infection virus, log fournisRésolu/Fermé

Question

Bonjour à tous,
j'espère avoir suivi la procédure forurnie ici pour éradiquer les virus qui sont sur mon ordinateur.
voici donc les résultats des log

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
 + Créé à:	19:52:14 06/03/2007
 + Résultat de l'analyse:	
C:\WINDOWS\system\smss.exe -> Backdoor.Medbot.eh : Aucune action entreprise.
C:\WINDOWS\system32\__delete_on_reboot__t_c_p_i_p_m_o_n_._e_x_e_ -> Hijacker.Agent.is : Aucune action entreprise.
C:\ywobnat.exe -> Hijacker.Agent.is : Aucune action entreprise.
C:\WINDOWS\system32\__delete_on_reboot__w_i_n_i_t_s_3_2_._d_l_l_ -> Trojan.Agent.qt : Aucune action entreprise.
Fin du rapport

BitDefender Online Scanner
Scan report generated at: Tue, Mar 06, 2007 - 23:09:54
Scan path: C:\;D:\;E:\;G:\;
Statistics
 
Time
 03:06:44
 
Files
 803540
 
Folders
 7774
 
Boot Sectors
 4
Archives
 9422
Packed Files
 65096
Results
Identified Viruses 
 17
Infected Files 
 30
Suspect Files 
 1
Warnings
 0
Disinfected
 0
Deleted Files
 27
Engines Info
Virus Definitions
 403059
Engine build
 AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
 14
Archive plugins
 38
Unpack plugins
 6
E-mail plugins
 6
System plugins
 1
Scan Settings
First Action
 Disinfect
 
Second Action
 Delete
 
Heuristics
 Yes
 
Enable Warnings
 Yes
 
Scanned Extensions
 *;
 
Exclude Extensions
  
 
Scan Emails
 Yes
 
Scan Archives
 Yes
 
Scan Packed
 Yes
 
Scan Files
 Yes
 
Scan Boot
 Yes
  Scanned File
  Status
 
C:\Documents and Settings\All Users\Documents\setup.exe
 Infected with: DeepScan:Generic.Horst.AE2AE578
 
C:\Documents and Settings\All Users\Documents\setup.exe
 Disinfection failed
 
C:\Documents and Settings\All Users\Documents\setup.exe
 Deleted
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
 Infected with: Trojan.Obfus.Gen
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
 Disinfection failed
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
 Delete failed
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
 Infected with: Win32.Netsky.D@mm
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
 Disinfection failed
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
 Deleted
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst
 Updated
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
 Infected with: Win32.Netsky.D@mm
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
 Disinfection failed
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
 Deleted
 
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst
 Updated
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
 Infected with: Trojan.Spy.Agent.PD
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
 Disinfection failed
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
 Deleted
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar
 Update failed
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
 Infected with: Trojan.Downloader.Imloader.C
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
 Disinfection failed
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
 Deleted
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
 Infected with: Trojan.Downloader.Harnig.XB
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
 Disinfection failed
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
 Deleted
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
 Infected with: Trojan.Downloader.Harnig.XB
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
 Disinfection failed
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
 Deleted
 
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar
 Update failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
 Infected with: DeepScan:Generic.Horst.E47F23DF
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
 Infected with: DeepScan:Generic.Horst.2B02E0B8
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
 Infected with: DeepScan:Generic.Horst.2B02E0B8
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
 Infected with: DeepScan:Generic.Horst.2B02E0B8
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
 Infected with: DeepScan:Generic.Horst.0D2C46C9
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
 Infected with: DeepScan:Generic.Horst.0D2C46C9
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
 Infected with: DeepScan:Generic.Horst.0D2C46C9
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
 Infected with: DeepScan:Generic.Horst.707F662F
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
 Infected with: DeepScan:Generic.Horst.AE2AE578
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
 Infected with: DeepScan:Generic.Horst.AE2AE578
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
 Infected with: Trojan.Juan.Q
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
 Infected with: Trojan.Agent.QT
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
 Infected with: Trojan.Downloader.Harnig.XB
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar
 Update failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
 Infected with: Trojan.Downloader.RegClean.A
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
 Infected with: DeepScan:Generic.Horst.D853B2CA
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
 Deleted
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
 Infected with: MemScan:Trojan.Downloader.RegClean.A
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
 Disinfection failed
 
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
 Deleted
 
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
 Infected with: Trojan.Downloader.Istbar.PY
 
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
 Disinfection failed
 
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
 Deleted
 
C:\WINDOWS\Downloaded Program Files\istactivex.inf
 Infected with: Trojan.Downloader.Istbar.HG
 
C:\WINDOWS\Downloaded Program Files\istactivex.inf
 Disinfection failed
 
C:\WINDOWS\Downloaded Program Files\istactivex.inf
 Deleted
 
C:\WINDOWS\system32\hrsoenf.dll
 Infected with: Trojan.Obfus.Gen
 
C:\WINDOWS\system32\hrsoenf.dll
 Disinfection failed
 
C:\WINDOWS\system32\hrsoenf.dll
 Deleted
 
C:\WINDOWS\system32\sffcbodx.dll
 Infected with: Trojan.Juan.Q
 
C:\WINDOWS\system32\sffcbodx.dll
 Disinfection failed
 
C:\WINDOWS\system32\sffcbodx.dll
 Delete failed
 
C:\WINDOWS\system32\sokubdi.dll
 Infected with: Trojan.Obfus.Gen
 
C:\WINDOWS\system32\sokubdi.dll
 Disinfection failed
 
C:\WINDOWS\system32\sokubdi.dll
 Delete failed
 
C:\WINDOWS\system32\spool\drivers\setup.exe
 Infected with: DeepScan:Generic.Horst.AE2AE578
 
C:\WINDOWS\system32\spool\drivers\setup.exe
 Disinfection failed
 
C:\WINDOWS\system32\spool\drivers\setup.exe
 Deleted
 
C:\WINDOWS\system32\v6.exe
 Suspected of: Generic.Malware.Sdld.1743F721
 
C:\WINDOWS\system32\v6.exe
 Disinfection failed
 
C:\WINDOWS\system32\v6.exe
 Delete failed
 
 
Logfile of HijackThis v1.99.1
Scan saved at 06:32:19, on 07/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32undll32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3apimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
G:\antivirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32undll32.exe "C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe  /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

J'espère avoir suivi correctement la procédure. Dans tous les cas merci pour votre aide !!!
Cordialement
Philippe

Utilisateur anonyme · Answer

Bonjour

Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau 
http://www.malekal.com/download/DiagHelp.zip
- Fais un clic droit sur le fichier et extraire tout 
- Un nouveau dossier chercher va être créé DiagHelp 
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître) 
- Une fenêtre va s'ouvrir, choisis l'option 1 
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande 
- A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela : 
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout 
-- A nouveau menu Edition / copier 
-- Dans un nouveau message ici, faire un clic droit / coller

