Infection virus, log fournis [Résolu]

forcepas 10Messages postés 14 novembre 2006Date d'inscription - Dernière réponse le 14 mars 2007 à 14:28

Bonjour à tous,
j'espère avoir suivi la procédure forurnie ici pour éradiquer les virus qui sont sur mon ordinateur.
voici donc les résultats des log
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:52:14 06/03/2007
+ Résultat de l'analyse:
C:\WINDOWS\system\smss.exe -> Backdoor.Medbot.eh : Aucune action entreprise.
C:\WINDOWS\system32\__delete_on_reboot__t_c_p_i_p_m_o_n_._e_x_e_ -> Hijacker.Agent.is : Aucune action entreprise.
C:\ywobnat.exe -> Hijacker.Agent.is : Aucune action entreprise.
C:\WINDOWS\system32\__delete_on_reboot__w_i_n_i_t_s_3_2_._d_l_l_ -> Trojan.Agent.qt : Aucune action entreprise.
Fin du rapport
BitDefender Online Scanner
Scan report generated at: Tue, Mar 06, 2007 - 23:09:54
Scan path: C:\;D:\;E:\;G:\;
Statistics
Time
03:06:44
Files
803540
Folders
7774
Boot Sectors
4
Archives
9422
Packed Files
65096
Results
Identified Viruses
17
Infected Files
30
Suspect Files
1
Warnings
0
Disinfected
0
Deleted Files
27
Engines Info
Virus Definitions
403059
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Documents\setup.exe
Infected with: DeepScan:Generic.Horst.AE2AE578
C:\Documents and Settings\All Users\Documents\setup.exe
Disinfection failed
C:\Documents and Settings\All Users\Documents\setup.exe
Deleted
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
Infected with: Trojan.Obfus.Gen
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
Disinfection failed
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
Delete failed
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
Infected with: Win32.Netsky.D@mm
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
Disinfection failed
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
Deleted
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst
Updated
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
Infected with: Win32.Netsky.D@mm
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
Disinfection failed
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
Deleted
C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst
Updated
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
Infected with: Trojan.Spy.Agent.PD
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
Disinfection failed
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
Deleted
C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar
Update failed
C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
Infected with: Trojan.Downloader.Imloader.C
C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
Disinfection failed
C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
Deleted
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
Infected with: Trojan.Downloader.Harnig.XB
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
Disinfection failed
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
Deleted
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Infected with: Trojan.Downloader.Harnig.XB
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Disinfection failed
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Deleted
C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar
Update failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
Infected with: DeepScan:Generic.Horst.E47F23DF
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
Infected with: DeepScan:Generic.Horst.2B02E0B8
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
Infected with: DeepScan:Generic.Horst.2B02E0B8
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
Infected with: DeepScan:Generic.Horst.2B02E0B8
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
Infected with: DeepScan:Generic.Horst.0D2C46C9
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
Infected with: DeepScan:Generic.Horst.0D2C46C9
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
Infected with: DeepScan:Generic.Horst.0D2C46C9
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
Infected with: DeepScan:Generic.Horst.707F662F
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
Infected with: DeepScan:Generic.Horst.AE2AE578
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
Infected with: DeepScan:Generic.Horst.AE2AE578
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
Infected with: Trojan.Juan.Q
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
Infected with: Trojan.Agent.QT
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Infected with: Trojan.Downloader.Harnig.XB
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar
Update failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
Infected with: Trojan.Downloader.RegClean.A
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
Infected with: DeepScan:Generic.Horst.D853B2CA
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
Deleted
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
Infected with: MemScan:Trojan.Downloader.RegClean.A
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
Disinfection failed
C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
Deleted
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
Infected with: Trojan.Downloader.Istbar.PY
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
Disinfection failed
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
Deleted
C:\WINDOWS\Downloaded Program Files\istactivex.inf
Infected with: Trojan.Downloader.Istbar.HG
C:\WINDOWS\Downloaded Program Files\istactivex.inf
Disinfection failed
C:\WINDOWS\Downloaded Program Files\istactivex.inf
Deleted
C:\WINDOWS\system32\hrsoenf.dll
Infected with: Trojan.Obfus.Gen
C:\WINDOWS\system32\hrsoenf.dll
Disinfection failed
C:\WINDOWS\system32\hrsoenf.dll
Deleted
C:\WINDOWS\system32\sffcbodx.dll
Infected with: Trojan.Juan.Q
C:\WINDOWS\system32\sffcbodx.dll
Disinfection failed
C:\WINDOWS\system32\sffcbodx.dll
Delete failed
C:\WINDOWS\system32\sokubdi.dll
Infected with: Trojan.Obfus.Gen
C:\WINDOWS\system32\sokubdi.dll
Disinfection failed
C:\WINDOWS\system32\sokubdi.dll
Delete failed
C:\WINDOWS\system32\spool\drivers\setup.exe
Infected with: DeepScan:Generic.Horst.AE2AE578
C:\WINDOWS\system32\spool\drivers\setup.exe
Disinfection failed
C:\WINDOWS\system32\spool\drivers\setup.exe
Deleted
C:\WINDOWS\system32\v6.exe
Suspected of: Generic.Malware.Sdld.1743F721
C:\WINDOWS\system32\v6.exe
Disinfection failed
C:\WINDOWS\system32\v6.exe
Delete failed
Logfile of HijackThis v1.99.1
Scan saved at 06:32:19, on 07/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
G:\antivirus\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_FR_XP.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
J'espère avoir suivi correctement la procédure. Dans tous les cas merci pour votre aide !!!
Cordialement
Philippe

Infection virus, log fournis »

Suggestions

Infection virus, log fournis
[Virus] Infecté par Spy sheriff (log fourni) » Forum
[virus]PC infecté HijachThis log » Forum
Log apres infection virus HELP » Forum
Aide rapport LOG et INFO. Infection VIRUS » Forum
Help analyse log hijackthis infection virus » Forum

Plus

Réponse

Chercheurbis 261Messages postés 13 août 2005Date d'inscription 7 mars 2007 à 10:01

Bonjour

Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau
http://www.malekal.com/download/DiagHelp.zip
- Fais un clic droit sur le fichier et extraire tout
- Un nouveau dossier chercher va être créé DiagHelp
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
- Une fenêtre va s'ouvrir, choisis l'option 1
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
- A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller

Ajouter un commentaire

forcepas- 7 mars 2007 à 10:37

Je faiscela ce soir. Merci
A+

Réponse

forcepas 10Messages postés 14 novembre 2006Date d'inscription 7 mars 2007 à 20:01

voici ce que donne dial
C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 18:26:08
C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 18:25:24
C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 00:56:13
C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 00:56:00
C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 00:51:58
C:\WINDOWS\System32/drivers\pfc.sys -->18/12/2006 21:35:05
C:\WINDOWS\System32/drivers\wpdusb.sys -->18/10/2006 20:00:00

C:\WINDOWS\WindowsUpdate.log -->07/03/2007 19:08:54
C:\WINDOWS\QTFont.qfn -->07/03/2007 19:08:48
C:\WINDOWS\0.log -->07/03/2007 19:08:06
C:\WINDOWS\wiadebug.log -->07/03/2007 19:08:00
C:\WINDOWS\wiaservc.log -->07/03/2007 19:07:41
C:\WINDOWS\bootstat.dat -->07/03/2007 19:07:23
C:\WINDOWS\SchedLgU.Txt -->07/03/2007 08:19:03
C:\WINDOWS\setupapi.log -->07/03/2007 06:50:31
C:\WINDOWS\QTFont.for -->06/03/2007 23:28:16
C:\WINDOWS\win.ini -->02/03/2007 19:19:32
C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe -->19/02/2007 06:30:04
C:\WINDOWS\autoload.exe -->07/02/2007 18:55:48
C:\WINDOWS\NeroDigital.ini -->15/01/2007 17:43:54
C:\WINDOWS\ODBCINST.INI -->28/12/2006 17:53:21
C:\WINDOWS\Thumbs.db -->25/12/2006 16:54:44

