Ordi assez lent analyse scan hijackthis

Bonjour,

tu es bien infecté.

Fixe les lignes:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {E2E32BF3-D539-423B-8F8B-85538397870C} - C:\Program Files\MSN Gaming Zone\mefotyjyd.dll (file missing)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfinderusa.dll
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKCU\..\Run: [DriveLog] C:\DOCUME~1\ENCASD~1\APPLIC~1\BIASVC~1\Long Play.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O20 - Winlogon Notify: DateTime - C:\WINDOWS\system32\mvr4l99q1.dll (file missing)
O20 - Winlogon Notify: winhoo32 - C:\WINDOWS\SYSTEM32\winhoo32.dll
O20 - Winlogon Notify: wvuvsqq - C:\WINDOWS\SYSTEM32\wvuvsqq.dll

Fais un scan en ligne BitDefender à partir d'IE: http://www.bitdefender.com/scan8/

Je me renseigne sur les démarches à suivre.

je te donne ce que le scann a donnée?

dans 22min

zut merde@
Un des probleme de l'ordi es survenue sa a fermer les page internet explorer et maintenant faut attendre encore pour un moment
J'ai le temps de faire une game de hockey

sa donne sa
Statistics

Time
01:08:20

Files
234154

Folders
6681

Boot Sectors
2

Archives
9601

Packed Files
12410




Results

Identified Viruses
36

Infected Files
89

Suspect Files
9

Warnings
0

Disinfected
0

Deleted Files
101




Engines Info

Virus Definitions
884600

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\en cas de probelme\Application Data\WinTouch\WTUninstaller.exe
Infected with: Trojan.Downloader.Agent.BUO

C:\Documents and Settings\en cas de probelme\Application Data\WinTouch\WTUninstaller.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Application Data\WinTouch\WTUninstaller.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0005
Suspected of: Spyware.Ardamax.27

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0005
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0005
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0009
Infected with: Trojan.Dropper.Agent.BCW

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0009
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0009
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\Ardamax2.7_www.downlivre.blogspot.com.zip=>install_Ardamax Keylogger 2.7.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\Keygen.zip=>Keygen.exe
Infected with: Backdoor.Ciadoor.OC

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\Keygen.zip=>Keygen.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\Keygen.zip=>Keygen.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\Keygen.zip
Updated

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Infected with: Generic.Ardamax.E9808223

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Infected with: Trojan.Rootkit.Hide.B

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Infected with: Trojan.Spy.Agent.OL

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Infected with: Trojan.Spy.Ardamax.B

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe=>(Sfx File)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Ardamax_with_Crack.rar=>Ardamax with Crack\setup_akl.exe
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpk.exe
Infected with: Generic.Keylogger.392D2A35

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpk.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpk.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkun.exe
Infected with: Generic.Perfloger.769934F5

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkun.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkun.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkvw.exe
Infected with: Generic.Perfloger.4DA74D2B

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkvw.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkvw.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>Setup.exe
Infected with: Generic.Perfloger.098C2A32

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>Setup.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>Setup.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkhk.dll
Infected with: Generic.Perfloger.F820D235

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkhk.dll
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkhk.dll
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpki.dll
Infected with: Trojan.Peflog.30

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpki.dll
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpki.dll
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkwb.dll
Infected with: Generic.Perfloger.95DBD4B7

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkwb.dll
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkwb.dll
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkr.exe
Infected with: Trojan.Spy.Perfloger.AB

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkr.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>bpkr.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>inst.bin
Infected with: Trojan.Perflog.Mod.RAR

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>inst.bin
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)=>inst.bin
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\i_bpk2007.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0005
Infected with: Trojan.Keylog.Ardamax.NAH

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0005
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0005
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0006
Infected with: Trojan.Keylog.Ardamax.NAH

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0006
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0006
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0007
Infected with: Trojan.Keylog.Ardamax.NAH

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0007
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0007
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0008
Infected with: Trojan.Keylog.Ardamax.NAJ

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0008
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0008
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0009
Infected with: Trojan.Keylog.Ardamax.NAI

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0009
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0009
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0010
Infected with: Trojan.Keylog.Ardamax.NAH

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0010
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)=>lzma_solid_nsis0010
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\setup_akl.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)=>patch.exe
Infected with: Trojan.Mezzia.CY

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)=>patch.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)=>patch.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)=>crack.exe
Infected with: Trojan.Downloader.LoadAdv.XXA

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)=>crack.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)=>crack.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_doctor_V3_3.0_serial_number.txt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)=>patch.exe
Infected with: Trojan.Mezzia.CY

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)=>patch.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)=>patch.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)=>crack.exe
Infected with: Trojan.Downloader.LoadAdv.XXA

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)=>crack.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)=>crack.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\leroi\Spyware_Doctor_v3_serial_number.txt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lolhk.dll=>(Quarantine-PE)
Infected with: Generic.Perfloger.F820D235

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lolhk.dll=>(Quarantine-PE)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lolhk.dll=>(Quarantine-PE)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lolwb.dll=>(Quarantine-PE)
Infected with: Generic.Perfloger.95DBD4B7

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lolwb.dll=>(Quarantine-PE)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lolwb.dll=>(Quarantine-PE)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lol.exe=>(Quarantine-PE)
Infected with: Generic.Keylogger.392D2A35

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lol.exe=>(Quarantine-PE)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>lol.exe=>(Quarantine-PE)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>rinst.exe
Infected with: Trojan.Spy.Perfloger.AB

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>rinst.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)=>rinst.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\mes photos pour le gloire.Zip=>inst_svt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0005
Suspected of: Spyware.Ardamax.27

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0005
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0005
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0009
Infected with: Trojan.Dropper.Agent.BCW

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0009
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)=>lzma_solid_nsis0009
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\Ardamax2.7_www.downlivre.blogspot.com\install_Ardamax Keylogger 2.7.exe=>(NSIS o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lolhk.dll=>(Quarantine-PE)
Infected with: Generic.Perfloger.F820D235

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lolhk.dll=>(Quarantine-PE)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lolhk.dll=>(Quarantine-PE)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lolwb.dll=>(Quarantine-PE)
Infected with: Generic.Perfloger.95DBD4B7

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lolwb.dll=>(Quarantine-PE)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lolwb.dll=>(Quarantine-PE)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lol.exe=>(Quarantine-PE)
Infected with: Generic.Keylogger.392D2A35

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lol.exe=>(Quarantine-PE)
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>lol.exe=>(Quarantine-PE)
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)
Update failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>rinst.exe
Infected with: Trojan.Spy.Perfloger.AB

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>rinst.exe
Disinfection failed

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)=>rinst.exe
Deleted

C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\mes photos pour le gloire\inst_svt.exe=>(RAR Sfx o)
Update failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178775.exe
Infected with: Trojan.Keylog.Ardamax.NAF

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178775.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178775.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178784.exe
Suspected of: BehavesLike:Win32.Malware

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178784.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178784.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178785.exe
Infected with: Trojan.Vundo.DSF

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178785.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP544\A0178785.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0179790.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0179790.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0179790.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0179801.dll
Infected with: Trojan.Vundo.DSF

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0179801.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0179801.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0180832.exe
Infected with: Trojan.Downloader.Agent.YWO

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0180832.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181813.exe
Suspected of: BehavesLike:Win32.Malware

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181813.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181813.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181815.exe
Suspected of: BehavesLike:Win32.Malware

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181815.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181815.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181816.exe
Infected with: Trojan.Downloader.Agent.YXR

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181816.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0181816.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0183808.exe
Infected with: Trojan.Downloader.Agent.YXR

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0183808.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP545\A0183808.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP547\A0184837.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP547\A0184837.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP547\A0184837.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185847.exe
Infected with: Trojan.Downloader.Agent.YXR

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185847.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185847.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185860.exe
Infected with: Trojan.Agent.AFSZ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185860.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185860.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185862.exe
Infected with: Trojan.Keylog.Ardamax.NAH

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185862.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP548\A0185862.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP549\A0186837.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP549\A0186837.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP549\A0186837.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP549\A0189837.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP549\A0189837.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP549\A0189837.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190327.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190327.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190327.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190367.exe
Infected with: Trojan.Downloader.Agent.YXR

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190367.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190367.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190373.dll
Infected with: MemScan:Trojan.Mezzia.XC

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP553\A0190373.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190390.exe
Suspected of: BehavesLike:Win32.Malware

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190390.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190390.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190395.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190395.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190395.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190403.exe
Infected with: Trojan.Downloader.Agent.YXR

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190403.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190403.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190411.exe
Infected with: Trojan.Agent.AFSZ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190411.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190411.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190413.exe
Infected with: Trojan.Keylog.Ardamax.NAH

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190413.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190413.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190427.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190427.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP554\A0190427.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP555\A0190929.exe
Infected with: Trojan.Generic.73311

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP555\A0190929.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP555\A0190929.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP555\A0190936.exe
Infected with: Trojan.Downloader.Purityscan.EN

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP555\A0190936.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP555\A0190936.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191327.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191327.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191327.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191429.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191429.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191429.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191430.dll
Infected with: Trojan.Vundo.DRQ

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191430.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191430.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191439.exe
Infected with: Trojan.Downloader.Agent.BUO

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191439.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191439.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191441.exe
Infected with: Generic.Keylogger.392D2A35

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191441.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191441.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191442.dll
Infected with: Generic.Perfloger.F820D235

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191442.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191442.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191443.dll
Infected with: Trojan.Peflog.30

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191443.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191443.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191444.exe
Infected with: Generic.Perfloger.769934F5

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191444.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191444.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191445.exe
Infected with: Generic.Perfloger.4DA74D2B

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191445.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191445.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191446.dll
Infected with: Generic.Perfloger.95DBD4B7

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191446.dll
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191446.dll
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191447.config
Suspected of: Trojan.Downloader.MSIL.B

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191447.config
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191447.config
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191448.exe
Infected with: Trojan.Keylog.Ardamax.NAH

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191448.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191448.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191449.exe
Infected with: Trojan.Generic.78149

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191449.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191449.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191450.exe
Suspected of: BehavesLike:Win32.Malware

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191450.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191450.exe
Deleted

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191451.exe
Detected with: Application.PWCrack.Brutus.A

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191451.exe
Disinfection failed

C:\System Volume Information\_restore{A6AB8BA9-9C3E-426A-BD2C-2365A869643C}\RP557\A0191451.exe
Deleted

C:\WINDOWS\28463\VWLP.006
Infected with: Trojan.Keylog.Ardamax.NAF

C:\WINDOWS\28463\VWLP.006
Disinfection failed

C:\WINDOWS\28463\VWLP.006
Deleted

C:\WINDOWS\b138.exe
Infected with: Trojan.Downloader.Agent.BHU

C:\WINDOWS\b138.exe
Disinfection failed

C:\WINDOWS\b138.exe
Deleted

C:\WINDOWS\csrss.exe
Infected with: Trojan.Agent.AGAP

C:\WINDOWS\csrss.exe
Disinfection failed

C:\WINDOWS\csrss.exe
Deleted

C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip=>Crack.exe
Infected with: Trojan.Agent.AFSZ

C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip=>Crack.exe
Disinfection failed