forcepas · Answer

voici ce que donne dial C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 18:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 18:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 00:56:13 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 00:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 00:51:58 C:\WINDOWS\System32/drivers\pfc.sys -->18/12/2006 21:35:05 C:\WINDOWS\System32/drivers\wpdusb.sys -->18/10/2006 20:00:00 C:\WINDOWS\WindowsUpdate.log -->07/03/2007 19:08:54 C:\WINDOWS\QTFont.qfn -->07/03/2007 19:08:48 C:\WINDOWS\0.log -->07/03/2007 19:08:06 C:\WINDOWS\wiadebug.log -->07/03/2007 19:08:00 C:\WINDOWS\wiaservc.log -->07/03/2007 19:07:41 C:\WINDOWS\bootstat.dat -->07/03/2007 19:07:23 C:\WINDOWS\SchedLgU.Txt -->07/03/2007 08:19:03 C:\WINDOWS\setupapi.log -->07/03/2007 06:50:31 C:\WINDOWS\QTFont.for -->06/03/2007 23:28:16 C:\WINDOWS\win.ini -->02/03/2007 19:19:32 C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe -->19/02/2007 06:30:04 C:\WINDOWS\autoload.exe -->07/02/2007 18:55:48 C:\WINDOWS\NeroDigital.ini -->15/01/2007 17:43:54 C:\WINDOWS\ODBCINST.INI -->28/12/2006 17:53:21 C:\WINDOWS\Thumbs.db -->25/12/2006 16:54:44 C:\WINDOWS\alcrmv.exe |10/03/2004 18:45:34 C:\WINDOWS\alcupd.exe |10/03/2004 18:45:34 C:\WINDOWS\anvshell.exe |24/07/2003 15:19:16 C:\WINDOWS\anvunis.exe |02/05/2004 07:33:17 C:\WINDOWS\autoload.exe |02/01/2004 18:13:23 C:\WINDOWS\bdoscandel.exe |25/05/2006 01:22:06 C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |11/01/2004 19:25:15 C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |24/12/2006 11:58:17 C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe |19/02/2007 17:46:42 C:\WINDOWS\callvers.exe |20/01/2004 18:48:36 C:\WINDOWS\Delvid.exe |02/05/2004 08:44:01 C:\WINDOWS\IPUI_DivXG400.exe |06/02/2005 19:27:53 C:\WINDOWS\IsUn040c.exe |04/01/2004 16:40:52 C:\WINDOWS\IsUn0411.exe |03/01/2004 22:58:17 C:\WINDOWS\IsUninst.exe |02/01/2004 18:21:24 C:\WINDOWS\iun6002.exe |09/12/2004 20:37:24 C:\WINDOWS\livenote.exe |02/05/2004 07:33:18 C:\WINDOWS\liveupd.exe |02/05/2004 07:33:17 C:\WINDOWS\MGXCLEAN.EXE |12/01/2004 21:58:18 C:\WINDOWS\psuninst2.exe |10/02/2007 08:06:21 C:\WINDOWS\shutdownaware.exe |02/05/2004 08:44:01 C:\WINDOWS\slrundll.exe |27/11/2004 22:48:46 C:\WINDOWS\soundman.exe |10/03/2004 18:52:18 C:\WINDOWS wunk_16.exe |24/08/2001 13:00:00 C:\WINDOWS wunk_32.exe |24/08/2001 13:00:00 C:\WINDOWS\unin040c.exe |04/01/2004 16:46:36 C:\WINDOWS\Uninsop9.exe |04/01/2004 16:47:08 C:\WINDOWS\uninst.exe |15/02/2004 19:36:00 C:\WINDOWS\Unnero.exe |03/01/2004 23:07:37 C:\WINDOWS\UNNeroVision.exe |28/11/2004 21:20:07 C:\WINDOWS\unvise32.exe |06/01/2004 12:49:28 C:\WINDOWS\unvise32qt.exe |03/01/2004 22:56:33 C:\WINDOWS\Unwise.exe |09/12/2004 20:38:38 C:\WINDOWS\WNMHINDR.EXE |09/12/2004 20:39:51 C:\WINDOWS\_g6uninst.exe |06/01/2004 12:37:21 C:\WINDOWS\cygwin1.dll |16/01/2005 22:36:31 C:\WINDOWS\cygz.dll |16/01/2005 22:36:31 C:\WINDOWS\eio.dll |02/05/2004 07:33:18 C:\WINDOWS\esellerateEngine.dll |08/10/2004 03:48:48 C:\WINDOWS wain.dll |24/08/2001 13:00:00 C:\WINDOWS wain_32.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\append.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\aswBoot.exe |22/09/2006 05:50:31 C:\WINDOWS\system32\CIMSVR.exe |11/01/2004 19:27:03 C:\WINDOWS\system32\debug.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\DivXsm.exe |09/08/2005 23:13:59 C:\WINDOWS\system32\dosx.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34 C:\WINDOWS\system32\edlin.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\exe2bin.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\fastopen.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\FileOps.exe |30/08/2006 17:27:20 C:\WINDOWS\system32\java.exe |16/02/2007 06:21:24 C:\WINDOWS\system32\javaw.exe |16/02/2007 06:21:24 C:\WINDOWS\system32\javaws.exe |16/02/2007 06:21:24 C:\WINDOWS\system32\keystone.exe |02/05/2004 07:33:23 C:\WINDOWS\system32\LVComS.exe |11/01/2004 19:00:47 C:\WINDOWS\system32\mem.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\mscdexnt.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\NeroCheck.exe |20/09/2005 20:54:07 C:\WINDOWS\system32 lsfunc.exe |24/08/2001 13:00:00 C:\WINDOWS\system32 vappbar.exe |02/05/2004 07:33:23 C:\WINDOWS\system32 vcolor.exe |24/02/2005 06:32:00 C:\WINDOWS\system32 vdspsch.exe |28/01/2004 23:45:00 C:\WINDOWS\system32 vsvc32.exe |02/05/2004 07:33:14 C:\WINDOWS\system32 vudisp.exe |09/02/2004 19:18:23 C:\WINDOWS\system32 w16.exe |24/08/2001 13:00:00 C:\WINDOWS\system32 wiz.exe |02/05/2004 07:33:23 C:\WINDOWS\system32 edir.exe |03/01/2004 20:29:45 C:\WINDOWS\system32\RegistryCleanerSetup.exe |05/03/2007 23:56:46 C:\WINDOWS\system32\RTLCPL.EXE |10/03/2004 18:45:36 C:\WINDOWS\system32\setver.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\share.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\slrundll.exe |27/11/2004 22:48:48 C:\WINDOWS\system32\slserv.exe |27/11/2004 22:48:48 C:\WINDOWS\system32\UNWISE.EXE |21/02/2005 19:59:57 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\vwipxspx.exe |24/08/2001 13:00:00 C:\WINDOWS\system32\ZyDelReg.exe |21/09/2005 18:30:51 C:\WINDOWS\system32\a3d.dll |02/01/2004 18:14:37 C:\WINDOWS\system32\ACDV.dll |20/06/2005 13:56:52 C:\WINDOWS\system32\AGFUNC.DLL |04/01/2004 16:43:57 C:\WINDOWS\system32\amstream.dll |02/01/2004 18:22:48 C:\WINDOWS\system32\anv4disp.dll |02/05/2004 07:33:12 C:\WINDOWS\system32\anvcinst.dll |02/01/2004 18:21:47 C:\WINDOWS\system32\anvctrl.dll |02/05/2004 07:33:19 C:\WINDOWS\system32\anvioctl.dll |22/08/2002 15:56:14 C:\WINDOWS\system32\anvmini.dll |26/12/2001 03:25:30 C:\WINDOWS\system32\Asteroid5.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\Asteroid6.dll |10/05/2004 17:56:50 C:\WINDOWS\system32\ASUSASV2.DLL |11/01/2004 18:50:43 C:\WINDOWS\system32\asusosdnt.dll |02/05/2004 07:33:20 C:\WINDOWS\system32\asustips.dll |02/05/2004 07:33:18 C:\WINDOWS\system32\AsusVr.dll |02/05/2004 07:33:19 C:\WINDOWS\system32\asus_tv_tune.dll |11/01/2004 18:50:44 C:\WINDOWS\system32\ati2cqag.dll |27/11/2004 22:48:57 C:\WINDOWS\system32\ati2dvaa.dll |03/01/2004 20:30:36 C:\WINDOWS\system32\ati2dvag.dll |03/01/2004 20:30:36 C:\WINDOWS\system32\ati3d1ag.dll |03/01/2004 20:30:36 C:\WINDOWS\system32\ati3d2ag.dll |03/01/2004 20:30:36 C:\WINDOWS\system32\ati3duag.dll |27/11/2004 22:48:56 C:\WINDOWS\system32\ativtmxx.dll |27/11/2004 22:48:56 C:\WINDOWS\system32\ativvaxx.dll |27/11/2004 22:48:56 C:\WINDOWS\system32\atmfd.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\atmlib.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\Audio3D.dll |02/01/2004 18:14:37 C:\WINDOWS\system32\avisynth.dll |24/02/2004 19:47:45 C:\WINDOWS\system32\axVideoConvert.dll |19/10/2004 19:33:30 C:\WINDOWS\system32\BASSMOD.dll |02/01/2006 18:51:03 C:\WINDOWS\system32\bSearch2.dll |19/10/2004 19:33:41 C:\WINDOWS\system32\btinstall.dll |03/09/2006 14:10:27 C:\WINDOWS\system32\CIMSVRps.dll |11/01/2004 19:27:03 C:\WINDOWS\system32\CIMVIEW.dll |11/01/2004 19:27:03 C:\WINDOWS\system32\CML4.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\CML5.dll |10/05/2004 17:56:50 C:\WINDOWS\system32\cMPG1V.dll |11/01/2004 18:50:43 C:\WINDOWS\system32\cMPG2V.dll |11/01/2004 18:50:43 C:\WINDOWS\system32\compatui.dll |03/01/2004 20:30:07 C:\WINDOWS\system32\cygwin1.dll |16/01/2005 22:36:31 C:\WINDOWS\system32\cygz.dll |16/01/2005 22:36:31 C:\WINDOWS\system32\czs_ui.dll |13/05/2002 14:05:32 C:\WINDOWS\system32\D066UCPL.DLL |04/01/2004 16:43:57 C:\WINDOWS\system32\D066UFW.DLL |04/01/2004 16:43:57 C:\WINDOWS\system32\D066UUD.DLL |04/01/2004 16:43:57 C:\WINDOWS\system32\D066UUTY.DLL |04/01/2004 16:43:57 C:\WINDOWS\system32\DBCLIENT.DLL |09/05/2004 17:16:17 C:\WINDOWS\system32\Decomb.dll |24/02/2004 19:47:45 C:\WINDOWS\system32\deimg.dll |13/05/2002 14:05:32 C:\WINDOWS\system32\deImg010.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\deImg110.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\deimg301.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\deimg401.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\deImg404.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\deimg602.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\Deimg603.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\DEMOMCDVD_32.DLL |23/11/2004 11:05:40 C:\WINDOWS\system32\dgrpsetu.dll |02/01/2004 17:23:05 C:\WINDOWS\system32\dgsetup.dll |02/01/2004 17:23:05 C:\WINDOWS\system32\DivX.dll |26/03/2002 20:18:21 C:\WINDOWS\system32\divx_xx07.dll |09/08/2005 23:13:52 C:\WINDOWS\system32\divx_xx0c.dll |09/08/2005 23:13:51 C:\WINDOWS\system32\divx_xx11.dll |09/08/2005 23:13:51 C:\WINDOWS\system32\dpl100.dll |09/08/2005 23:12:28 C:\WINDOWS\system32\dpu11.dll |09/08/2005 23:12:27 C:\WINDOWS\system32\dpuGUI11.dll |09/08/2005 23:12:28 C:\WINDOWS\system32\dpus11.dll |09/08/2005 23:12:27 C:\WINDOWS\system32\dpv11.dll |09/08/2005 23:12:27 C:\WINDOWS\system32\DRAGNKL1.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\dtu100.dll |09/08/2005 23:12:28 C:\WINDOWS\system32\eiomini.dll |02/05/2004 07:33:20 C:\WINDOWS\system32\encdec.dll |26/11/2002 15:15:52 C:\WINDOWS\system32\EqnClass.Dll |02/01/2004 17:23:04 C:\WINDOWS\system32\Fs40uUsd.dll |05/09/2006 08:40:51 C:\WINDOWS\system32\FViGxDS1.dll |08/04/1999 14:47:00 C:\WINDOWS\system32\gsLPAC.dll |19/10/2004 19:33:40 C:\WINDOWS\system32\HHActiveX.dll |20/03/2002 21:01:58 C:\WINDOWS\system32\HPODXPAT.DLL |27/05/2004 14:00:52 C:\WINDOWS\system32\hpzcoi05.dll |18/03/2002 12:52:42 C:\WINDOWS\system32\hpzcon05.dll |18/03/2002 12:52:42 C:\WINDOWS\system32\hpzlnt05.dll |18/03/2002 12:52:43 C:\WINDOWS\system32\hsfcisp2.dll |27/11/2004 22:48:53 C:\WINDOWS\system32\hticons.dll |02/01/2004 17:50:51 C:\WINDOWS\system32\hypertrm.dll |02/01/2004 17:50:51 C:\WINDOWS\system32\Iacenc.dll |18/11/1998 15:33:16 C:\WINDOWS\system32\iccvid.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\Igxbm40.dll |17/05/2000 10:13:34 C:\WINDOWS\system32\Igxfrm2x.dll |03/05/1999 11:12:28 C:\WINDOWS\system32\IGXFRM40.dll |07/03/2001 16:10:12 C:\WINDOWS\system32\igxwlcm2.dll |02/06/2000 07:57:48 C:\WINDOWS\system32\imagr5.dll |20/09/2005 20:54:08 C:\WINDOWS\system32\imagx5.dll |20/09/2005 20:54:08 C:\WINDOWS\system32\ImagX7.dll |28/11/2004 21:12:37 C:\WINDOWS\system32\ImagXpr5.dll |20/09/2005 20:54:08 C:\WINDOWS\system32\ImagXpr7.dll |28/11/2004 21:12:37 C:\WINDOWS\system32\ImagXR7.dll |28/11/2004 21:12:37 C:\WINDOWS\system32\ImagXRA7.dll |28/11/2004 21:12:37 C:\WINDOWS\system32\indounin.dll |27/01/1999 13:39:06 C:\WINDOWS\system32\InsDrvZD.dll |21/09/2005 18:30:49 C:\WINDOWS\system32\ir32_32.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\ir41_qc.dll |14/11/2002 12:59:36 C:\WINDOWS\system32\ir41_qcx.dll |14/11/2002 12:59:36 C:\WINDOWS\system32\ir50_qc.dll |14/11/2002 12:59:38 C:\WINDOWS\system32\ir50_qcx.dll |14/11/2002 12:59:40 C:\WINDOWS\system32\isrdbg32.dll |02/01/2004 17:52:10 C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 07:56:08 C:\WINDOWS\system32\JGA1500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGAA500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGAD500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGAP500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGAR500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGAU500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\jgaw400.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\JGDR500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\jgdw400.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\JGDW500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGEA500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGED500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGEM500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGFI500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGFR500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGFS500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGGI500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGI1500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGI3500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGI5500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGID500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGIP500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGIQ500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGIT500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGM1500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGMC500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\jgmd400.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\JGME500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGMI500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGMP500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGN1500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGOS500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGPD500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\jgpl400.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\JGPL500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGPP500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGS1500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGS3500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\jgsd400.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\jgsh400.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\JGSN500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\JGST500.DLL |13/05/2002 15:13:58 C:\WINDOWS\system32\jkhhi.dll |05/03/2007 22:38:29 C:\WINDOWS\system32\lame_enc.dll |19/10/2004 21:55:41 C:\WINDOWS\system32\Lfbmp10n.dll |29/03/1999 11:04:52 C:\WINDOWS\system32\Lfcal10n.dll |29/03/1999 11:04:52 C:\WINDOWS\system32\Lfcmp10n.dll |29/03/1999 11:04:52 C:\WINDOWS\system32\Lffax10n.dll |29/03/1999 11:04:52 C:\WINDOWS\system32\Lffpx10n.dll |29/03/1999 11:04:52 C:\WINDOWS\system32\Lffpx7.dll |21/11/1997 17:03:20 C:\WINDOWS\system32\Lfgif10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfica10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfimg10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfkodak.dll |30/09/1997 13:30:02 C:\WINDOWS\system32\Lflmb10n.dll |30/11/1998 12:52:52 C:\WINDOWS\system32\Lfmac10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfmsp10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfpcd10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfpct10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfpcx10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfpng10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfpsd10n.dll |29/03/1999 11:04:54 C:\WINDOWS\system32\Lfras10n.dll |29/03/1999 11:04:56 C:\WINDOWS\system32\Lftga10n.dll |29/03/1999 11:04:56 C:\WINDOWS\system32\Lftif10n.dll |29/03/1999 11:04:56 C:\WINDOWS\system32\Lfwfx10n.dll |29/03/1999 11:04:56 C:\WINDOWS\system32\libcurl.dll |05/09/2006 08:40:53 C:\WINDOWS\system32\libeay32.dll |09/08/2005 23:13:31 C:\WINDOWS\system32\libssl32.dll |05/09/2006 08:40:54 C:\WINDOWS\system32\lpaccodec.dll |19/10/2004 19:33:40 C:\WINDOWS\system32\lpac_codec_api.dll |19/10/2004 19:33:40 C:\WINDOWS\system32\Ltann10n.dll |01/12/1998 12:58:18 C:\WINDOWS\system32\Ltdis10n.dll |29/03/1999 11:04:56 C:\WINDOWS\system32\Ltfil10n.dll |01/12/1998 12:58:14 C:\WINDOWS\system32\ltfyqvvp.dll |06/03/2007 23:28:13 C:\WINDOWS\system32\Ltimg10n.dll |30/11/1998 12:09:14 C:\WINDOWS\system32\Ltkrn10n.dll |01/12/1998 12:58:06 C:\WINDOWS\system32\lvcodec2.dll |11/01/2004 19:00:46 C:\WINDOWS\system32\lvcoinst.dll |11/01/2004 19:00:48 C:\WINDOWS\system32\LVComC.dll |11/01/2004 19:00:47 C:\WINDOWS\system32\LVUI2.dll |11/01/2004 19:00:47 C:\WINDOWS\system32\LVUI2RC.dll |11/01/2004 19:27:47 C:\WINDOWS\system32\MACDll.dll |19/10/2004 19:33:40 C:\WINDOWS\system32\malslib.dll |20/04/2005 20:11:35 C:\WINDOWS\system32\mdmxsdk.dll |27/11/2004 22:48:52 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06 C:\WINDOWS\system32\MimicICM.dll |11/01/2004 19:27:03 C:\WINDOWS\system32\mp4fil32.dll |26/03/2002 20:18:22 C:\WINDOWS\system32\MPEG2DEC.dll |24/02/2004 19:47:45 C:\WINDOWS\system32\MpegAudio.dll |14/03/2005 07:28:42 C:\WINDOWS\system32\MpegVideo.dll |14/03/2005 07:28:42 C:\WINDOWS\system32\msdmo.dll |02/01/2004 18:22:49 C:\WINDOWS\system32\msencode.