C:\WINDOWS\alcrmv.exe |10/03/2004 18:45:34
C:\WINDOWS\alcupd.exe |10/03/2004 18:45:34
C:\WINDOWS\anvshell.exe |24/07/2003 15:19:16
C:\WINDOWS\anvunis.exe |02/05/2004 07:33:17
C:\WINDOWS\autoload.exe |02/01/2004 18:13:23
C:\WINDOWS\bdoscandel.exe |25/05/2006 01:22:06
C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |11/01/2004 19:25:15
C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |24/12/2006 11:58:17
C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe |19/02/2007 17:46:42
C:\WINDOWS\callvers.exe |20/01/2004 18:48:36
C:\WINDOWS\Delvid.exe |02/05/2004 08:44:01
C:\WINDOWS\IPUI_DivXG400.exe |06/02/2005 19:27:53
C:\WINDOWS\IsUn040c.exe |04/01/2004 16:40:52
C:\WINDOWS\IsUn0411.exe |03/01/2004 22:58:17
C:\WINDOWS\IsUninst.exe |02/01/2004 18:21:24
C:\WINDOWS\iun6002.exe |09/12/2004 20:37:24
C:\WINDOWS\livenote.exe |02/05/2004 07:33:18
C:\WINDOWS\liveupd.exe |02/05/2004 07:33:17
C:\WINDOWS\MGXCLEAN.EXE |12/01/2004 21:58:18
C:\WINDOWS\psuninst2.exe |10/02/2007 08:06:21
C:\WINDOWS\shutdownaware.exe |02/05/2004 08:44:01
C:\WINDOWS\slrundll.exe |27/11/2004 22:48:46
C:\WINDOWS\soundman.exe |10/03/2004 18:52:18
C:\WINDOWS\twunk_16.exe |24/08/2001 13:00:00
C:\WINDOWS\twunk_32.exe |24/08/2001 13:00:00
C:\WINDOWS\unin040c.exe |04/01/2004 16:46:36
C:\WINDOWS\Uninsop9.exe |04/01/2004 16:47:08
C:\WINDOWS\uninst.exe |15/02/2004 19:36:00
C:\WINDOWS\Unnero.exe |03/01/2004 23:07:37
C:\WINDOWS\UNNeroVision.exe |28/11/2004 21:20:07
C:\WINDOWS\unvise32.exe |06/01/2004 12:49:28
C:\WINDOWS\unvise32qt.exe |03/01/2004 22:56:33
C:\WINDOWS\Unwise.exe |09/12/2004 20:38:38
C:\WINDOWS\WNMHINDR.EXE |09/12/2004 20:39:51
C:\WINDOWS\_g6uninst.exe |06/01/2004 12:37:21
C:\WINDOWS\cygwin1.dll |16/01/2005 22:36:31
C:\WINDOWS\cygz.dll |16/01/2005 22:36:31
C:\WINDOWS\eio.dll |02/05/2004 07:33:18
C:\WINDOWS\esellerateEngine.dll |08/10/2004 03:48:48
C:\WINDOWS\twain.dll |24/08/2001 13:00:00
C:\WINDOWS\twain_32.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\append.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\aswBoot.exe |22/09/2006 05:50:31
C:\WINDOWS\system32\CIMSVR.exe |11/01/2004 19:27:03
C:\WINDOWS\system32\debug.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\DivXsm.exe |09/08/2005 23:13:59
C:\WINDOWS\system32\dosx.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34
C:\WINDOWS\system32\edlin.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\exe2bin.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\fastopen.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\FileOps.exe |30/08/2006 17:27:20
C:\WINDOWS\system32\java.exe |16/02/2007 06:21:24
C:\WINDOWS\system32\javaw.exe |16/02/2007 06:21:24
C:\WINDOWS\system32\javaws.exe |16/02/2007 06:21:24
C:\WINDOWS\system32\keystone.exe |02/05/2004 07:33:23
C:\WINDOWS\system32\LVComS.exe |11/01/2004 19:00:47
C:\WINDOWS\system32\mem.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\mscdexnt.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\NeroCheck.exe |20/09/2005 20:54:07
C:\WINDOWS\system32\nlsfunc.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\nvappbar.exe |02/05/2004 07:33:23
C:\WINDOWS\system32\nvcolor.exe |24/02/2005 06:32:00
C:\WINDOWS\system32\nvdspsch.exe |28/01/2004 23:45:00
C:\WINDOWS\system32\nvsvc32.exe |02/05/2004 07:33:14
C:\WINDOWS\system32\nvudisp.exe |09/02/2004 19:18:23
C:\WINDOWS\system32\nw16.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\nwiz.exe |02/05/2004 07:33:23
C:\WINDOWS\system32\redir.exe |03/01/2004 20:29:45
C:\WINDOWS\system32\RegistryCleanerSetup.exe |05/03/2007 23:56:46
C:\WINDOWS\system32\RTLCPL.EXE |10/03/2004 18:45:36
C:\WINDOWS\system32\setver.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\share.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\slrundll.exe |27/11/2004 22:48:48
C:\WINDOWS\system32\slserv.exe |27/11/2004 22:48:48
C:\WINDOWS\system32\UNWISE.EXE |21/02/2005 19:59:57
C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48
C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48
C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48
C:\WINDOWS\system32\vwipxspx.exe |24/08/2001 13:00:00
C:\WINDOWS\system32\ZyDelReg.exe |21/09/2005 18:30:51
C:\WINDOWS\system32\a3d.dll |02/01/2004 18:14:37
C:\WINDOWS\system32\ACDV.dll |20/06/2005 13:56:52
C:\WINDOWS\system32\AGFUNC.DLL |04/01/2004 16:43:57
C:\WINDOWS\system32\amstream.dll |02/01/2004 18:22:48
C:\WINDOWS\system32\anv4disp.dll |02/05/2004 07:33:12
C:\WINDOWS\system32\anvcinst.dll |02/01/2004 18:21:47
C:\WINDOWS\system32\anvctrl.dll |02/05/2004 07:33:19
C:\WINDOWS\system32\anvioctl.dll |22/08/2002 15:56:14
C:\WINDOWS\system32\anvmini.dll |26/12/2001 03:25:30
C:\WINDOWS\system32\Asteroid5.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\Asteroid6.dll |10/05/2004 17:56:50
C:\WINDOWS\system32\ASUSASV2.DLL |11/01/2004 18:50:43
C:\WINDOWS\system32\asusosdnt.dll |02/05/2004 07:33:20
C:\WINDOWS\system32\asustips.dll |02/05/2004 07:33:18
C:\WINDOWS\system32\AsusVr.dll |02/05/2004 07:33:19
C:\WINDOWS\system32\asus_tv_tune.dll |11/01/2004 18:50:44
C:\WINDOWS\system32\ati2cqag.dll |27/11/2004 22:48:57
C:\WINDOWS\system32\ati2dvaa.dll |03/01/2004 20:30:36
C:\WINDOWS\system32\ati2dvag.dll |03/01/2004 20:30:36
C:\WINDOWS\system32\ati3d1ag.dll |03/01/2004 20:30:36
C:\WINDOWS\system32\ati3d2ag.dll |03/01/2004 20:30:36
C:\WINDOWS\system32\ati3duag.dll |27/11/2004 22:48:56
C:\WINDOWS\system32\ativtmxx.dll |27/11/2004 22:48:56
C:\WINDOWS\system32\ativvaxx.dll |27/11/2004 22:48:56
C:\WINDOWS\system32\atmfd.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\atmlib.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\Audio3D.dll |02/01/2004 18:14:37
C:\WINDOWS\system32\avisynth.dll |24/02/2004 19:47:45
C:\WINDOWS\system32\axVideoConvert.dll |19/10/2004 19:33:30
C:\WINDOWS\system32\BASSMOD.dll |02/01/2006 18:51:03
C:\WINDOWS\system32\bSearch2.dll |19/10/2004 19:33:41
C:\WINDOWS\system32\btinstall.dll |03/09/2006 14:10:27
C:\WINDOWS\system32\CIMSVRps.dll |11/01/2004 19:27:03
C:\WINDOWS\system32\CIMVIEW.dll |11/01/2004 19:27:03
C:\WINDOWS\system32\CML4.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\CML5.dll |10/05/2004 17:56:50
C:\WINDOWS\system32\cMPG1V.dll |11/01/2004 18:50:43
C:\WINDOWS\system32\cMPG2V.dll |11/01/2004 18:50:43
C:\WINDOWS\system32\compatui.dll |03/01/2004 20:30:07
C:\WINDOWS\system32\cygwin1.dll |16/01/2005 22:36:31
C:\WINDOWS\system32\cygz.dll |16/01/2005 22:36:31
C:\WINDOWS\system32\czs_ui.dll |13/05/2002 14:05:32
C:\WINDOWS\system32\D066UCPL.DLL |04/01/2004 16:43:57
C:\WINDOWS\system32\D066UFW.DLL |04/01/2004 16:43:57
C:\WINDOWS\system32\D066UUD.DLL |04/01/2004 16:43:57
C:\WINDOWS\system32\D066UUTY.DLL |04/01/2004 16:43:57
C:\WINDOWS\system32\DBCLIENT.DLL |09/05/2004 17:16:17
C:\WINDOWS\system32\Decomb.dll |24/02/2004 19:47:45
C:\WINDOWS\system32\deimg.dll |13/05/2002 14:05:32
C:\WINDOWS\system32\deImg010.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\deImg110.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\deimg301.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\deimg401.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\deImg404.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\deimg602.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\Deimg603.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\DEMOMCDVD_32.DLL |23/11/2004 11:05:40
C:\WINDOWS\system32\dgrpsetu.dll |02/01/2004 17:23:05
C:\WINDOWS\system32\dgsetup.dll |02/01/2004 17:23:05
C:\WINDOWS\system32\DivX.dll |26/03/2002 20:18:21
C:\WINDOWS\system32\divx_xx07.dll |09/08/2005 23:13:52
C:\WINDOWS\system32\divx_xx0c.dll |09/08/2005 23:13:51
C:\WINDOWS\system32\divx_xx11.dll |09/08/2005 23:13:51
C:\WINDOWS\system32\dpl100.dll |09/08/2005 23:12:28
C:\WINDOWS\system32\dpu11.dll |09/08/2005 23:12:27
C:\WINDOWS\system32\dpuGUI11.dll |09/08/2005 23:12:28
C:\WINDOWS\system32\dpus11.dll |09/08/2005 23:12:27
C:\WINDOWS\system32\dpv11.dll |09/08/2005 23:12:27
C:\WINDOWS\system32\DRAGNKL1.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\dtu100.dll |09/08/2005 23:12:28
C:\WINDOWS\system32\eiomini.dll |02/05/2004 07:33:20
C:\WINDOWS\system32\encdec.dll |26/11/2002 15:15:52
C:\WINDOWS\system32\EqnClass.Dll |02/01/2004 17:23:04
C:\WINDOWS\system32\Fs40uUsd.dll |05/09/2006 08:40:51
C:\WINDOWS\system32\FViGxDS1.dll |08/04/1999 14:47:00
C:\WINDOWS\system32\gsLPAC.dll |19/10/2004 19:33:40
C:\WINDOWS\system32\HHActiveX.dll |20/03/2002 21:01:58
C:\WINDOWS\system32\HPODXPAT.DLL |27/05/2004 14:00:52
C:\WINDOWS\system32\hpzcoi05.dll |18/03/2002 12:52:42
C:\WINDOWS\system32\hpzcon05.dll |18/03/2002 12:52:42
C:\WINDOWS\system32\hpzlnt05.dll |18/03/2002 12:52:43
C:\WINDOWS\system32\hsfcisp2.dll |27/11/2004 22:48:53
C:\WINDOWS\system32\hticons.dll |02/01/2004 17:50:51
C:\WINDOWS\system32\hypertrm.dll |02/01/2004 17:50:51
C:\WINDOWS\system32\Iacenc.dll |18/11/1998 15:33:16
C:\WINDOWS\system32\iccvid.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\Igxbm40.dll |17/05/2000 10:13:34
C:\WINDOWS\system32\Igxfrm2x.dll |03/05/1999 11:12:28
C:\WINDOWS\system32\IGXFRM40.dll |07/03/2001 16:10:12
C:\WINDOWS\system32\igxwlcm2.dll |02/06/2000 07:57:48
C:\WINDOWS\system32\imagr5.dll |20/09/2005 20:54:08
C:\WINDOWS\system32\imagx5.dll |20/09/2005 20:54:08
C:\WINDOWS\system32\ImagX7.dll |28/11/2004 21:12:37
C:\WINDOWS\system32\ImagXpr5.dll |20/09/2005 20:54:08
C:\WINDOWS\system32\ImagXpr7.dll |28/11/2004 21:12:37
C:\WINDOWS\system32\ImagXR7.dll |28/11/2004 21:12:37
C:\WINDOWS\system32\ImagXRA7.dll |28/11/2004 21:12:37
C:\WINDOWS\system32\indounin.dll |27/01/1999 13:39:06
C:\WINDOWS\system32\InsDrvZD.dll |21/09/2005 18:30:49
C:\WINDOWS\system32\ir32_32.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\ir41_qc.dll |14/11/2002 12:59:36
C:\WINDOWS\system32\ir41_qcx.dll |14/11/2002 12:59:36
C:\WINDOWS\system32\ir50_qc.dll |14/11/2002 12:59:38
C:\WINDOWS\system32\ir50_qcx.dll |14/11/2002 12:59:40
C:\WINDOWS\system32\isrdbg32.dll |02/01/2004 17:52:10
C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 07:56:08
C:\WINDOWS\system32\JGA1500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGAA500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGAD500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGAP500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGAR500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGAU500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\jgaw400.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\JGDR500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\jgdw400.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\JGDW500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGEA500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGED500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGEM500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGFI500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGFR500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGFS500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGGI500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGI1500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGI3500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGI5500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGID500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGIP500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGIQ500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGIT500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGM1500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGMC500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\jgmd400.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\JGME500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGMI500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGMP500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGN1500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGOS500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGPD500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\jgpl400.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\JGPL500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGPP500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGS1500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGS3500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\jgsd400.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\jgsh400.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\JGSN500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\JGST500.DLL |13/05/2002 15:13:58
C:\WINDOWS\system32\jkhhi.dll |05/03/2007 22:38:29
C:\WINDOWS\system32\lame_enc.dll |19/10/2004 21:55:41
C:\WINDOWS\system32\Lfbmp10n.dll |29/03/1999 11:04:52
C:\WINDOWS\system32\Lfcal10n.dll |29/03/1999 11:04:52
C:\WINDOWS\system32\Lfcmp10n.dll |29/03/1999 11:04:52
C:\WINDOWS\system32\Lffax10n.dll |29/03/1999 11:04:52
C:\WINDOWS\system32\Lffpx10n.dll |29/03/1999 11:04:52
C:\WINDOWS\system32\Lffpx7.dll |21/11/1997 17:03:20
C:\WINDOWS\system32\Lfgif10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfica10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfimg10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfkodak.dll |30/09/1997 13:30:02
C:\WINDOWS\system32\Lflmb10n.dll |30/11/1998 12:52:52
C:\WINDOWS\system32\Lfmac10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfmsp10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfpcd10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfpct10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfpcx10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfpng10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfpsd10n.dll |29/03/1999 11:04:54
C:\WINDOWS\system32\Lfras10n.dll |29/03/1999 11:04:56
C:\WINDOWS\system32\Lftga10n.dll |29/03/1999 11:04:56
C:\WINDOWS\system32\Lftif10n.dll |29/03/1999 11:04:56
C:\WINDOWS\system32\Lfwfx10n.dll |29/03/1999 11:04:56
C:\WINDOWS\system32\libcurl.dll |05/09/2006 08:40:53
C:\WINDOWS\system32\libeay32.dll |09/08/2005 23:13:31
C:\WINDOWS\system32\libssl32.dll |05/09/2006 08:40:54
C:\WINDOWS\system32\lpaccodec.dll |19/10/2004 19:33:40
C:\WINDOWS\system32\lpac_codec_api.dll |19/10/2004 19:33:40
C:\WINDOWS\system32\Ltann10n.dll |01/12/1998 12:58:18
C:\WINDOWS\system32\Ltdis10n.dll |29/03/1999 11:04:56
C:\WINDOWS\system32\Ltfil10n.dll |01/12/1998 12:58:14
C:\WINDOWS\system32\ltfyqvvp.dll |06/03/2007 23:28:13
C:\WINDOWS\system32\Ltimg10n.dll |30/11/1998 12:09:14
C:\WINDOWS\system32\Ltkrn10n.dll |01/12/1998 12:58:06
C:\WINDOWS\system32\lvcodec2.dll |11/01/2004 19:00:46
C:\WINDOWS\system32\lvcoinst.dll |11/01/2004 19:00:48
C:\WINDOWS\system32\LVComC.dll |11/01/2004 19:00:47
C:\WINDOWS\system32\LVUI2.dll |11/01/2004 19:00:47
C:\WINDOWS\system32\LVUI2RC.dll |11/01/2004 19:27:47
C:\WINDOWS\system32\MACDll.dll |19/10/2004 19:33:40
C:\WINDOWS\system32\malslib.dll |20/04/2005 20:11:35
C:\WINDOWS\system32\mdmxsdk.dll |27/11/2004 22:48:52
C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06
C:\WINDOWS\system32\MimicICM.dll |11/01/2004 19:27:03
C:\WINDOWS\system32\mp4fil32.dll |26/03/2002 20:18:22
C:\WINDOWS\system32\MPEG2DEC.dll |24/02/2004 19:47:45
C:\WINDOWS\system32\MpegAudio.dll |14/03/2005 07:28:42
C:\WINDOWS\system32\MpegVideo.dll |14/03/2005 07:28:42
C:\WINDOWS\system32\msdmo.dll |02/01/2004 18:22:49
C:\WINDOWS\system32\msencode.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 20:46:58
C:\WINDOWS\system32\mtxparhd.dll |27/11/2004 22:48:50
C:\WINDOWS\system32\MultiSZ.dll |03/01/2004 23:07:36
C:\WINDOWS\system32\NEFLibrary2.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\NEFLibrary3.dll |10/05/2004 17:56:51
C:\WINDOWS\system32\NkNEFPlugin.dll |02/01/2006 18:55:22
C:\WINDOWS\system32\NMH040A.DLL |09/12/2004 20:39:51
C:\WINDOWS\system32\NMOCOD.DLL |14/03/2004 18:27:32
C:\WINDOWS\system32\NMORENU.DLL |14/03/2004 18:27:33
C:\WINDOWS\system32\NMSCKN.DLL |14/03/2004 18:27:33
C:\WINDOWS\system32\NMW3VWN.DLL |14/03/2004 18:27:33
C:\WINDOWS\system32\Npindeo.dll |20/11/1998 13:38:58
C:\WINDOWS\system32\nv4_disp.dll |02/05/2004 07:33:12
C:\WINDOWS\system32\nvcod.dll |02/05/2004 07:33:21
C:\WINDOWS\system32\nvcodins.dll |02/05/2004 07:33:21
C:\WINDOWS\system32\nvcpl.dll |02/05/2004 07:33:14
C:\WINDOWS\system32\nvgpio.dll |02/05/2004 07:33:19
C:\WINDOWS\system32\nvhwvid.dll |24/02/2005 06:32:00
C:\WINDOWS\system32\nview.dll |02/05/2004 07:33:23
C:\WINDOWS\system32\nvmctray.dll |02/05/2004 07:33:15
C:\WINDOWS\system32\nvnt4cpl.dll |02/05/2004 07:33:16
C:\WINDOWS\system32\nvoglnt.dll |02/05/2004 07:33:14
C:\WINDOWS\system32\nvrsar.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrscs.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsda.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsde.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsel.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrseng.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrses.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsesm.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsfi.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsfr.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrshe.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrshu.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsit.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsja.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsko.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsnl.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsno.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrspl.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrspt.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsptb.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrsru.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrssk.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrssl.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrssv.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrstr.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrszhc.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvrszht.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvshell.dll |02/05/2004 07:33:23
C:\WINDOWS\system32\nvwddi.dll |02/05/2004 07:33:16
C:\WINDOWS\system32\nvwdmcpl.dll |02/05/2004 07:33:16
C:\WINDOWS\system32\nvwimg.dll |02/05/2004 07:33:23
C:\WINDOWS\system32\nvwrsar.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrscs.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsda.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsde.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsel.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrseng.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrses.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsesm.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsfi.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsfr.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrshe.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrshu.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsit.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsja.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsko.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsnl.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsno.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrspl.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrspt.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsptb.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrsru.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrssk.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrssl.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrssv.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrstr.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrszhc.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\nvwrszht.dll |06/10/2003 14:16:00
C:\WINDOWS\system32\opshel32.dll |04/01/2004 16:47:08
C:\WINDOWS\system32\osdmini.dll |02/05/2004 07:33:20
C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16
C:\WINDOWS\system32\PcdLib32.dll |25/02/1998 10:45:10
C:\WINDOWS\system32\pdfcmnnt.dll |30/06/2006 22:30:27
C:\WINDOWS\system32\picn1020.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\picn1120.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\picn20.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\Pixdfltn.dll |04/05/2000 12:55:46
C:\WINDOWS\system32\Pixlocn.dll |04/05/2000 12:55:46
C:\WINDOWS\system32\Pixpermn.dll |04/05/2000 12:55:46
C:\WINDOWS\system32\pscAdimg.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscCllct.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscCStUI.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscDcd.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscDevUI.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscDvlp.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\Pscl2STI.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscll.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscParse.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\pscSetup.dll |13/05/2002 14:05:34
C:\WINDOWS\system32\psdkdll.dll |13/05/2002 14:05:36
C:\WINDOWS\system32\psdkReg.dll |13/05/2002 14:05:36
C:\WINDOWS\system32\PsisDecd.dll |03/01/2004 22:31:32
C:\WINDOWS\system32\psParse.dll |13/05/2002 14:05:36
C:\WINDOWS\system32\PVLJPG20.DLL |25/02/2003 09:36:02
C:\WINDOWS\system32\Pvmjpg20.dll |19/12/2000 12:26:54
C:\WINDOWS\system32\PVWV220.DLL |25/02/2003 09:32:24
C:\WINDOWS\system32\qedwipes.dll |02/01/2004 18:22:49
C:\WINDOWS\system32\qt-dx331.dll |09/08/2005 23:12:28
C:\WINDOWS\system32\RCSigProc.dll |10/05/2004 17:56:48
C:\WINDOWS\system32\RedEye.dll |10/05/2004 17:56:52
C:\WINDOWS\system32\rpcc.dll |05/03/2007 19:43:10
C:\WINDOWS\system32\RTLCPAPI.dll |10/03/2004 18:45:36
C:\WINDOWS\system32\S32EVNT1.DLL |04/01/2004 19:32:06
C:\WINDOWS\system32\s3gnb.dll |27/11/2004 22:48:49
C:\WINDOWS\system32\sbe.dll |26/11/2002 15:15:50
C:\WINDOWS\system32\scnlib32.dll |04/05/2000 12:58:02
C:\WINDOWS\system32\scriptpw.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\sffcbodx.dll |05/03/2007 22:39:06
C:\WINDOWS\system32\Sig_Proc.dll |03/01/2004 21:44:27
C:\WINDOWS\system32\slbcsp.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\slbiop.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\slbrccsp.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\slcoinst.dll |27/11/2004 22:48:48
C:\WINDOWS\system32\slextspk.dll |27/11/2004 22:48:48
C:\WINDOWS\system32\slgen.dll |27/11/2004 22:48:48
C:\WINDOWS\system32\sokubdi.dll |05/03/2007 19:44:15
C:\WINDOWS\system32\sonymaea.dll |06/09/2005 20:47:40
C:\WINDOWS\system32\sonymaeb.dll |06/09/2005 20:47:40
C:\WINDOWS\system32\sonymqad.dll |06/09/2005 20:47:39
C:\WINDOWS\system32\sonymsea.dll |06/09/2005 20:47:40
C:\WINDOWS\system32\sonymvdp.dll |06/09/2005 20:47:40
C:\WINDOWS\system32\sonymvea.dll |06/09/2005 20:47:40
C:\WINDOWS\system32\sonymveb.dll |06/09/2005 20:47:41
C:\WINDOWS\system32\sonymvec.dll |06/09/2005 20:47:41
C:\WINDOWS\system32\sonymvqt.dll |06/09/2005 20:47:40
C:\WINDOWS\system32\sonytsea.dll |06/09/2005 20:47:41
C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18
C:\WINDOWS\system32\spxcoins.dll |02/01/2004 17:23:05
C:\WINDOWS\system32\ssleay32.dll |09/08/2005 23:13:31
C:\WINDOWS\system32\StdFilters2.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\StdFilters3.dll |10/05/2004 17:56:52
C:\WINDOWS\system32\Strato3.dll |03/01/2004 21:44:28
C:\WINDOWS\system32\Strato4.dll |10/05/2004 17:56:53
C:\WINDOWS\system32\Strato5.dll |02/01/2006 18:55:18
C:\WINDOWS\system32\tsd32.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\TwnLib20.dll |28/11/2004 21:12:37
C:\WINDOWS\system32\TwnLib4.dll |28/11/2004 21:19:50
C:\WINDOWS\system32\UCS32P.DLL |04/01/2004 16:43:57
C:\WINDOWS\system32\UNACEV2.DLL |21/03/2002 15:39:02
C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\vtutu.dll |05/03/2007 22:38:29
C:\WINDOWS\system32\win87em.dll |24/08/2001 13:00:00
C:\WINDOWS\system32\WNASPI32.DLL |10/09/1999 12:06:00
C:\WINDOWS\system32\XVID.DLL |24/02/2004 19:48:38
C:\WINDOWS\system32\yaywvvw.dll |05/03/2007 19:44:10
C:\WINDOWS\system32\ZDBRGDLL.dll |21/09/2005 18:30:51
C:\WINDOWS\system32\ZDPN50.dll |21/09/2005 18:30:51
C:\WINDOWS\system32\_psisdecd.dll |24/12/2006 11:59:10

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\WINDOWS\system

10/09/1999 12:06 4 672 WOWPOST.EXE
1 fichier(s) 4 672 octets
0 Rép(s) 28 263 833 600 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\WINDOWS\system32

19/08/2004 16:09 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 28 263 833 600 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\WINDOWS\Downloaded Program Files

07/03/2007 06:50 <REP> .
07/03/2007 06:50 <REP> ..
07/12/2004 16:07 32 bdcore.dll
01/03/2005 14:08 118 784 bdupd.dll
06/03/2007 22:54 <REP> CONFLICT.1
06/03/2007 07:05 <REP> CONFLICT.2
06/03/2007 07:05 <REP> CONFLICT.3
06/03/2007 07:05 <REP> CONFLICT.4
02/01/2004 17:53 65 desktop.ini
28/01/2004 15:57 232 dtc32.inf
25/07/2002 16:13 24 576 dwusplay.dll
25/07/2002 16:13 196 608 dwusplay.exe
03/10/2005 14:43 274 432 fixengine.dll
21/07/2006 11:30 1 703 GuidedSolutions.inf
26/06/2006 12:30 346 680 hpbasicdetection3.dll
21/07/2006 11:30 221 184 HPCommunication.dll
08/07/2005 15:22 319 488 HPeDiag.dll
14/09/2006 17:30 88 136 HPGetDownloadManager.ocx
11/08/2005 10:11 135 168 hpscripting.dll
13/05/2004 17:03 348 160 inotes.dll
24/03/2005 10:40 860 inotes.inf
08/04/2006 22:59 274 432 InternetUtil2.dll
01/03/2005 14:08 53 248 ipsupd.dll
25/07/2002 16:05 172 032 isusweb.dll
25/08/2003 18:12 1 096 iuctl.inf
12/10/2006 03:07 898 jinstall-1_5_0_09.inf
08/08/2006 11:45 576 kavwebscan.inf
09/03/2005 15:42 6 742 lang.ini
27/07/2006 12:52 367 LegitCheckControl.inf
07/12/2004 16:07 32 libfn.dll
18/02/2005 16:22 126 live.ini
29/05/2003 15:00 160 864 messengerstatsclient.dll
29/05/2003 15:00 77 408 msgrchkr.dll
01/06/2006 02:57 1 331 oscan8.inf
01/06/2006 02:54 471 040 oscan8.ocx
31/05/2006 04:15 10 oscan81.ocx_x
25/02/2004 14:45 307 200 rulesengine.dll
09/03/2005 15:43 6 828 scanoptions.tsi
09/11/2006 14:36 5 019 swflash.inf
27/06/2006 21:25 229 984 XUpload.ocx
34 fichier(s) 3 845 341 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1

06/03/2007 22:54 <REP> .
06/03/2007 22:54 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2

06/03/2007 07:05 <REP> .
06/03/2007 07:05 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.3

06/03/2007 07:05 <REP> .
06/03/2007 07:05 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.4

06/03/2007 07:05 <REP> .
06/03/2007 07:05 <REP> ..
0 fichier(s) 0 octets

Total des fichiers listés :
34 fichier(s) 3 845 341 octets
14 Rép(s) 28 263 829 504 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Liste des programmes installes

a-squared Free 2.1
ACDSee 9 Gestionnaire de photos
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Help Center 2.0
Adobe Illustrator 10 Evaluation
Adobe Lightroom
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Photoshop Elements
Adobe Reader 7.0.8 - Français
Adobe Stock Photos 1.0
Adobe SVG Viewer 3.0
Alcohol 120%
ArcSoft Panorama Maker 3.0
ASUS Digital VCR
ASUS Display Drivers
ASUS Display Drivers
ASUS GameFace
ASUS GameFace
ASUS SmartDoctor
ASUS SmartDoctor
ASUSDVD XP
AutoUpdate
avast! Antivirus
AVG Anti-Spyware 7.5
BetaPlayer
BlueSoleil
Broadcom Gigabit Integrated Controller
Broadcom Gigabit Integrated Controller
Caere Scan Manager 5.1
Canon-SE TWAIN
Canon ScanGear Toolbox CS 2.5
Canon ScanGear Toolbox FAU 2.5
Capture NX
Cariboost Free Edition v1
CCleaner (remove only)
Correctif pour Windows XP (KB914440)
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885884
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893066
Correctif Windows XP - KB893086
COSMOPOLITAN Virtual Look 3
cTide (remove only)
DirectUpdate
DivX
DivX 5.0.2 Pro Bundle
DivXG400
DVD Audio Extractor 4.2.0
eMule
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP
FileZilla (remove only)
Free - Kit de connexion
Fugawi 3.0.3 Update
Google Earth
GpsGate
GpsViewer
Grand Atlas Routier et Touristique de France
GXTranscoder
h5400_h5500 WLAN Driver 133_Fra
HijackThis 1.99.1
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
hp deskjet 5550 series (Supprimer uniquement)
HP Photosmart Essential
hp print screen utility
HP Software Update
IGN Rando
Img2Ozf Version 2
IrfanView (remove only)
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_04
K!TV
Kaspersky On-line Scanner
Kaspersky Online Scanner
Kasuei Hitchhiker
KC Softwares VideoInspector
la version d'évaluation de Namo WebEdiotor 6
Label Maker Plus 2.1
Lecteur Windows Media 11
Logitech Desktop Messenger
Logitech IM Video Companion
Logitech SetPoint
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Macromedia Shockwave Player
Magic Function
MainConcept DV Codec
MainConcept DV Codec
MainConcept MainActor v5.2
MainConcept MainActor v5.2
MapSource
MapSource
MapSource - European Roads and Recreation v4.00
MapSource - Trip & Waypoint Manager v2
MapSource - Trip & Waypoint Manager v2
MediaPortal
Memory-Map Navigator
Micrografx Designer 9.0
Microsoft .NET Compact Framework 1.0 SP3
Microsoft .NET Compact Framework 2.0 SP1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft ActiveSync 4.0
Microsoft AutoRoute
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Flight Simulator 2004 Un siècle d'aviation
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 CD-ROM 2
Microsoft Office XP Professional avec FrontPage
Microsoft SQL Server 2005 Mobile Edition Device SDK
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896422)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896424)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899589)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB905915)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB908531)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911567)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912812)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913446)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB916281)
Mise à jour de sécurité pour Windows XP (KB917159)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917422)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918118)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB918899)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920214)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921398)
Mise à jour de sécurité pour Windows XP (KB921883)
Mise à jour de sécurité pour Windows XP (KB922616)
Mise à jour de sécurité pour Windows XP (KB922760)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923694)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924191)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924496)
Mise à jour de sécurité pour Windows XP (KB924667)
Mise à jour de sécurité pour Windows XP (KB925486)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour de sécurité pour Windows XP (KB926436)
Mise à jour de sécurité pour Windows XP (KB927779)
Mise à jour de sécurité pour Windows XP (KB927802)
Mise à jour de sécurité pour Windows XP (KB928255)
Mise à jour de sécurité pour Windows XP (KB928843)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB904942)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mise à jour pour Windows XP (KB931836)
Monitor Calibration Wizard 1.0
Monkey's Audio
MouseRemote (TM)
MovieShaker 3.1 pour MICROMV
Mozilla Firefox (2.0.0.1)
MSXML 4.0 SP2 (KB927978)
Namo WebUtilities
Neodivx
Nero 6 Ultra Edition
NeroVision Express 3
Nikon Message Center
Nikon View 6
NikonCapture
NVIDIA Drivers
NVIDIA WDM Drivers
Nvu 1.0
OmniPage Pro 9.0
Orb
OziExplorer 3.95
PDAwin TV remote controller
PDFCreator
PhotoFiltre
PICVideo Codecs
Pinnacle MPEG Realtime Codec
PPC 2003 - MSN (R) Messenger Update
PPC 2003 - MSN (R) Messenger Update
QuickPar 0.9
QuickTime
Realtek AC'97 Audio
Rippack v3 beta 16.1
SAGEM F@st 800-908
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update pour Microsoft .NET Framework 2.0 (KB917283)
Skype 2.5
Skype with Doro225
Spybot - Search & Destroy 1.4
Symantec Network Driver Update
Theme Generator V2
USB Mass Storage Reader
Visionneuse Journal Windows Microsoft
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB894476
Windows Media Player 11
Windows Movie Maker 2 Winter Fun Pack
Windows Movie Maker 2.0
Windows XP Service Pack 2
WinFlash
WinRAR Archiveur
WinZip
X10 Hardware(TM)
XPC 802.11b+g Wireless Kit

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\Program Files

02/03/2007 19:24 <REP> Adobe
06/03/2007 07:04 <REP> a-squared Free
06/03/2007 18:06 <REP> CCleaner
22/10/2004 17:56 <REP> cTide
13/01/2007 18:04 <REP> CyberLink
09/05/2004 16:24 <REP> DirectUpdate
02/07/2005 07:20 <REP> directx
14/10/2005 20:33 <REP> DivX
13/01/2007 19:54 <REP> DVD Audio Extractor
02/07/2005 07:20 <REP> easydivx
05/03/2007 19:28 <REP> e....
01/01/2007 17:34 <REP> ffdshow
13/01/2007 18:03 <REP> Fichiers communs
16/04/2006 20:07 <REP> FileZilla
26/03/2004 18:50 <REP> Free.fr
05/09/2006 08:48 <REP> G6 FTP Server
25/06/2004 18:45 <REP> garmin
21/07/2005 21:19 <REP> Google
28/04/2004 18:20 <REP> Grand Atlas Routier France
06/03/2007 18:22 <REP> Grisoft
02/07/2005 07:20 <REP> GSpot
10/06/2004 22:02 <REP> GT2002
15/01/2007 18:35 <REP> GXTranscoder
19/10/2006 06:44 <REP> Hewlett-Packard
05/01/2004 18:41 <REP> HighMAT CD Writing Wizard
19/10/2006 06:46 <REP> HP
04/01/2004 16:40 <REP> hp deskjet 5550 series
14/03/2004 18:27 <REP> IGN Rando
22/09/2006 07:00 <REP> Indentsoft Label Maker Plus
02/01/2004 18:14 <REP> Intel
18/02/2007 17:57 <REP> Internet Explorer
30/09/2006 06:32 <REP> Intuisphere
02/01/2005 17:53 <REP> IrfanView
03/09/2006 14:13 <REP> IVT Corporation
16/02/2007 06:21 <REP> Java
19/10/2006 05:04 <REP> K!TV
06/07/2005 18:38 <REP> KC Softwares
31/12/2006 12:55 <REP> KeyGen Crack
28/06/2006 21:08 <REP> Label Wizard
05/09/2006 08:40 <REP> LaserSoft
13/01/2007 18:04 <REP> Logitech
02/07/2005 07:20 <REP> LOXANE
31/10/2006 07:22 <REP> Macromedia
04/09/2004 15:35 <REP> Maction
02/04/2004 18:55 <REP> Magic Function
13/09/2006 07:45 <REP> MainConcept
17/03/2004 22:06 <REP> Memory-Map
09/02/2005 17:40 <REP> Messenger
03/05/2004 21:17 <REP> Micrografx
06/01/2007 19:01 <REP> Microsoft .NET Compact Framework 1.0 SP3
10/02/2007 08:06 <REP> Microsoft ActiveSync
20/02/2004 22:04 <REP> Microsoft AutoRoute
03/01/2004 22:50 <REP> microsoft frontpage
14/03/2004 19:07 <REP> Microsoft Games
06/01/2004 12:37 <REP> Microsoft Office
30/11/2006 07:09 <REP> Microsoft SQL Server 2005 Mobile Edition
06/01/2007 19:06 <REP> Microsoft.NET
01/09/2006 13:10 <REP> Monitor Calibration Wizard
02/07/2005 07:21 <REP> Monkey's Audio
02/07/2005 07:20 <REP> Morgan
24/12/2004 17:01 <REP> MouseRemote
06/09/2005 20:26 <REP> Movie Maker
01/01/2007 15:42 <REP> Mozilla Firefox
02/01/2004 17:51 <REP> MSN
02/01/2004 17:50 <REP> MSN Gaming Zone
02/03/2007 06:47 <REP> MSN Messenger
25/12/2006 17:02 <REP> MSXML 4.0
12/01/2007 06:40 <REP> MUSICMATCH
04/09/2006 13:49 <REP> Namo
02/07/2005 07:16 <REP> NetMeeting
06/01/2007 07:32 <REP> Nikon
11/09/2006 07:43 <REP> Nvu
24/04/2004 21:04 <REP> OfficeUpdate11
06/10/2006 17:58 <REP> Orb Networks
18/12/2006 21:37 <REP> Outlook Express
12/07/2004 22:02 <REP> OziExplorer
30/06/2006 22:31 <REP> PDFCreator
17/02/2007 17:22 <REP> PhotoFiltre
02/07/2005 07:52 <REP> Pinnacle
27/12/2004 22:35 <REP> QuickPar
02/07/2005 07:22 <REP> QuickTime
11/01/2004 19:26 <REP> Real
02/07/2005 07:20 <REP> Realtek Sound Manager
06/03/2007 07:05 <REP> RealVNC
13/02/2004 19:24 <REP> RegCleaner
06/02/2005 19:20 <REP> Rippackv3
02/01/2004 17:53 <REP> Services en ligne
01/07/2004 20:45 <REP> Skype
04/01/2007 07:12 <REP> Skype with Doro225
30/06/2005 18:28 <REP> SmartSound Software
03/01/2004 22:50 <REP> Snapshot Viewer
06/09/2005 20:47 <REP> Sony
05/03/2007 22:58 <REP> Spybot - Search & Destroy
03/05/2004 21:15 <REP> Ssce
19/10/2006 04:39 <REP> Team MediaPortal
04/01/2007 07:19 <REP> Theme Generator
19/10/2006 04:33 <REP> Visicom Media
02/07/2005 07:20 <REP> WDGPS
29/04/2004 22:51 <REP> Webteh
02/07/2005 07:20 <REP> WinAce
04/11/2004 16:46 <REP> Winamp
06/01/2004 12:01 <REP> Windows Journal Viewer
11/01/2004 19:26 <REP> Windows Media Components
08/12/2006 22:00 <REP> Windows Media Connect 2
08/12/2006 22:58 <REP> Windows Media Player
27/11/2004 22:44 <REP> Windows NT
05/01/2004 18:43 <REP> Windows XP Fun Pack
02/07/2005 07:21 <REP> WinISO
06/01/2004 12:29 <REP> WinRAR
30/06/2006 22:05 <REP> WinZip
01/03/2007 07:22 <REP> WLAN
24/12/2004 17:09 <REP> X10 Hardware
02/01/2004 17:54 <REP> xerox
23/02/2005 19:58 <REP> XoftSpy
16/09/2006 07:07 <REP> Xpress Software
18/12/2006 21:23 <REP> Yahoo!
0 fichier(s) 0 octets
116 Rép(s) 28 263 501 824 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\Program Files\fichiers communs

13/01/2007 18:03 <REP> .
13/01/2007 18:03 <REP> ..
18/12/2006 21:35 <REP> ACD Systems
11/10/2006 06:00 <REP> Adobe
25/09/2006 06:44 <REP> Adobe Systems Shared
28/11/2004 21:12 <REP> Ahead
04/01/2004 16:47 <REP> Caere
03/01/2004 22:47 <REP> Designer
02/07/2005 07:28 <REP> Fugawi
28/04/2004 18:20 <REP> GIS
19/10/2006 06:46 <REP> HP
03/05/2004 21:15 <REP> iGrafx
02/07/2005 07:20 <REP> InstallShield
09/04/2004 11:21 <REP> Java
24/12/2006 11:56 <REP> Logitech
31/10/2006 07:23 <REP> Macromedia
28/04/2004 18:20 <REP> Mapserv
19/10/2006 06:47 <REP> Microsoft Shared
02/01/2004 17:51 <REP> MSSoap
06/01/2007 07:32 <REP> Nikon
02/07/2005 07:20 <REP> ODBC
07/06/2004 21:45 <REP> Real
02/01/2004 17:52 <REP> Services
03/01/2004 22:58 <REP> Sony Shared
02/01/2004 17:23 <REP> SpeechEngines
19/12/2006 06:18 <REP> System
02/07/2005 07:20 <REP> Ulead Systems
07/07/2005 20:06 <REP> Vbox
01/07/2006 17:37 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
29 Rép(s) 28 263 510 016 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

06/01/2004 12:38 <REP> .
06/01/2004 12:38 <REP> ..
06/01/2004 12:37 <REP> 1033
06/01/2004 12:38 <REP> 1036
15/02/2001 06:45 1 318 912 MSONSEXT.DLL
03/06/1999 14:09 122 937 MSOWS409.DLL
07/03/2001 09:00 127 033 MSOWS40c.DLL
06/08/2000 10:04 401 462 MSVCP60.DLL
22/01/2001 04:25 69 632 PKMAXCTL.DLL
22/01/2001 04:25 872 448 PKMCDO.DLL
22/01/2001 04:25 159 744 PKMCORE.DLL
07/02/2001 10:59 106 496 PKMFORMS.DLL
12/02/2001 05:03 684 032 PKMRES.DLL
22/01/2001 04:25 28 672 PKMSSTLB.DLL
22/01/2001 04:25 40 960 PKMTEMPL.DLL
22/01/2001 04:25 24 576 PKMTRACE.DLL
22/01/2001 04:25 86 016 PKMWS.DLL
22/01/2001 04:25 237 568 PROMDEMO.DLL
18/03/1999 06:37 593 977 RAGENT.DLL
22/01/2001 04:25 184 320 SECMGR.DLL
22/01/2001 04:25 323 584 VAIDDMGR.DLL
22/01/2001 04:25 32 768 VAIMEM.DLL
18 fichier(s) 5 415 137 octets
4 Rép(s) 28 263 510 016 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\Program Files\common files

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6885-B50F

Répertoire de C:\

11/11/2001 00:00 68 096 diff.exe
27/08/2006 14:10 103 424 grep.exe
2 fichier(s) 171 520 octets
0 Rép(s) 28 263 510 016 octets libres
c:\Documents and Settings\All Users\Application Data\vidcap\vidcap.exe
c:\Documents and Settings\All Users\Menu Démarrer\Programmes\Award Utility\WinFlash.EXE
c:\Documents and Settings\BB443B11-7D12-450c-9F85-2D32804655F9\temp\hpfinstx.exe
c:\Documents and Settings\BB443B11-7D12-450c-9F85-2D32804655F9\temp\hpfiui.exe
c:\Documents and Settings\PG\Application Data\Image Zone Express\HPSoftwareUpdate.exe
c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{106F886B-A874-43DF-BCC4-01DB57E1F3C6}\IconTmpl5.26D6FF13_F77C_402E_8E96_9E49DFBBAF31.exe
c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{47BD3745-EAFF-48FC-A9ED-E580C681B5C4}\_18be6784.exe
c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{7A0BAED2-066E-4B4F-8FA5-472A4655F4C2}\_5af141bb.exe
c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe
c:\Documents and Settings\PG\Local Settings\Temporary Internet Files\Content.IE5\P4WVVHSE\NewMediaCodecInstaller[1].exe
c:\Documents and Settings\PG\Mes documents\oliv92.exe
c:\Documents and Settings\PG\Mes documents\SmartDoc.exe
c:\Documents and Settings\PG\Mes documents\Arnaud\ccsetup136.exe
c:\Documents and Settings\PG\Mes documents\Arnaud\Setup.exe
c:\Documents and Settings\PG\Mes documents\emule\5550-fra-win2k_xp.exe
c:\Documents and Settings\PG\Mes documents\emule\ACEMCP603PRO.exe
c:\Documents and Settings\PG\Mes documents\emule\Anonymizer_Software.exe
c:\Documents and Settings\PG\Mes documents\emule\babylon_larousse_fre_eng_spa_ger_ita_fre_multidico.exe
c:\Documents and Settings\PG\Mes documents\emule\Codec_Sniper.exe
c:\Documents and Settings\PG\Mes documents\emule\dvdaudioextractor.exe
c:\Documents and Settings\PG\Mes documents\emule\dws2_trial_e.exe
c:\Documents and Settings\PG\Mes documents\emule\dxwebsetup.exe
c:\Documents and Settings\PG\Mes documents\emule\eMule0.44b_Installer.exe
c:\Documents and Settings\PG\Mes documents\emule\eMule0.47c-Installer.exe
c:\Documents and Settings\PG\Mes documents\emule\GoogleEarth.exe
c:\Documents and Settings\PG\Mes documents\emule\grabit_grabit_anglais_11960.exe
c:\Documents and Settings\PG\Mes documents\emule\ipanonymizer.exe
c:\Documents and Settings\PG\Mes documents\emule\kav6.0.2.614fr.exe
c:\Documents and Settings\PG\Mes documents\emule\MAC_399F.exe
c:\Documents and Settings\PG\Mes documents\emule\modele_meteo_gfs_setup.exe
c:\Documents and Settings\PG\Mes documents\emule\netstumblerinstaller_0_4_0.exe
c:\Documents and Settings\PG\Mes documents\emule\PagePlus50PreloaderNoReg.exe
c:\Documents and Settings\PG\Mes documents\emule\PDFCreator-0_9_1_GPLGhostscript.exe
c:\Documents and Settings\PG\Mes documents\emule\QuickPar-0.9.1.0-FRA.exe
c:\Documents and Settings\PG\Mes documents\emule\QuickTimeFullInstaller.exe
c:\Documents and Settings\PG\Mes documents\emule\sherlock.exe
c:\Documents and Settings\PG\Mes documents\emule\ShowShifter-Setup.exe
c:\Documents and Settings\PG\Mes documents\emule\spybotsd14.exe
c:\Documents and Settings\PG\Mes documents\emule\UVS7_Patch_F.exe
c:\Documents and Settings\PG\Mes documents\emule\WM9Codecs.exe
c:\Documents and Settings\PG\Mes documents\emule\XoftSpy410.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\diff.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\dumphive.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\Fport.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\grep.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\LFiles.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\pslist.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\streams.exe
c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\swreg.exe
c:\Documents and Settings\PG\Mes documents\emule\DIVX\EasyDivX_0820_standard.exe
c:\Documents and Settings\PG\Mes documents\emule\DVB\dotnetfx.exe
c:\Documents and Settings\PG\Mes documents\emule\DVB\KTV2.3.0.1\setup-2.3.0.1.exe
c:\Documents and Settings\PG\Mes documents\emule\DVB\MediaPortal_0.2\setup.exe
c:\Documents and Settings\PG\Mes documents\emule\DVB\PouchinTV_0.3a\PouchinTV.exe
c:\Documents and Settings\PG\Mes documents\emule\flaskmpeg_078_39\FlasKMPEG.exe
c:\Documents and Settings\PG\Mes documents\emule\install_pn15G\Driver_SoftAP\Setup.exe
c:\Documents and Settings\PG\Mes documents\emule\nv7184_w2kxp\nv7184_w2kxp\nvudisp.exe
c:\Documents and Settings\PG\Mes documents\emule\nv7184_w2kxp\nv7184_w2kxp\setup.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\easygifanimator3.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\flash_flash_8_evaluation_francais_15287.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\gmg4.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\namo-webeditor_namo_webeditor_6.0_francais_10166.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\nvu_nvu_1.0_francais_11208.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\setup-e-anim7_01_004c.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\toweb_toweb_1.53_francais_15418.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\TVE2-Eval.exe
c:\Documents and Settings\PG\Mes documents\emule\outils web\webalbum_setup.exe
c:\Documents and Settings\PG\Mes documents\emule\svg_tomtom\keygen para mapas tomtom one by FL0RIAN\Keygenerator TomTom GO ONE\Key.exe
c:\Documents and Settings\PG\Mes documents\emule\svg_tomtom\Keygenerator_TomTom_GO_ONE\Keygenerator TomTom GO ONE\Key.exe
c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\Start.exe
c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\2577\AutoRun.exe
c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\2577\autorun.exe-install
c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\2577\autorun.exe-run
c:\Documents and Settings\PG\Mes documents\emule\TomTom_5.21\crack.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\autorun.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\hpzglu07.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\setup.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\setup.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\delay.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\DIRECT~1.EXE
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\hpfinstx.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\hpfldr.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\hpfsplsh.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpfpdi07.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpzghl07.exe
c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpzpin07.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\wptman.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\archives\Dossiers First30.org\Electricité\Electricité.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\archives\Dossiers First30.org\GPS 152\Updater.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\astro\snav32s.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailc4.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailc6.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailcut4.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailcut6.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\conception\vb3dlls.exe
c:\Documents and Settings\PG\Mes documents\Forcepas\tides\SETUP.EXE
c:\Documents and Settings\PG\Mes documents\Forcepas\tides\WXTIDE32.EXE
c:\Documents and Settings\PG\Mes documents\free\vlc-0.8.4a-win32.exe
c:\Documents and Settings\PG\Mes documents\Garmin\UPDATER.EXE
c:\Documents and Settings\PG\Mes documents\IPAQ\CalcNow_1.0.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\ctidesetup.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\Microsoft_eMbedded_Visual_Tools_3.0.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\NevoHP54XXUpdate.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\pqv.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\pqview.2.013_ppc.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\PToys.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\setup_msn.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\SkypeForPocketPC.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\TimePiece_1.0.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\GpsGatePPC_beta\GpsGateCE.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\chessppc_chessppc_anglais_12166.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\leofs_ppc_arm.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\Leos_Flight_Simulator_Beta_8_-_ARM_-iPaq-.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\PacFun.ARM.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\PortaPinSetup300.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\maree_ozons\calcul_maree\CalculMaréePPC.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\Mise à jour MS 2003\FRA_SP_2_00_03b.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\acrobat_reader_pour_pocket_pc_2.0_arm_ipaq_anglais_11360.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\acrobatreader-ppcARM-fr_fr.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\activesync_activesync_4.2_francais_11338.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Microsoft_Transcriber_1.51.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Pocket.15C.Scientific.Calculator.v1.0.ARM.PPC.Cracked-COREPDA\cr-p15c1\CORE10k.EXE
c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Pocket.15C.Scientific.Calculator.v1.0.ARM.PPC.Cracked-COREPDA\cr-p15c1\setup.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\PocketDivXEncoder_0.3.50.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\PocketTVSetup-0[1].15.3.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\betaplayer\betaplayer[1].setup.STABLE.0.5.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\WLAN\ReadMe.exe
c:\Documents and Settings\PG\Mes documents\IPAQ\WLAN\Setup_h54-5500WLANDrv133.exe
c

Ajouter un commentaire

Réponse

Chercheurbis 261Messages postés 13 août 2005Date d'inscription 7 mars 2007 à 22:02

Re

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

$$ TéléchargeSDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.zip

$$ Télécharge Brute Force Uninstaller (de Merijn)
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

$$ FAIS UN CLIC-DROIT sur le lien suivant
http://metallica.geekstogo.com/EGDACCESS.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

$$ FAIS UN CLIC-DROIT sur le lien suivant
http://perso.orange.fr/Chercheur-perso/scripts/toolbar.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger toolbar.bfu (de Chercheur). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : toolbar.bfu et BFU.exe (très important).

$$ Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer.
* Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

Note Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

$$ Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

$$ Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

--- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

EGDACCESS.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

--- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

toolbar.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\toolbar.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

Clique Exit pour fermer le programme BFU.

$$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout"
Double-clique sur RunThis.bat
Tape Y pour lancer le script.
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
Presse une touche pour redémarrer

Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt", le rapport qui se trouve ici C:\vundofix.txt, le rapport situé ici C:\egd.txt et un nouveau HijackThis.

Ajouter un commentaire

Réponse

forcepas 10Messages postés 14 novembre 2006Date d'inscription 8 mars 2007 à 12:11

bonjour,
voici le résultat des nettoyages de ce matin

SDFix: Version 1.69

Run by PG - 08/03/2007 @ 11:48:26,34

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Killing PID 184 'smss.exe'
Killing PID 256 'winlogon.exe'
Killing PID 256 'winlogon.exe'

Restoring Windows Registry Entries
Restoring Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\SYSTEM32\5M0T51~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\CLTEFR~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\E3B82K~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\K23I0J~1.HTM - Deleted
C:\WINDOWS\SYSTEM32\Q0FD5M~1.HTM - Deleted
C:\WINDOWS\system32\rpcc.dll - Deleted
C:\WINDOWS\system32\TFTP360 - Deleted

ADS Check:

C:\WINDOWS\system32
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:Connection Manager"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\WINDOWS\\system32\\CIMSVR.exe"="C:\\WINDOWS\\system32\\CIMSVR.exe:*:Enabled:Logitech IM Video Companion Server"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\WINDOWS\\system32\\ftp.exe"="C:\\WINDOWS\\system32\\ftp.exe:*:Disabled:Logiciel de transfert de fichiers"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Namo\\WebEditor 6 Trial\\bin\\WebEditor.exe"="C:\\Program Files\\Namo\\WebEditor 6 Trial\\bin\\WebEditor.exe:*:Disabled:Namo WebEditor 6"
"C:\\Program Files\\Namo\\WebCanvas Trial\\bin\\WebCanvas.exe"="C:\\Program Files\\Namo\\WebCanvas Trial\\bin\\WebCanvas.exe:*:Disabled:WebCanvas Application (Version d'évaluation)"
"C:\\Program Files\\Intuisphere\\Cariboost Free Edition v1\\cariboost.exe"="C:\\Program Files\\Intuisphere\\Cariboost Free Edition v1\\cariboost.exe:*:Enabled:cariboost"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe:*:Enabled:OrbTVGuide"
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe:*:Enabled:OrbChannelScan"
"C:\\Documents and Settings\\All Users\\Application Data\\Spontania4IM\\spontaniavideo.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Spontania4IM\\spontaniavideo.exe:*:Disabled:Dialcom Spontania video4IM"
"C:\\Program Files\\HP\\Image Zone Express\\HP_IZE.exe"="C:\\Program Files\\HP\\Image Zone Express\\HP_IZE.exe:*:Enabled:HP Image Zone Express"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes :

C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\GbDetect.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll
C:\Program Files\Adobe\Acrobat 7.0\Esl\AiodLite.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\ACE.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\Acrofx32.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeLinguistic.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\agldt28l.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AGM.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\atl.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXE16SharedExpat.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXE8SharedExpat.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXEParser.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\AXSLE.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\BIB.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\CoolType.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\edb1drv.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\edb500x.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\epic_eula.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\esdupdate.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\eularesen_US.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\eularesfr_FR.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\JP2KLib.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\libaglcnv28.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\Onix32.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\rt3d.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\SVGCore.DLL
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\en_US\svgrsrc.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\fr_FR\svgrsrc.dll
C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\OLS\OnlineServices.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\ACE.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\AGM.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\asn.er.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\BIB.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\BIBUtils.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\coldware.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\CoolType.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\MPS.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\OPP.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\PCDlib32.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\PDFL50.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\plugin.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Pspdll16.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Pspdll32.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Sangam.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Shfolder.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\SVGExport.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\SVGRE.dll
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\THUMBVW.DLL
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\System\AI90Res.dll
C:\Program Files\Adobe\Photoshop Elements\ACE.dll
C:\Program Files\Adobe\Photoshop Elements\ActiveShare.dll
C:\Program Files\Adobe\Photoshop Elements\AGM.dll
C:\Program Files\Adobe\Photoshop Elements\Asn.er.dll
C:\Program Files\Adobe\Photoshop Elements\Bib.dll
C:\Program Files\Adobe\Photoshop Elements\CoolType.dll
C:\Program Files\Adobe\Photoshop Elements\HtmlViewLib.dll
C:\Program Files\Adobe\Photoshop Elements\MPS.dll
C:\Program Files\Adobe\Photoshop Elements\MSVCP60.DLL
C:\Program Files\Adobe\Photoshop Elements\Msvcrt10.dll
C:\Program Files\Adobe\Photoshop Elements\pcdlib32.dll
C:\Program Files\Adobe\Photoshop Elements\PDFL47.dll
C:\Program Files\Adobe\Photoshop Elements\Photoshop.dll
C:\Program Files\Adobe\Photoshop Elements\PictureCD.dll
C:\Program Files\Adobe\Photoshop Elements\plugin.dll
C:\Program Files\Adobe\Photoshop Elements\PSUT9516.DLL
C:\Program Files\Adobe\Photoshop Elements\Psut9532.dll
C:\Program Files\Adobe\Photoshop Elements\PSViews.dll
C:\Program Files\Adobe\Photoshop Elements\SfUpload.dll
C:\Program Files\Adobe\Photoshop Elements\Shfolder.dll
C:\Program Files\Adobe\Photoshop Elements\UID.mr.dll
C:\Program Files\Adobe\Photoshop Elements\Uninst.dll
C:\Program Files\Adobe\Photoshop Elements\Modules externes\Libraries\Plugin.dll
C:\Program Files\Ahead\ImageDrive\idriveinst.dll
C:\Program Files\Ahead\ImageDrive\imagedrv.dll
C:\Program Files\Ahead\Nero\AudioPluginMgr.dll
C:\Program Files\Ahead\Nero\CDCopy.dll
C:\Program Files\Ahead\Nero\cdr100.dll
C:\Program Files\Ahead\Nero\cdr50s.dll
C:\Program Files\Ahead\Nero\CDROM.dll
C:\Program Files\Ahead\Nero\cdu920.dll
C:\Program Files\Ahead\Nero\cr2200cs.dll
C:\Program Files\Ahead\Nero\Drweb32.dll
C:\Program Files\Ahead\Nero\DVDREALLOC.dll
C:\Program Files\Ahead\Nero\Dws114x.dll
C:\Program Files\Ahead\Nero\em2v.dll
C:\Program Files\Ahead\Nero\Equalize.dll
C:\Program Files\Ahead\Nero\FATImporter.dll
C:\Program Files\Ahead\Nero\GENCUSH.dll
C:\Program Files\Ahead\Nero\Generatr.dll
C:\Program Files\Ahead\Nero\GenFAT.dll
C:\Program Files\Ahead\Nero\geniso.dll
C:\Program Files\Ahead\Nero\GenPCHy.dll
C:\Program Files\Ahead\Nero\GenUDF.dll
C:\Program Files\Ahead\Nero\image.dll
C:\Program Files\Ahead\Nero\ImageGen.dll
C:\Program Files\Ahead\Nero\ims.dll
C:\Program Files\Ahead\Nero\ISOFS.dll
C:\Program Files\Ahead\Nero\KARAOKE.dll
C:\Program Files\Ahead\Nero\mfc42.DLL
C:\Program Files\Ahead\Nero\MMC.dll
C:\Program Files\Ahead\Nero\MPGEnc.dll
C:\Program Files\Ahead\Nero\msvcrt.dll
C:\Program Files\Ahead\Nero\Nedsp.dll
C:\Program Files\Ahead\Nero\NeEm2a.dll
C:\Program Files\Ahead\Nero\NeHDBlkAccess.dll
C:\Program Files\Ahead\Nero\NeMP3Dmo.dll
C:\Program Files\Ahead\Nero\NeMP3Hlp.dll
C:\Program Files\Ahead\Nero\neroAPI.dll
C:\Program Files\Ahead\Nero\NeroCom.dll
C:\Program Files\Ahead\Nero\neroDB.dll
C:\Program Files\Ahead\Nero\neroErr.dll
C:\Program Files\Ahead\Nero\NeroMediaCon.dll
C:\Program Files\Ahead\Nero\NeroNet.dll
C:\Program Files\Ahead\Nero\neroscsi.dll
C:\Program Files\Ahead\Nero\neRSDB.dll
C:\Program Files\Ahead\Nero\NetRecorder.dll
C:\Program Files\Ahead\Nero\NeVCDEngine.dll
C:\Program Files\Ahead\Nero\newtrf.dll
C:\Program Files\Ahead\Nero\READHD16.dll
C:\Program Files\Ahead\Nero\ReadHD32.dll
C:\Program Files\Ahead\Nero\ro1420c.dll
C:\Program Files\Ahead\Nero\SHORTCUT.DLL
C:\Program Files\Ahead\Nero\TMPVImporter.dll
C:\Program Files\Ahead\Nero\UDFImporter.dll
C:\Program Files\Ahead\Nero\VCDMenu.dll
C:\Program Files\Ahead\Nero\VMPEG2Enc.dll
C:\Program Files\Ahead\Nero\VMPEGEnc.dll
C:\Program Files\Ahead\Nero\VMPEGEncNDX.dll
C:\Program Files\Ahead\Nero\WNASPI32.DLL
C:\Program Files\Ahead\Nero MediaHome\NMSIndexService.dll
C:\Program Files\Ahead\Nero MediaHome\NMSMediaServer.dll
C:\Program Files\Ahead\Nero PhotoSnap\BasicFilters.dll
C:\Program Files\Ahead\Nero PhotoSnap\FImgPlg.dll
C:\Program Files\Ahead\Nero PhotoSnap\FreeImage.dll
C:\Program Files\Ahead\Nero PhotoSnap\MFC71.dll
C:\Program Files\Ahead\Nero PhotoSnap\msvcp71.dll
C:\Program Files\Ahead\Nero PhotoSnap\msvcr71.dll
C:\Program Files\Ahead\Nero PhotoSnap\msvcrt.dll
C:\Program Files\Ahead\Nero PhotoSnap\NSPluginMgr.dll
C:\Program Files\Ahead\Nero PhotoSnap\PhotoEffects.dll
C:\Program Files\Ahead\Nero PhotoSnap\PhotoEffectsLib.dll
C:\Program Files\Ahead\Nero PhotoSnap\XImgPlg.dll
C:\Program Files\Ahead\Nero ShowTime\DriveSpeed.dll
C:\Program Files\Ahead\Nero ShowTime\NeRSDB.dll
C:\Program Files\Ahead\Nero ShowTime\NMSUPnPIndexService.dll
C:\Program Files\Ahead\Nero Wave Editor\waveedit.dll
C:\Program Files\Ahead\NeroVision\AMCDocBase.dll
C:\Program Files\Ahead\NeroVision\AMCDOM.dll
C:\Program Files\Ahead\NeroVision\AMCUIBase.dll
C:\Program Files\Ahead\NeroVision\DVDBlockAcc.dll
C:\Program Files\Ahead\NeroVision\DVDDoc.DLL
C:\Program Files\Ahead\NeroVision\DVDEngine.dll
C:\Program Files\Ahead\NeroVision\DVDUI.DLL
C:\Program Files\Ahead\NeroVision\em2v.DLL
C:\Program Files\Ahead\NeroVision\ExpressDoc.DLL
C:\Program Files\Ahead\NeroVision\ExpressUI.dll
C:\Program Files\Ahead\NeroVision\GCCore.dll
C:\Program Files\Ahead\NeroVision\GCFX.DLL
C:\Program Files\Ahead\NeroVision\GCHW.DLL
C:\Program Files\Ahead\NeroVision\GCHWCfg.DLL
C:\Program Files\Ahead\NeroVision\GCLib.DLL
C:\Program Files\Ahead\NeroVision\GDIPainter.dll
C:\Program Files\Ahead\NeroVision\HDCC.dll
C:\Program Files\Ahead\NeroVision\HTMLGallery.dll
C:\Program Files\Ahead\NeroVision\mfc42.dll
C:\Program Files\Ahead\NeroVision\MMTools.dll
C:\Program Files\Ahead\NeroVision\MSVCP60.dll
C:\Program Files\Ahead\NeroVision\msvcrt.dll
C:\Program Files\Ahead\NeroVision\NeAcEnc.dll
C:\Program Files\Ahead\NeroVision\NeAnalyzer.dll
C:\Program Files\Ahead\NeroVision\NeEm2a.dll
C:\Program Files\Ahead\NeroVision\NeMediaOut.dll
C:\Program Files\Ahead\NeroVision\NeroMediaCon.dll
C:\Program Files\Ahead\NeroVision\NeroVisionAPI.dll
C:\Program Files\Ahead\NeroVision\NeVcr.dll
C:\Program Files\Ahead\NeroVision\NeVideoFX.dll
C:\Program Files\Ahead\NeroVision\NeVideoFXW.dll
C:\Program Files\Ahead\NeroVision\SHORTCUT.DLL
C:\Program Files\Ahead\NeroVision\VCDDoc.DLL
C:\Program Files\Ahead\NeroVision\VCDEngine.dll
C:\Program Files\Ahead\NeroVision\VCDUI.DLL
C:\Program Files\Ahead\NeroVision\NeroFiles\cdr100.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\cdr50s.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\CDROM.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\cdu920.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\cr2200cs.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\DVDREALLOC.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\Dws114x.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\gencush.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\Generatr.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\geniso.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\GenUDF.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\image.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\ImageGen.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\ims.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\ISOFS.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\MMC.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeroAPI.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeroErr.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\neroscsi.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeRSDB.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\NeVCDEngine.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\newtrf.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\ro1420c.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\UDFImporter.dll
C:\Program Files\Ahead\NeroVision\NeroFiles\WNASPI32.DLL
C:\Program Files\Ahead\Shared\AudioPlugins\DefConvertor.dll
C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO.dll
C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO_dmo.dll
C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO_hlp.dll
C:\Program Files\Ahead\WMPBurn\NeroBurnPlugin.dll
C:\Program Files\Alcohol Soft\Alcohol 120\alcoholx.dll
C:\Program Files\Alcohol Soft\Alcohol 120\AXShlEx.dll
C:\Program Files\Alcohol Soft\Alcohol 120\DevSupp.dll
C:\Program Files\Alcohol Soft\Alcohol 120\pfctoc.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_BUL.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_CAT.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_Chs.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_Cht.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_CZ.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_DA.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_ES.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_FI.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_FR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_GE.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_GR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_HR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_IT.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_JPN.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_KR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_NL.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PL.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PT.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PT_BR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SK.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SR.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SV.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\ccdmount.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\nrgmount.dll
C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\pdimount.dll
C:\Program Files\ArcSoft\Panorama Maker\EzFile.dll
C:\Program Files\ArcSoft\Panorama Maker\Filefpx.dll
C:\Program Files\ArcSoft\Panorama Maker\FPXLIB.DLL
C:\Program Files\ArcSoft\Panorama Maker\JPEGLIB.DLL
C:\Program Files\ArcSoft\Panorama Maker\PmkRes.dll
C:\Program Files\ArcSoft\Panorama Maker\Res_Dll.dll
C:\Program Files\ArcSoft\Panorama Maker\Stitch30.dll
C:\Program Files\ASUS\ASUS Digital VCR\converter.dll
C:\Program Files\ASUS\SmartDoctor\ASUSRC.dll
C:\Program Files\ASUS\SmartDoctor\EIO.dll
C:\Program Files\ASUS\SmartDoctor\msvcp60.dll
C:\Program Files\ASUS\SmartDoctor\nvapi9x.dll
C:\Program Files\ASUS\SmartDoctor\nvgpio.dll
C:\Program Files\ASUS\SmartDoctor\ResDLL.dll
C:\Program Files\ASUSTek\ASUSDVD XP\ACD_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\AppBarCom.dll
C:\Program Files\ASUSTek\ASUSDVD XP\AppBarCom_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\ATIPDLXX.dll
C:\Program Files\ASUSTek\ASUSDVD XP\clds.dll
C:\Program Files\ASUSTek\ASUSDVD XP\CLInet.dll
C:\Program Files\ASUSTek\ASUSDVD XP\clwo.dll
C:\Program Files\ASUSTek\ASUSDVD XP\DVD_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\HWTest.dll
C:\Program Files\ASUSTek\ASUSDVD XP\msvcp60.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Msvcrt.dll
C:\Program Files\ASUSTek\ASUSDVD XP\OSD_MLang.dll
C:\Program Files\ASUSTek\ASUSDVD XP\pdvdaux.dll
C:\Program Files\ASUSTek\ASUSDVD XP\PwrDVDRC.dll
C:\Program Files\ASUSTek\ASUSDVD XP\PwrDVDV.dll
C:\Program Files\ASUSTek\ASUSDVD XP\pwrdvdvx.dll
C:\Program Files\ASUSTek\ASUSDVD XP\pwrdvdx.dll
C:\Program Files\ASUSTek\ASUSDVD XP\SNX_HID.dll
C:\Program Files\ASUSTek\ASUSDVD XP\UI_RES.dll
C:\Program Files\ASUSTek\ASUSDVD XP\ui_skin.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Crystal\Crystal.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Epiphany\Epiphany.dll
C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Neo\Neo.dll
C:\Program Files\audiograbber\ag12free.dll
C:\Program Files\audiograbber\lame_enc.dll
C:\Program Files\audiograbber\libVorbis.dll
C:\Program Files\audiograbber\WMA8Connect.dll
C:\Program Files\AvantGo Connect\malssp.dll
C:\Program Files\AvantGo Connect\AvantGo\agmal.dll
C:\Program Files\AvantGo Connect\AvantGo\agproxy.dll
C:\Program Files\Borland\Common Files\BDE\bantam.dll
C:\Program Files\Borland\Common Files\BDE\BLW32.DLL
C:\Program Files\Borland\Common Files\BDE\IDAPI32.DLL
C:\Program Files\Borland\Common Files\BDE\IDASCI32.DLL
C:\Program Files\Borland\Common Files\BDE\IDBAT32.DLL
C:\Program Files\Borland\Common Files\BDE\IDDA3532.DLL
C:\Program Files\Borland\Common Files\BDE\IDDAO32.DLL
C:\Program Files\Borland\Common Files\BDE\IDDBAS32.DLL
C:\Program Files\Borland\Common Files\BDE\IDDR32.DLL
C:\Program Files\Borland\Common Files\BDE\IDODBC32.DLL
C:\Program Files\Borland\Common Files\BDE\IDPDX32.DLL
C:\Program Files\Borland\Common Files\BDE\IDPROV32.DLL
C:\Program Files\Borland\Common Files\BDE\IDQBE32.DLL
C:\Program Files\Borland\Common Files\BDE\IDR2000C.DLL
C:\Program Files\Borland\Common Files\BDE\IDSQL32.DLL
C:\Program Files\Caere\OmniPagePro90\CRAM32.DLL
C:\Program Files\Caere\OmniPagePro90\Inetwh16.dll
C:\Program Files\Caere\OmniPagePro90\INETWH32.dll
C:\Program Files\Caere\OmniPagePro90\IQTRAN32.DLL
C:\Program Files\Caere\OmniPagePro90\IQ_COM32.DLL
C:\Program Files\Caere\OmniPagePro90\IQ_UTL32.DLL
C:\Program Files\Caere\OmniPagePro90\ivwres1.dll
C:\Program Files\Caere\OmniPagePro90\metafile.dll
C:\Program Files\Caere\OmniPagePro90\OPHOOK16.DLL
C:\Program Files\Caere\OmniPagePro90\OPHOOK32.dll
C:\Program Files\Caere\OmniPagePro90\OPImgLib.dll
C:\Program Files\Caere\OmniPagePro90\opreg32.dll
C:\Program Files\Caere\OmniPagePro90\opresfrn.dll
C:\Program Files\Caere\OmniPagePro90\opsrc32.dll
C:\Program Files\Caere\OmniPagePro90\opstor32.dll
C:\Program Files\Caere\OmniPagePro90\OPUTIL16.DLL
C:\Program Files\Caere\OmniPagePro90\PAIGE32.DLL
C:\Program Files\Caere\OmniPagePro90\PLINE32.DLL
C:\Program Files\Caere\OmniPagePro90\regcmn32.dll
C:\Program Files\Caere\OmniPagePro90\rgresfrn.dll
C:\Program Files\Caere\OmniPagePro90\rgreslang.dll
C:\Program Files\Caere\OmniPagePro90\SSLIB32.DLL
C:\Program Files\Caere\OmniPagePro90\TABCTL32.DLL
C:\Program Files\Caere\OmniPagePro90\train.dll
C:\Program Files\Caere\OmniPagePro90\WFTP32.DLL
C:\Program Files\Caere\OmniPagePro90\wizard32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\cefpix.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Cfpapi.dll
C:\Program Files\Canon\ScanGear Toolbox CS\cfpJpeg.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Hiffl32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Iffjpg32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Iffpcx32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Ifftif32.dll
C:\Program Files\Canon\ScanGear Toolbox CS\SGTBRES.dll
C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\CEFPIX.DLL
C:\Program Files\Canon\ScanGear Toolbox FAU\Cfpapi.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\cfpJpeg.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Hiffl32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Iffjpg32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Iffpcx32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\Ifftif32.dll
C:\Program Files\Canon\ScanGear Toolbox FAU\SGTBRESF.DLL
C:\Program Files\Canon\ScanGear Toolbox FAU\Uninst.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\formdll.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkeng.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkprops.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkres.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkx.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\vcomctl.dll
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\voicebar.dll
C:\Program Files\Common Files\X10\Common\x10lv.dll
C:\Program Files\Common Files\X10\Common\x10net.dll
C:\Program Files\Common Files\X10\Common\xsetup.dll
C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\NUVTWAIN.DLL
C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\YUV2RGB.DLL
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\appframe.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\audvid.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\cdpath.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\controls.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\datacomp.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\dbinfo.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\DSSMS32R.DLL
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\gio.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lfbmp10N.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\LFCMP10N.DLL
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lffpx10N.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lffpx7.dll
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\LFKODAK.DLL
C:\Program Files\UNWISE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA\instmsiw.exe
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA\setup.exe
C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Illustrator.exe
C:\Program Files\Adobe\Photoshop Elements\PhotoshopElements.exe
C:\Program Files\Ahead\CoverDesigner\CoverDes.exe
C:\Program Files\Ahead\ImageDrive\ImageDrive.exe
C:\Program Files\Ahead\Nero\nero.exe
C:\Program Files\Ahead\Nero\NeroCmd.exe
C:\Program Files\Ahead\Nero\NRESTORE.EXE
C:\Program Files\Ahead\Nero\Uninstall\UNNero.exe
C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
C:\Program Files\Ahead\Nero BackItUp\NBR.exe
C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe
C:\Program Files\Ahead\Nero MediaHome\NMSTranscoder.exe
C:\Program Files\Ahead\Nero PhotoSnap\PhotoSnap.exe
C:\Program Files\Ahead\Nero PhotoSnap\PhotoSnapViewer.exe
C:\Program Files\Ahead\Nero Recode\Recode.exe
C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe
C:\Program Files\Ahead\Nero SoundTrax\SoundTrax.exe
C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Program Files\Ahead\Nero Toolkit\CDSpeed.exe
C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe
C:\Program Files\Ahead\Nero Toolkit\hwinfo.exe
C:\Program Files\Ahead\Nero Toolkit\InfoTool.exe
C:\Program Files\Ahead\Nero Wave Editor\DXEnum.exe
C:\Program Files\Ahead\Nero Wave Editor\WaveEdit.exe
C:\Program Files\Ahead\NeroVision\NeroVision.exe
C:\Program Files\Ahead\WMPBurn\WMPBurn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\Program Files\Alcohol Soft\Alcohol 120\AxCmd.exe
C:\Program Files\ArcSoft\Panorama Maker\pmk3.exe
C:\Program Files\ASUS\ASUS Digital VCR\ASUSDVCR.exe
C:\Program Files\ASUS\ASUS Digital VCR\Schedule.exe
C:\Program Files\ASUS\ASUS Digital VCR\TVSetup_Wizard.exe
C:\Program Files\ASUS\ASUS GameFace\devinstall.exe
C:\Program Files\ASUS\ASUS GameFace\devremove.exe
C:\Program Files\ASUS\ASUS GameFace\GameFace.exe
C:\Program Files\ASUS\SmartDoctor\2DTEST.EXE
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\ASUSTek\ASUSDVD XP\CLDMA.exe
C:\Program Files\ASUSTek\ASUSDVD XP\cltest.exe
C:\Program Files\ASUSTek\ASUSDVD XP\ddtester.exe
C:\Program Files\ASUSTek\ASUSDVD XP\PowerDVD.exe
C:\Program Files\audiograbber\audiograbber.exe
C:\Program Files\audiograbber\lame.exe
C:\Program Files\audiograbber\uninstall.exe
C:\Program Files\AvantGo Connect\malfile.exe
C:\Program Files\AvantGo Connect\AvantGo\agsubs.exe
C:\Program Files\Award\WinFlash\WinFlash.exe
C:\Program Files\Borland\Common Files\BDE\BDEADMIN.EXE
C:\Program Files\Broadcom\DrvInst\bdrvinst.exe
C:\Program Files\Caere\OmniPagePro90\caerereg.exe
C:\Program Files\Caere\OmniPagePro90\ITP32.EXE
C:\Program Files\Caere\OmniPagePro90\omnipage.exe
C:\Program Files\Caere\OmniPagePro90\OP9Deins.exe
C:\Program Files\Caere\OmniPagePro90\OPWARE16.EXE
C:\Program Files\Caere\OmniPagePro90\OPware32.exe
C:\Program Files\Caere\OmniPagePro90\Setbrows.exe
C:\Program Files\Caere\OmniPagePro90\uninstall.exe
C:\Program Files\Canon\ScanGear Toolbox CS\40comupd.exe
C:\Program Files\Canon\ScanGear Toolbox CS\chreg.exe
C:\Program Files\Canon\ScanGear Toolbox CS\SGTBox.exe
C:\Program Files\Canon\ScanGear Toolbox CS\SGTBPBM.exe
C:\Program Files\Canon\ScanGear Toolbox FAU\40comupd.exe
C:\Program Files\Canon\ScanGear Toolbox FAU\CHREG.EXE
C:\Program Files\Canon\ScanGear Toolbox FAU\SGTBoxf.exe
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkform.exe
C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\voicefrm.exe
C:\Program Files\Common Files\X10\Common\rundll32.exe
C:\Program Files\Common Files\X10\Common\x10.exe
C:\Program Files\Common Files\X10\Common\X10nets.exe
C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\DSSAGENT.EXE
C:\Program Files\ASUSTek\ASUSDVD XP\clpciid.sys
C:\Program Files\Broadcom\DrvInst\b57w2k.sys
C:\Program Files\Broadcom\DrvInst\b57xp32.sys
C:\Program Files\Common Files\X10\Common\x10prod.sys
C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\NUVISION.SYS
C:\Program Files\Common Files\X10\DriverInstall\VA11A Video Capture\CA506AA.Sys
C:\Program Files\Common Files\X10\DriverInstall\VA11A Video Capture\CA506AV.Sys
C:\Program Files\Common Files\X10\DriverInstall\Wireless Transceivers\X10uif.Sys
C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Program Files\ArcSoft\Panorama Maker\ui\bottom1.tmp
C:\Program Files\ArcSoft\Panorama Maker\ui\bottom2.tmp
C:\Program Files\ArcSoft\Panorama Maker\ui\pmviewer.tmp

Add/Remove Programs List:

a-squared Free 2.1
Adobe Photoshop CS2
Adobe Photoshop Elements
Adobe SVG Viewer 3.0
ASUS Digital VCR
ASUS Display Drivers
ASUS Display Drivers
avast! Antivirus
AVG Anti-Spyware 7.5
BetaPlayer
Canon ScanGear Toolbox CS 2.5
Canon ScanGear Toolbox FAU 2.5
Canon-SE TWAIN
Capture NX
Cariboost Free Edition v1
CCleaner (remove only)
cTide (remove only)
DirectUpdate
DivX 5.0.2 Pro Bundle
DivXG400
DVD Audio Extractor 4.2.0
eMule
FileZilla (remove only)
Microsoft Flight Simulator 2004 Un siŠcle d'aviation
Free - Kit de connexion
Fugawi 3.0.3 Update
GpsGate
GXTranscoder
HijackThis 1.99.1
hp print screen utility
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Img2Ozf Version 2
Label Maker Plus 2.1
ASUS SmartDoctor
MainConcept MainActor v5.2
ASUS GameFace
MapSource - Trip & Waypoint Manager v2
MainConcept DV Codec
Broadcom Gigabit Integrated Controller
PPC 2003 - MSN (R) Messenger Update
IrfanView (remove only)
K!TV
Kaspersky On-line Scanner
Kaspersky Online Scanner
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885884
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893066
Correctif Windows XP - KB893086
KC Softwares VideoInspector
Macromedia Shockwave Player
Magic Function
MapSource
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Monitor Calibration Wizard 1.0
Monkey's Audio
MouseRemote (TM)
Mozilla Firefox (2.0.0.1)
Microsoft Compression Client Pack 1.0 for Windows XP
Nero 6 Ultra Edition
NeroVision Express 3
Microsoft National Language Support Downlevel APIs
NVIDIA Drivers
Nvu 1.0
OmniPage Pro 9.0
Orb
OziExplorer 3.95
PDAwin TV remote controller
PhotoFiltre
PICVideo Codecs
Pinnacle MPEG Realtime Codec
QuickPar 0.9
QuickTime
Rippack v3 beta 16.1
Adobe Flash Player 9 ActiveX
Skype with Doro225
Skype 2.5
Spybot - Search & Destroy 1.4
Windows Genuine Advantage Validation Tool
Lecteur Windows Mediaÿ11
Windows XP Service Pack 2
WinFlash
WinRAR Archiveur
WinZip
Microsoft User-Mode Driver Framework Feature Pack 1.0
X10 Hardware(TM)
PDFCreator
Microsoft Office 2000 CD-ROMÿ2
Windows Movie Maker 2 Winter Fun Pack
ASUS SmartDoctor
HP Software Update
AutoUpdate
Microsoft AutoRoute
ArcSoft Panorama Maker 3.0
Grand Atlas Routier et Touristique de France
Memory-Map Navigator
MovieShaker 3.1 pour MICROMV
MainConcept MainActor v5.2
NikonCapture
Adobe Photoshop CS2
Macromedia Flash 8
Logitech SetPoint
J2SE Runtime Environment 5.0 Update 9
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
Macromedia Extension Manager
Google Earth
Microsoft SQL Server 2005 Mobile Edition Device SDK
Visionneuse Journal Windows Microsoft
IGN Rando
Kasuei Hitchhiker
Windows Movie Maker 2.0
SAGEM F@st 800-908
Theme Generator V2
XPC 802.11b+g Wireless Kit
MapSource
ASUS GameFace
Microsoft .NET Compact Framework 2.0 SP1
Adobe Illustrator 10 Evaluation
Neodivx
ASUSDVD XP
HP Photosmart Essential
Symantec Network Driver Update
Microsoft .NET Framework 2.0
Java 2 Runtime Environment, SE v1.4.2_04
Adobe Stock Photos 1.0
Microsoft .NET Compact Framework 1.0 SP3
DivX
Caere Scan Manager 5.1
MediaPortal
Macromedia Flash Player 8
Namo WebUtilities
Macromedia Flash 8 Video Encoder
Adobe Common File Installer
Adobe Help Center 2.0
Logitech Desktop Messenger
Microsoft Office XP Professional avec FrontPage
Macromedia Flash Player 8 Plugin
ACDSee 9 Gestionnaire de photos
Logitech IM Video Companion
Microsoft .NET Framework 1.1 French Language Pack
MapSource - Trip & Waypoint Manager v2
MainConcept DV Codec
Nikon View 6
Adobe Reader 7.0.8 - Fran‡ais
NVIDIA WDM Drivers
Microsoft ActiveSync 4.0
Adobe Bridge 1.0
BlueSoleil
Broadcom Gigabit Integrated Controller
Microsoft .NET Framework 1.1
Adobe Lightroom
GpsViewer
PPC 2003 - MSN (R) Messenger Update
Nikon Message Center
MapSource - European Roads and Recreation v4.00
h5400_h5500 WLAN Driver 133_Fra
Micrografx Designer 9.0
Alcohol 120%
COSMOPOLITAN Virtual Lookÿ3
la version d'‚valuation de Namo WebEdiotor 6
USB Mass Storage Reader
Windows Live Messenger
Realtek AC'97 Audio
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP

Finished

VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Anvshell"="anvshell.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"LiveNote"="livenote.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb05.exe"
"LVCOMS"="C:\\Program Files\\Fichiers communs\\Logitech\\QCDriver2\\LVCOMS.EXE"
"Versato"="C:\\PROGRA~1\\MAGICF~1\\MulMouse.exe"
"SoundMan"="SOUNDMAN.EXE"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"DUControl"="C:\\PROGRA~1\\DIRECT~1\\DUControl.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"KernelFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,6b,\
00,00,00
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
"syswin"="C:\\WINDOWS\\system32\\v6.exe"
"hrsoenf.dll"="C:\\WINDOWS\\system32\\rundll32.exe \"C:\\Documents and Settings\\philippe gaches\\Local Settings\\Application Data\\hrsoenf.dll\",wonzzg"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"2chkdsk"="rundll32.exe \"C:\\WINDOWS\\system32\\ltfyqvvp.dll\",setvm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

Logfile of HijackThis v1.99.1
Scan saved at 12:02:49, on 08/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
G:\antivirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winits32 - winits32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Merci encore pour votre aide.
A+
philippe

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:18:33 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ihhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkhhi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\sffcbodx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\ututv.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\vtutu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:28:54 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Has been deleted!

Performing Repairs to the registry.
Done!

Ajouter un commentaire

Réponse

Chercheurbis 261Messages postés 13 août 2005Date d'inscription 8 mars 2007 à 15:42

Bonjour

Encore du ménage à faire.

[*]Double-clique VundoFix.exe afin de le lancer.
[***]Ne clique pas sur "Scan for Vundo"
[*]Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
[*]Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

C:\WINDOWS\system32\sokubdi.dll

[*]Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll

[*]Copie/colle le chemin du fichier suivant dans la troisième case (en bas):

C:\WINDOWS\system32\ltfyqvvp.dll

[*]Clique sur le bouton "Add File(s)"
[*]Clique sur le bouton "Close Window".
[*]Clique à nouveau sur "Remove Vundo"
[*]Une invite te demandera si tu veux supprimer les fichiers, clique YES
[*]Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
[*]Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

[*]Démarre ton PC à nouveau.

[*]Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse.

Ajouter un commentaire

Réponse

forcepas 10Messages postés 14 novembre 2006Date d'inscription 8 mars 2007 à 21:00

Bonjour
J'y vais patron....Merci encore, voici les résultats.

VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:18:33 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\ihhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\jkhhi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sffcbodx.dll
C:\WINDOWS\system32\sffcbodx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\ututv.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\vtutu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.3.15

Checking Java version...

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 11:28:54 08/03/2007

Listing files found while scanning....

C:\WINDOWS\system32\yaywvvw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
C:\WINDOWS\system32\yaywvvw.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ltfyqvvp.dll
C:\WINDOWS\system32\ltfyqvvp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sokubdi.dll
C:\WINDOWS\system32\sokubdi.dll Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 21:07:46, on 08/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
G:\antivirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winits32 - winits32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

A+
Philippe

Ajouter un commentaire

Réponse

Chercheurbis 261Messages postés 13 août 2005Date d'inscription 8 mars 2007 à 23:15

Re

$$ Télécharge la dernière version de Killbox -> http://www.downloads.subratam.org/KillBox.zip
Place le programme dans le répertoire qui te plaît.

$$ redémarre l'ordinateur en mode sans échec

$$ Relance un scan HijackThis</gras> et coche les lignes ci-dessous :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O20 - Winlogon Notify: winits32 - winits32.dll (file missing)

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

$$ Lance Pocket Killbox
--- choisis l'option Delete on Reboot
--- copie la liste ci-dessous, des fichiers à supprimer (Ctrl-C) et File / Paste from Clipboard

C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll
C:\WINDOWS\system32\ltfyqvvp.dll

* les boutons "Single File" et "All Files" deviennent actifs mais "Single File" est activé par défaut.
Il faut alors impérativement activer (cliquer sur) "All Files", impérativement, sinon seul le premier de la liste sera supprimé.
--- vérifie que tous les fichiers sont enregistrés, par la liste déroulante "Full Path of File to Delete"
--- coche "Unregister .dll Before Deleting".
--- clique sur la croix blanche sur fond rouge (Delete File) :

- "File will be Removed on Reboot, Do you want to reboot now?", réponds OUI si tu es prêt à procéder

Si Pocket KillBox ne fait pas redémarrer le PC, redémarre le toi même.

Poste un nouveau Hjackthis.

Ajouter un commentaire

Réponse

forcepas 10Messages postés 14 novembre 2006Date d'inscription 9 mars 2007 à 07:30

Bonjour
voici le dernier log Hijack (enfin j'espère !). En tout cas j'ai retrouvé des temps de boot satisfaisants !
MERCI,
A+
Philippe
Logfile of HijackThis v1.99.1
Scan saved at 07:25:47, on 09/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Ajouter un commentaire

Réponse

Chercheurbis 261Messages postés 13 août 2005Date d'inscription 9 mars 2007 à 18:26

Bonjour

Hijackthis est propre.

Fais une analyse antivirus en ligne sur Kaspersky
http://webscanner.kaspersky.fr/
Sélectionne le poste de travail comme analyse.
Colle son rapport ici.

Ajouter un commentaire

Réponse

forcepas 10Messages postés 14 novembre 2006Date d'inscription 10 mars 2007 à 07:29

Bonjour,
voici le rapport kaspersky demandé. Pour l'instant je n'ai pas demandé le nettoyage. Il me semble qu'un certain nombre de détections est lié aux objets que j'ai retiré en suivant tes indications qui restent dans le PC dans des répertoires de sauvegarde générés par l'utilitaire ? Ensuite de quelle nature sont ces fichiers verrouillés ?
Merci pour l'analyse
A+
Philippe

Statistiques de l'analyse
Total d'objets analysés 136656
Nombre de virus trouvés 7
Nombre d'objets infectés 13 / 0
Nombre d'objets suspects 2
Durée de l'analyse 03:01:45

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip/actalert.exe Suspect : Password-protected-EXE ignoré

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip ZIP: suspect - 1 ignoré

C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\$_hpcst$.hpc L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\call256.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\callmember256.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\chat512.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\chatmsg256.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\chatmsg512.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\contactgroup256.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\index2.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\message1024.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\message256.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\profile4096.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\user1024.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\user16384.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\user4096.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Application Data\Skype\forcepas\voicemail256.dbb L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Outlook\archive.pst/Dossiers d'archivage/Éléments supprimés/10 Oct 2005 14:33 from eBay Inc:[Norton AntiSpam] EBAY INC: SPEC.rtf Infecté : Trojan-Spy.HTML.Bayfraud.hn ignoré

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Outlook\archive.pst Mail MS Mail: infecté - 1 ignoré

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Historique\History.IE5\MSHist012007030920070310\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Temp\WCESLog.log L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\pg\Mes documents\emule\TT\crack.exe Infecté : Trojan.Win32.Agent.qt ignoré

C:\Documents and Settings\pg\Mes documents\emule\TT.rar/keygen.exe Infecté : Trojan-Downloader.Win32.Agent.bfx ignoré

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar/crack.exe Infecté : Trojan.Win32.Agent.qt ignoré

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar RAR: infecté - 2 ignoré

C:\Documents and Settings\pg\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\pg\NTUSER.DAT.LOG L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chandir.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chandir.idx L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chn.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chn.idx L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\D0000000.FCS L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\inuse.txt L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\L0000004.FCS L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\main.log L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs.idx L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_die.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_die.idx L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_dnd.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_dnd.idx L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_ext.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_ext.idx L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_rcv.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_rcv.idx L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\storydb.dat L'objet est verrouillé ignoré

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\storydb.idx L'objet est verrouillé ignoré

C:\SDFix\backups\backups.zip/backups/rpcc.dll Infecté : Trojan-Proxy.Win32.Dlena.cb ignoré

C:\SDFix\backups\backups.zip ZIP: infecté - 1 ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256647.dll Infecté : Trojan.Win32.Agent.qt ignoré

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256674.exe Infecté : Trojan-Proxy.Win32.Horst.gen ignoré

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\A0256772.dll Infecté : Trojan.Win32.BHO.g ignoré

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\A0256807.dll Infecté : Trojan-Proxy.Win32.Dlena.cb ignoré

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\change.log L'objet est verrouillé ignoré

C:\VundoFix Backups\sffcbodx.dll.bad Infecté : Trojan.Win32.BHO.g ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\Temp\Perflib_Perfdata_15c.dat L'objet est verrouillé ignoré

C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.

Ajouter un commentaire

Réponse

Chercheurbis 261Messages postés 13 août 2005Date d'inscription 10 mars 2007 à 21:52

Bonjour

1 Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

2 Clique sur Démarrer
Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Cocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

3 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Documents and Settings\pg\Mes documents\emule\TT
C:\Documents and Settings\pg\Mes documents\emule\TT.rar
C:\Documents and Settings\pg\Mes documents\emule\TT1.rar
C:\SDFix
C:\VundoFix Backups

4 Lance le nettoyage avec CCleaner

5 Redémarre normalement

6 Clique sur Démarrer
Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Décocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

As tu encore des dysfonctionnements ?

Ajouter un commentaire

Réponse

forcepas 10Messages postés 14 novembre 2006Date d'inscription 11 mars 2007 à 07:59

Bonjour,
j'ai effectué les dernières manip ce matin. Mais déjà hier, j'ai constaté un fonctionnement normal du PC avec des temps de boot honorables. La bête est convalescente....à surveiller n'est ce pas !

J'ai l'impression que tout va bien maintenant. Si tel est, aussi, ton sentiment, je ferai un résumé de la solution....Il sera un peu long !

MERCI ENCORE

Cordialement
Philippe

Ajouter un commentaire

Réponse

Chercheurbis 261Messages postés 13 août 2005Date d'inscription 11 mars 2007 à 22:14

Bonjour

Supprime DiagHelp, Vundofix, SDFix, BFU et Killbox.

La bête est convalecente, c'est surtout à toi de faire attention maintenant

C:\Documents and Settings\pg\Mes documents\emule\TT\crack.exe Infecté : Trojan.Win32.Agent.qt ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT.rar/keygen.exe Infecté : Trojan-Downloader.Win32.Agent.bfx ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar/crack.exe Infecté : Trojan.Win32.Agent.qt ignoré 

C:\Documents and Settings\pg\Mes documents\emule\TT1.rar RAR: infecté - 2 ignoré

Ajouter un commentaire

Réponse

forcepas 10Messages postés 14 novembre 2006Date d'inscription 14 mars 2007 à 14:28

Bonjour,
Tout d'abord un grand merci à Chercheurbis qui m'a complétement pris en charge pendant le nettoyage de mon PC.
En ce qui concerne la recette à appliquer, elle peut se résumer en l'achat d'un antivirus digne de ce nom. Avast n'a pas suffi à me couvrir pendant cette attaque.
En dehors de cela, chaque cas est particulier, mais il faut avoir le reflexe de venir avec un rapport hijackthis avant de poster ici.
Ensuite les choses sont plus faciles pour les experts du forum.
Il faut suivre leurs conseils à la lettre pour ne pas interférer avec leurs actions.
Cordialement
Philippe

Ajouter un commentaire

Répondre au sujet

Posez votre question

Dossier à la une

Passage au tout numérique : quel coût pour les particuliers ?

Passage au tout numérique : quel coût pour les particuliers ?

Combien cela coûte-t-il au total ? Quelles aides apportent l'état et les acteurs du marché pour alléger cette charge non choisie ? Tous les détails sur Commentçamarche.net.

Infection virus, log fournis [Résolu]

Infection virus, log fournis »

Passage au tout numérique : quel coût pour les particuliers ?