C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip=>Crack.exe
Deleted

C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip
Updated

C:\WINDOWS\Fonts\a.zip=>Crack.exe
Infected with: Trojan.Agent.AFSZ

C:\WINDOWS\Fonts\a.zip=>Crack.exe
Disinfection failed

C:\WINDOWS\Fonts\a.zip=>Crack.exe
Deleted

C:\WINDOWS\Fonts\a.zip
Updated

C:\WINDOWS\Fonts\Crack.exe
Infected with: Trojan.Agent.AFSZ

C:\WINDOWS\Fonts\Crack.exe
Disinfection failed

C:\WINDOWS\Fonts\Crack.exe
Deleted

C:\WINDOWS\Fonts\svchost.exe~
Infected with: Trojan.Agent.AFSZ

C:\WINDOWS\Fonts\svchost.exe~
Disinfection failed

C:\WINDOWS\Fonts\svchost.exe~
Deleted

C:\WINDOWS\mrofinu1188.exe
Infected with: Trojan.Downloader.Agent.YXR

C:\WINDOWS\mrofinu1188.exe
Disinfection failed

C:\WINDOWS\mrofinu1188.exe
Deleted

C:\WINDOWS\mrofinu1188.exe.tmp
Infected with: Trojan.Downloader.Agent.YXR

C:\WINDOWS\mrofinu1188.exe.tmp
Disinfection failed

C:\WINDOWS\mrofinu1188.exe.tmp
Deleted

C:\WINDOWS\system32\byxvsqr.dll
Infected with: Trojan.Vundo.DSF

C:\WINDOWS\system32\byxvsqr.dll
Disinfection failed

C:\WINDOWS\system32\byxvsqr.dll
Deleted

C:\WINDOWS\system32\fyjobgjp.dll
Infected with: Trojan.Vundo.DRQ

C:\WINDOWS\system32\fyjobgjp.dll
Disinfection failed

C:\WINDOWS\system32\fyjobgjp.dll
Delete failed

C:\WINDOWS\system32\iiffdcb.dll
Infected with: Trojan.Vundo.DSF

C:\WINDOWS\system32\iiffdcb.dll
Disinfection failed

C:\WINDOWS\system32\iiffdcb.dll
Deleted

C:\WINDOWS\system32\pmnllki.dll
Infected with: Trojan.Vundo.DSF

C:\WINDOWS\system32\pmnllki.dll
Disinfection failed

C:\WINDOWS\system32\pmnllki.dll
Deleted

C:\WINDOWS\system32\setup.exe.tmp
Infected with: Trojan.Downloader.Vb.ABH

C:\WINDOWS\system32\setup.exe.tmp
Disinfection failed

C:\WINDOWS\system32\setup.exe.tmp
Deleted

C:\WINDOWS\system32\Sys32\YTBS.exe
Suspected of: Spyware.Ardamax.27

C:\WINDOWS\system32\Sys32\YTBS.exe
Disinfection failed

C:\WINDOWS\system32\Sys32\YTBS.exe
Deleted

C:\WINDOWS\system32\thhdcucs.dll
Infected with: Trojan.Vundo.DRQ

C:\WINDOWS\system32\thhdcucs.dll
Disinfection failed

C:\WINDOWS\system32\thhdcucs.dll
Deleted

C:\WINDOWS\system32\winhoo32.dll
Infected with: MemScan:Trojan.Mezzia.XC

C:\WINDOWS\system32\winhoo32.dll
Disinfection failed

C:\WINDOWS\system32\winhoo32.dll
Delete failed

C:\WINDOWS\system32\wvuvsqq.dll
Infected with: Trojan.Vundo.DSF

C:\WINDOWS\system32\wvuvsqq.dll
Disinfection failed

C:\WINDOWS\system32\wvuvsqq.dll
Delete failed

C:\WINDOWS\uninstall_nmon.vbs
Infected with: Trojan.Small.WY

C:\WINDOWS\uninstall_nmon.vbs
Disinfection failed

C:\WINDOWS\uninstall_nmon.vbs
Deleted

Bonjour Cyril

BitDefender on line a fait du ménage, mais je ne pense pas qu'il suffira pour détruire Vundo / Coonhook qui sont sur ton PC :

Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redémarreras en mode sans échec)
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) Télécharge

* Combofix.exe de sUBs sur ton Bureau

--> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

N'y touche pas pour le moment.

* VundoFix.exe par Atribune --> http://www.atribune.org/content/view/24/2/ sur ton Bureau.

2) VundoFix.exe par Atribune

* Double-clique sur VundoFix.exe afin de le lancer
* Clique sur le bouton Scan for Vundo
* Lorsque le scan est terminé, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique sur OK

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

3) Combofix.exe de sUBs

Déconnecte toi du net et désactive ton antivirus pour que Combofix puisse s'exécuter normalement

Double clique sur Combofix.exe
Mets le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan
Lorsque le scan sera terminé, un rapport apparaîtra.

4) Rapports :

Poste en réponse :

* Le rapport VundoFix situé dans C:\vundofix.txt
* Le rapport de ComboFix qui se se trouve là : C:\Combofix.txt+
* Un nouveau rapport HijackThis.

@ suivre

ouais arreter de vous battre mais j'utilisent la methode a qui?

bonsoir c'est regle ! lol suis post 7 mes amities

ma tenter celui du sioux
DSL on a pa le memefuseau horair moi chui du quebec je supose que vous etes de france

oui , tout a fait !

quand c'est finit mon net fonctionnera?

bon je fait l truck a sioux a toute

1Raport vundovix
VundoFix V6.7.7

Checking Java version...

Scan started at 13:05:22 29/12/2007

Listing files found while scanning....

C:\WINDOWS\system32\dfhkj.ini
C:\WINDOWS\system32\dfhkj.ini2
C:\WINDOWS\system32\dkqvwdxq.dll
C:\WINDOWS\system32\fccndhun.dll
C:\WINDOWS\system32\fyjobgjp.dll
C:\WINDOWS\system32\jkhfd.dll
C:\WINDOWS\system32\kfxqfbsq.dll
C:\WINDOWS\system32\mljhgdd.dll
C:\WINDOWS\system32\nuhdnccf.ini
C:\WINDOWS\system32\pjgbojyf.ini
C:\WINDOWS\system32\qxdwvqkd.ini
C:\WINDOWS\system32\ssqonkh.dll
C:\WINDOWS\system32\winhoo32.dll
C:\WINDOWS\system32\wvuvsqq.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\dfhkj.ini
C:\WINDOWS\system32\dfhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.ini2
C:\WINDOWS\system32\dfhkj.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dkqvwdxq.dll
C:\WINDOWS\system32\dkqvwdxq.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\fccndhun.dll
C:\WINDOWS\system32\fccndhun.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\fyjobgjp.dll
C:\WINDOWS\system32\fyjobgjp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhfd.dll
C:\WINDOWS\system32\jkhfd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kfxqfbsq.dll
C:\WINDOWS\system32\kfxqfbsq.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\mljhgdd.dll
C:\WINDOWS\system32\mljhgdd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nuhdnccf.ini
C:\WINDOWS\system32\nuhdnccf.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pjgbojyf.ini
C:\WINDOWS\system32\pjgbojyf.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\qxdwvqkd.ini
C:\WINDOWS\system32\qxdwvqkd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqonkh.dll
C:\WINDOWS\system32\ssqonkh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\winhoo32.dll
C:\WINDOWS\system32\winhoo32.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wvuvsqq.dll
C:\WINDOWS\system32\wvuvsqq.dll Could not be deleted.

Performing Repairs to the registry.
Done!




2raport combo
ComboFix 07-12-21.4 - en cas de probelme 2007-12-29 15:19:50.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.70 [GMT -5:00]Running from: C:\Documents and Settings\en cas de probelme\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\en cas de probelme\Application Data\macromedia\Flash Player\#SharedObjects\PUC6RM77\www.broadcaster.com
C:\Documents and Settings\en cas de probelme\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\en cas de probelme\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\en cas de probelme\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\en cas de probelme\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\en cas de probelme\Application Data\WinTouch\WTUninstaller.exe
C:\Documents and Settings\en cas de probelme\Mes documents\ECURIT~1
C:\Documents and Settings\en cas de probelme\ravmonlog
C:\Documents and Settings\Invité\ravmonlog
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Program Files\dns
C:\Program Files\dns\affid.dat
C:\Program Files\dns\uid.dat
C:\Program Files\dns\urls.dat
C:\Program Files\dns\version.txt
C:\Program Files\dns\x.bmp
C:\Program Files\Fichiers communs\inetget
C:\Program Files\Fichiers communs\microsoft shared\web folders\ibm00001.dll
C:\Program Files\Fichiers communs\microsoft shared\web folders\ibm00002.dll
C:\Program Files\Helper
C:\Program Files\Helper\superfinderusa.dll
C:\Program Files\inetget2
C:\Program Files\Online Services\mewofyl24418.dll
C:\Program Files\outlook
C:\Program Files\snowball wars
C:\Program Files\snowball wars\License.txt
C:\Program Files\tclock\tclock_install.exe
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\WINDOWS\b.exe
C:\WINDOWS\b111.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\b128.exe
C:\WINDOWS\b149.exe
C:\WINDOWS\b151.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\Fonts\a.zip
C:\WINDOWS\keyboard1.dat
C:\WINDOWS\keyboard191.dat
C:\WINDOWS\keyboard201.dat
C:\WINDOWS\keyboard211.dat
C:\WINDOWS\keyboard221.dat
C:\WINDOWS\keyboard231.dat
C:\WINDOWS\newname.dat
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\dyelrxd.dat
C:\WINDOWS\system32\dyelrxd_nav.dat
C:\WINDOWS\system32\dyelrxd_navps.dat
C:\WINDOWS\system32\fccndhun.dll
C:\WINDOWS\system32\guard.tmp
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\nshB3.dll
C:\WINDOWS\system32\nuhdnccf.ini
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\stera.job
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\tracert.com
C:\WINDOWS\system32\wnsinticom32.exe
C:\WINDOWS\system32\wvuvsqq.dll
C:\WINDOWS\system32\xpdx.sys
C:\winlogon.exe
C:\x.dat
C:\z.dat
C:\WINDOWS\Fonts\'

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_FOPN
-------\LEGACY_NETWORK_MONITOR
-------\LEGACY_NTMLSVC
-------\LEGACY_VSPF
-------\LEGACY_VSPF_HK
-------\cmdService
-------\NtmlSvc


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-28 to 2007-12-29 ))))))))))))))))))))))))))))))))))))
.