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 20:46:58 C:\WINDOWS\system32\mtxparhd.dll |27/11/2004 22:48:50 C:\WINDOWS\system32\MultiSZ.dll |03/01/2004 23:07:36 C:\WINDOWS\system32\NEFLibrary2.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\NEFLibrary3.dll |10/05/2004 17:56:51 C:\WINDOWS\system32\NkNEFPlugin.dll |02/01/2006 18:55:22 C:\WINDOWS\system32\NMH040A.DLL |09/12/2004 20:39:51 C:\WINDOWS\system32\NMOCOD.DLL |14/03/2004 18:27:32 C:\WINDOWS\system32\NMORENU.DLL |14/03/2004 18:27:33 C:\WINDOWS\system32\NMSCKN.DLL |14/03/2004 18:27:33 C:\WINDOWS\system32\NMW3VWN.DLL |14/03/2004 18:27:33 C:\WINDOWS\system32\Npindeo.dll |20/11/1998 13:38:58 C:\WINDOWS\system32 v4_disp.dll |02/05/2004 07:33:12 C:\WINDOWS\system32 vcod.dll |02/05/2004 07:33:21 C:\WINDOWS\system32 vcodins.dll |02/05/2004 07:33:21 C:\WINDOWS\system32 vcpl.dll |02/05/2004 07:33:14 C:\WINDOWS\system32 vgpio.dll |02/05/2004 07:33:19 C:\WINDOWS\system32 vhwvid.dll |24/02/2005 06:32:00 C:\WINDOWS\system32 view.dll |02/05/2004 07:33:23 C:\WINDOWS\system32 vmctray.dll |02/05/2004 07:33:15 C:\WINDOWS\system32 vnt4cpl.dll |02/05/2004 07:33:16 C:\WINDOWS\system32 voglnt.dll |02/05/2004 07:33:14 C:\WINDOWS\system32 vrsar.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrscs.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsda.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsde.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsel.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrseng.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrses.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsesm.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsfi.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsfr.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrshe.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrshu.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsit.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsja.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsko.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsnl.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsno.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrspl.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrspt.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsptb.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrsru.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrssk.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrssl.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrssv.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrstr.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrszhc.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vrszht.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vshell.dll |02/05/2004 07:33:23 C:\WINDOWS\system32 vwddi.dll |02/05/2004 07:33:16 C:\WINDOWS\system32 vwdmcpl.dll |02/05/2004 07:33:16 C:\WINDOWS\system32 vwimg.dll |02/05/2004 07:33:23 C:\WINDOWS\system32 vwrsar.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrscs.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsda.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsde.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsel.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrseng.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrses.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsesm.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsfi.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsfr.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrshe.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrshu.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsit.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsja.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsko.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsnl.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsno.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrspl.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrspt.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsptb.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrsru.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrssk.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrssl.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrssv.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrstr.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrszhc.dll |06/10/2003 14:16:00 C:\WINDOWS\system32 vwrszht.dll |06/10/2003 14:16:00 C:\WINDOWS\system32\opshel32.dll |04/01/2004 16:47:08 C:\WINDOWS\system32\osdmini.dll |02/05/2004 07:33:20 C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16 C:\WINDOWS\system32\PcdLib32.dll |25/02/1998 10:45:10 C:\WINDOWS\system32\pdfcmnnt.dll |30/06/2006 22:30:27 C:\WINDOWS\system32\picn1020.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\picn1120.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\picn20.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\Pixdfltn.dll |04/05/2000 12:55:46 C:\WINDOWS\system32\Pixlocn.dll |04/05/2000 12:55:46 C:\WINDOWS\system32\Pixpermn.dll |04/05/2000 12:55:46 C:\WINDOWS\system32\pscAdimg.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscCllct.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscCStUI.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscDcd.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscDevUI.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscDvlp.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\Pscl2STI.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscll.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscParse.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\pscSetup.dll |13/05/2002 14:05:34 C:\WINDOWS\system32\psdkdll.dll |13/05/2002 14:05:36 C:\WINDOWS\system32\psdkReg.dll |13/05/2002 14:05:36 C:\WINDOWS\system32\PsisDecd.dll |03/01/2004 22:31:32 C:\WINDOWS\system32\psParse.dll |13/05/2002 14:05:36 C:\WINDOWS\system32\PVLJPG20.DLL |25/02/2003 09:36:02 C:\WINDOWS\system32\Pvmjpg20.dll |19/12/2000 12:26:54 C:\WINDOWS\system32\PVWV220.DLL |25/02/2003 09:32:24 C:\WINDOWS\system32\qedwipes.dll |02/01/2004 18:22:49 C:\WINDOWS\system32\qt-dx331.dll |09/08/2005 23:12:28 C:\WINDOWS\system32\RCSigProc.dll |10/05/2004 17:56:48 C:\WINDOWS\system32\RedEye.dll |10/05/2004 17:56:52 C:\WINDOWS\system32 pcc.dll |05/03/2007 19:43:10 C:\WINDOWS\system32\RTLCPAPI.dll |10/03/2004 18:45:36 C:\WINDOWS\system32\S32EVNT1.DLL |04/01/2004 19:32:06 C:\WINDOWS\system32\s3gnb.dll |27/11/2004 22:48:49 C:\WINDOWS\system32\sbe.dll |26/11/2002 15:15:50 C:\WINDOWS\system32\scnlib32.dll |04/05/2000 12:58:02 C:\WINDOWS\system32\scriptpw.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\sffcbodx.dll |05/03/2007 22:39:06 C:\WINDOWS\system32\Sig_Proc.dll |03/01/2004 21:44:27 C:\WINDOWS\system32\slbcsp.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\slbiop.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\slbrccsp.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\slcoinst.dll |27/11/2004 22:48:48 C:\WINDOWS\system32\slextspk.dll |27/11/2004 22:48:48 C:\WINDOWS\system32\slgen.dll |27/11/2004 22:48:48 C:\WINDOWS\system32\sokubdi.dll |05/03/2007 19:44:15 C:\WINDOWS\system32\sonymaea.dll |06/09/2005 20:47:40 C:\WINDOWS\system32\sonymaeb.dll |06/09/2005 20:47:40 C:\WINDOWS\system32\sonymqad.dll |06/09/2005 20:47:39 C:\WINDOWS\system32\sonymsea.dll |06/09/2005 20:47:40 C:\WINDOWS\system32\sonymvdp.dll |06/09/2005 20:47:40 C:\WINDOWS\system32\sonymvea.dll |06/09/2005 20:47:40 C:\WINDOWS\system32\sonymveb.dll |06/09/2005 20:47:41 C:\WINDOWS\system32\sonymvec.dll |06/09/2005 20:47:41 C:\WINDOWS\system32\sonymvqt.dll |06/09/2005 20:47:40 C:\WINDOWS\system32\sonytsea.dll |06/09/2005 20:47:41 C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\spxcoins.dll |02/01/2004 17:23:05 C:\WINDOWS\system32\ssleay32.dll |09/08/2005 23:13:31 C:\WINDOWS\system32\StdFilters2.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\StdFilters3.dll |10/05/2004 17:56:52 C:\WINDOWS\system32\Strato3.dll |03/01/2004 21:44:28 C:\WINDOWS\system32\Strato4.dll |10/05/2004 17:56:53 C:\WINDOWS\system32\Strato5.dll |02/01/2006 18:55:18 C:\WINDOWS\system32 sd32.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\TwnLib20.dll |28/11/2004 21:12:37 C:\WINDOWS\system32\TwnLib4.dll |28/11/2004 21:19:50 C:\WINDOWS\system32\UCS32P.DLL |04/01/2004 16:43:57 C:\WINDOWS\system32\UNACEV2.DLL |21/03/2002 15:39:02 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\vtutu.dll |05/03/2007 22:38:29 C:\WINDOWS\system32\win87em.dll |24/08/2001 13:00:00 C:\WINDOWS\system32\WNASPI32.DLL |10/09/1999 12:06:00 C:\WINDOWS\system32\XVID.DLL |24/02/2004 19:48:38 C:\WINDOWS\system32\yaywvvw.dll |05/03/2007 19:44:10 C:\WINDOWS\system32\ZDBRGDLL.dll |21/09/2005 18:30:51 C:\WINDOWS\system32\ZDPN50.dll |21/09/2005 18:30:51 C:\WINDOWS\system32\_psisdecd.dll |24/12/2006 11:59:10 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\WINDOWS\system 10/09/1999 12:06 4 672 WOWPOST.EXE 1 fichier(s) 4 672 octets 0 Rép(s) 28 263 833 600 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\WINDOWS\system32 19/08/2004 16:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 28 263 833 600 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\WINDOWS\Downloaded Program Files 07/03/2007 06:50 . 07/03/2007 06:50 .. 07/12/2004 16:07 32 bdcore.dll 01/03/2005 14:08 118 784 bdupd.dll 06/03/2007 22:54 CONFLICT.1 06/03/2007 07:05 CONFLICT.2 06/03/2007 07:05 CONFLICT.3 06/03/2007 07:05 CONFLICT.4 02/01/2004 17:53 65 desktop.ini 28/01/2004 15:57 232 dtc32.inf 25/07/2002 16:13 24 576 dwusplay.dll 25/07/2002 16:13 196 608 dwusplay.exe 03/10/2005 14:43 274 432 fixengine.dll 21/07/2006 11:30 1 703 GuidedSolutions.inf 26/06/2006 12:30 346 680 hpbasicdetection3.dll 21/07/2006 11:30 221 184 HPCommunication.dll 08/07/2005 15:22 319 488 HPeDiag.dll 14/09/2006 17:30 88 136 HPGetDownloadManager.ocx 11/08/2005 10:11 135 168 hpscripting.dll 13/05/2004 17:03 348 160 inotes.dll 24/03/2005 10:40 860 inotes.inf 08/04/2006 22:59 274 432 InternetUtil2.dll 01/03/2005 14:08 53 248 ipsupd.dll 25/07/2002 16:05 172 032 isusweb.dll 25/08/2003 18:12 1 096 iuctl.inf 12/10/2006 03:07 898 jinstall-1_5_0_09.inf 08/08/2006 11:45 576 kavwebscan.inf 09/03/2005 15:42 6 742 lang.ini 27/07/2006 12:52 367 LegitCheckControl.inf 07/12/2004 16:07 32 libfn.dll 18/02/2005 16:22 126 live.ini 29/05/2003 15:00 160 864 messengerstatsclient.dll 29/05/2003 15:00 77 408 msgrchkr.dll 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 25/02/2004 14:45 307 200 rulesengine.dll 09/03/2005 15:43 6 828 scanoptions.tsi 09/11/2006 14:36 5 019 swflash.inf 27/06/2006 21:25 229 984 XUpload.ocx 34 fichier(s) 3 845 341 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 06/03/2007 22:54 . 06/03/2007 22:54 .. 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2 06/03/2007 07:05 . 06/03/2007 07:05 .. 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.3 06/03/2007 07:05 . 06/03/2007 07:05 .. 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.4 06/03/2007 07:05 . 06/03/2007 07:05 .. 0 fichier(s) 0 octets Total des fichiers listés : 34 fichier(s) 3 845 341 octets 14 Rép(s) 28 263 829 504 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Liste des programmes installes a-squared Free 2.1 ACDSee 9 Gestionnaire de photos Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 9 ActiveX Adobe Help Center 2.0 Adobe Illustrator 10 Evaluation Adobe Lightroom Adobe Photoshop CS2 Adobe Photoshop CS2 Adobe Photoshop Elements Adobe Reader 7.0.8 - Français Adobe Stock Photos 1.0 Adobe SVG Viewer 3.0 Alcohol 120% ArcSoft Panorama Maker 3.0 ASUS Digital VCR ASUS Display Drivers ASUS Display Drivers ASUS GameFace ASUS GameFace ASUS SmartDoctor ASUS SmartDoctor ASUSDVD XP AutoUpdate avast! Antivirus AVG Anti-Spyware 7.5 BetaPlayer BlueSoleil Broadcom Gigabit Integrated Controller Broadcom Gigabit Integrated Controller Caere Scan Manager 5.1 Canon-SE TWAIN Canon ScanGear Toolbox CS 2.5 Canon ScanGear Toolbox FAU 2.5 Capture NX Cariboost Free Edition v1 CCleaner (remove only) Correctif pour Windows XP (KB914440) Correctif Windows XP - KB834707 Correctif Windows XP - KB867282 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 COSMOPOLITAN Virtual Look 3 cTide (remove only) DirectUpdate DivX DivX 5.0.2 Pro Bundle DivXG400 DVD Audio Extractor 4.2.0 eMule Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP FileZilla (remove only) Free - Kit de connexion Fugawi 3.0.3 Update Google Earth GpsGate GpsViewer Grand Atlas Routier et Touristique de France GXTranscoder h5400_h5500 WLAN Driver 133_Fra HijackThis 1.99.1 Hotfix for Windows XP (KB909394) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) hp deskjet 5550 series (Supprimer uniquement) HP Photosmart Essential hp print screen utility HP Software Update IGN Rando Img2Ozf Version 2 IrfanView (remove only) J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 9 Java 2 Runtime Environment, SE v1.4.2_04 K!TV Kaspersky On-line Scanner Kaspersky Online Scanner Kasuei Hitchhiker KC Softwares VideoInspector la version d'évaluation de Namo WebEdiotor 6 Label Maker Plus 2.1 Lecteur Windows Media 11 Logitech Desktop Messenger Logitech IM Video Companion Logitech SetPoint Macromedia Extension Manager Macromedia Flash 8 Macromedia Flash 8 Video Encoder Macromedia Flash Player 8 Macromedia Flash Player 8 Plugin Macromedia Shockwave Player Magic Function MainConcept DV Codec MainConcept DV Codec MainConcept MainActor v5.2 MainConcept MainActor v5.2 MapSource MapSource MapSource - European Roads and Recreation v4.00 MapSource - Trip & Waypoint Manager v2 MapSource - Trip & Waypoint Manager v2 MediaPortal Memory-Map Navigator Micrografx Designer 9.0 Microsoft .NET Compact Framework 1.0 SP3 Microsoft .NET Compact Framework 2.0 SP1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft ActiveSync 4.0 Microsoft AutoRoute Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Flight Simulator 2004 Un siècle d'aviation Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 CD-ROM 2 Microsoft Office XP Professional avec FrontPage Microsoft SQL Server 2005 Mobile Edition Device SDK Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB931836) Monitor Calibration Wizard 1.0 Monkey's Audio MouseRemote (TM) MovieShaker 3.1 pour MICROMV Mozilla Firefox (2.0.0.1) MSXML 4.0 SP2 (KB927978) Namo WebUtilities Neodivx Nero 6 Ultra Edition NeroVision Express 3 Nikon Message Center Nikon View 6 NikonCapture NVIDIA Drivers NVIDIA WDM Drivers Nvu 1.0 OmniPage Pro 9.0 Orb OziExplorer 3.95 PDAwin TV remote controller PDFCreator PhotoFiltre PICVideo Codecs Pinnacle MPEG Realtime Codec PPC 2003 - MSN (R) Messenger Update PPC 2003 - MSN (R) Messenger Update QuickPar 0.9 QuickTime Realtek AC'97 Audio Rippack v3 beta 16.1 SAGEM F@st 800-908 Security Update for Microsoft .NET Framework 2.0 (KB922770) Security Update pour Microsoft .NET Framework 2.0 (KB917283) Skype 2.5 Skype with Doro225 Spybot - Search & Destroy 1.4 Symantec Network Driver