon.dll

    c:\windows\system32\sens.dll

    c:\windows\system32\srsvc.dll

    c:\windows\system32\powrprof.dll

    c:\windows\system32\w32time.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\browser.dll

    c:\windows\system32\wbem\wmisvc.dll

    c:\windows\system32\vssapi.dll

    c:\windows\system32\trkwks.dll

    c:\windows\system32\wuauserv.dll

    c:\windows\system32\wuaueng.dll

    c:\windows\system32\winspool.drv

    c:\windows\system32\cabinet.dll

    c:\windows\system32\mspatcha.dll

    c:\windows\system32\sxs.dll

    c:\windows\system32\ipnathlp.dll

    c:\windows\system32\authz.dll

    c:\windows\system32\wbem\wbemcore.dll

    c:\windows\system32\wbem\esscli.dll

    c:\windows\system32\wbem\wbemcomn.dll

    c:\windows\system32\wbem\fastprox.dll

    c:\windows\system32\comsvcs.dll

    c:\windows\system32\colbact.dll

    c:\windows\system32\mtxclu.dll

    c:\windows\system32\wsock32.dll

    c:\windows\system32\clusapi.dll

    c:\windows\system32\resutils.dll

    c:\windows\system32\wbem\wbemsvc.dll

    c:\windows\system32\sfc.dll

    c:\windows\system32\sfc_os.dll

    c:\windows\system32\wscsvc.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\wbem\wmiutils.dll

    c:\windows\system32\wbem\repdrvfs.dll

    c:\windows\system32\wbem\wmiprvsd.dll

    c:\windows\system32\ncobjapi.dll

    c:\windows\system32\wbem\wbemess.dll

    c:\windows\system32\wbem\ncprov.dll

    c:\windows\system32\rasadhlp.dll

    c:\windows\system32\netcfgx.dll

    c:\windows\system32\rasmans.dll

    c:\windows\system32\winipsec.dll

    c:\windows\system32\tapisrv.dll

    c:\windows\system32\rastapi.dll

    c:\windows\system32\unimdm.tsp

    c:\windows\system32\uniplat.dll

    c:\windows\system32\unimdmat.dll

    c:\windows\system32\modemui.dll

    c:\windows\system32\kmddsp.tsp

    c:\windows\system32\ndptsp.tsp

    c:\windows\system32\ipconf.tsp

    c:\windows\system32\h323.tsp

    c:\windows\system32\hidphone.tsp

    c:\windows\system32\rasppp.dll

    c:\windows\system32\ntlsapi.dll

    c:\windows\system32\kerberos.dll

    c:\windows\system32\cryptdll.dll

    c:\windows\system32\upnp.dll

    c:\windows\system32\ssdpapi.dll

    c:\windows\system32\rasdlg.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\wups2.dll

    c:\windows\system32\dssenh.dll

    c:\windows\system32\msxml3.dll

    c:\windows\system32\winrnr.dll

    c:\program files\bonjour\mdnsnsp.dll

    C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE
    c:\program files\widcomm\bluetooth software\bin\btwdins.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\hid.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\uxtheme.dll

    C:\WINDOWS\SYSTEM32\SVCHOST.EXE
    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\wudfsvc.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\wudfplatform.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\dnsrslvr.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\lmhsvc.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\webclnt.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\regsvc.dll

    c:\windows\system32\ssdpsrv.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\wshtcpip.dll

    C:\WINDOWS\SYSTEM32\WLTRYSVC.EXE
    c:\windows\system32\wltrysvc.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\msvcr71.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\apphelp.dll

    C:\WINDOWS\SYSTEM32\BCMWLTRY.EXE
    c:\windows\system32\bcmwltry.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\cfgmgr32.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\powrprof.dll

    c:\windows\system32\bcm1xsup.dll

    c:\windows\system32\bcmwlpkt.dll

    c:\windows\system32\version.dll

    c:\windows\system32\msvcr71.dll

    c:\windows\system32\mfc71.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msvcp71.dll

    c:\windows\system32\wsock32.dll

    c:\windows\system32\winscard.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\mfc71fra.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\atl71.dll

    c:\windows\system32\wltrynt.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\es.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\sxs.dll

    c:\windows\system32\msi.dll

    C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
    c:\program files\lavasoft\ad-aware 2007\aawservice.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\program files\lavasoft\ad-aware 2007\ceapi.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\program files\lavasoft\ad-aware 2007\pkarchive85u.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\version.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\rsaenh.dll

    c:\program files\lavasoft\ad-aware 2007\lavalicense.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\comdlg32.dll

    c:\windows\system32\inetmib1.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\snmpapi.dll

    c:\windows\system32\wsock32.dll

    c:\windows\system32\mprapi.dll

    c:\windows\system32\activeds.dll

    c:\windows\system32\adsldpc.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\atl.dll

    c:\windows\system32\rtutils.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\msctfime.ime