2007-12-29 13:27 . 2007-12-29 12:39 994,842 ---hs---- C:\WINDOWS\system32\qsbfqxfk.ini
2007-12-29 13:05 . 2007-12-29 15:09 <REP> d-------- C:\VundoFix Backups
2007-12-28 21:07 . 2007-12-28 21:07 1,158 --a------ C:\WINDOWS\mozver.dat
2007-12-28 21:01 . 2007-12-28 21:01 474 --a------ C:\1.wmv.3GP
2007-12-28 20:48 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-12-28 20:48 . 2007-05-14 15:24 394,240 --a------ C:\WINDOWS\system32\Smab.dll
2007-12-28 20:48 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-12-28 20:48 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2007-12-28 20:48 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-12-28 20:48 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-12-28 20:48 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-12-28 20:48 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-12-28 20:47 . 2007-12-28 20:47 <REP> d-------- C:\Program Files\eRightSoft
2007-12-28 16:41 . 2007-12-28 16:41 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-12-28 10:50 . 2007-12-28 13:04 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-27 21:02 . 2007-12-27 21:02 994,482 ---hs---- C:\WINDOWS\system32\kioqvlda.ini
2007-12-27 18:28 . 2007-12-27 18:28 272 --a------ C:\WINDOWS\_delis32.ini
2007-12-26 21:01 . 2007-12-27 21:01 1,003,587 ---hs---- C:\WINDOWS\system32\jawkighq.ini
2007-12-25 21:00 . 2007-12-26 20:25 1,001,376 ---hs---- C:\WINDOWS\system32\vdoeqjxm.ini
2007-12-24 21:09 . 2007-12-24 21:29 316 --a------ C:\Clara Morgane Videosexe-Fr - Amateurs - Amatrice Francaise Avec Son Copain, Casting Pour Film Xxx - Porno Sexe Bite Vagin Fellation Pipe Sperme Anus Sodomie.amv
2007-12-24 21:07 . 2007-12-24 21:31 28,591,698 --a------ C:\Clara morgane et laure sinclair - 07 - Sex orgy bukkake snowball snuff a2m hardcore like max buttman r.amv
2007-12-24 20:05 . 2007-12-26 19:41 <REP> d-------- C:\Documents and Settings\en cas de probelme\.limewire
2007-12-24 13:18 . 2007-12-24 13:18 57,856 --a------ C:\fjrnkqwn.exe
2007-12-24 13:18 . 2007-12-24 13:18 2 --a------ C:\1754948180
2007-12-24 10:57 . 2007-12-25 20:58 1,020,291 ---hs---- C:\WINDOWS\system32\jbmdhrbw.ini
2007-12-23 12:58 . 2007-12-29 15:26 <REP> d-------- C:\Program Files\Spyware Doctor
2007-12-23 12:58 . 2007-12-23 12:58 <REP> d-------- C:\Documents and Settings\en cas de probelme\Application Data\PC Tools
2007-12-23 12:58 . 2007-12-23 13:03 74,240 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-12-23 12:58 . 2007-12-23 13:03 56,832 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-12-23 12:58 . 2007-10-18 00:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-12-23 12:58 . 2007-10-18 00:16 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-12-23 12:57 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-12-22 17:29 . 2007-12-24 10:55 990,995 ---hs---- C:\WINDOWS\system32\ufewktik.ini
2007-12-22 09:58 . 2007-12-26 20:18 <REP> d-------- C:\Program Files\Router
2007-12-22 08:14 . 2007-12-29 13:09 <REP> d-------- C:\Program Files\IntelligentAdvisor
2007-12-21 17:31 . 2007-12-22 13:47 991,725 ---hs---- C:\WINDOWS\system32\ocgywdka.ini
2007-12-21 16:08 . 2001-07-13 13:56 14,976 --a------ C:\WINDOWS\system32\drivers\SBKUPNT.SYS
2007-12-21 16:08 . 1997-02-08 17:11 13,312 --a------ C:\WINDOWS\system32\DEVLOAD.EXE
2007-12-21 16:07 . 2005-11-26 19:45 2,799 --a------ C:\WINDOWS\SKLANG.INI
2007-12-21 15:24 . 2007-12-21 15:24 77 --a------ C:\Documents and Settings\en cas de probelme\8800.bat
2007-12-20 18:53 . 2007-12-28 11:38 <REP> d-------- C:\Program Files\HTV
2007-12-20 17:28 . 2007-12-21 16:32 987,703 ---hs---- C:\WINDOWS\system32\scucdhht.ini
2007-12-19 19:15 . 2007-12-19 19:15 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-12-19 19:12 . 2007-12-19 19:12 134 --a------ C:\n.bat
2007-12-19 19:10 . 2007-12-29 15:48 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-19 19:08 . 2007-12-19 19:08 0 --a------ C:\WINDOWS\system32\taskkill.exe
2007-12-19 18:55 . 2007-12-28 11:35 <REP> d-------- C:\Program Files\BPK
2007-12-14 11:27 . 2007-12-14 11:27 309,760 --a------ C:\WINDOWS\system32\dyelrxd.exe~
2007-12-05 05:48 . 2007-12-09 09:21 <REP> d-------- C:\Program Files\WWTelcoPhone
2007-12-04 20:29 . 2007-12-05 05:38 <REP> d-------- C:\Documents and Settings\en cas de probelme\Application Data\TelTel
2007-12-04 20:29 . 2007-12-04 20:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TelTel
2007-12-04 19:33 . 2003-05-14 21:07 389,120 --a------ C:\WINDOWS\system32\actskn43.ocx
2007-12-04 19:33 . 2007-12-04 19:33 13,824 --a------ C:\WINDOWS\system32\drivers\splitcam.sys
2007-12-04 19:30 . 2007-12-04 19:33 <REP> d-------- C:\Program Files\SplitCam

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2005-07-29 22:24 472 --sha-w C:\WINDOWS\Vm90cmUgbm9tIGQndXRpbGlzYXRldXI\pA6XwAo0vA6QK3kBxrlDv35Wsrl5xrK.vbs
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6548BF73-58FF-71D5-F97D-17C71E323709}]
2007-12-11 16:27 1019904 --a------ C:\Program Files\IntelligentAdvisor\IntelligentAdvisor-1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CD75C2BF-18AA-4DDB-9997-BDED5F7E9FE4}]
C:\WINDOWS\system32\jkhfd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E2E32BF3-D539-423B-8F8B-85538397870C}]
C:\Program Files\MSN Gaming Zone\mefotyjyd.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 15:50]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2006-01-29 09:22]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2006-10-04 14:34]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []
"DriveLog"="C:\DOCUME~1\ENCASD~1\APPLIC~1\BIASVC~1\Long Play.exe" []
"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" [2004-09-22 03:53]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-10-24 16:53]
"Router"="C:\Program Files\Router\Router.exe" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-24 20:15]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VWLP Agent"="C:\WINDOWS\28463\VWLP.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 10:41]
"BDNewsAgent"="C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" [2005-06-09 05:28]
"BDSwitchAgent"="C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe" []
"HTV Agent"="C:\Program Files\HTV\HTV.exe" []
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 07:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