Update Theme Generator V2 USB Mass Storage Reader Visionneuse Journal Windows Microsoft WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Messenger Windows Media Encoder 9 Series Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 10 Hotfix - KB894476 Windows Media Player 11 Windows Movie Maker 2 Winter Fun Pack Windows Movie Maker 2.0 Windows XP Service Pack 2 WinFlash WinRAR Archiveur WinZip X10 Hardware(TM) XPC 802.11b+g Wireless Kit Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\Program Files 02/03/2007 19:24 Adobe 06/03/2007 07:04 a-squared Free 06/03/2007 18:06 CCleaner 22/10/2004 17:56 cTide 13/01/2007 18:04 CyberLink 09/05/2004 16:24 DirectUpdate 02/07/2005 07:20 directx 14/10/2005 20:33 DivX 13/01/2007 19:54 DVD Audio Extractor 02/07/2005 07:20 easydivx 05/03/2007 19:28 e.... 01/01/2007 17:34 ffdshow 13/01/2007 18:03 Fichiers communs 16/04/2006 20:07 FileZilla 26/03/2004 18:50 Free.fr 05/09/2006 08:48 G6 FTP Server 25/06/2004 18:45 garmin 21/07/2005 21:19 Google 28/04/2004 18:20 Grand Atlas Routier France 06/03/2007 18:22 Grisoft 02/07/2005 07:20 GSpot 10/06/2004 22:02 GT2002 15/01/2007 18:35 GXTranscoder 19/10/2006 06:44 Hewlett-Packard 05/01/2004 18:41 HighMAT CD Writing Wizard 19/10/2006 06:46 HP 04/01/2004 16:40 hp deskjet 5550 series 14/03/2004 18:27 IGN Rando 22/09/2006 07:00 Indentsoft Label Maker Plus 02/01/2004 18:14 Intel 18/02/2007 17:57 Internet Explorer 30/09/2006 06:32 Intuisphere 02/01/2005 17:53 IrfanView 03/09/2006 14:13 IVT Corporation 16/02/2007 06:21 Java 19/10/2006 05:04 K!TV 06/07/2005 18:38 KC Softwares 31/12/2006 12:55 KeyGen Crack 28/06/2006 21:08 Label Wizard 05/09/2006 08:40 LaserSoft 13/01/2007 18:04 Logitech 02/07/2005 07:20 LOXANE 31/10/2006 07:22 Macromedia 04/09/2004 15:35 Maction 02/04/2004 18:55 Magic Function 13/09/2006 07:45 MainConcept 17/03/2004 22:06 Memory-Map 09/02/2005 17:40 Messenger 03/05/2004 21:17 Micrografx 06/01/2007 19:01 Microsoft .NET Compact Framework 1.0 SP3 10/02/2007 08:06 Microsoft ActiveSync 20/02/2004 22:04 Microsoft AutoRoute 03/01/2004 22:50 microsoft frontpage 14/03/2004 19:07 Microsoft Games 06/01/2004 12:37 Microsoft Office 30/11/2006 07:09 Microsoft SQL Server 2005 Mobile Edition 06/01/2007 19:06 Microsoft.NET 01/09/2006 13:10 Monitor Calibration Wizard 02/07/2005 07:21 Monkey's Audio 02/07/2005 07:20 Morgan 24/12/2004 17:01 MouseRemote 06/09/2005 20:26 Movie Maker 01/01/2007 15:42 Mozilla Firefox 02/01/2004 17:51 MSN 02/01/2004 17:50 MSN Gaming Zone 02/03/2007 06:47 MSN Messenger 25/12/2006 17:02 MSXML 4.0 12/01/2007 06:40 MUSICMATCH 04/09/2006 13:49 Namo 02/07/2005 07:16 NetMeeting 06/01/2007 07:32 Nikon 11/09/2006 07:43 Nvu 24/04/2004 21:04 OfficeUpdate11 06/10/2006 17:58 Orb Networks 18/12/2006 21:37 Outlook Express 12/07/2004 22:02 OziExplorer 30/06/2006 22:31 PDFCreator 17/02/2007 17:22 PhotoFiltre 02/07/2005 07:52 Pinnacle 27/12/2004 22:35 QuickPar 02/07/2005 07:22 QuickTime 11/01/2004 19:26 Real 02/07/2005 07:20 Realtek Sound Manager 06/03/2007 07:05 RealVNC 13/02/2004 19:24 RegCleaner 06/02/2005 19:20 Rippackv3 02/01/2004 17:53 Services en ligne 01/07/2004 20:45 Skype 04/01/2007 07:12 Skype with Doro225 30/06/2005 18:28 SmartSound Software 03/01/2004 22:50 Snapshot Viewer 06/09/2005 20:47 Sony 05/03/2007 22:58 Spybot - Search & Destroy 03/05/2004 21:15 Ssce 19/10/2006 04:39 Team MediaPortal 04/01/2007 07:19 Theme Generator 19/10/2006 04:33 Visicom Media 02/07/2005 07:20 WDGPS 29/04/2004 22:51 Webteh 02/07/2005 07:20 WinAce 04/11/2004 16:46 Winamp 06/01/2004 12:01 Windows Journal Viewer 11/01/2004 19:26 Windows Media Components 08/12/2006 22:00 Windows Media Connect 2 08/12/2006 22:58 Windows Media Player 27/11/2004 22:44 Windows NT 05/01/2004 18:43 Windows XP Fun Pack 02/07/2005 07:21 WinISO 06/01/2004 12:29 WinRAR 30/06/2006 22:05 WinZip 01/03/2007 07:22 WLAN 24/12/2004 17:09 X10 Hardware 02/01/2004 17:54 xerox 23/02/2005 19:58 XoftSpy 16/09/2006 07:07 Xpress Software 18/12/2006 21:23 Yahoo! 0 fichier(s) 0 octets 116 Rép(s) 28 263 501 824 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\Program Files\fichiers communs 13/01/2007 18:03 . 13/01/2007 18:03 .. 18/12/2006 21:35 ACD Systems 11/10/2006 06:00 Adobe 25/09/2006 06:44 Adobe Systems Shared 28/11/2004 21:12 Ahead 04/01/2004 16:47 Caere 03/01/2004 22:47 Designer 02/07/2005 07:28 Fugawi 28/04/2004 18:20 GIS 19/10/2006 06:46 HP 03/05/2004 21:15 iGrafx 02/07/2005 07:20 InstallShield 09/04/2004 11:21 Java 24/12/2006 11:56 Logitech 31/10/2006 07:23 Macromedia 28/04/2004 18:20 Mapserv 19/10/2006 06:47 Microsoft Shared 02/01/2004 17:51 MSSoap 06/01/2007 07:32 Nikon 02/07/2005 07:20 ODBC 07/06/2004 21:45 Real 02/01/2004 17:52 Services 03/01/2004 22:58 Sony Shared 02/01/2004 17:23 SpeechEngines 19/12/2006 06:18 System 02/07/2005 07:20 Ulead Systems 07/07/2005 20:06 Vbox 01/07/2006 17:37 Wise Installation Wizard 0 fichier(s) 0 octets 29 Rép(s) 28 263 510 016 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 06/01/2004 12:38 . 06/01/2004 12:38 .. 06/01/2004 12:37 1033 06/01/2004 12:38 1036 15/02/2001 06:45 1 318 912 MSONSEXT.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 06/08/2000 10:04 401 462 MSVCP60.DLL 22/01/2001 04:25 69 632 PKMAXCTL.DLL 22/01/2001 04:25 872 448 PKMCDO.DLL 22/01/2001 04:25 159 744 PKMCORE.DLL 07/02/2001 10:59 106 496 PKMFORMS.DLL 12/02/2001 05:03 684 032 PKMRES.DLL 22/01/2001 04:25 28 672 PKMSSTLB.DLL 22/01/2001 04:25 40 960 PKMTEMPL.DLL 22/01/2001 04:25 24 576 PKMTRACE.DLL 22/01/2001 04:25 86 016 PKMWS.DLL 22/01/2001 04:25 237 568 PROMDEMO.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 22/01/2001 04:25 184 320 SECMGR.DLL 22/01/2001 04:25 323 584 VAIDDMGR.DLL 22/01/2001 04:25 32 768 VAIMEM.DLL 18 fichier(s) 5 415 137 octets 4 Rép(s) 28 263 510 016 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\Program Files\common files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6885-B50F Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 28 263 510 016 octets libres c:\Documents and Settings\All Users\Application Data\vidcap\vidcap.exe c:\Documents and Settings\All Users\Menu Démarrer\Programmes\Award Utility\WinFlash.EXE c:\Documents and Settings\BB443B11-7D12-450c-9F85-2D32804655F9 emp\hpfinstx.exe c:\Documents and Settings\BB443B11-7D12-450c-9F85-2D32804655F9 emp\hpfiui.exe c:\Documents and Settings\PG\Application Data\Image Zone Express\HPSoftwareUpdate.exe c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{106F886B-A874-43DF-BCC4-01DB57E1F3C6}\IconTmpl5.26D6FF13_F77C_402E_8E96_9E49DFBBAF31.exe c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{47BD3745-EAFF-48FC-A9ED-E580C681B5C4}\_18be6784.exe c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{7A0BAED2-066E-4B4F-8FA5-472A4655F4C2}\_5af141bb.exe c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe c:\Documents and Settings\PG\Local Settings\Temporary Internet Files\Content.IE5\P4WVVHSE\NewMediaCodecInstaller[1].exe c:\Documents and Settings\PG\Mes documents\oliv92.exe c:\Documents and Settings\PG\Mes documents\SmartDoc.exe c:\Documents and Settings\PG\Mes documents\Arnaud\ccsetup136.exe c:\Documents and Settings\PG\Mes documents\Arnaud\Setup.exe c:\Documents and Settings\PG\Mes documents\emule\5550-fra-win2k_xp.exe c:\Documents and Settings\PG\Mes documents\emule\ACEMCP603PRO.exe c:\Documents and Settings\PG\Mes documents\emule\Anonymizer_Software.exe c:\Documents and Settings\PG\Mes documents\emule\babylon_larousse_fre_eng_spa_ger_ita_fre_multidico.exe c:\Documents and Settings\PG\Mes documents\emule\Codec_Sniper.exe c:\Documents and Settings\PG\Mes documents\emule\dvdaudioextractor.exe c:\Documents and Settings\PG\Mes documents\emule\dws2_trial_e.exe c:\Documents and Settings\PG\Mes documents\emule\dxwebsetup.exe c:\Documents and Settings\PG\Mes documents\emule\eMule0.44b_Installer.exe c:\Documents and Settings\PG\Mes documents\emule\eMule0.47c-Installer.exe c:\Documents and Settings\PG\Mes documents\emule\GoogleEarth.exe c:\Documents and Settings\PG\Mes documents\emule\grabit_grabit_anglais_11960.exe c:\Documents and Settings\PG\Mes documents\emule\ipanonymizer.exe c:\Documents and Settings\PG\Mes documents\emule\kav6.0.2.614fr.exe c:\Documents and Settings\PG\Mes documents\emule\MAC_399F.exe c:\Documents and Settings\PG\Mes documents\emule\modele_meteo_gfs_setup.exe c:\Documents and Settings\PG\Mes documents\emule etstumblerinstaller_0_4_0.exe c:\Documents and Settings\PG\Mes documents\emule\PagePlus50PreloaderNoReg.exe c:\Documents and Settings\PG\Mes documents\emule\PDFCreator-0_9_1_GPLGhostscript.exe c:\Documents and Settings\PG\Mes documents\emule\QuickPar-0.9.1.0-FRA.exe c:\Documents and Settings\PG\Mes documents\emule\QuickTimeFullInstaller.exe c:\Documents and Settings\PG\Mes documents\emule\sherlock.exe c:\Documents and Settings\PG\Mes documents\emule\ShowShifter-Setup.exe c:\Documents and Settings\PG\Mes documents\emule\spybotsd14.exe c:\Documents and Settings\PG\Mes documents\emule\UVS7_Patch_F.exe c:\Documents and Settings\PG\Mes documents\emule\WM9Codecs.exe c:\Documents and Settings\PG\Mes documents\emule\XoftSpy410.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\PG\Mes documents\emule\DIVX\EasyDivX_0820_standard.exe c:\Documents and Settings\PG\Mes documents\emule\DVB\dotnetfx.exe c:\Documents and Settings\PG\Mes documents\emule\DVB\KTV2.3.0.1\setup-2.3.0.1.exe c:\Documents and Settings\PG\Mes documents\emule\DVB\MediaPortal_0.2\setup.exe c:\Documents and Settings\PG\Mes documents\emule\DVB\PouchinTV_0.3a\PouchinTV.exe c:\Documents and Settings\PG\Mes documents\emule\flaskmpeg_078_39\FlasKMPEG.exe c:\Documents and Settings\PG\Mes documents\emule\install_pn15G\Driver_SoftAP\Setup.exe c:\Documents and Settings\PG\Mes documents\emule v7184_w2kxp v7184_w2kxp vudisp.exe c:\Documents and Settings\PG\Mes documents\emule v7184_w2kxp v7184_w2kxp\setup.exe c:\Documents and Settings\PG\Mes documents\emule\outils web\easygifanimator3.exe c:\Documents and Settings\PG\Mes documents\emule\outils web\flash_flash_8_evaluation_francais_15287.exe c:\Documents and Settings\PG\Mes documents\emule\outils web\gmg4.exe c:\Documents and Settings\PG\Mes documents\emule\outils web amo-webeditor_namo_webeditor_6.0_francais_10166.exe c:\Documents and Settings\PG\Mes documents\emule\outils web vu_nvu_1.0_francais_11208.exe c:\Documents and Settings\PG\Mes documents\emule\outils web\setup-e-anim7_01_004c.exe c:\Documents and Settings\PG\Mes documents\emule\outils web oweb_toweb_1.53_francais_15418.exe c:\Documents and Settings\PG\Mes documents\emule\outils web\TVE2-Eval.exe c:\Documents and Settings\PG\Mes documents\emule\outils web\webalbum_setup.exe c:\Documents and Settings\PG\Mes documents\emule\svg_tomtom\keygen para mapas tomtom one by FL0RIAN\Keygenerator TomTom GO ONE\Key.exe c:\Documents and Settings\PG\Mes documents\emule\svg_tomtom\Keygenerator_TomTom_GO_ONE\Keygenerator TomTom GO ONE\Key.exe c:\Documents and Settings\PG\Mes documents\emule omtom-one-western-europe copia sd t-one wesern-europe\Start.exe c:\Documents and Settings\PG\Mes documents\emule omtom-one-western-europe copia sd t-one wesern-europe\2577\AutoRun.exe c:\Documents and Settings\PG\Mes documents\emule omtom-one-western-europe copia sd t-one wesern-europe\2577\autorun.exe-install c:\Documents and Settings\PG\Mes documents\emule omtom-one-western-europe copia sd t-one wesern-europe\2577\autorun.exe-run c:\Documents and Settings\PG\Mes documents\emule\TomTom_5.21\crack.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\autorun.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\hpzglu07.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\setup.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra t4\Disk1\setup.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra t4\Disk1 t4\delay.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra t4\Disk1 t4\DIRECT~1.EXE c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra t4\Disk1 t4\hpfinstx.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra t4\Disk1 t4\hpfldr.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra t4\Disk1 t4\hpfsplsh.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpfpdi07.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpzghl07.exe c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpzpin07.exe c:\Documents and Settings\PG\Mes documents\Forcepas\wptman.exe c:\Documents and Settings\PG\Mes documents\Forcepas\archives\Dossiers First30.org\Electricité\Electricité.exe c:\Documents and Settings\PG\Mes documents\Forcepas\archives\Dossiers First30.org\GPS 152\Updater.exe c:\Documents and Settings\PG\Mes documents\Forcepas\astro\snav32s.exe c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailc4.exe c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailc6.exe c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailcut4.exe c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailcut6.exe c:\Documents and Settings\PG\Mes documents\Forcepas\conception\vb3dlls.exe c:\Documents and Settings\PG\Mes documents\Forcepas ides\SETUP.EXE c:\Documents and Settings\PG\Mes documents\Forcepas ides\WXTIDE32.EXE c:\Documents and Settings\PG\Mes documents\free\vlc-0.8.4a-win32.exe c:\Documents and Settings\PG\Mes documents\Garmin\UPDATER.EXE c:\Documents and Settings\PG\Mes documents\IPAQ\CalcNow_1.0.exe c:\Documents and Settings\PG\Mes documents\IPAQ\ctidesetup.exe c:\Documents and Settings\PG\Mes documents\IPAQ\Microsoft_eMbedded_Visual_Tools_3.0.exe c:\Documents and Settings\PG\Mes documents\IPAQ\NevoHP54XXUpdate.exe c:\Documents and Settings\PG\Mes documents\IPAQ\pqv.exe c:\Documents and Settings\PG\Mes documents\IPAQ\pqview.2.013_ppc.exe c:\Documents and Settings\PG\Mes documents\IPAQ\PToys.exe c:\Documents and Settings\PG\Mes documents\IPAQ\setup_msn.exe c:\Documents and Settings\PG\Mes documents\IPAQ\SkypeForPocketPC.exe c:\Documents and Settings\PG\Mes documents\IPAQ\TimePiece_1.0.exe c:\Documents and Settings\PG\Mes documents\IPAQ\GpsGatePPC_beta\GpsGateCE.exe c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\chessppc_chessppc_anglais_12166.exe c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\leofs_ppc_arm.exe c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\Leos_Flight_Simulator_Beta_8_-_ARM_-iPaq-.exe c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\PacFun.ARM.exe c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\PortaPinSetup300.exe c:\Documents and Settings\PG\Mes documents\IPAQ\maree_ozons\calcul_maree\CalculMaréePPC.exe c:\Documents and Settings\PG\Mes documents\IPAQ\Mise à jour MS 2003\FRA_SP_2_00_03b.exe c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\acrobat_reader_pour_pocket_pc_2.0_arm_ipaq_anglais_11360.exe c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\acrobatreader-ppcARM-fr_fr.exe c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\activesync_activesync_4.2_francais_11338.exe c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Microsoft_Transcriber_1.51.exe c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Pocket.15C.Scientific.Calculator.v1.0.ARM.PPC.Cracked-COREPDA\cr-p15c1\CORE10k.EXE c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Pocket.15C.Scientific.Calculator.v1.0.ARM.PPC.Cracked-COREPDA\cr-p15c1\setup.exe c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\PocketDivXEncoder_0.3.50.exe c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\PocketTVSetup-0[1].15.3.exe c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\betaplayer\betaplayer[1].setup.STABLE.0.5.exe c:\Documents and Settings\PG\Mes documents\IPAQ\WLAN\ReadMe.exe c:\Documents and Settings\PG\Mes documents\IPAQ\WLAN\Setup_h54-5500WLANDrv133.exe c