    C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
    c:\windows\system32\ati2evxx.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\powrprof.dll

    c:\windows\system32\cfgmgr32.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\ati2edxx.dll

    c:\windows\system32\atipdlxx.dll

    c:\windows\system32\ati2evxx.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\rsaenh.dll

    C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
    c:\windows\system32\spoolsv.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\spoolss.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\rasadhlp.dll

    c:\windows\system32\localspl.dll

    c:\windows\system32\sfc_os.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\winspool.drv

    c:\windows\system32\netapi32.dll

    c:\windows\system32\cnbjmon.dll

    c:\windows\system32\e_flbcae.dll

    c:\windows\system32\mdimon.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\pdfc_port.dll

    c:\windows\system32\pjlmon.dll

    c:\windows\system32\bthcrp.dll

    c:\windows\system32\widcommsdk.dll

    c:\windows\system32\wbtapi.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\mfc42.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\mfc42loc.dll

    c:\windows\system32\tcpmon.dll

    c:\windows\system32\usbmon.dll

    c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\winrnr.dll

    c:\windows\system32\wldap32.dll

    c:\program files\bonjour\mdnsnsp.dll

    c:\windows\system32\win32spl.dll

    c:\windows\system32\netrap.dll

    c:\windows\system32\ntdsapi.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\inetpp.dll

    C:\PROGRAM FILES\FICHIERS COMMUNS\LOGISHRD\LVMVFM\LVPRCSRV.EXE
    c:\program files\fichiers communs\logishrd\lvmvfm\lvprcsrv.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
    c:\windows\system32\scardsvr.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE
    c:\program files\avira\antivir personaledition classic\avguard.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\program files\avira\antivir personaledition classic\msvcr71.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\program files\avira\antivir personaledition classic\avevtlog.dll

    c:\program files\avira\antivir personaledition classic\guardmsg.dll

    c:\program files\avira\antivir personaledition classic\sqlite3.dll

    c:\program files\avira\antivir personaledition classic\avpref.dll

    c:\program files\avira\antivir personaledition classic\smtplib.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\program files\avira\antivir personaledition classic\avgio.dll

    c:\windows\system32\fltlib.dll

    c:\program files\avira\antivir personaledition classic\aecore.dll

    c:\program files\avira\antivir personaledition classic\aevdf.dll

    c:\program files\avira\antivir personaledition classic\aescript.dll

    c:\program files\avira\antivir personaledition classic\aescn.dll

    c:\program files\avira\antivir personaledition classic\aerdl.dll

    c:\program files\avira\antivir personaledition classic\aepack.dll

    c:\program files\avira\antivir personaledition classic\unacev2.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\program files\avira\antivir personaledition classic\aeoffice.dll

    c:\program files\avira\antivir personaledition classic\aeheur.dll

    c:\program files\avira\antivir personaledition classic\aehelp.dll

    c:\program files\avira\antivir personaledition classic\aegen.dll

    c:\program files\avira\antivir personaledition classic\aeemu.dll

    c:\program files\avira\antivir personaledition classic\avipc.dll

    C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
    c:\program files\avira\antivir personaledition classic\sched.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\program files\avira\antivir personaledition classic\msvcr71.dll

    c:\program files\avira\antivir personaledition classic\msvcp71.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\program files\avira\antivir personaledition classic\schedr.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\rasapi32.dll

    c:\windows\system32\rasman.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\tapi32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\rtutils.dll

    c:\windows\system32\winmm.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\program files\avira\antivir personaledition classic\avevtlog.dll

    c:\program files\avira\antivir personaledition classic\sqlite3.dll

    c:\windows\system32\apphelp.dll

    C:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
    c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\wsock32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE
    c:\program files\bonjour\mdnsresponder.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\mprapi.dll

    c:\windows\system32\activeds.dll

    c:\windows\system32\adsldpc.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\atl.dll

    c:\windows\system32\rtutils.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\setupapi.dll