R2 FILESpy;FILESpy;C:\Program Files\Softwin\BitDefender9\filespy.sys [2004-08-19 07:00]
R2 SBKUPNT;SBKUPNT;C:\WINDOWS\system32\Drivers\SBKUPNT.SYS [2001-07-13 13:56]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 07:00]
S3 idrmkl;idrmkl;C:\DOCUME~1\ENCASD~1\LOCALS~1\Temp\idrmkl.sys []
S3 PsShutdownSvc;PsShutdown;C:\WINDOWS\System32\PSSDNSVC.EXE [2005-10-24 06:59]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 04:12]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64aa9ff4-06b5-11db-9434-00142a4c83ab}]
\Shell\AutoRun\command - RavMon.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-29 21:00:00 C:\WINDOWS\Tasks\9B78AE5994D37955.job"
- c:\docume~1\encasd~1\applic~1\biasvc~1\LOGO BOWS THUNK.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-29 16:09:04
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\edb500.dll 514587 bytes executable
C:\WINDOWS\system32\mmfutil.dll 17920 bytes executable
C:\WINDOWS\system32\rsh.exe 15872 bytes executable
C:\WINDOWS\system32\iasacct.dll 23552 bytes executable
C:\WINDOWS\system32\iasads.dll 41472 bytes executable
C:\WINDOWS\system32\iashlpr.dll 32256 bytes executable
C:\WINDOWS\system32\iasnap.dll 62464 bytes executable
C:\WINDOWS\system32\iaspolcy.dll 17920 bytes executable
C:\WINDOWS\system32\iasrad.dll 119808 bytes executable
C:\WINDOWS\system32\iasrecst.dll 141312 bytes executable
C:\WINDOWS\system32\iassam.dll 86528 bytes executable
C:\WINDOWS\system32\iassdo.dll 253440 bytes executable
C:\WINDOWS\system32\iassvcs.dll 62976 bytes executable
C:\WINDOWS\system32\icaapi.dll 11264 bytes executable
C:\WINDOWS\system32\iccvid.dll 80384 bytes executable
C:\WINDOWS\system32\icfgnt5.dll 16384 bytes executable
C:\WINDOWS\system32\icm32.dll 254976 bytes executable
C:\WINDOWS\system32\icmp.dll 3584 bytes executable
C:\WINDOWS\system32\icmui.dll 56320 bytes executable
C:\WINDOWS\system32\icsxml
C:\WINDOWS\system32\icwdial.dll 73728 bytes executable
C:\WINDOWS\system32\icwphbk.dll 65536 bytes executable
C:\WINDOWS\system32\ideograf.uce 60458 bytes
C:\WINDOWS\system32\idq.dll 121856 bytes executable
C:\WINDOWS\system32\ctfmon.exe 15360 bytes executable
C:\WINDOWS\system32\ctl3d32.dll 27136 bytes executable
C:\WINDOWS\system32\ctl3dv2.dll 27200 bytes
C:\WINDOWS\system32\ctype.nls 8386 bytes
C:\WINDOWS\system32\c_037.nls 66082 bytes
C:\WINDOWS\system32\c_10000.nls 66082 bytes
C:\WINDOWS\system32\c_10006.nls 66082 bytes
C:\WINDOWS\system32\c_10007.nls 66082 bytes
C:\WINDOWS\system32\c_10010.nls 66082 bytes
C:\WINDOWS\system32\c_10017.nls 66082 bytes
C:\WINDOWS\system32\c_10029.nls 66082 bytes
C:\WINDOWS\system32\c_10079.nls 66082 bytes
C:\WINDOWS\system32\c_10081.nls 66082 bytes
C:\WINDOWS\system32\c_10082.nls 66082 bytes
C:\WINDOWS\system32\c_1026.nls 66082 bytes
C:\WINDOWS\system32\c_1250.nls 66082 bytes
C:\WINDOWS\system32\c_1251.nls 66082 bytes
C:\WINDOWS\system32\c_1252.nls 66082 bytes
C:\WINDOWS\system32\c_1253.nls 66082 bytes
C:\WINDOWS\system32\c_1254.nls 66082 bytes
C:\WINDOWS\system32\c_1255.nls 66082 bytes
C:\WINDOWS\system32\c_1256.nls 66082 bytes
C:\WINDOWS\system32\c_1257.nls 66082 bytes
C:\WINDOWS\system32\c_1258.nls 66082 bytes
C:\WINDOWS\system32\c_20127.nls 66082 bytes
C:\WINDOWS\system32\c_20261.nls 139810 bytes
C:\WINDOWS\system32\c_20866.nls 66082 bytes
C:\WINDOWS\system32\c_20905.nls 66082 bytes
C:\WINDOWS\system32\c_21866.nls 66082 bytes
C:\WINDOWS\system32\c_28591.nls 66082 bytes
C:\WINDOWS\system32\c_28592.nls 66082 bytes
C:\WINDOWS\system32\c_28593.nls 66082 bytes
C:\WINDOWS\system32\C_28594.NLS 66082 bytes
C:\WINDOWS\system32\C_28595.NLS 66082 bytes
C:\WINDOWS\system32\c_28598.nls 66082 bytes
C:\WINDOWS\system32\c_28599.nls 66082 bytes
C:\WINDOWS\system32\c_28603.nls 66082 bytes
C:\WINDOWS\system32\c_28605.nls 66082 bytes
C:\WINDOWS\system32\c_437.nls 66594 bytes
C:\WINDOWS\system32\c_500.nls 66082 bytes
C:\WINDOWS\system32\c_737.nls 66594 bytes
C:\WINDOWS\system32\c_775.nls 66594 bytes
C:\WINDOWS\system32\c_850.nls 66594 bytes
C:\WINDOWS\system32\c_852.nls 66594 bytes
C:\WINDOWS\system32\c_855.nls 66594 bytes
C:\WINDOWS\system32\c_857.nls 66594 bytes
C:\WINDOWS\system32\c_860.nls 66594 bytes
C:\WINDOWS\system32\c_861.nls 66594 bytes
C:\WINDOWS\system32\c_863.nls 66594 bytes
C:\WINDOWS\system32\c_865.nls 66594 bytes
C:\WINDOWS\system32\c_866.nls 66594 bytes
C:\WINDOWS\system32\c_869.nls 66594 bytes
C:\WINDOWS\system32\c_874.nls 66594 bytes
C:\WINDOWS\system32\convert.exe 13824 bytes executable
C:\WINDOWS\system32\csseqchk.dll 73728 bytes executable
C:\WINDOWS\system32\C_28597.NLS 66082 bytes
C:\WINDOWS\system32\c_875.nls 66082 bytes
C:\WINDOWS\system32\datime.dll 152064 bytes executable
C:\WINDOWS\system32\desktop.ini 2 bytes
C:\WINDOWS\system32\diskmgmt.msc 33311 bytes
C:\WINDOWS\system32\dllcache
C:\WINDOWS\system32\dmserver.dll 24576 bytes executable
C:\WINDOWS\system32\dpnhpast.dll 35328 bytes executable
C:\WINDOWS\system32\drwtsn32.exe 47104 bytes executable
C:\WINDOWS\system32\dsuiext.dll 113664 bytes executable
C:\WINDOWS\system32\davclnt.dll 25088 bytes executable
C:\WINDOWS\system32\daxctle.ocx 153088 bytes executable
C:\WINDOWS\system32\dbgeng.dll 847872 bytes executable
C:\WINDOWS\system32\dbghelp.dll 640000 bytes executable
C:\WINDOWS\system32\dbmsgnet.dll 24576 bytes executable
C:\WINDOWS\system32\DBmsLPCn.dll 29244 bytes executable
C:\WINDOWS\system32\dbmsqlgc.dll 33340 bytes executable
C:\WINDOWS\system32\dbmsrpcn.dll 24576 bytes executable
C:\WINDOWS\system32\dbnetlib.dll 110592 bytes executable
C:\WINDOWS\system32\dbnmpntw.dll 28672 bytes executable
C:\WINDOWS\system32\Dcache.bin 1788 bytes
C:\WINDOWS\system32\dciman32.dll 8704 bytes executable
C:\WINDOWS\system32\dcomcnfg.exe 5120 bytes executable
C:\WINDOWS\system32\ddeml.dll 39424 bytes
C:\WINDOWS\system32\ddeshare.exe 31744 bytes executable
C:\WINDOWS\system32\ddraw.dll 266240 bytes executable
C:\WINDOWS\system32\ddrawex.dll 27136 bytes executable
C:\WINDOWS\system32\debug.exe 21162 bytes
C:\WINDOWS\system32\defrag.exe 25088 bytes executable
C:\WINDOWS\system32\desk.cpl 138240 bytes executable
C:\WINDOWS\system32\deskadp.dll 16896 bytes executable
C:\WINDOWS\system32\deskmon.dll 16896 bytes executable
C:\WINDOWS\system32\deskperf.dll 18944 bytes executable
C:\WINDOWS\system32\diskpart.exe 167936 bytes executable
C:\WINDOWS\system32\diskperf.exe 19456 bytes executable
C:\WINDOWS\system32\dispex.dll 45083 bytes executable
C:\WINDOWS\system32\divx332.dll 412160 bytes executable
C:\WINDOWS\system32\divx4.dll 569344 bytes executable
C:\WINDOWS\system32\divxa332.acm 287744 bytes executable
C:\WINDOWS\system32\divxdec4.ax 446464 bytes executable
C:\WINDOWS\system32\divx_322.ax 239616 bytes executable
C:\WINDOWS\system32\ds16gt.dLL 4656 bytes
C:\WINDOWS\system32\ds32gt.dll 16384 bytes executable
C:\WINDOWS\system32\dsauth.dll 62976 bytes executable
C:\WINDOWS\system32\dsdmo.dll 181760 bytes executable
C:\WINDOWS\system32\dsdmoprp.dll 72192 bytes executable
C:\WINDOWS\system32\dskquota.dll 93696 bytes executable
C:\WINDOWS\system32\dskquoui.dll 150016 bytes executable
C:\WINDOWS\system32\dsnpstd.ax 36864 bytes executable
C:\WINDOWS\system32\dsnpstd.dll 53248 bytes executable
C:\WINDOWS\system32\dsound.dll 367616 bytes executable
C:\WINDOWS\system32\dsound.vxd 81 bytes
C:\WINDOWS\system32\dsound3d.dll 1294336 bytes executable
C:\WINDOWS\system32\dsprop.dll 145408 bytes executable
C:\WINDOWS\system32\dsprpres.dll 4096 bytes executable
C:\WINDOWS\system32\dsquery.dll 240640 bytes executable
C:\WINDOWS\system32\dsrmp4.dll 45056 bytes executable
C:\WINDOWS\system32\dssec.dat 218003 bytes
C:\WINDOWS\system32\dssec.dll 52736 bytes executable
C:\WINDOWS\system32\dssenh.dll 137216 bytes executable
C:\WINDOWS\system32\E_S2F.tmp 58 bytes
C:\WINDOWS\system32\fastopen.exe 882 bytes
C:\WINDOWS\system32\faultrep.dll 80896 bytes executable
C:\WINDOWS\system32\fc.exe 14848 bytes executable
C:\WINDOWS\system32\feclient.dll 21504 bytes executable
C:\WINDOWS\system32\ffJmpWeb.dll 32768 bytes executable
C:\WINDOWS\system32\filemgmt.dll 348160 bytes executable
C:\WINDOWS\system32\find.exe 9216 bytes executable
C:\WINDOWS\system32\findstr.exe 29184 bytes executable
C:\WINDOWS\system32\finger.exe 10240 bytes executable
C:\WINDOWS\system32\firewall.cpl 80384 bytes executable
C:\WINDOWS\system32\esentprf.hxx 6708 bytes
C:\WINDOWS\system32\esentprf.ini 1015477 bytes
C:\WINDOWS\system32\esentutl.exe 39424 bytes executable
C:\WINDOWS\system32\ESICM.dll 53248 bytes executable
C:\WINDOWS\system32\eudcedit.exe 195072 bytes executable
C:\WINDOWS\system32\eula.txt 42303 bytes
C:\WINDOWS\system32\eventcls.dll 33280 bytes executable
C:\WINDOWS\system32\eventlog.dll 55808 bytes executable
C:\WINDOWS\system32\eventvwr.exe 9216 bytes executable
C:\WINDOWS\system32\eventvwr.msc 56286 bytes
C:\WINDOWS\system32\exe2bin.exe 8424 bytes
C:\WINDOWS\system32\exitwx.exe 40960 bytes executable
C:\WINDOWS\system32\expand.exe 16896 bytes executable
C:\WINDOWS\system32\export
C:\WINDOWS\system32\expsrv.dll 380957 bytes executable
C:\WINDOWS\system32\extmgr.dll 55808 bytes executable
C:\WINDOWS\system32\extrac32.exe 45568 bytes executable
C:\WINDOWS\system32\ipnathlp.dll 332800 bytes executable
C:\WINDOWS\system32\ippromon.dll 355840 bytes executable
C:\WINDOWS\system32\iprop.dll 3584 bytes executable
C:\WINDOWS\system32\iprtprio.dll 4096 bytes executable
C:\WINDOWS\system32\iprtrmgr.dll 169984 bytes executable
C:\WINDOWS\system32\ipsec6.exe 46080 bytes executable
C:\WINDOWS\system32\ipsecsnp.dll 361472 bytes executable
C:\WINDOWS\system32\ipsecsvc.dll 184320 bytes executable
C:\WINDOWS\system32\ipsink.ax 16384 bytes executable
C:\WINDOWS\system32\ipsmsnap.dll 388096 bytes executable
C:\WINDOWS\system32\ipv6.exe 53760 bytes executable
C:\WINDOWS\system32\ipv6mon.dll 59904 bytes executable
C:\WINDOWS\system32\ipxmontr.dll 91648 bytes executable
C:\WINDOWS\system32\ipxpromn.dll 74240 bytes executable
C:\WINDOWS\system32\ipxrip.dll 21504 bytes executable
C:\WINDOWS\system32\ipxroute.exe 24576 bytes executable
C:\WINDOWS\system32\ipxrtmgr.dll 39936 bytes executable
C:\WINDOWS\system32\ipxsap.dll 66560 bytes executable
C:\WINDOWS\system32\kb16.com 14841 bytes
C:\WINDOWS\system32\kbd101b.dll 6144 bytes executable
C:\WINDOWS\system32\kbd101c.dll 6144 bytes executable
C:\WINDOWS\system32\kbd103.dll 5632 bytes executable
C:\WINDOWS\system32\kbd106.dll 6144 bytes executable
C:\WINDOWS\system32\kbdal.dll 6656 bytes executable
C:\WINDOWS\system32\kbdaze.dll 5632 bytes executable
C:\WINDOWS\system32\kbdazel.dll 5632 bytes executable
C:\WINDOWS\system32\kbdbe.dll 6144 bytes executable
C:\WINDOWS\system32\kbdbene.dll 6144 bytes executable
C:\WINDOWS\system32\kbdblr.dll 5632 bytes executable
C:\WINDOWS\system32\kbdbr.dll 6144 bytes executable
C:\WINDOWS\system32\kbdbu.dll 5632 bytes executable
C:\WINDOWS\system32\kbdca.dll 6144 bytes executable
C:\WINDOWS\system32\kbdcan.dll 7680 bytes executable
C:\WINDOWS\system32\kbdcr.dll 6656 bytes executable
C:\WINDOWS\system32\kbdcz.dll 7168 bytes executable
C:\WINDOWS\system32\kbdcz1.dll 6656 bytes executable
C:\WINDOWS\system32\kbdcz2.dll 6656 bytes executable
C:\WINDOWS\system32\kbdda.dll 6144 bytes executable
C:\WINDOWS\system32\kbddv.dll 5120 bytes executable
C:\WINDOWS\system32\kbdes.dll 6144 bytes executable
C:\WINDOWS\system32\kbdest.dll 6144 bytes executable