Utilisateur anonyme · Answer

Re


Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les  manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

$$ TéléchargeSDFix sur ton bureau 
http://downloads.andymanchesta.com/RemovalTools/SDFix.zip 


$$ Télécharge Brute Force Uninstaller (de Merijn)
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)


$$ FAIS UN CLIC-DROIT sur le lien suivant
http://metallica.geekstogo.com/EGDACCESS.bfu 
et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).


$$ FAIS UN CLIC-DROIT sur le lien suivant
http://perso.orange.fr/Chercheur-perso/scripts/toolbar.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger toolbar.bfu (de Chercheur). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : toolbar.bfu et BFU.exe (très important).


$$ Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer.
* Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

Note Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".


$$ Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.


$$ Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

--- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

EGDACCESS.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

--- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

toolbar.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU	oolbar.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

Clique Exit pour fermer le programme BFU.


$$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout" 
Double-clique sur RunThis.bat 
Tape Y pour lancer le script. 
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire 
Presse une touche pour redémarrer

Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche 


Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt", le rapport qui se trouve ici C:\vundofix.txt, le rapport situé ici C:\egd.txt et un nouveau HijackThis.

forcepas · Answer

bonjour,
voici le résultat des nettoyages de ce matin


SDFix: Version 1.69

Run by PG - 08/03/2007 @ 11:48:26,34

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services: 




Killing PID 184 'smss.exe'
Killing PID 256 'winlogon.exe'
Killing PID 256 'winlogon.exe'

Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\SYSTEM32\5M0T51~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\CLTEFR~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\E3B82K~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\K23I0J~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\Q0FD5M~1.HTM - Deleted
C:\WINDOWS\system32pcc.dll - Deleted
C:\WINDOWS\system32\TFTP360 - Deleted



ADS Check:

C:\WINDOWS\system32
No streams found.


                                 Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:Connection Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\WINDOWS\system32\CIMSVR.exe"="C:\WINDOWS\system32\CIMSVR.exe:*:Enabled:Logitech IM Video Companion Server"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Disabled:Logiciel de transfert de fichiers"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Namo\WebEditor 6 Trial\bin\WebEditor.exe"="C:\Program Files\Namo\WebEditor 6 Trial\bin\WebEditor.exe:*:Disabled:Namo WebEditor 6"
"C:\Program Files\Namo\WebCanvas Trial\bin\WebCanvas.exe"="C:\Program Files\Namo\WebCanvas Trial\bin\WebCanvas.exe:*:Disabled:WebCanvas Application (Version d'évaluation)"
"C:\Program Files\Intuisphere\Cariboost Free Edition v1\cariboost.exe"="C:\Program Files\Intuisphere\Cariboost Free Edition v1\cariboost.exe:*:Enabled:cariboost"
"C:\Program Files\Orb Networks\Orb\bin\Orb.exe"="C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Orb Networks\Orb\bin\xmltv.exe"="C:\Program Files\Orb Networks\Orb\bin\xmltv.exe:*:Enabled:OrbTVGuide"
"C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe:*:Enabled:OrbChannelScan"
"C:\Documents and Settings\All Users\Application Data\Spontania4IM\spontaniavideo.exe"="C:\Documents and Settings\All Users\Application Data\Spontania4IM\spontaniavideo.exe:*:Disabled:Dialcom Spontania video4IM"
"C:\Program Files\HP\Image Zone Express\HP_IZE.exe"="C:\Program Files\HP\Image Zone Express\HP_IZE.exe:*:Enabled:HP Image Zone Express"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip


Checking For Files with Hidden Attributes :