    C:\WINDOWS\SYSTEM32\FTRTSVC.EXE
    c:\windows\system32\ftrtsvc.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ifhelper.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\mfc42.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\mfc42loc.dll

    c:\windows\system32\psapi.dll

    C:\WINDOWS\SYSTEM32\IFXSPMGT.EXE
    c:\windows\system32\ifxspmgt.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

    c:\windows\system32\ifxsparc.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80fra.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\msxml6.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\es.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\mstask.dll

    c:\windows\system32\ntdsapi.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\comdlg32.dll

    c:\windows\system32\mpr.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\sxs.dll

    c:\windows\system32\ifxtsp.dll

    c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\atl80.dll

    c:\windows\system32\ifxtcsps.dll

    c:\windows\system32\rsaenh.dll

    C:\WINDOWS\SYSTEM32\IFXTCS.EXE
    c:\windows\system32\ifxtcs.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\version.dll

    c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

    c:\windows\system32\ifxsparc.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80fra.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\ifxtpm.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\msxml6.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\ifxtcsps.dll

    C:\PROGRAM FILES\FICHIERS COMMUNS\INTERVIDEO\REGMGR\IVIREGMGR.EXE
    c:\program files\fichiers communs\intervideo\regmgr\iviregmgr.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\version.dll

    C:\PROGRAM FILES\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE
    c:\program files\fichiers communs\lightscribe\lssrvc.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\program files\fichiers communs\lightscribe\lssproxy.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\shell32.dll

    c:\program files\fichiers communs\lightscribe\lslog.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    C:\PROGRAM FILES\FICHIERS COMMUNS\LOGISHRD\LVCOMSER\LVCOMSER.EXE
    c:\program files\fichiers communs\logishrd\lvcomser\lvcomser.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\version.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\iphlpapi.dll

    c:\program files\fichiers communs\logishrd\lvcomser\lvcscli.dll

    c:\windows\system32\cfgmgr32.dll

    c:\windows\system32\hid.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\program files\fichiers communs\logishrd\lvcomser\lvcsps.dll

    C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
    c:\program files\fichiers communs\microsoft shared\vs7debug\mdm.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\version.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\program files\fichiers communs\microsoft shared\vs7debug\1036\mdmui.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    C:\PROGRAM FILES\PDF COMPLETE\PDFSVC.EXE
    c:\program files\pdf complete\pdfsvc.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\mpr.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\winspool.drv

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\uxtheme.dll

    C:\WINDOWS\SYSTEM32\IFXPSDSV.EXE
    c:\windows\system32\ifxpsdsv.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80fra.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    C:\NOVADIGM\MANAGEMENTAGENT\NVDKIT.EXE
    c:\novadigm\managementagent\nvdkit.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\sentcl\sentcl82.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\netapi32.dll

    c:\windows\temp\.nvdkit\987239acba334648\d5687f9dd9435984\bin\itcl31.dll

    c:\windows\temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\reg1.0\tclreg82.dll

    c:\windows\temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\nvdtcl\nvdtcl82.dll

    c:\windows\temp\.nvdkit\987239acba334648\d5687f9dd9435984\lib\tclsvc\tclsvc82.dll

    c:\windows\system32\wsock32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\mswsock.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\winrnr.dll

    c:\windows\system32\wldap32.dll

    c:\program files\bonjour\mdnsnsp.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\rasadhlp.dll

    c:\windows\temp\.nvdkit\4cbb1f5137265e7d\737d992b6837ba4c\bin\win32\biosinfo.dll

    c:\windows\temp\.nvdkit\4cbb1f5137265e7d\737d992b6837ba4c\bin\win32\iphelper.dll

    C:\PROGRAM FILES\ALCOHOL SOFT\ALCOHOL 120\STARWIND\STARWINDSERVICEAE.EXE
    c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\wsnmp32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\winrnr.dll

    c:\windows\system32\wldap32.dll

    c:\program files\bonjour\mdnsnsp.dll

    c:\windows\system32\rasadhlp.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\version.dll

    c:\windows\system32\msxml3.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    C:\WINDOWS\SYSTEM32\SVCHOST.EXE
    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\wiaservc.dll

    c:\windows\system32\cfgmgr32.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\mscms.dll

    c:\windows\system32\winspool.drv

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\actxprxy.dll

    c:\windows\system32\sti.dll

    C:\PROGRAM FILES\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE
    c:\program files\hewlett-packard\shared\hpqwmiex.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\version.dll

    c:\windows\system32\wbem\wbemprox.dll

    c:\windows\system32\wbem\wbemcomn.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wbem\wbemsvc.dll

    c:\windows\system32\wbem\fastprox.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\ntdsapi.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\sxs.dll