C:\WINDOWS\system32\kbdfc.dll 6144 bytes executable
C:\WINDOWS\system32\kbdfi.dll 6144 bytes executable
C:\WINDOWS\system32\kbdfi1.dll 7168 bytes executable
C:\WINDOWS\system32\kbdkor.dll 8192 bytes executable
C:\WINDOWS\system32\kbdkyr.dll 5632 bytes executable
C:\WINDOWS\system32\kbdla.dll 6656 bytes executable
C:\WINDOWS\system32\kbdlt.dll 5632 bytes executable
C:\WINDOWS\system32\kbdlt1.dll 5632 bytes executable
C:\WINDOWS\system32\kbdlv.dll 6144 bytes executable
C:\WINDOWS\system32\kbdlv1.dll 6144 bytes executable
C:\WINDOWS\system32\kbdmac.dll 6144 bytes executable
C:\WINDOWS\system32\kbdmaori.dll 5632 bytes executable
C:\WINDOWS\system32\kbdmlt47.dll 6144 bytes executable
C:\WINDOWS\system32\kbdmlt48.dll 6144 bytes executable
C:\WINDOWS\system32\kbdmon.dll 5632 bytes executable
C:\WINDOWS\system32\kbdne.dll 6144 bytes executable
C:\WINDOWS\system32\kbdnec.dll 7168 bytes executable
C:\WINDOWS\system32\kbdno.dll 6144 bytes executable
C:\WINDOWS\system32\kbdno1.dll 7168 bytes executable
C:\WINDOWS\system32\kbdpl.dll 6656 bytes executable
C:\WINDOWS\system32\kbdpl1.dll 5632 bytes executable
C:\WINDOWS\system32\kbdpo.dll 6144 bytes executable
C:\WINDOWS\system32\kbdro.dll 5632 bytes executable
C:\WINDOWS\system32\kbdru.dll 5632 bytes executable
C:\WINDOWS\system32\kbdru1.dll 5632 bytes executable
C:\WINDOWS\system32\kbdsf.dll 6144 bytes executable
C:\WINDOWS\system32\kbdsg.dll 6656 bytes executable
C:\WINDOWS\system32\kbdsl.dll 6656 bytes executable
C:\WINDOWS\system32\kbdsl1.dll 6656 bytes executable
C:\WINDOWS\system32\kbdsmsfi.dll 7680 bytes executable
C:\WINDOWS\system32\kbdsmsno.dll 7680 bytes executable
C:\WINDOWS\system32\kbdsp.dll 6144 bytes executable
C:\WINDOWS\system32\kbdsw.dll 6144 bytes executable
C:\WINDOWS\system32\kbdtat.dll 5632 bytes executable
C:\WINDOWS\system32\lame_enc.dll 145920 bytes executable
C:\WINDOWS\system32\langwrbk.dll 89600 bytes executable
C:\WINDOWS\system32\lanman.drv 224448 bytes
C:\WINDOWS\system32\LAPRXY.dll 11264 bytes executable
C:\WINDOWS\system32\LegitCheckControl.dll 1476992 bytes executable
C:\WINDOWS\system32\libeay32.dll 831488 bytes executable
C:\WINDOWS\system32\licdll.dll 424960 bytes executable
C:\WINDOWS\system32\licmgr10.dll 22528 bytes executable
C:\WINDOWS\system32\licwmi.dll 58880 bytes executable
C:\WINDOWS\system32\lights.exe 30208 bytes executable
C:\WINDOWS\system32\linkinfo.dll 19968 bytes executable
C:\WINDOWS\system32\lmhsvc.dll 13824 bytes executable
C:\WINDOWS\system32\lmrt.dll 399872 bytes executable
C:\WINDOWS\system32\lnkstub.exe 26624 bytes executable
C:\WINDOWS\system32\loadfix.com 1187 bytes
C:\WINDOWS\system32\loadperf.dll 100352 bytes executable
C:\WINDOWS\system32\locale.nls 249270 bytes
C:\WINDOWS\system32\localsec.dll 228352 bytes executable
C:\WINDOWS\system32\localspl.dll 344576 bytes executable
C:\WINDOWS\system32\localui.dll 11776 bytes executable
C:\WINDOWS\system32\locator.exe 75264 bytes executable
C:\WINDOWS\system32\lodctr.exe 5120 bytes executable
C:\WINDOWS\system32\logagent.exe 100864 bytes executable
C:\WINDOWS\system32\LogFiles
C:\WINDOWS\system32\loghours.dll 50688 bytes executable
C:\WINDOWS\system32\logman.exe 61952 bytes executable
C:\WINDOWS\system32\mchgrcoi.dll 4608 bytes executable
C:\WINDOWS\system32\mciavi.drv 73680 bytes
C:\WINDOWS\system32\mciavi32.dll 85504 bytes executable
C:\WINDOWS\system32\mcicda.dll 17408 bytes executable
C:\WINDOWS\system32\mciole16.dll 8192 bytes
C:\WINDOWS\system32\mciole32.dll 7680 bytes executable
C:\WINDOWS\system32\mciqtz32.dll 35328 bytes executable
C:\WINDOWS\system32\mciseq.dll 23040 bytes executable
C:\WINDOWS\system32\mciseq.drv 25280 bytes
C:\WINDOWS\system32\mciwave.dll 23552 bytes executable
C:\WINDOWS\system32\mciwave.drv 28160 bytes
C:\WINDOWS\system32\mcrh.tmp 143 bytes
C:\WINDOWS\system32\mdhcp.dll 50176 bytes executable
C:\WINDOWS\system32\mdimon.dll 17920 bytes executable
C:\WINDOWS\system32\mdminst.dll 120320 bytes executable
C:\WINDOWS\system32\mdwmdmsp.dll 147968 bytes executable
C:\WINDOWS\system32\mmsys.cpl 910848 bytes executable
C:\WINDOWS\system32\mmsystem.dll 70688 bytes
C:\WINDOWS\system32\mmtask.tsk 1152 bytes
C:\WINDOWS\system32\mmtvmj.dll 270336 bytes executable
C:\WINDOWS\system32\mmutilse.dll 119808 bytes executable
C:\WINDOWS\system32\mnmdd.dll 34560 bytes executable
C:\WINDOWS\system32\mnmsrvc.exe 32768 bytes executable
C:\WINDOWS\system32\mobsync.dll 210432 bytes executable
C:\WINDOWS\system32\mobsync.exe 144384 bytes executable
C:\WINDOWS\system32\mode.com 19456 bytes executable
C:\WINDOWS\system32\modemui.dll 156160 bytes executable
C:\WINDOWS\system32\modex.dll 10112 bytes executable
C:\WINDOWS\system32\more.com 15872 bytes executable
C:\WINDOWS\system32\moricons.dll 380416 bytes executable
C:\WINDOWS\system32\mountvol.exe 8192 bytes executable
C:\WINDOWS\system32\mouse.drv 2032 bytes
C:\WINDOWS\system32\mp3cnfg.cpl 121856 bytes executable
C:\WINDOWS\system32\msdtcprx.dll 426496 bytes executable
C:\WINDOWS\system32\msdtctm.dll 956416 bytes executable
C:\WINDOWS\system32\msdtcuiu.dll 161280 bytes executable
C:\WINDOWS\system32\msdxm.ocx 848922 bytes executable
C:\WINDOWS\system32\msdxmlc.dll 4126 bytes executable
C:\WINDOWS\system32\msencode.dll 94282 bytes executable
C:\WINDOWS\system32\msexch40.dll 512029 bytes executable
C:\WINDOWS\system32\msexcl40.dll 319517 bytes executable
C:\WINDOWS\system32\msfDX.dll 31232 bytes executable
C:\WINDOWS\system32\msftedit.dll 539136 bytes executable
C:\WINDOWS\system32\msg.exe 22528 bytes executable
C:\WINDOWS\system32\msg711.acm 9216 bytes executable
C:\WINDOWS\system32\msg723.acm 118784 bytes executable
C:\WINDOWS\system32\msgina.dll 1567744 bytes executable
C:\WINDOWS\system32\msgsm32.acm 19968 bytes executable
C:\WINDOWS\system32\msgsvc.dll 33792 bytes executable
C:\WINDOWS\system32\msh261.drv 188416 bytes executable
C:\WINDOWS\system32\msh263.drv 294912 bytes executable
C:\WINDOWS\system32\msxml3.dll 1104896 bytes executable
C:\WINDOWS\system32\msxml3a.dll 24576 bytes executable
C:\WINDOWS\system32\msxml3r.dll 51200 bytes executable
C:\WINDOWS\system32\msxml4.dll 1275392 bytes executable
C:\WINDOWS\system32\msxml4.inf 402 bytes
C:\WINDOWS\system32\msxml4a.dll 44544 bytes executable
C:\WINDOWS\system32\msxml4r.dll 82432 bytes executable
C:\WINDOWS\system32\msxmlr.dll 30720 bytes executable
C:\WINDOWS\system32\msyuv.dll 17408 bytes executable
C:\WINDOWS\system32\mtxclu.dll 66560 bytes executable
C:\WINDOWS\system32\mtxdm.dll 20480 bytes executable
C:\WINDOWS\system32\mtxex.dll 4096 bytes executable
C:\WINDOWS\system32\mtxlegih.dll 25088 bytes executable
C:\WINDOWS\system32\mtxoci.dll 91136 bytes executable
C:\WINDOWS\system32\mui
C:\WINDOWS\system32\mycomput.dll 90624 bytes executable
C:\WINDOWS\system32\mydocs.dll 88064 bytes executable
C:\WINDOWS\system32\narrator.exe 55296 bytes executable
C:\WINDOWS\system32\narrhook.dll 36352 bytes executable
C:\WINDOWS\system32\nbtstat.exe 21504 bytes executable
C:\WINDOWS\system32\ncobjapi.dll 36352 bytes executable
C:\WINDOWS\system32\ncpa.cpl 167936 bytes executable
C:\WINDOWS\system32\ncpa.cpl.manifest 749 bytes
C:\WINDOWS\system32\NCTAudioFile2.dll 1843200 bytes executable
C:\WINDOWS\system32\NCTAudioPlayer2.dll 315392 bytes executable
C:\WINDOWS\system32\ncxpnt.dll 7680 bytes executable
C:\WINDOWS\system32\oemlogo.bmp 21782 bytes
C:\WINDOWS\system32\offfilt.dll 120832 bytes executable
C:\WINDOWS\system32\ole2.dll 39744 bytes
C:\WINDOWS\system32\ole2disp.dll 169520 bytes
C:\WINDOWS\system32\ole2nls.dll 153008 bytes
C:\WINDOWS\system32\ole32.dll 1284608 bytes executable
C:\WINDOWS\system32\oleacc.dll 163328 bytes executable
C:\WINDOWS\system32\oleaccrc.dll 18944 bytes executable
C:\WINDOWS\system32\oleaut32.dll 549376 bytes executable
C:\WINDOWS\system32\olecli.dll 83456 bytes
C:\WINDOWS\system32\olecli32.dll 75264 bytes executable
C:\WINDOWS\system32\olecnv32.dll 37888 bytes executable
C:\WINDOWS\system32\oledlg.dll 124928 bytes executable
C:\WINDOWS\system32\oleprn.dll 110592 bytes executable
C:\WINDOWS\system32\olepro32.dll 83456 bytes executable
C:\WINDOWS\system32\olesvr.dll 24064 bytes
C:\WINDOWS\system32\olesvr32.dll 22016 bytes executable
C:\WINDOWS\system32\olethk32.dll 69120 bytes executable
C:\WINDOWS\system32\oobe
C:\WINDOWS\system32\OoneZipPopup.dll 452608 bytes executable
C:\WINDOWS\system32\perfci.ini 3030 bytes
C:\WINDOWS\system32\perfctrs.dll 42496 bytes executable
C:\WINDOWS\system32\perfd009.dat 28626 bytes
C:\WINDOWS\system32\perfd00C.dat 34108 bytes
C:\WINDOWS\system32\perfdisk.dll 27136 bytes executable
C:\WINDOWS\system32\perffilt.h 140 bytes
C:\WINDOWS\system32\perffilt.ini 1293 bytes
C:\WINDOWS\system32\perfh009.dat 433948 bytes
C:\WINDOWS\system32\perfh00C.dat 505218 bytes
C:\WINDOWS\system32\perfi009.dat 272128 bytes
C:\WINDOWS\system32\perfi00C.dat 322810 bytes
C:\WINDOWS\system32\perfmon.exe 15872 bytes executable
C:\WINDOWS\system32\perfmon.msc 57862 bytes
C:\WINDOWS\system32\perfnet.dll 17408 bytes executable
C:\WINDOWS\system32\perfos.dll 26624 bytes executable
C:\WINDOWS\system32\perfproc.dll 35840 bytes executable
C:\WINDOWS\system32\PerfStringBackup.INI 1113324 bytes
C:\WINDOWS\system32\perfts.dll 12288 bytes executable
C:\WINDOWS\system32\perfwci.h 435 bytes
C:\WINDOWS\system32\perfwci.ini 2994 bytes
C:\WINDOWS\system32\photowiz.dll 172032 bytes executable
C:\WINDOWS\system32\proxycfg.exe 9728 bytes executable
C:\WINDOWS\system32\psapi.dll 23040 bytes executable
C:\WINDOWS\system32\psbase.dll 98816 bytes executable
C:\WINDOWS\system32\pschdcnt.h 3010 bytes
C:\WINDOWS\system32\pschdprf.dll 10752 bytes executable
C:\WINDOWS\system32\pschdprf.ini 14073 bytes
C:\WINDOWS\system32\pscript.sep 51 bytes
C:\WINDOWS\system32\psnppagn.dll 8192 bytes executable
C:\WINDOWS\system32\PSSDNSVC.EXE 65536 bytes executable
C:\WINDOWS\system32\pstorec.dll 43520 bytes executable
C:\WINDOWS\system32\pstorsvc.dll 34304 bytes executable
C:\WINDOWS\system32\PTxSCP.ocx 1206272 bytes executable
C:\WINDOWS\system32\PUB3BRSH.ANI 2844 bytes
C:\WINDOWS\system32\PUBDLG.DLL 45056 bytes executable
C:\WINDOWS\system32\pubprn.vbs 3862 bytes
C:\WINDOWS\system32\qappsrv.exe 17408 bytes executable
C:\WINDOWS\system32\qasf.dll 211456 bytes executable
C:\WINDOWS\system32\qcap.dll 192512 bytes executable
C:\WINDOWS\system32\qdv.dll 279040 bytes executable
C:\WINDOWS\system32\qdvd.dll 386048 bytes executable
C:\WINDOWS\system32\remotepg.dll 61952 bytes executable
C:\WINDOWS\system32\remotesp.tsp 76800 bytes executable
C:\WINDOWS\system32\rend.dll 107520 bytes executable
C:\WINDOWS\system32\replace.exe 12800 bytes executable
C:\WINDOWS\system32\reset.exe 10240 bytes executable
C:\WINDOWS\system32\Restore
C:\WINDOWS\system32\resutils.dll 58880 bytes executable
C:\WINDOWS\system32\ReWire.dll 225280 bytes executable
C:\WINDOWS\system32\rexec.exe 14848 bytes executable
C:\WINDOWS\system32\riched20.dll 433152 bytes executable
C:\WINDOWS\system32\riched32.dll 3584 bytes executable
C:\WINDOWS\system32\RICHTEXT.SRG 111 bytes
C:\WINDOWS\system32\RICHTX32.DEP 3010 bytes
C:\WINDOWS\system32\RICHTX32.oca 64000 bytes executable
C:\WINDOWS\system32\RICHTX32.OCX 203976 bytes executable
C:\WINDOWS\system32\rightonadz-uninst.exe 40733 bytes executable
C:\WINDOWS\system32\RitCPT.exe 88630 bytes executable
C:\WINDOWS\system32\RLAPEDec.ax 54784 bytes executable
C:\WINDOWS\system32\RLMPCDec.ax 37888 bytes executable
C:\WINDOWS\system32\RLOgg.ax 186880 bytes executable
C:\WINDOWS\system32\RLSpeexDec.ax 51712 bytes executable
C:\WINDOWS\system32\RLTheoraDec.ax 67584 bytes executable
C:\WINDOWS\system32\RLVorbisDec.ax 92672 bytes executable
C:\WINDOWS\system32\sbe.dll 270848 bytes executable
C:\WINDOWS\system32\sbeio.dll 159232 bytes executable
C:\WINDOWS\system32\sc.exe 31232 bytes executable
C:\WINDOWS\system32\scarddlg.dll 71168 bytes executable
C:\WINDOWS\system32\scardssp.dll 118784 bytes executable
C:\WINDOWS\system32\scardsvr.exe 100352 bytes executable
C:\WINDOWS\system32\sccbase.dll 169984 bytes executable
C:\WINDOWS\system32\sccsccp.dll 171520 bytes executable
C:\WINDOWS\system32\scecli.dll 186368 bytes executable
C:\WINDOWS\system32\scesrv.dll 328704 bytes executable
C:\WINDOWS\system32\Scg726.acm 13239 bytes executable
C:\WINDOWS\system32\schannel.dll 144896 bytes executable
C:\WINDOWS\system32\schedsvc.dll 193024 bytes executable
C:\WINDOWS\system32\sclgntfy.dll 22016 bytes executable
C:\WINDOWS\system32\scofr.dll 24624 bytes executable
C:\WINDOWS\system32\SCP32.DLL 15872 bytes executable
C:\WINDOWS\system32\scredir.dll 26624 bytes executable
C:\WINDOWS\system32\scrnsave.scr 9216 bytes executable
C:\WINDOWS\system32\scrobj.dll 159744 bytes executable
C:\WINDOWS\system32\scrrnfr.dll 24626 bytes executable
C:\WINDOWS\system32\slbcsp.dll 306176 bytes executable
C:\WINDOWS\system32\slbiop.dll 98304 bytes executable
C:\WINDOWS\system32\slbrccsp.dll 16384 bytes executable
C:\WINDOWS\system32\sl_anet.acm 86016 bytes executable
C:\WINDOWS\system32\Smab.dll 394240 bytes executable
C:\WINDOWS\system32\smbinst.exe 8192 bytes executable
C:\WINDOWS\system32\smlogcfg.dll 370688 bytes executable
C:\WINDOWS\system32\smlogsvc.exe 93184 bytes executable
C:\WINDOWS\system32\smss.exe 50688 bytes executable
C:\WINDOWS\system32\sndrec32.exe 391680 bytes executable
C:\WINDOWS\system32\sndvol32.exe 468480 bytes executable
C:\WINDOWS\system32\snmpapi.dll 18944 bytes executable
C:\WINDOWS\system32\snmpsnap.dll 184320 bytes executable
C:\WINDOWS\system32\sockspy.dll 61440 bytes executable
C:\WINDOWS\system32\softpub.dll 5632 bytes executable
C:\WINDOWS\system32\SoftwareDistribution
C:\WINDOWS\system32\sol.exe 57344 bytes executable
C:\WINDOWS\system32\sort.exe 25088 bytes executable
C:\WINDOWS\system32\sortkey.nls 262148 bytes
C:\WINDOWS\system32\sorttbls.nls 22040 bytes
C:\WINDOWS\system32\sound.drv 1744 bytes
C:\WINDOWS\system32\spider.exe 539136 bytes executable
C:\WINDOWS\system32\spmsg.dll 14640 bytes executable
C:\WINDOWS\system32\spnike.dll 69632 bytes executable
C:\WINDOWS\system32\spnpinst.exe 11776 bytes executable
C:\WINDOWS\system32\spool
C:\WINDOWS\system32\spoolss.dll 74752 bytes executable
C:\WINDOWS\system32\spoolsv.exe 57856 bytes executable
C:\WINDOWS\system32\sprestrt.exe 9728 bytes executable
C:\WINDOWS\system32\sprio600.dll 70656 bytes executable
C:\WINDOWS\system32\swprv.dll 139264 bytes executable
C:\WINDOWS\system32\swreg.exe 156160 bytes executable
C:\WINDOWS\system32\swsc.exe 136704 bytes executable
C:\WINDOWS\system32\swxcacls.exe 212480 bytes executable
C:\WINDOWS\system32\sxs.dll 716800 bytes executable
C:\WINDOWS\system32\syncapp.exe 51200 bytes executable
C:\WINDOWS\system32\synceng.dll 57856 bytes executable
C:\WINDOWS\system32\syncui.dll 197120 bytes executable
C:\WINDOWS\system32\Sys32
C:\WINDOWS\system32\sysdm.cpl 477696 bytes executable
C:\WINDOWS\system32\sysedit.exe 19216 bytes
C:\WINDOWS\system32\sysinv.dll 15872 bytes executable
C:\WINDOWS\system32\syskey.exe 37888 bytes executable
C:\WINDOWS\system32\sysmon.ocx 220672 bytes executable
C:\WINDOWS\system32\sysocmgr.exe 752640 bytes executable
C:\WINDOWS\system32\sysprint.sep 3214 bytes
C:\WINDOWS\system32\sysprtj.sep 3577 bytes
C:\WINDOWS\system32\syssetup.dll 3811328 bytes executable
C:\WINDOWS\system32\system.drv 3360 bytes
C:\WINDOWS\system32\systray.exe 3072 bytes executable
C:\WINDOWS\system32\t2embed.dll 118272 bytes executable
C:\WINDOWS\system32\tourstart.exe 347136 bytes executable
C:\WINDOWS\system32\tracert.exe 13312 bytes executable
C:\WINDOWS\system32\tracert6.exe 32256 bytes executable
C:\WINDOWS\system32\traffic.dll 31232 bytes executable
C:\WINDOWS\system32\trayres
C:\WINDOWS\system32\tree.com 11264 bytes executable
C:\WINDOWS\system32\trkwks.dll 90624 bytes executable
C:\WINDOWS\system32\tsappcmp.dll 52224 bytes executable
C:\WINDOWS\system32\tsbyuv.dll 8192 bytes executable
C:\WINDOWS\system32\tsccvid.dll 107864 bytes executable
C:\WINDOWS\system32\tscfgwmi.dll 94208 bytes executable
C:\WINDOWS\system32\tscon.exe 15360 bytes executable
C:\WINDOWS\system32\tscupgrd.exe 44544 bytes executable
C:\WINDOWS\system32\tsd32.dll 15360 bytes executable
C:\WINDOWS\system32\tsddd.dll 12168 bytes executable
C:\WINDOWS\system32\tsdiscon.exe 14848 bytes executable
C:\WINDOWS\system32\verclsid.exe 28672 bytes executable
C:\WINDOWS\system32\verifier.dll 13312 bytes executable
C:\WINDOWS\system32\verifier.exe 102912 bytes executable
C:\WINDOWS\system32\version.dll 18944 bytes executable
C:\WINDOWS\system32\VFind.exe 49152 bytes executable
C:\WINDOWS\system32\vfpodbc.dll 20535 bytes executable
C:\WINDOWS\system32\vfwwdm32.dll 54784 bytes executable
C:\WINDOWS\system32\vga.dll 9344 bytes executable
C:\WINDOWS\system32\vga.drv 2176 bytes
C:\WINDOWS\system32\vga256.dll 51456 bytes executable
C:\WINDOWS\system32\vga64k.dll 18176 bytes executable
C:\WINDOWS\system32\VGAunistlog.ini 72611 bytes
C:\WINDOWS\system32\vidcap.ax 28672 bytes executable
C:\WINDOWS\system32\vjoy.dll 4608 bytes executable
C:\WINDOWS\system32\vp6vfw.dll 442368 bytes executable
C:\WINDOWS\system32\VSFLEX3.OCX 225280 bytes executable
C:\WINDOWS\system32\Vsflex7L.ocx 419488 bytes executable
C:\WINDOWS\system32\wbdbase.esn 750080 bytes
C:\WINDOWS\system32\wbdbase.fra 786944 bytes
C:\WINDOWS\system32\wbdbase.ita 867840 bytes
C:\WINDOWS\system32\wbdbase.nld 1095680 bytes
C:\WINDOWS\system32\wbdbase.sve 937984 bytes
C:\WINDOWS\system32\wbem
C:\WINDOWS\system32\wdfapi.dll 4096 bytes executable
C:\WINDOWS\system32\wdfmgr.exe 8704 bytes executable
C:\WINDOWS\system32\wdigest.dll 49152 bytes executable
C:\WINDOWS\system32\wdl.trm 4096 bytes
C:\WINDOWS\system32\wdmaud.drv 23552 bytes executable
C:\WINDOWS\system32\webcheck.dll 921088 bytes executable
C:\WINDOWS\system32\webclnt.dll 68096 bytes executable
C:\WINDOWS\system32\webfldrs.msi 1355776 bytes
C:\WINDOWS\system32\webhits.dll 40960 bytes executable
C:\WINDOWS\system32\webvw.dll 136192 bytes executable
C:\WINDOWS\system32\wextract.exe 66560 bytes executable
C:\WINDOWS\system32\wfwnet.drv 13600 bytes
C:\WINDOWS\system32\WgaLogon.dll 236928 bytes executable
C:\WINDOWS\system32\WgaTray.exe 337280 bytes executable
C:\WINDOWS\system32\wiaacmgr.exe 2664448 bytes executable
C:\WINDOWS\system32\wiadefui.dll 465920 bytes executable
C:\WINDOWS\system32\usrdpa.dll 77890 bytes executable
C:\WINDOWS\system32\usrdtea.dll 323641 bytes executable
C:\WINDOWS\system32\usrfaxa.dll 86073 bytes executable
C:\WINDOWS\system32\usrlbva.dll 53305 bytes executable
C:\WINDOWS\system32\usrlogon.cmd 1263 bytes
C:\WINDOWS\system32\usrmlnka.exe 77891 bytes executable
C:\WINDOWS\system32\usrprbda.exe 61508 bytes executable
C:\WINDOWS\system32\usrrtosa.dll 77883 bytes executable
C:\WINDOWS\system32\usrsdpia.dll 49211 bytes executable
C:\WINDOWS\system32\usrshuta.exe 69700 bytes executable
C:\WINDOWS\system32\usrsvpia.dll 41019 bytes executable
C:\WINDOWS\system32\usrv42a.dll 102457 bytes executable
C:\WINDOWS\system32\usrv80a.dll 49209 bytes executable
C:\WINDOWS\system32\usrvoica.dll 45116 bytes executable
C:\WINDOWS\system32\usrvpa.dll 49211 bytes executable
C:\WINDOWS\system32\utildll.dll 26112 bytes executable
C:\WINDOWS\system32\utilman.exe 50176 bytes executable
C:\WINDOWS\system32\comm.drv 10544 bytes
C:\WINDOWS\system32\command.com 52103 bytes
C:\WINDOWS\system32\commdlg.dll 33904 bytes
C:\WINDOWS\system32\comp.exe 15872 bytes executable
C:\WINDOWS\system32\compact.exe 18432 bytes executable
C:\WINDOWS\system32\compatui.dll 253440 bytes executable
C:\WINDOWS\system32\compmgmt.msc 37357 bytes
C:\WINDOWS\system32\compobj.dll 30160 bytes
C:\WINDOWS\system32\compstui.dll 230912 bytes executable
C:\WINDOWS\system32\comrepl.dll 97792 bytes executable
C:\WINDOWS\system32\comres.dll 851968 bytes executable
C:\WINDOWS\system32\comsnap.dll 147456 bytes executable
C:\WINDOWS\system32\comsvcs.dll 1267200 bytes executable
C:\WINDOWS\system32\comuid.dll 540160 bytes executable
C:\WINDOWS\system32\config
C:\WINDOWS\system32\CONFIG.NT 3072 bytes
C:\WINDOWS\system32\CONFIG.TMP 3072 bytes
C:\WINDOWS\system32\confmsp.dll 346112 bytes executable
C:\WINDOWS\system32\conime.exe 27648 bytes executable
C:\WINDOWS\system32\console.dll 460288 bytes executable
C:\WINDOWS\system32\control.exe 8192 bytes executable
C:\WINDOWS\system32\winscard.dll 100352 bytes executable
C:\WINDOWS\system32\winshfhc.dll 17408 bytes executable
C:\WINDOWS\system32\winsock.dll 2864 bytes
C:\WINDOWS\system32\winspool.drv 146944 bytes executable
C:\WINDOWS\system32\winspool.exe 2112 bytes
C:\WINDOWS\system32\winsrv.dll 431616 bytes executable
C:\WINDOWS\system32\winsta.dll 53760 bytes executable
C:\WINDOWS\system32\winstrm.dll 21504 bytes executable
C:\WINDOWS\system32\wintrust.dll 176640 bytes executable
C:\WINDOWS\system32\winver.exe 5632 bytes executable
C:\WINDOWS\system32\wisptis.exe 194560 bytes executable
C:\WINDOWS\system32\wkssvc.dll 132096 bytes executable
C:\WINDOWS\system32\wldap32.dll 172544 bytes executable
C:\WINDOWS\system32\msscds32.ax 69632 bytes executable
C:\WINDOWS\system32\msscp.dll 414720 bytes executable
C:\WINDOWS\system32\msscript.ocx 102400 bytes executable
C:\WINDOWS\system32\mssign32.dll 36352 bytes executable
C:\WINDOWS\system32\mssip32.dll 4608 bytes executable
C:\WINDOWS\system32\MSSTDFMT.DLL 118784 bytes executable
C:\WINDOWS\system32\msstkprp.dll 94208 bytes executable
C:\WINDOWS\system32\msswch.dll 13312 bytes executable
C:\WINDOWS\system32\msswchx.exe 6656 bytes executable
C:\WINDOWS\system32\mstask.dll 286208 bytes executable
C:\WINDOWS\system32\mstext40.dll 258077 bytes executable
C:\WINDOWS\system32\mstime.dll 532480 bytes executable
C:\WINDOWS\system32\mstinit.exe 12288 bytes executable
C:\WINDOWS\system32\mstlsapi.dll 115712 bytes executable
C:\WINDOWS\system32\mstsc.exe 411648 bytes executable
C:\WINDOWS\system32\mstscax.dll 657408 bytes executable
C:\WINDOWS\system32\msutb.dll 195584 bytes executable
C:\WINDOWS\system32\msv1_0.dll 129536 bytes executable
C:\WINDOWS\system32\msvbvm50.dll 1355776 bytes executable
C:\WINDOWS\system32\msvbvm60.dll 1392671 bytes executable
C:\WINDOWS\system32\msvci70.dll 54784 bytes executable
C:\WINDOWS\system32\msvcirt.dll 54784 bytes executable
C:\WINDOWS\system32\msvcp50.dll 565760 bytes executable
C:\WINDOWS\system32\msvcp60.dll 413696 bytes executable
C:\WINDOWS\system32\SET75.tmp 212992 bytes executable
C:\WINDOWS\system32\SET76.tmp 221696 bytes executable
C:\WINDOWS\system32\SET7F.tmp 757248 bytes executable
C:\WINDOWS\system32\SET81.tmp 222208 bytes executable
C:\WINDOWS\system32\SET84.tmp 2463744 bytes executable
C:\WINDOWS\system32\SET87.tmp 937984 bytes executable
C:\WINDOWS\system32\SET8E.tmp 2450944 bytes executable
C:\WINDOWS\system32\SET97.tmp 321536 bytes executable
C:\WINDOWS\system32\SET99.tmp 37376 bytes executable
C:\WINDOWS\system32\SET9C.tmp 175616 bytes executable
C:\WINDOWS\system32\SET9F.tmp 284160 bytes executable
C:\WINDOWS\system32\SETA1.tmp 166912 bytes executable
C:\WINDOWS\system32\SETB0.tmp 133632 bytes executable
C:\WINDOWS\system32\SETC9.tmp 269824 bytes executable
C:\WINDOWS\system32\sethc.exe 32768 bytes executable
C:\WINDOWS\system32\Setup
C:\WINDOWS\system32\setup.bmp 240120 bytes
C:\WINDOWS\system32\setup.cab 221635 bytes
C:\WINDOWS\system32\setup.exe 23040 bytes executable
C:\WINDOWS\system32\setup.inf 2455 bytes
C:\WINDOWS\system32\setup.ini 11 bytes
C:\WINDOWS\system32\setupapi.dll 1003520 bytes executable
C:\WINDOWS\system32\setupcl.exe 25600 bytes executable
C:\WINDOWS\system32\setupdll.dll 421376 bytes executable
C:\WINDOWS\system32\setver.exe 12067 bytes
C:\WINDOWS\system32\devenum.dll 59904 bytes executable
C:\WINDOWS\system32\devil.dll 719872 bytes executable
C:\WINDOWS\system32\DEVLOAD.EXE 13312 bytes executable
C:\WINDOWS\system32\devmgmt.msc 32738 bytes
C:\WINDOWS\system32\devmgr.dll 290816 bytes executable
C:\WINDOWS\system32\dfrg.msc 41131 bytes
C:\WINDOWS\system32\dfrgfat.exe 82432 bytes executable
C:\WINDOWS\system32\dfrgntfs.exe 104960 bytes executable
C:\WINDOWS\system32\dfrgres.dll 55808 bytes executable
C:\WINDOWS\system32\dfrgsnap.dll 39424 bytes executable
C:\WINDOWS\system32\dfrgui.dll 123904 bytes executable
C:\WINDOWS\system32\dfsshlex.dll 28672 bytes executable
C:\WINDOWS\system32\dgnet.dll 115200 bytes executable
C:\WINDOWS\system32\dgrpsetu.dll 176157 bytes executable
C:\WINDOWS\system32\dgsetup.dll 86044 bytes executable
C:\WINDOWS\system32\dhcp
C:\WINDOWS\system32\dhcpcsvc.dll 112128 bytes executable
C:\WINDOWS\system32\dhcpmon.dll 401408 bytes executable
C:\WINDOWS\system32\dhcpsapi.dll 78848 bytes executable
C:\WINDOWS\system32\diactfrm.dll 395264 bytes executable
C:\WINDOWS\system32\diantz.exe 85504 bytes executable
C:\WINDOWS\system32\digest.dll 68608 bytes executable
C:\WINDOWS\system32\dimap.dll 44032 bytes executable
C:\WINDOWS\system32\dinput.dll 165376 bytes executable
C:\WINDOWS\system32\dinput8.dll 187904 bytes executable
C:\WINDOWS\system32\DiracSplitter.ax 179200 bytes executable
C:\WINDOWS\system32\DirectX
C:\WINDOWS\system32\diskcomp.com 9216 bytes executable
C:\WINDOWS\system32\diskcopy.com 7168 bytes executable
C:\WINDOWS\system32\diskcopy.dll 1502208 bytes executable
C:\WINDOWS\system32\dmstyle.dll 105984 bytes executable
C:\WINDOWS\system32\dmsynth.dll 103424 bytes executable
C:\WINDOWS\system32\dmusic.dll 104448 bytes executable
C:\WINDOWS\system32\dmutil.dll 58880 bytes executable
C:\WINDOWS\system32\dmview.ocx 61440 bytes executable
C:\WINDOWS\system32\dnsapi.dll 148480 bytes executable
C:\WINDOWS\system32\dnsrslvr.dll 45568 bytes executable
C:\WINDOWS\system32\docprop.dll 47616 bytes executable
C:\WINDOWS\system32\docprop2.dll 48640 bytes executable
C:\WINDOWS\system32\doskey.exe 10752 bytes executable
C:\WINDOWS\system32\dosx.exe 54080 bytes
C:\WINDOWS\system32\dpcdll.dll 97792 bytes executable
C:\WINDOWS\system32\dplay.dll 33040 bytes executable
C:\WINDOWS\system32\dplaysvr.exe 30208 bytes executable
C:\WINDOWS\system32\dplayx.dll 229888 bytes executable
C:\WINDOWS\system32\dpmodemx.dll 24064 bytes executable
C:\WINDOWS\system32\dpnaddr.dll 3584 bytes executable
C:\WINDOWS\system32\dpnet.dll 375296 bytes executable
C:\WINDOWS\system32\mp3cnfg.exe 19456 bytes executable
C:\WINDOWS\system32\mprddm.dll 69120 bytes executable
C:\WINDOWS\system32\msconf.dll 69632 bytes executable
C:\WINDOWS\system32\msdtcprf.ini 3914 bytes
C:\WINDOWS\system32\mshearts.exe 128000 bytes executable
C:\WINDOWS\system32\msiregmv.exe 40960 bytes executable
C:\WINDOWS\system32\mspatcha.dll 30208 bytes executable
C:\WINDOWS\system32\mssap.dll 134656 bytes executable
C:\WINDOWS\system32\msvcp70.dll 487424 bytes executable
C:\WINDOWS\system32\msxml2r.dll 43792 bytes executable
C:\WINDOWS\system32\nddeapi.dll 18432 bytes executable
C:\WINDOWS\system32\netlogon.dll 407040 bytes executable
C:\WINDOWS\system32\npp
C:\WINDOWS\system32\npwmsdrm.dll 8704 bytes executable
C:\WINDOWS\system32\ntlanui.dll 59392 bytes executable
C:\WINDOWS\system32\oakley.dll 267776 bytes executable
C:\WINDOWS\system32\oeminfo.ini 926 bytes
C:\WINDOWS\system32\opengl32.dll 713728 bytes executable
C:\WINDOWS\system32\perfci.h 427 bytes
C:\WINDOWS\system32\picn20.dll 38912 bytes executable
C:\WINDOWS\system32\PortableDeviceWiaCompat.dll 132096 bytes executable
C:\WINDOWS\system32\proquota.exe 50688 bytes executable
C:\WINDOWS\system32\qedit.dll 563200 bytes executable
C:\WINDOWS\system32\ras
C:\WINDOWS\system32\RasX.ocx 112336 bytes executable
C:\WINDOWS\system32\rmp4.dll 266240 bytes executable
C:\WINDOWS\system32\edit.com 71102 bytes
C:\WINDOWS\system32\edit.hlp 13781 bytes
C:\WINDOWS\system32\edlin.exe 13010 bytes
C:\WINDOWS\system32\EEBAPI.dll 122880 bytes executable
C:\WINDOWS\system32\EEBDSCVR.dll 102400 bytes executable
C:\WINDOWS\system32\EEBSDKIF.dll 54272 bytes executable
C:\WINDOWS\system32\EEBUtil.dll 65536 bytes executable
C:\WINDOWS\system32\ega.cpi 127213 bytes
C:\WINDOWS\system32\ehETW.dll 11264 bytes executable
C:\WINDOWS\system32\els.dll 187392 bytes executable
C:\WINDOWS\system32\emptyregdb.dat 23704 bytes
C:\WINDOWS\system32\encapi.dll 20480 bytes executable
C:\WINDOWS\system32\encdec.dll 186368 bytes executable
C:\WINDOWS\system32\Epcmlib.dll 131072 bytes executable
C:\WINDOWS\system32\epcomdd.dll 90112 bytes executable
C:\WINDOWS\system32\Epfb5cpl.dll 86016 bytes executable
C:\WINDOWS\system32\EqnClass.Dll 103424 bytes executable
C:\WINDOWS\system32\ersvc.dll 23040 bytes executable
C:\WINDOWS\system32\es.dll 243200 bytes executable
C:\WINDOWS\system32\esccmd.dll 22528 bytes executable
C:\WINDOWS\system32\escimgd.dll 47104 bytes executable
C:\WINDOWS\system32\escwiad.dll 32256 bytes executable
C:\WINDOWS\system32\ESDTR.dll 184320 bytes executable
C:\WINDOWS\system32\esent.dll 1097728 bytes executable
C:\WINDOWS\system32\esent97.dll 1114896 bytes executable
C:\WINDOWS\system32\fsquirt.exe 193024 bytes executable
C:\WINDOWS\system32\fsusd.dll 81920 bytes executable
C:\WINDOWS\system32\fsutil.exe 61952 bytes executable
C:\WINDOWS\system32\ftp.exe 46080 bytes executable
C:\WINDOWS\system32\FTRTSVC.exe 40960 bytes executable
C:\WINDOWS\system32\ftsrch.dll 177152 bytes executable
C:\WINDOWS\system32\fwcfg.dll 60416 bytes executable
C:\WINDOWS\system32\g711codc.ax 41472 bytes executable
C:\WINDOWS\system32\gb2312.uce 24006 bytes
C:\WINDOWS\system32\gcdef.dll 77824 bytes executable
C:\WINDOWS\system32\gdi.exe 24576 bytes
C:\WINDOWS\system32\gdi32.dll 282112 bytes executable
C:\WINDOWS\system32\gdiplus.dll 1700352 bytes executable
C:\WINDOWS\system32\GEARAspi.dll 109360 bytes executable
C:\WINDOWS\system32\geo.nls 24772 bytes
C:\WINDOWS\system32\getfile.dat 15 bytes
C:\WINDOWS\system32\getuname.dll 634880 bytes executable
C:\WINDOWS\system32\Gif89.dll 44544 bytes executable
C:\WINDOWS\system32\GkSui18.EXE 69632 bytes executable
C:\WINDOWS\system32\glmf32.dll 285184 bytes executable
C:\WINDOWS\system32\glu32.dll 123904 bytes executable
C:\WINDOWS\system32\gpkcsp.dll 101888 bytes executable
C:\WINDOWS\system32\gpkrsrc.dll 10240 bytes executable
C:\WINDOWS\system32\graftabl.com 26112 bytes executable
C:\WINDOWS\system32\graphics.com 19902 bytes
C:\WINDOWS\system32\graphics.pro 21232 bytes
C:\WINDOWS\system32\grpconv.exe 39424 bytes executable
C:\WINDOWS\system32\GWFSPidGen.dll 23304 bytes executable
C:\WINDOWS\system32\h323.tsp 266752 bytes executable
C:\WINDOWS\system32\netman.dll 197632 bytes executable
C:\WINDOWS\system32\netmsg.dll 200192 bytes executable
C:\WINDOWS\system32\netplwiz.dll 885248 bytes executable
C:\WINDOWS\system32\netrap.dll 12288 bytes executable
C:\WINDOWS\system32\netsetup.cpl 25600 bytes executable
C:\WINDOWS\system32\netsetup.exe 332800 bytes executable
C:\WINDOWS\system32\netsh.exe 88576 bytes executable
C:\WINDOWS\system32\netshell.dll 4121088 bytes executable
C:\WINDOWS\system32\netstat.exe 37888 bytes executable
C:\WINDOWS\system32\netui0.dll 83456 bytes executable
C:\WINDOWS\system32\netui1.dll 245760 bytes executable
C:\WINDOWS\system32\netui2.dll 312832 bytes executable
C:\WINDOWS\system32\newdev.dll 1508864 bytes executable
C:\WINDOWS\system32\nlhtml.dll 103936 bytes executable
C:\WINDOWS\system32\nlsfunc.exe 7116 bytes
C:\WINDOWS\system32\nmevtmsg.dll 12288 bytes executable
C:\WINDOWS\system32\nmmkcert.dll 28672 bytes executable
C:\WINDOWS\system32\noise.chs 1696 bytes
C:\WINDOWS\system32\noise.cht 1696 bytes
C:\WINDOWS\system32\noise.dat 741 bytes
C:\WINDOWS\system32\noise.deu 149848 bytes
C:\WINDOWS\system32\noise.eng 751 bytes
C:\WINDOWS\system32\noise.enu 751 bytes
C:\WINDOWS\system32\noise.esn 19684 bytes
C:\WINDOWS\system32\noise.fra 49196 bytes
C:\WINDOWS\system32\noise.ita 19618 bytes
C:\WINDOWS\system32\noise.nld 13256 bytes
C:\WINDOWS\system32\noise.sve 13730 bytes
C:\WINDOWS\system32\noise.tha 697 bytes
C:\WINDOWS\system32\notepad.exe 62464 bytes executable
C:\WINDOWS\system32\Npindeo.dll 151552 bytes executable
C:\WINDOWS\system32\ieakeng.dll 139264 bytes executable
C:\WINDOWS\system32\ieaksie.dll 221696 bytes executable
C:\WINDOWS\system32\ieakui.dll 245760 bytes executable
C:\WINDOWS\system32\iedkcs32.dll 323584 bytes executable
C:\WINDOWS\system32\ieencode.dll 81920 bytes executable
C:\WINDOWS\system32\iepeers.dll 251392 bytes executable
C:\WINDOWS\system32\iernonce.dll 49152 bytes executable
C:\WINDOWS\system32\iesetup.dll 63488 bytes executable
C:\WINDOWS\system32\ieuinit.inf 46298 bytes
C:\WINDOWS\system32\iexpress.exe 114688 bytes executable
C:\WINDOWS\system32\IfHelper.dll 36864 bytes executable
C:\WINDOWS\system32\ifmon.dll 142848 bytes executable
C:\WINDOWS\system32\ifsutil.dll 70656 bytes executable
C:\WINDOWS\system32\igmpagnt.dll 8192 bytes executable
C:\WINDOWS\system32\ils.dll 81920 bytes executable
C:\WINDOWS\system32\imaadp32.acm 16384 bytes executable
C:\WINDOWS\system32\imagehlp.dll 144384 bytes executable
C:\WINDOWS\system32\ImagX7.dll 1568768 bytes executable
C:\WINDOWS\system32\ImagXpr7.dll 476320 bytes executable
C:\WINDOWS\system32\ImagXR7.dll 262144 bytes executable
C:\WINDOWS\system32\ImagXRA7.dll 471040 bytes executable
C:\WINDOWS\system32\imail40.ocx 110592 bytes executable
C:\WINDOWS\system32\imail40.rtl 256 bytes
C:\WINDOWS\system32\imapi.exe 150016 bytes executable
C:\WINDOWS\system32\IME
C:\WINDOWS\system32\imeshare.dll 36921 bytes executable
C:\WINDOWS\system32\imgutil.dll 35840 bytes executable
C:\WINDOWS\system32\imm32.dll 110080 bytes executable
C:\WINDOWS\system32\indounin.dll 65024 bytes executable
C:\WINDOWS\system32\logon.scr 3124224 bytes executable
C:\WINDOWS\system32\logonui.exe 1153536 bytes executable
C:\WINDOWS\system32\logonui.exe.manifest 488 bytes
C:\WINDOWS\system32\lpk.dll 22016 bytes executable
C:\WINDOWS\system32\lpq.exe 6144 bytes executable
C:\WINDOWS\system32\lpr.exe 9216 bytes executable
C:\WINDOWS\system32\lprhelp.dll 10240 bytes executable
C:\WINDOWS\system32\lprmonui.dll 9216 bytes executable
C:\WINDOWS\system32\lsasrv.dll 728576 bytes executable
C:\WINDOWS\system32\lsass.exe 13312 bytes executable
C:\WINDOWS\system32\mf3216.dll 40960 bytes executable
C:\WINDOWS\system32\mfc

Re Cyril_lol

...Le Sioux est au boulot cette nuit / ok
Il te reprendra demain

Pour faire avancer la situation :
* Relance Vundofix
* Ne clique pas sur "Scan for a vundo"
* Clique droit au milieu de la fenêtre
* Clique sur Add more files ?
* Copie/colle les fichiers ci-dessous ( un par case) , ( maxi 3 )

C:\WINDOWS\system32\dkqvwdxq.dll
C:\WINDOWS\system32\fccndhun.dll
C:\WINDOWS\system32\kfxqfbsq.dll

* Clique sur Add files
* Ensuite clique sur Close Windows
* Enfin, clique sur Remove Vundo ( les fichiers précédents doivent apparaitre dans la fenêtre principale)
* Si l'outils demande un redémarrage, accepte

Refait la meme chose que ci dessus avec :

C:\WINDOWS\system32\wvuvsqq.dll

* Poste le rapport Vundofix, ainsi qu'un nouveau log hijackthis / STP

Bonne réception

pour ceux qui ont lavés leur linge sale...

le ménage est fait et la prochaine fois ce sera la porte

belle image que celle que vous avez donné...

ok 5 min

voici hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:10:48, on 29/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\sistray.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\en cas de probelme\Mes documents\OFFICE One Zip\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = c:\
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: IntelligentAdvisor - {6548BF73-58FF-71D5-F97D-17C71E323709} - C:\Program Files\IntelligentAdvisor\IntelligentAdvisor-1.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: (no name) - {E2E32BF3-D539-423B-8F8B-85538397870C} - C:\Program Files\MSN Gaming Zone\mefotyjyd.dll (file missing)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [VWLP Agent] C:\WINDOWS\28463\VWLP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [DriveLog] C:\DOCUME~1\ENCASD~1\APPLIC~1\BIASVC~1\Long Play.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.09\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.09\MediaManager\grab.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?9cf511efac1f4db68abf61882997d1a6
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?9cf511efac1f4db68abf61882997d1a6
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A13516A3-BE86-4517-813C-B5FF0C8ACDF3} (Toontown Installer ActiveX Control French) - http://downloadtoontown.goa.com/sv1.5.11.7/ttinst-french.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

sa scann je voit un peu la difference la ya plus de popup de mrd c un pti peu plus rapide

il es que 18h50 ya personne lol (chez moi)

voici le vundo*

VundoFix V6.7.7

Checking Java version...

Scan started at 18:36:56 29/12/2007

Listing files found while scanning....

No infected files were found.