C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\GbDetect.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll
C:\Program Files\Adobe\Acrobat 7.0\Esl\AiodLite.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\ACE.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\Acrofx32.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeLinguistic.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\agldt28l.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AGM.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\atl.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXE16SharedExpat.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXE8SharedExpat.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXEParser.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXSLE.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\BIB.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\CoolType.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\edb1drv.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\edb500x.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\epic_eula.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\esdupdate.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\eularesen_US.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\eularesfr_FR.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\JP2KLib.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\libaglcnv28.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\Onix32.dll
C:\Program Files\Adobe\Acrobat 7.0\Readert3d.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser
ppdf32.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\SVGCore.DLL
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\en_US\svgrsrc.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\fr_FR\svgrsrc.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\OLS\OnlineServices.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\ACE.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\AGM.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\asn.er.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\BIB.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\BIBUtils.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\coldware.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\CoolType.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\MPS.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\OPP.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\PCDlib32.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\PDFL50.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\plugin.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Pspdll16.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Pspdll32.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Sangam.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Shfolder.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\SVGExport.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\SVGRE.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\THUMBVW.DLL
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\System\AI90Res.dll
C:\Program Files\Adobe\Photoshop Elements\ACE.dll
C:\Program Files\Adobe\Photoshop Elements\ActiveShare.dll
C:\Program Files\Adobe\Photoshop Elements\AGM.dll
C:\Program Files\Adobe\Photoshop Elements\Asn.er.dll
C:\Program Files\Adobe\Photoshop Elements\Bib.dll
C:\Program Files\Adobe\Photoshop Elements\CoolType.dll
C:\Program Files\Adobe\Photoshop Elements\HtmlViewLib.dll
C:\Program Files\Adobe\Photoshop Elements\MPS.dll
C:\Program Files\Adobe\Photoshop Elements\MSVCP60.DLL
C:\Program Files\Adobe\Photoshop Elements\Msvcrt10.dll
C:\Program Files\Adobe\Photoshop Elements\pcdlib32.dll
C:\Program Files\Adobe\Photoshop Elements\PDFL47.dll
C:\Program Files\Adobe\Photoshop Elements\Photoshop.dll
C:\Program Files\Adobe\Photoshop Elements\PictureCD.dll
C:\Program Files\Adobe\Photoshop Elements\plugin.dll
C:\Program Files\Adobe\Photoshop Elements\PSUT9516.DLL
C:\Program Files\Adobe\Photoshop Elements\Psut9532.dll
C:\Program Files\Adobe\Photoshop Elements\PSViews.dll
C:\Program Files\Adobe\Photoshop Elements\SfUpload.dll
C:\Program Files\Adobe\Photoshop Elements\Shfolder.dll
C:\Program Files\Adobe\Photoshop Elements\UID.mr.dll
C:\Program Files\Adobe\Photoshop Elements\Uninst.dll
C:\Program Files\Adobe\Photoshop Elements\Modules externes\Libraries\Plugin.dll
C:\Program Files\Ahead\ImageDrive\idriveinst.dll
C:\Program Files\Ahead\ImageDrive\imagedrv.dll
C:\Program Files\Ahead\Nero\AudioPluginMgr.dll
C:\Program Files\Ahead\Nero\CDCopy.dll
C:\Program Files\Ahead\Nero\cdr100.dll
C:\Program Files\Ahead\Nero\cdr50s.dll
C:\Program Files\Ahead\Nero\CDROM.dll
C:\Program Files\Ahead\Nero\cdu920.dll
C:\Program Files\Ahead\Nero\cr2200cs.dll
C:\Program Files\Ahead\Nero\Drweb32.dll
C:\Program Files\Ahead\Nero\DVDREALLOC.dll
C:\Program Files\Ahead\Nero\Dws114x.dll
C:\Program Files\Ahead\Nero\em2v.dll
C:\Program Files\Ahead\Nero\Equalize.dll
C:\Program Files\Ahead\Nero\FATImporter.dll
C:\Program Files\Ahead\Nero\GENCUSH.dll
C:\Program Files\Ahead\Nero\Generatr.dll
C:\Program Files\Ahead\Nero\GenFAT.dll
C:\Program Files\Ahead\Nero\geniso.dll
C:\Program Files\Ahead\Nero\GenPCHy.dll
C:\Program Files\Ahead\Nero\GenUDF.dll
C:\Program Files\Ahead\Nero\image.dll
C:\Program Files\Ahead\Nero\ImageGen.dll
C:\Program Files\Ahead\Nero\ims.dll
C:\Program Files\Ahead\Nero\ISOFS.dll
C:\Program Files\Ahead\Nero\KARAOKE.dll
C:\Program Files\Ahead\Nero\mfc42.DLL
C:\Program Files\Ahead\Nero\MMC.dll
C:\Program Files\Ahead\Nero\MPGEnc.dll
C:\Program Files\Ahead\Nero\msvcrt.dll
C:\Program Files\Ahead\Nero\Nedsp.dll
C:\Program Files\Ahead\Nero\NeEm2a.dll
C:\Program Files\Ahead\Nero\NeHDBlkAccess.dll
C:\Program Files\Ahead\Nero\NeMP3Dmo.dll
C:\Program Files\Ahead\Nero\NeMP3Hlp.dll
C:\Program Files\Ahead\Nero
eroAPI.dll
C:\Program Files\Ahead\Nero\NeroCom.dll
C:\Program Files\Ahead\Nero
eroDB.dll
C:\Program Files\Ahead\Nero
eroErr.dll
C:\Program Files\Ahead\Nero\NeroMediaCon.dll
C:\Program Files\Ahead\Nero\NeroNet.dll
C:\Program Files\Ahead\Nero
eroscsi.dll
C:\Program Files\Ahead\Nero
eRSDB.dll
C:\Program Files\Ahead\Nero\NetRecorder.dll
C:\Program Files\Ahead\Nero\NeVCDEngine.dll
C:\Program Files\Ahead\Nero
ewtrf.dll
C:\Program Files\Ahead\Nero\READHD16.dll
C:\Program Files\Ahead\Nero\ReadHD32.dll
C:\Program Files\Ahead\Neroo1420c.dll
C:\Program Files\Ahead\Nero\SHORTCUT.DLL
C:\Program Files\Ahead\Nero\TMPVImporter.dll
C:\Program Files\Ahead\Nero\UDFImporter.dll
C:\Program Files\Ahead\Nero\VCDMenu.dll
C:\Program Files\Ahead\Nero\VMPEG2Enc.dll
C:\Program Files\Ahead\Nero\VMPEGEnc.dll
C:\Program Files\Ahead\Nero\VMPEGEncNDX.dll
C:\Program Files\Ahead\Nero\WNASPI32.DLL
C:\Program Files\Ahead\Nero MediaHome\NMSIndexService.dll
C:\Program Files\Ahead\Nero MediaHome\NMSMediaServer.dll
C:\Program Files\Ahead\Nero PhotoSnap\BasicFilters.dll
C:\Program Files\Ahead\Nero PhotoSnap\FImgPlg.dll
C:\Program Files\Ahead\Nero PhotoSnap\FreeImage.dll
C:\Program Files\Ahead\Nero PhotoSnap\MFC71.dll
C:\Program Files\Ahead\Nero PhotoSnap\msvcp71.dll
C:\Program Files\Ahead\Nero PhotoSnap\msvcr71.dll
C:\Program Files\Ahead\Nero PhotoSnap\msvcrt.dll
C:\Program Files\Ahead\Nero PhotoSnap\NSPluginMgr.dll
C:\Program Files\Ahead\Nero PhotoSnap\PhotoEffects.dll
C:\Program Files\Ahead\Nero PhotoSnap\PhotoEffectsLib.dll
C:\Program Files\Ahead\Nero PhotoSnap\XImgPlg.dll
C:\Program Files\Ahead\Nero ShowTime\DriveSpeed.dll
C:\Program Files\Ahead\Nero ShowTime\NeRSDB.dll
C:\Program Files\Ahead\Nero ShowTime\NMSUPnPIndexService.dll
C:\Program Files\Ahead\Nero Wave Editor\waveedit.dll
C:\Program Files\Ahead\NeroVision\AMCDocBase.dll
C:\Program Files\Ahead\NeroVision\AMCDOM.dll
C:\Program Files\Ahead\NeroVision\AMCUIBase.dll
C:\Program Files\Ahead\NeroVision\DVDBlockAcc.dll
C:\Program Files\Ahead\NeroVision\DVDDoc.DLL
C:\Program Files\Ahead\NeroVision\DVDEngine.dll
C:\Program Files\Ahead\NeroVision\DVDUI.DLL
C:\Program Files\Ahead\NeroVision\em2v.DLL
C:\Program Files\Ahead\NeroVision\ExpressDoc.DLL
C:\Program Files\Ahead\NeroVision\ExpressUI.dll
C:\Program Files\Ahead\NeroVision\GCCore.dll
C:\Program Files\Ahead\NeroVision\GCFX.DLL
C:\Program Files\Ahead\NeroVision\GCHW.DLL
C:\Program Files\Ahead\NeroVision\GCHWCfg.DLL
C:\Program Files\Ahead\NeroVision\GCLib.DLL
C:\Program Files\Ahead\NeroVision\GDIPainter.dll
C:\Program Files\Ahead\NeroVision\HDCC.dll
C:\Program Files\Ahead\NeroVision\HTMLGallery.dll
C:\Program Files\Ahead\NeroVision\mfc42.dll
C:\Program Files\Ahead\NeroVision\MMTools.dll
C:\Program Files\Ahead\NeroVision\MSVCP60.dll
C:\Program Files\Ahead\NeroVision\msvcrt.dll
C:\Program Files\Ahead\NeroVision\NeAcEnc.dll
C:\Program Files\Ahead\NeroVision\NeAnalyzer.dll
C:\Program Files\Ahead\NeroVision\NeEm2a.dll
C:\Program Files\Ahead\NeroVision\NeMediaOut.dll
C:\Program Files\Ahead\NeroVision\NeroMediaCon.dll
C:\Program Files\Ahead\NeroVision\NeroVisionAPI.dll
C:\Program Files\Ahead\NeroVision\NeVcr.dll
C:\Program Files\Ahead\NeroVision\NeVideoFX.dll
C:\Program Files\Ahead\NeroVision\NeVideoFXW.dll
C:\Program Files\Ahead\NeroVision\SHORTCUT.DLL
C:\Program Files\Ahead\NeroVision\VCDDoc.DLL
C:\Program Files\Ahead\NeroVision\VCDEngine.dll
C:\Program Files\Ahead\NeroVision\VCDUI.DLL
C:\Program Files\Ahead\NeroVision\NeroFiles\cdr100.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\cdr50s.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\CDROM.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\cdu920.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\cr2200cs.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\DVDREALLOC.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\Dws114x.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\gencush.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\Generatr.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\geniso.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\GenUDF.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\image.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\ImageGen.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\ims.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\ISOFS.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\MMC.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeroAPI.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeroErr.dll
C:\Program Files\Ahead\NeroVision\NeroFiles
eroscsi.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeRSDB.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeVCDEngine.dll
C:\Program Files\Ahead\NeroVision\NeroFiles
ewtrf.dll
C:\Program Files\Ahead\NeroVision\NeroFileso1420c.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\UDFImporter.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\WNASPI32.DLL
C:\Program Files\Ahead\Shared\AudioPlugins\DefConvertor.dll
C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO.dll
C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO_dmo.dll
C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO_hlp.dll
C:\Program Files\Ahead\WMPBurn\NeroBurnPlugin.dll
C:\Program Files\Alcohol Soft\Alcohol 120\alcoholx.dll
C:\Program Files\Alcohol Soft\Alcohol 120\AXShlEx.dll
C:\Program Files\Alcohol Soft\Alcohol 120\DevSupp.dll
C:\Program Files\Alcohol Soft\Alcohol 120\pfctoc.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_BUL.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_CAT.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_Chs.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_Cht.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_CZ.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_DA.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_ES.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_FI.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_FR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_GE.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_GR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_HR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_IT.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_JPN.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_KR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_NL.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PL.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PT.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PT_BR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SK.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SV.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\ccdmount.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images
rgmount.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\pdimount.dll
C:\Program Files\ArcSoft\Panorama Maker\EzFile.dll
C:\Program Files\ArcSoft\Panorama Maker\Filefpx.dll
C:\Program Files\ArcSoft\Panorama Maker\FPXLIB.DLL
C:\Program Files\ArcSoft\Panorama Maker\JPEGLIB.DLL
C:\Program Files\ArcSoft\Panorama Maker\PmkRes.dll
C:\Program Files\ArcSoft\Panorama Maker\Res_Dll.dll
C:\Program Files\ArcSoft\Panorama Maker\Stitch30.dll
C:\Program Files\ASUS\ASUS Digital VCR\converter.dll
C:\Program Files\ASUS\SmartDoctor\ASUSRC.dll
C:\Program Files\ASUS\SmartDoctor\EIO.dll
C:\Program Files\ASUS\SmartDoctor\msvcp60.dll
C:\Program Files\ASUS\SmartDoctor
vapi9x.dll
C:\Program Files\ASUS\SmartDoctor
vgpio.dll
C:\Program Files\ASUS\SmartDoctor\ResDLL.dll
C:\Program Files\ASUSTek\ASUSDVD XP\ACD_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\AppBarCom.dll
C:\Program Files\ASUSTek\ASUSDVD XP\AppBarCom_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\ATIPDLXX.dll
C:\Program Files\ASUSTek\ASUSDVD XP\clds.dll
C:\Program Files\ASUSTek\ASUSDVD XP\CLInet.dll
C:\Program Files\ASUSTek\ASUSDVD XP\clwo.dll
C:\Program Files\ASUSTek\ASUSDVD XP\DVD_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\HWTest.dll
C:\Program Files\ASUSTek\ASUSDVD XP\msvcp60.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Msvcrt.dll
C:\Program Files\ASUSTek\ASUSDVD XP\OSD_MLang.dll
C:\Program Files\ASUSTek\ASUSDVD XP\pdvdaux.dll
C:\Program Files\ASUSTek\ASUSDVD XP\PwrDVDRC.dll
C:\Program Files\ASUSTek\ASUSDVD XP\PwrDVDV.dll
C:\Program Files\ASUSTek\ASUSDVD XP\pwrdvdvx.dll
C:\Program Files\ASUSTek\ASUSDVD XP\pwrdvdx.dll
C:\Program Files\ASUSTek\ASUSDVD XP\SNX_HID.dll
C:\Program Files\ASUSTek\ASUSDVD XP\UI_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\ui_skin.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Crystal\Crystal.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Epiphany\Epiphany.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Neo\Neo.dll
C:\Program Files\audiograbber\ag12free.dll
C:\Program Files\audiograbber\lame_enc.dll
C:\Program Files\audiograbber\libVorbis.dll
C:\Program Files\audiograbber\WMA8Connect.dll
C:\Program Files\AvantGo Connect\malssp.dll
C:\Program Files\AvantGo Connect\AvantGo\agmal.dll
C:\Program Files\AvantGo Connect\AvantGo\agproxy.dll
C:\Program Files\Borland\Common Files\BDE\bantam.dll
C:\Program Files\Borland\Common Files\BDE\BLW32.DLL
C:\Program Files\Borland\Common Files\BDE\IDAPI32.DLL
C:\Program Files\Borland\Common Files\BDE\IDASCI32.DLL
C:\Program Files\Borland\Common Files\BDE\IDBAT32.DLL
C:\Program Files\Borland\Common Files\BDE\IDDA3532.DLL
C:\Program Files\Borland\Common Files\BDE\IDDAO32.DLL
C:\Program Files\Borland\Common Files\BDE\IDDBAS32.DLL
C:\Program Files\Borland\Common Files\BDE\IDDR32.DLL
C:\Program Files\Borland\Common Files\BDE\IDODBC32.DLL
C:\Program Files\Borland\Common Files\BDE\IDPDX32.DLL
C:\Program Files\Borland\Common Files\BDE\IDPROV32.DLL
C:\Program Files\Borland\Common Files\BDE\IDQBE32.DLL
C:\Program Files\Borland\Common Files\BDE\IDR2000C.DLL
C:\Program Files\Borland\Common Files\BDE\IDSQL32.DLL
C:\Program Files\Caere\OmniPagePro90\CRAM32.DLL
C:\Program Files\Caere\OmniPagePro90\Inetwh16.dll
C:\Program Files\Caere\OmniPagePro90\INETWH32.dll
C:\Program Files\Caere\OmniPagePro90\IQTRAN32.DLL
C:\Program Files\Caere\OmniPagePro90\IQ_COM32.DLL
C:\Program Files\Caere\OmniPagePro90\IQ_UTL32.DLL
C:\Program Files\Caere\OmniPagePro90\ivwres1.dll
C:\Program Files\Caere\OmniPagePro90\metafile.dll
C:\Program Files\Caere\OmniPagePro90\OPHOOK16.DLL
C:\Program Files\Caere\OmniPagePro90\OPHOOK32.dll
C:\Program Files\Caere\OmniPagePro90\OPImgLib.dll
C:\Program Files\Caere\OmniPagePro90\opreg32.dll
C:\Program Files\Caere\OmniPagePro90\opresfrn.dll
C:\Program Files\Caere\OmniPagePro90\opsrc32.dll
C:\Program Files\Caere\OmniPagePro90\opstor32.dll
C:\Program Files\Caere\OmniPagePro90\OPUTIL16.DLL
C:\Program Files\Caere\OmniPagePro90\PAIGE32.DLL
C:\Program Files\Caere\OmniPagePro90\PLINE32.DLL
C:\Program Files\Caere\OmniPagePro90egcmn32.dll
C:\Program Files\Caere\OmniPagePro90gresfrn.dll
C:\Program Files\Caere\OmniPagePro90greslang.dll
C:\Program Files\Caere\OmniPagePro90\SSLIB32.DLL
C:\Program Files\Caere\OmniPagePro90\TABCTL32.DLL
C:\Program Files\Caere\OmniPagePro90	rain.dll
C:\Program Files\Caere\OmniPagePro90\WFTP32.DLL
C:\Program Files\Caere\OmniPagePro90\wizard32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\cefpix.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Cfpapi.dll
C:\Program Files\Canon\ScanGear Toolbox CS\cfpJpeg.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Hiffl32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Iffjpg32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Iffpcx32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Ifftif32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\SGTBRES.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\CEFPIX.DLL
C:\Program Files\Canon\ScanGear Toolbox FAU\Cfpapi.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\cfpJpeg.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Hiffl32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Iffjpg32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Iffpcx32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Ifftif32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\SGTBRESF.DLL
C:\Program Files\Canon\ScanGear Toolbox FAU\Uninst.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\formdll.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkeng.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkprops.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkres.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkx.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\vcomctl.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\voicebar.dll
C:\Program Files\Common Files\X10\Common\x10lv.dll
C:\Program Files\Common Files\X10\Common\x10net.dll
C:\Program Files\Common Files\X10\Common\xsetup.dll
C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\NUVTWAIN.DLL
C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\YUV2RGB.DLL
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\appframe.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\audvid.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\cdpath.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\controls.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\datacomp.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\dbinfo.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\DSSMS32R.DLL
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\gio.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lfbmp10N.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\LFCMP10N.DLL
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lffpx10N.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lffpx7.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\LFKODAK.DLL
C:\Program Files\UNWISE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA\instmsiw.exe
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA\setup.exe
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Illustrator.exe
C:\Program Files\Adobe\Photoshop Elements\PhotoshopElements.exe
C:\Program Files\Ahead\CoverDesigner\CoverDes.exe
C:\Program Files\Ahead\ImageDrive\ImageDrive.exe
C:\Program Files\Ahead\Nero
ero.exe
C:\Program Files\Ahead\Nero\NeroCmd.exe
C:\Program Files\Ahead\Nero\NRESTORE.EXE
C:\Program Files\Ahead\Nero\Uninstall\UNNero.exe
C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
C:\Program Files\Ahead\Nero BackItUp\NBR.exe
C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe
C:\Program Files\Ahead\Nero MediaHome\NMSTranscoder.exe
C:\Program Files\Ahead\Nero PhotoSnap\PhotoSnap.exe
C:\Program Files\Ahead\Nero PhotoSnap\PhotoSnapViewer.exe
C:\Program Files\Ahead\Nero Recode\Recode.exe
C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe
C:\Program Files\Ahead\Nero SoundTrax\SoundTrax.exe
C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Program Files\Ahead\Nero Toolkit\CDSpeed.exe
C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe
C:\Program Files\Ahead\Nero Toolkit\hwinfo.exe
C:\Program Files\Ahead\Nero Toolkit\InfoTool.exe
C:\Program Files\Ahead\Nero Wave Editor\DXEnum.exe
C:\Program Files\Ahead\Nero Wave Editor\WaveEdit.exe
C:\Program Files\Ahead\NeroVision\NeroVision.exe
C:\Program Files\Ahead\WMPBurn\WMPBurn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\Program Files\Alcohol Soft\Alcohol 120\AxCmd.exe
C:\Program Files\ArcSoft\Panorama Maker\pmk3.exe
C:\Program Files\ASUS\ASUS Digital VCR\ASUSDVCR.exe
C:\Program Files\ASUS\ASUS Digital VCR\Schedule.exe
C:\Program Files\ASUS\ASUS Digital VCR\TVSetup_Wizard.exe
C:\Program Files\ASUS\ASUS GameFace\devinstall.exe
C:\Program Files\ASUS\ASUS GameFace\devremove.exe
C:\Program Files\ASUS\ASUS GameFace\GameFace.exe
C:\Program Files\ASUS\SmartDoctor\2DTEST.EXE
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\ASUSTek\ASUSDVD XP\CLDMA.exe
C:\Program Files\ASUSTek\ASUSDVD XP\cltest.exe
C:\Program Files\ASUSTek\ASUSDVD XP\ddtester.exe
C:\Program Files\ASUSTek\ASUSDVD XP\PowerDVD.exe
C:\Program Files\audiograbber\audiograbber.exe
C:\Program Files\audiograbber\lame.exe
C:\Program Files\audiograbber\uninstall.exe
C:\Program Files\AvantGo Connect\malfile.exe
C:\Program Files\AvantGo Connect\AvantGo\agsubs.exe
C:\Program Files\Award\WinFlash\WinFlash.exe
C:\Program Files\Borland\Common Files\BDE\BDEADMIN.EXE
C:\Program Files\Broadcom\DrvInst\bdrvinst.exe
C:\Program Files\Caere\OmniPagePro90\caerereg.exe
C:\Program Files\Caere\OmniPagePro90\ITP32.EXE
C:\Program Files\Caere\OmniPagePro90\omnipage.exe
C:\Program Files\Caere\OmniPagePro90\OP9Deins.exe
C:\Program Files\Caere\OmniPagePro90\OPWARE16.EXE
C:\Program Files\Caere\OmniPagePro90\OPware32.exe
C:\Program Files\Caere\OmniPagePro90\Setbrows.exe
C:\Program Files\Caere\OmniPagePro90\uninstall.exe
C:\Program Files\Canon\ScanGear Toolbox CS\40comupd.exe
C:\Program Files\Canon\ScanGear Toolbox CS\chreg.exe
C:\Program Files\Canon\ScanGear Toolbox CS\SGTBox.exe
C:\Program Files\Canon\ScanGear Toolbox CS\SGTBPBM.exe
C:\Program Files\Canon\ScanGear Toolbox FAU\40comupd.exe
C:\Program Files\Canon\ScanGear Toolbox FAU\CHREG.EXE
C:\Program Files\Canon\ScanGear Toolbox FAU\SGTBoxf.exe
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkform.exe
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\voicefrm.exe
C:\Program Files\Common Files\X10\Commonundll32.exe
C:\Program Files\Common Files\X10\Common\x10.exe
C:\Program Files\Common Files\X10\Common\X10nets.exe
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\DSSAGENT.EXE
C:\Program Files\ASUSTek\ASUSDVD XP\clpciid.sys
C:\Program Files\Broadcom\DrvInst\b57w2k.sys
C:\Program Files\Broadcom\DrvInst\b57xp32.sys
C:\Program Files\Common Files\X10\Common\x10prod.sys
C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\NUVISION.SYS
C:\Program Files\Common Files\X10\DriverInstall\VA11A Video Capture\CA506AA.Sys
C:\Program Files\Common Files\X10\DriverInstall\VA11A Video Capture\CA506AV.Sys
C:\Program Files\Common Files\X10\DriverInstall\Wireless Transceivers\X10uif.Sys
C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Program Files\ArcSoft\Panorama Maker\ui\bottom1.tmp
C:\Program Files\ArcSoft\Panorama Maker\ui\bottom2.tmp
C:\Program Files\ArcSoft\Panorama Maker\ui\pmviewer.tmp

Add/Remove Programs List:

a-squared Free 2.1
Adobe Photoshop CS2
Adobe Photoshop Elements
Adobe SVG Viewer 3.0
ASUS Digital VCR
ASUS Display Drivers
ASUS Display Drivers
avast! Antivirus
AVG Anti-Spyware 7.5
BetaPlayer
Canon ScanGear Toolbox CS 2.5
Canon ScanGear Toolbox FAU 2.5
Canon-SE TWAIN
Capture NX
Cariboost Free Edition v1
CCleaner (remove only)
cTide (remove only)
DirectUpdate
DivX 5.0.2 Pro Bundle
DivXG400
DVD Audio Extractor 4.2.0
eMule
FileZilla (remove only)
Microsoft Flight Simulator 2004 Un siŠcle d'aviation
Free - Kit de connexion
Fugawi 3.0.3 Update
GpsGate
GXTranscoder
HijackThis 1.99.1
hp print screen utility
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Img2Ozf Version 2
Label Maker Plus 2.1
ASUS SmartDoctor
MainConcept MainActor v5.2
ASUS GameFace
MapSource - Trip & Waypoint Manager v2
MainConcept DV Codec 
Broadcom Gigabit Integrated Controller
PPC 2003 - MSN (R) Messenger Update
IrfanView (remove only)
K!TV
Kaspersky On-line Scanner
Kaspersky Online Scanner
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885884
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893066
Correctif Windows XP - KB893086
KC Softwares VideoInspector
Macromedia Shockwave Player
Magic Function
MapSource
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Monitor Calibration Wizard 1.0
Monkey's Audio
MouseRemote (TM)
Mozilla Firefox (2.0.0.1)
Microsoft Compression Client Pack 1.0 for Windows XP
Nero 6 Ultra Edition
NeroVision Express 3
Microsoft National Language Support Downlevel APIs
NVIDIA Drivers
Nvu 1.0
OmniPage Pro 9.0
Orb
OziExplorer 3.95
PDAwin TV remote controller
PhotoFiltre
PICVideo Codecs
Pinnacle MPEG Realtime Codec
QuickPar 0.9
QuickTime
Rippack v3 beta 16.1
Adobe Flash Player 9 ActiveX
Skype with Doro225
Skype 2.5
Spybot - Search & Destroy 1.4
Windows Genuine Advantage Validation Tool
Lecteur Windows Mediaÿ11
Windows XP Service Pack 2
WinFlash
WinRAR Archiveur
WinZip
Microsoft User-Mode Driver Framework Feature Pack 1.0
X10 Hardware(TM)
PDFCreator
Microsoft Office 2000 CD-ROMÿ2
Windows Movie Maker 2 Winter Fun Pack
ASUS SmartDoctor
HP Software Update
AutoUpdate
Microsoft AutoRoute
ArcSoft Panorama Maker 3.0
Grand Atlas Routier et Touristique de France
Memory-Map Navigator
MovieShaker 3.1 pour MICROMV
MainConcept MainActor v5.2
NikonCapture
Adobe Photoshop CS2
Macromedia Flash 8
Logitech SetPoint
J2SE Runtime Environment 5.0 Update 9
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
Macromedia Extension Manager
Google Earth
Microsoft SQL Server 2005 Mobile Edition Device SDK
Visionneuse Journal Windows Microsoft
IGN Rando
Kasuei Hitchhiker
Windows Movie Maker 2.0
SAGEM F@st 800-908
Theme Generator V2
XPC 802.11b+g Wireless Kit
MapSource
ASUS GameFace
Microsoft .NET Compact Framework 2.0 SP1
Adobe Illustrator 10 Evaluation
Neodivx
ASUSDVD XP
HP Photosmart Essential
Symantec Network Driver Update
Microsoft .NET Framework 2.0
Java 2 Runtime Environment, SE v1.4.2_04
Adobe Stock Photos 1.0
Microsoft .NET Compact Framework 1.0 SP3
DivX
Caere Scan Manager 5.1
MediaPortal
Macromedia Flash Player 8
Namo WebUtilities
Macromedia Flash 8 Video Encoder
Adobe Common File Installer
Adobe Help Center 2.0
Logitech Desktop Messenger
Microsoft Office XP Professional avec FrontPage
Macromedia Flash Player 8 Plugin
ACDSee 9 Gestionnaire de photos
Logitech IM Video Companion
Microsoft .NET Framework 1.1 French Language Pack
MapSource - Trip & Waypoint Manager v2
MainConcept DV Codec 
Nikon View 6
Adobe Reader 7.0.8 - Fran‡ais
NVIDIA WDM Drivers
Microsoft ActiveSync 4.0
Adobe Bridge 1.0
BlueSoleil
Broadcom Gigabit Integrated Controller
Microsoft .NET Framework 1.1
Adobe Lightroom
GpsViewer
PPC 2003 - MSN (R) Messenger Update
Nikon Message Center
MapSource - European Roads and Recreation v4.00
h5400_h5500 WLAN Driver 133_Fra
Micrografx Designer 9.0
Alcohol 120%
COSMOPOLITAN Virtual Lookÿ3
la version d'‚valuation de Namo WebEdiotor 6
USB Mass Storage Reader
Windows Live Messenger
Realtek AC'97 Audio
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP

                                 Finished


VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Anvshell"="anvshell.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"LiveNote"="livenote.exe"
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe"
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE"
"Versato"="C:\PROGRA~1\MAGICF~1\MulMouse.exe"
"SoundMan"="SOUNDMAN.EXE"
"SunJavaUpdateSched"="\"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe\""
"DUControl"="C:\PROGRA~1\DIRECT~1\DUControl.exe"
"QuickTime Task"="\"C:\Program Files\QuickTime\qttask.exe\" -atboottime"
"NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"
"KernelFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
  00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
  5c,00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,6b,\
  00,00,00
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"syswin"="C:\WINDOWS\system32\v6.exe"
"hrsoenf.dll"="C:\WINDOWS\system32\rundll32.exe \"C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll\",wonzzg"
"!AVG Anti-Spyware"="\"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe\" /minimized"
"2chkdsk"="rundll32.exe \"C:\WINDOWS\system32\ltfyqvvp.dll\",setvm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

Logfile of HijackThis v1.99.1
Scan saved at 12:02:49, on 08/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32
otepad.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3apimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
G:\antivirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32undll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe  /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winits32 - winits32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Merci encore pour votre aide.
A+
philippe

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:18:33 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

 Attempting to delete C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.bak2 Has been deleted!

 Attempting to delete C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ihhkj.ini Has been deleted!

 Attempting to delete C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkhhi.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\sffcbodx.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\ututv.ini Has been deleted!

 Attempting to delete C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\vtutu.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:28:54 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Has been deleted!

Performing Repairs to the registry.
Done!

Utilisateur anonyme · Answer

Bonjour

Encore du ménage à faire.


[*]Double-clique VundoFix.exe afin de le lancer.
[***]Ne clique pas sur "Scan for Vundo"
[*]Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
[*]Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

C:\WINDOWS\system32\sokubdi.dll 

[*]Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll

[*]Copie/colle le chemin du fichier suivant dans la troisième case (en bas):

C:\WINDOWS\system32\ltfyqvvp.dll

[*]Clique sur le bouton "Add File(s)"
[*]Clique sur le bouton "Close Window".
[*]Clique à nouveau sur "Remove Vundo"
[*]Une invite te demandera si tu veux supprimer les fichiers, clique YES
[*]Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
[*]Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

[*]Démarre ton PC à nouveau.

[*]Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse.

forcepas · Answer

Bonjour
J'y vais patron....Merci encore, voici les résultats.


VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:18:33 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

 Attempting to delete C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.bak2 Has been deleted!

 Attempting to delete C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ihhkj.ini Has been deleted!

 Attempting to delete C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkhhi.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\sffcbodx.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\ututv.ini Has been deleted!

 Attempting to delete C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\vtutu.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:28:54 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\ltfyqvvp.dll 
C:\WINDOWS\system32\ltfyqvvp.dll  Has been deleted!

 Attempting to delete C:\WINDOWS\system32\sokubdi.dll 
C:\WINDOWS\system32\sokubdi.dll  Has been deleted!

Performing Repairs to the registry.
Done!


Logfile of HijackThis v1.99.1
Scan saved at 21:07:46, on 08/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3apimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
G:\antivirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32undll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe  /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winits32 - winits32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

A+
Philippe

Utilisateur anonyme · Answer

Re $$ Télécharge la dernière version de Killbox -> http://www.downloads.subratam.org/KillBox.zip Place le programme dans le répertoire qui te plaît. $$ redémarre l'ordinateur en mode sans échec $$ Relance un scan HijackThis et coche les lignes ci-dessous : R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing) O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx O20 - Winlogon Notify: winits32 - winits32.dll (file missing) Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked » $$ Lance Pocket Killbox --- choisis l'option Delete on Reboot --- copie la liste ci-dessous, des fichiers à supprimer (Ctrl-C) et File / Paste from Clipboard C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll C:\WINDOWS\system32\ltfyqvvp.dll * les boutons "Single File" et "All Files" deviennent actifs mais "Single File" est activé par défaut. Il faut alors impérativement activer (cliquer sur) "All Files", impérativement, sinon seul le premier de la liste sera supprimé. --- vérifie que tous les fichiers sont enregistrés, par la liste déroulante "Full Path of File to Delete" --- coche "Unregister .dll Before Deleting". --- clique sur la croix blanche sur fond rouge (Delete File) : - "File will be Removed on Reboot, Do you want to reboot now?", réponds OUI si tu es prêt à procéder Si Pocket KillBox ne fait pas redémarrer le PC, redémarre le toi même. Poste un nouveau Hjackthis.

forcepas · Answer

Bonjour
voici le dernier log Hijack (enfin j'espère !). En tout cas j'ai retrouvé des temps de boot satisfaisants !
MERCI, 
A+
Philippe
Logfile of HijackThis v1.99.1
Scan saved at 07:25:47, on 09/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32undll32.exe
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MICROS~3apimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe  /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Utilisateur anonyme · Answer

Bonjour

Hijackthis est propre.


Fais une analyse antivirus en ligne sur Kaspersky
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
Sélectionne le poste de travail comme analyse.
Colle son rapport ici.

forcepas · Answer

Bonjour,
voici le rapport kaspersky demandé. Pour l'instant je n'ai pas demandé le nettoyage. Il me semble qu'un certain nombre de détections est lié aux objets que j'ai retiré en suivant tes indications qui restent dans le PC dans des répertoires de sauvegarde générés par l'utilitaire ? Ensuite de quelle nature sont ces fichiers verrouillés ?
Merci pour l'analyse
A+
Philippe
	
Statistiques de l'analyse	
Total d'objets analysés	136656
Nombre de virus trouvés	7
Nombre d'objets infectés	13 / 0
Nombre d'objets suspects	2
Durée de l'analyse	03:01:45

Nom de l'objet infecté	Nom du virus	Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat  L'objet est verrouillé 	ignoré 

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé 	ignoré 

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip/actalert.exe Suspect : Password-protected-EXE 	ignoré 

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip 	ZIP: suspect - 1 	ignoré 

C:\Documents and Settings\LocalService\Cookies\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\LocalService\NTUSER.DAT 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\LocalService
tuser.dat.LOG 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\NetworkService\NTUSER.DAT 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\NetworkService
tuser.dat.LOG 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\$_hpcst$.hpc 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\call256.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\callmember256.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\chat512.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\chatmsg256.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\chatmsg512.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\contactgroup256.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\index2.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\message1024.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\message256.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\profile4096.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\user1024.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\user16384.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\user4096.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Application Data\Skype\forcepas\voicemail256.dbb 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Cookies\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Outlook\archive.pst/Dossiers d'archivage/Éléments supprimés/10 Oct 2005 14:33 from eBay Inc:[Norton AntiSpam] EBAY INC: SPEC.rtf 	Infecté : Trojan-Spy.HTML.Bayfraud.hn 	ignoré 

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Outlook\archive.pst 	Mail MS Mail: infecté - 1 	ignoré 

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Historique\History.IE5\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Historique\History.IE5\MSHist012007030920070310\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Temp\WCESLog.log 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Local Settings\Temporary Internet Files\Content.IE5\index.dat 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT\crack.exe 	Infecté : Trojan.Win32.Agent.qt 	ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT.rar/keygen.exe 	Infecté : Trojan-Downloader.Win32.Agent.bfx 	ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar/crack.exe 	Infecté : Trojan.Win32.Agent.qt 	ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar 	RAR: infecté - 2 	ignoré 

C:\Documents and Settings\pg\NTUSER.DAT 	L'objet est verrouillé 	ignoré 

C:\Documents and Settings\pg\NTUSER.DAT.LOG 	L'objet est verrouillé 	ignoré 

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat 	L'objet est verrouillé 	ignoré 

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db 	L'objet est verrouillé 	ignoré 

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws 	L'objet est verrouillé 	ignoré 

C:\Program Files\Alwil Software\Avast4\DATA\log
shield.log 	L'objet est verrouillé 	ignoré 

C:\Program Files\Alwil Software\Avast4\DATAeport\Protection résidente.txt 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chandir.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chandir.idx 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chn.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chn.idx 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\D0000000.FCS 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\inuse.txt 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\L0000004.FCS 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\main.log 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs.idx 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_die.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_die.idx 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_dnd.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_dnd.idx 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_ext.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_ext.idx 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_rcv.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_rcv.idx 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\storydb.dat 	L'objet est verrouillé 	ignoré 
		
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\storydb.idx 	L'objet est verrouillé 	ignoré 
		
C:\SDFix\backups\backups.zip/backups/rpcc.dll 	Infecté : Trojan-Proxy.Win32.Dlena.cb 	ignoré 
		
C:\SDFix\backups\backups.zip 	ZIP: infecté - 1 	ignoré 
		
C:\System Volume Information\MountPointManagerRemoteDatabase 	L'objet est verrouillé 	ignoré 
		
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256647.dll 	Infecté : Trojan.Win32.Agent.qt 	ignoré 
		
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256674.exe 	Infecté : Trojan-Proxy.Win32.Horst.gen 	ignoré 
		
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\A0256772.dll 	Infecté : Trojan.Win32.BHO.g 	ignoré 
		
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\A0256807.dll 	Infecté : Trojan-Proxy.Win32.Dlena.cb 	ignoré 
		
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\change.log 	L'objet est verrouillé 	ignoré 
		
C:\VundoFix Backups\sffcbodx.dll.bad 	Infecté : Trojan.Win32.BHO.g 	ignoré 
		
C:\WINDOWS\Debug\PASSWD.LOG 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\SchedLgU.Txt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\Sti_Trace.log 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\Antivirus.Evt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\AppEvent.Evt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\default 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\default.LOG 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\Internet.evt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\SAM 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\SAM.LOG 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\SecEvent.Evt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\SECURITY 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\SECURITY.LOG 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\software 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\software.LOG 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\SysEvent.Evt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\system 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\config\system.LOG 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\h323log.txt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\Temp\Perflib_Perfdata_15c.dat 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\Temp\_avast4_\Webshlock.txt 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\wiadebug.log 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\wiaservc.log 	L'objet est verrouillé 	ignoré 
		
C:\WINDOWS\WindowsUpdate.log 	L'objet est verrouillé 	ignoré 
		
Analyse terminée.

Utilisateur anonyme · Answer

Bonjour


1 Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.


2 Clique sur Démarrer
Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Cocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.


3 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Documents and Settings\pg\Mes documents\emule\TT
C:\Documents and Settings\pg\Mes documents\emule\TT.rar
C:\Documents and Settings\pg\Mes documents\emule\TT1.rar 
C:\SDFix
C:\VundoFix Backups


4 Lance le nettoyage avec CCleaner


5 Redémarre normalement


6 Clique sur Démarrer
Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Décocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.


As  tu encore des dysfonctionnements ?

forcepas · Answer

Bonjour,
j'ai effectué les dernières manip ce matin. Mais déjà hier, j'ai constaté un fonctionnement normal du PC avec des temps de boot honorables. La bête est convalescente....à surveiller n'est ce pas !

J'ai l'impression que tout va bien maintenant. Si tel est, aussi, ton sentiment, je ferai un résumé de la solution....Il sera un peu long !

MERCI ENCORE

Cordialement
Philippe

Utilisateur anonyme · Answer

Bonjour

Supprime DiagHelp, Vundofix, SDFix, BFU et Killbox.

La bête est convalecente, c'est surtout à toi de faire attention maintenant

C:\Documents and Settings\pg\Mes documents\emule\TT\crack.exe Infecté : Trojan.Win32.Agent.qt ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT.rar/keygen.exe Infecté : Trojan-Downloader.Win32.Agent.bfx ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar/crack.exe Infecté : Trojan.Win32.Agent.qt ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar RAR: infecté - 2 ignoré

forcepas · Answer

Bonjour,
Tout d'abord un grand merci à Chercheurbis qui m'a complétement pris en charge pendant le nettoyage de mon PC.
En ce qui concerne la recette à appliquer, elle peut se résumer en l'achat d'un antivirus digne de ce nom. Avast n'a pas suffi à me couvrir pendant cette attaque.
En dehors de cela, chaque cas est particulier, mais il faut avoir le reflexe de venir avec un rapport hijackthis avant de poster ici.
Ensuite les choses sont plus faciles pour les experts du forum.
Il faut suivre leurs conseils à la lettre pour ne pas interférer avec leurs actions.
Cordialement
Philippe

Infection virus, log fournis

14 réponses

Discussions similaires

Newsletters