    C:\PROGRAM FILES\HPQ\SHARED\SIERRA WIRELESS\WIN32\UNICODE\SWIHPWMI.EXE
    c:\program files\hpq\shared\sierra wireless\win32\unicode\swihpwmi.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\apshook.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\version.dll

    c:\windows\system32\wbem\wbemprox.dll

    c:\windows\system32\wbem\wbemcomn.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wbem\wbemsvc.dll

    c:\windows\system32\wbem\fastprox.dl
    8 Mai 2008 17:41:41

    y a t il encore quelqu'un?
    ;) 
    8 Mai 2008 20:39:45

    Re,

    Reposte un HijackTHis ..
    9 Mai 2008 12:02:09

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:01:29, on 09/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    c:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\AccelerometerSt.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\PDF Complete\pdfsty.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    D:\HL2\Steam.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    c:\WINDOWS\system32\ifxspmgt.exe
    c:\WINDOWS\system32\ifxtcs.exe
    C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\PDF Complete\pdfsvc.exe
    c:\WINDOWS\system32\IfxPsdSv.exe
    C:\Novadigm\ManagementAgent\nvdkit.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    c:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Safari\Safari.exe
    C:\Documents and Settings\Etudiant\Bureau\Etudiant.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr&rlz=1B2RNFA_frFR251&btnG=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
    O4 - HKLM\..\Run: [IFXSPMGT] c:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [AdVantage Setup] C:\Program Files\DAEMON Tools Lite\AdVantageSetup.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SysMetrix] C:\Program Files\SysMetrix\SysMetrix.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Etudiant\LOCALS~1\Temp\IXP000.TMP\"
    O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Etudiant\LOCALS~1\Temp\IXP000.TMP\"
    O4 - HKLM\..\RunOnce: [wextract_cleanup2] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Etudiant\LOCALS~1\Temp\IXP000.TMP\"
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SA5.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [LiveSticker] "C:\Program Files\Nosibay\Livesticker\launcher.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe"
    O4 - HKCU\..\Run: [Steam] "D:\HL2\Steam.exe" -silent
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Alienware News Feed.lnk = C:\Program Files\Stardock\DesktopGadgets\Alienware News Feed\Alienware News Feed.exe
    O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.webseurope.com/scan/Msie/bitdefender.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: APSHook.dll
    O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll
    O20 - Winlogon Notify: OneCard - c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Agent Central (AgentCDCP) - Devaxe Technologie - C:\CDGuide3\NTAgent.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe
    O23 - Service: Verrouillage des périphériques / Audition HP ProtectTools (FLCDLOCK) - Hewlett-Packard Ltd - c:\WINDOWS\system32\flcdlock.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\ifxspmgt.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\ifxtcs.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Personal Secure Drive service for encrypted drives (PersonalSecureDriveService) - Infineon Technologies AG - c:\WINDOWS\system32\IfxPsdSv.exe
    O23 - Service: Radia Management Agent (rma) - Unknown owner - C:/Novadigm/ManagementAgent/nvdkit.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 19206 bytes

    9 Mai 2008 12:30:46

    Re,

    Il serait préférable de désinstaller Ad-Aware, piètre anti-spywares.
    Pareil pour Boonty;

    Fais ceci si tu es d'accord :

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Ad-Aware
  • Boonty
  • BoontyGames

    - Poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
    - Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d'exploitation./Appliquer - - > OK

    Tu recocheras après.

    Puis supprime les dossiers correspondants :
  • Dans Programfiles
  • Dans Programfiles\Fichiers communs
  • Dans %allusersprofile%\application data
    ( XP -> C:\Documents and Settings\All users\Application Data,
    Vista -> C:\Users\ton nom\appdata\roaming)
  • Etc ... (Tu peux rechercher les dossiers à supprimer par une recherche Windows [Démarrer\rechercher])

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    Clique sur démarrer --> exécuter, tape CMD puis valide par ok.
    (Si tu es sous Vista, clique seulement sur démarrer, tape CMD et valide par entrée)
    Colle ligne par ligne en validant entre deux (par entrée) les lignes suivantes dans la fenêtre noire qui apparaît.
    sc config "Boonty Games" start= disabled
    sc delete "Boonty Games"


    ********

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées :
    Redémarre en mode sans échec
    /!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    [#FF0000]Aide
    : Comment utiliser MBAM.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS