AU SECOURS !!! Voir rapport hijackthis

Résolu

Utilisateur anonyme -
fix200 Messages postés 3243 Date d'inscription Statut Contributeur sécurité Dernière intervention - 21 juil. 2009 à 12:21

Bonjour,

On me donne un PC à mettre à jour pour cause de non ADSL et je me rends compte à force de rien pouvoir faire ni installer qu'il est bien infecté. Impossible d'installer un antivirus, WIndows Installer plante, impossible de faire windows update etc... Impossible egalement de faire une restauration usine.
J'ai vu que le fichier hosts était complétement vérolé, mais j'arrive pas à le modifier.
Voici le rapport hijackthis, merci d'avance pour votre aide :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:31, on 16/07/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\reader_s.exe
C:\windows\ld12.exe
C:\Documents and Settings\Propriétaire\reader_s.exe
C:\WINDOWS\System32\dllcache\Rtsecar.exe
C:\WINDOWS\System32\dllcache\wintcps.exe
C:\WINDOWS\System32\irdvxc.exe
C:\WINDOWS\System32\urdvxc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\sySTEM32\SvchoSt.ExE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\websrvx\websrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O2 - BHO: C:\WINDOWS\System32\grffr83hn.dll - {D76AB2A1-00F3-42BD-F434-00BBC39C8953} - C:\WINDOWS\System32\grffr83hn.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [sysldtray] C:\windows\ld12.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [reader_s] C:\Documents and Settings\Propriétaire\reader_s.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Propriétaire\reader_s.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [A00F49D94.exe] C:\WINDOWS\TEMP\_A00F49D94.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [A00FC4991.exe] C:\WINDOWS\TEMP\_A00FC4991.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [A00F12D598.exe] C:\WINDOWS\TEMP\_A00F12D598.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [reader_s] C:\Documents and Settings\Propriétaire\reader_s.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O20 - Winlogon Notify: __c00DD8A4 - C:\WINDOWS\System32\__c00DD8A4.dat
O22 - SharedTaskScheduler: rtasgvfu76ew8ndkfno94 - {D76AB2A1-00F3-42BD-F434-00BBC39C8953} - C:\WINDOWS\System32\grffr83hn.dll
O23 - Service: Microsoft Media - Unknown owner - C:\WINDOWS\System32\dllcache\Rtsecar.exe
O23 - Service: Microsoft Windows TCP Protocol - Unknown owner - C:\WINDOWS\System32\dllcache\wintcps.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe

Afficher la suite

A voir également:

AU SECOURS !!! Voir rapport hijackthis
Hijackthis - Télécharger - Antivirus & Antimalwares
Voir ma maison par satellite - Guide
Voir qui regarde mon profil facebook - Guide
Voir mot de passe wifi android - Guide
Voir message supprimé whatsapp - Guide

64 réponses

Réponse 21 / 64

Utilisateur anonyme

Le troisième antivirus :

http://matduchesne.free.fr/mwav.log

Réponse 22 / 64

Utilisateur anonyme

LE 4e :

============ Remover for Win32/Virut ===============
Date: 18.07.2009 13:11
C:\01386a54561fdb71efd4\msi.dll; OK
C:\01386a54561fdb71efd4\msiexec.exe; OK
C:\01386a54561fdb71efd4\msihnd.dll; OK
C:\01386a54561fdb71efd4\msimsg.dll; OK
C:\01386a54561fdb71efd4\msisip.dll; OK
C:\01386a54561fdb71efd4\spmsg.dll; OK
C:\01386a54561fdb71efd4\spuninst.exe; OK
C:\01386a54561fdb71efd4\update\spcustom.dll; OK
C:\01386a54561fdb71efd4\update\update.exe; OK
C:\01386a54561fdb71efd4\update\updspapi.dll; OK
C:\Bases\avcmhk5.mhk; OK
C:\cmdcons\autochk.exe; OK
C:\cmdcons\autofmt.exe; OK
C:\cmdcons\KBDAL.DLL; OK
C:\cmdcons\KBDBE.DLL; OK
C:\cmdcons\KBDBLR.DLL; OK
C:\cmdcons\KBDBR.DLL; OK
C:\cmdcons\KBDBU.DLL; OK
C:\cmdcons\KBDCA.DLL; OK
C:\cmdcons\KBDCR.DLL; OK
C:\cmdcons\KBDCZ.DLL; OK
C:\cmdcons\KBDCZ1.DLL; OK
C:\cmdcons\KBDDA.DLL; OK
C:\cmdcons\KBDDV.DLL; OK
C:\cmdcons\KBDES.DLL; OK
C:\cmdcons\KBDEST.DLL; OK
C:\cmdcons\KBDFC.DLL; OK
C:\cmdcons\KBDFI.DLL; OK
C:\cmdcons\kbdfr.dll; OK
C:\cmdcons\KBDGKL.DLL; OK
C:\cmdcons\KBDGR.DLL; OK
C:\cmdcons\KBDGR1.DLL; OK
C:\cmdcons\KBDHE.DLL; OK
C:\cmdcons\KBDHE220.DLL; OK
C:\cmdcons\KBDHE319.DLL; OK
C:\cmdcons\KBDHELA2.DLL; OK
C:\cmdcons\KBDHELA3.DLL; OK
C:\cmdcons\KBDHU.DLL; OK
C:\cmdcons\KBDHU1.DLL; OK
C:\cmdcons\KBDIC.DLL; OK
C:\cmdcons\KBDIR.DLL; OK
C:\cmdcons\KBDIT.DLL; OK
C:\cmdcons\KBDIT142.DLL; OK
C:\cmdcons\KBDLA.DLL; OK
C:\cmdcons\KBDLT.DLL; OK
C:\cmdcons\KBDLV.DLL; OK
C:\cmdcons\KBDLV1.DLL; OK
C:\cmdcons\KBDNE.DLL; OK
C:\cmdcons\KBDNO.DLL; OK
C:\cmdcons\KBDPL.DLL; OK
C:\cmdcons\KBDPL1.DLL; OK
C:\cmdcons\KBDPO.DLL; OK
C:\cmdcons\KBDRO.DLL; OK
C:\cmdcons\KBDRU.DLL; OK
C:\cmdcons\KBDRU1.DLL; OK
C:\cmdcons\KBDSF.DLL; OK
C:\cmdcons\KBDSG.DLL; OK
C:\cmdcons\KBDSL.DLL; OK
C:\cmdcons\KBDSL1.DLL; OK
C:\cmdcons\KBDSP.DLL; OK
C:\cmdcons\KBDSW.DLL; OK
C:\cmdcons\KBDTUF.DLL; OK
C:\cmdcons\KBDTUQ.DLL; OK
C:\cmdcons\KBDUK.DLL; OK
C:\cmdcons\KBDUR.DLL; OK
C:\cmdcons\KBDUS.DLL; OK
C:\cmdcons\KBDUSL.DLL; OK
C:\cmdcons\KBDUSR.DLL; OK
C:\cmdcons\KBDUSX.DLL; OK
C:\cmdcons\KBDYCC.DLL; OK
C:\cmdcons\KBDYCL.DLL; OK
C:\cmdcons\ksecdd.sys; OK
C:\cmdcons\ntfs.sys; OK
C:\cmdcons\spcmdcon.sys; OK
C:\cmdcons\system32\ntdll.dll; OK
C:\cmdcons\system32\smss.exe; OK
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.459\French\setup.exe; OK
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat; Can't open
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat; Can't open
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat; Can't open
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG; Can't open
C:\Documents and Settings\LocalService\NTUSER.DAT; Can't open
C:\Documents and Settings\LocalService\ntuser.dat.LOG; Can't open
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat; Can't open
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG; Can't open
C:\Documents and Settings\NetworkService\NTUSER.DAT; Can't open
C:\Documents and Settings\NetworkService\ntuser.dat.LOG; Can't open
C:\Documents and Settings\Propriétaire\Bureau\drweb-cureit.exe; OK
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe; OK
C:\Documents and Settings\Propriétaire\Bureau\mwav.exe; OK
C:\Documents and Settings\Propriétaire\Bureau\rmvirut.exe; OK
C:\Documents and Settings\Propriétaire\Cookies\index.dat; Can't open
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\A0029906.exe; OK
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\A0029921.exe; OK
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\A0030346.exe; OK
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\admin.exe; OK
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\author.exe; OK
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\java.exe; OK
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\KillWind.exe; OK
C:\Documents and Settings\Propriétaire\DoctorWeb\Quarantine\misc.exe.D0DF3458_A845_11D3_8D0A_0050046416B9.exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat; Can't open
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG; Can't open
C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat; Can't open
C:\Documents and Settings\Propriétaire\Local Settings\Temp\HPSU-IQE.O28\Ntwrk_Scry_update.exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temp\HPSUGS_M.KXZ\HP_RedboxHprblog.exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temp\RarSFX0\446bc7.exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temp\RarSFX0\dwebio32.dll; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temp\RarSFX0\dwebllio.dll; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temp\RarSFX0\setup.dll; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temp\RarSFX0\ue445.exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temp\vcru_1247750059.exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\8PENCP2Z\HiJackThis[1].exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\C1QF45UJ\WindowsXP-KB942288-v3-x86[1].exe; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\G5U7KHQB\41[1].txt; OK
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat; Can't open
C:\Documents and Settings\Propriétaire\NTUSER.DAT; Can't open
C:\Documents and Settings\Propriétaire\ntuser.dat.LOG; Can't open
C:\Downloads\avcmhk5.mhk; OK
C:\Drivers\SonyUSB\sonyhcb.sys; OK
C:\Drivers\SonyUSB\sonyhcc.sys; OK
C:\Drivers\SonyUSB\sonyhcs.sys; OK
C:\Drivers\SonyUSB\SONYHCY.DLL; OK
C:\hiberfil.sys; Can't open
C:\hp\bin\34WW1MON\Monitor_INF_FPatch_ALL_WW_XP_5989-03.exe; OK
C:\hp\bin\AddDevicePath.exe; OK
C:\hp\bin\automod32.exe; OK
C:\hp\bin\autorun.exe; OK
C:\hp\bin\bcbie50.bpl; OK
C:\hp\bin\CleanRec.exe; OK
C:\hp\bin\cloaker.exe; OK
C:\hp\bin\COMMANDS.EXE; OK
C:\hp\bin\DM.exe; OK
C:\hp\bin\FindWindow.exe; OK
C:\hp\bin\Finis.exe; OK
C:\hp\bin\firewallnorton\CDSTART.EXE; OK
C:\hp\bin\firewallnorton\MSI\WIN9X\INSTMSI.EXE; OK
C:\hp\bin\firewallnorton\MSI\WINNT\INSTMSI.EXE; OK
C:\hp\bin\firewallnorton\NPF\ALERULES.EXE; OK
C:\hp\bin\firewallnorton\NPF\CPDOEM.DLL; OK
C:\hp\bin\firewallnorton\NPF.EXE; OK
C:\hp\bin\firewallnorton\SUPPORT\DCOM98\DCOM98.EXE; OK
C:\hp\bin\firewallnorton\SUPPORT\LIVEREG\LRSETUP.EXE; OK
C:\hp\bin\firewallnorton\SUPPORT\LUPDATE\LUSETUP.EXE; OK
C:\hp\bin\FondleWindow.exe; OK
C:\hp\bin\FullScreen.exe; OK
C:\hp\bin\HPBI.exe; OK
C:\hp\bin\HPLocale.exe; OK
C:\hp\bin\HPPICT.EXE; OK
C:\hp\bin\hpqca.dll; OK
C:\hp\bin\HtmlMsg.exe; OK
C:\hp\bin\IniMerge.exe; OK
C:\hp\bin\IsRunning.exe; OK
C:\hp\bin\KillIt.exe; OK
C:\hp\bin\Locale.exe; OK
C:\hp\bin\MsgAction.exe; OK
C:\hp\bin\OSType.exe; OK
C:\hp\bin\PartLog.exe; OK
C:\hp\bin\ProcessLogger.exe; OK
C:\hp\bin\Progress.exe; OK
C:\hp\bin\PwrMgt.exe; OK
C:\hp\bin\Python-2.2.1.exe; OK
C:\hp\bin\RefCount.exe; OK
C:\hp\bin\replace.exe; OK
C:\hp\bin\RPCOPY.DLL; OK
C:\hp\bin\RPCOPY.EXE; OK
C:\hp\bin\SendKey.exe; OK
C:\hp\bin\SetIni.exe; OK
C:\hp\bin\SetRes.exe; OK
C:\hp\bin\Sleep.exe; OK
C:\hp\bin\Spawn.exe; OK
C:\hp\bin\TransientMessage.exe; OK
C:\hp\bin\UIni.exe; OK
C:\hp\bin\USBPwrMGMT.exe; OK
C:\hp\bin\win32all-146.exe; OK
C:\hp\bin\WshTools.dll; OK
C:\hp\drivers\audio\Realtek\Alcxmntr.exe; OK
C:\hp\drivers\audio\Realtek\ALCXWDM.SYS; OK
C:\hp\drivers\audio\Realtek\ALSndMgr.cpl; OK
C:\hp\drivers\audio\Realtek\audio3d.dll; OK
C:\hp\drivers\audio\Realtek\crlds3d.dll; OK
C:\hp\drivers\hpimagezone\setup\CCC\HPZprs01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZarp01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZchk01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZddv01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZdui01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZmsi01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZnet01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZnfx01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZpnp01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZprl01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZpsc01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZpui01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZrcv01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZrein01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZsaf01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZscr01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZwis01.exe; OK
C:\hp\drivers\hpimagezone\setup\HPZwrp01.exe; OK
C:\hp\drivers\hpimagezone\setup\usbready.exe; OK
C:\hp\drivers\hpimagezone\setup\wis\Win2K_XP\instmsi.exe; OK
C:\hp\drivers\hpimagezone\setup\wis\Win9x\instmsi.exe; OK
C:\hp\drivers\hpimagezone\Setup.exe; OK
C:\hp\drivers\keyboard\PS2.bat; OK
C:\hp\drivers\keyboard\PS2.EXE; OK
C:\hp\drivers\keyboard\PS2.SYS; OK
C:\hp\drivers\keyboard\PS2BAT.DLL; OK
C:\hp\drivers\modem\Stinger\HSFCI006.dll; OK
C:\hp\drivers\modem\Stinger\HSFHWBS2.sys; OK
C:\hp\drivers\modem\Stinger\HSF_CNXT.sys; OK
C:\hp\drivers\modem\Stinger\HSF_DP.sys; OK
C:\hp\drivers\modem\Stinger\MdmXSdk.dll; OK
C:\hp\drivers\modem\Stinger\MDMXSDK.sys; OK
C:\hp\drivers\NIC\nforce\NVENET.sys; OK
C:\hp\drivers\NIC\nforce\nvuenet.exe; OK
C:\hp\drivers\printers\deskjet\CopyInf.exe; OK
C:\hp\drivers\printers\deskjet\hpbvspst.exe; OK
C:\hp\drivers\printers\deskjet\hpzglu08.exe; OK
C:\hp\drivers\printers\deskjet\hpzjlog.dll; OK
C:\hp\drivers\printers\deskjet\hpzjpp01.dll; OK
C:\hp\drivers\printers\deskjet\hpzjut01.dll; OK
C:\hp\drivers\printers\deskjet\hpzjvp01.dll; OK
C:\hp\drivers\printers\deskjet\hpzpnp08.dll; OK
C:\hp\drivers\printers\deskjet\hpzscr08.dll; OK
C:\hp\drivers\printers\deskjet\install.exe; OK
C:\hp\drivers\printers\deskjet\instmsia.exe; OK
C:\hp\drivers\printers\deskjet\instmsiw.exe; OK
C:\hp\drivers\printers\deskjet\msvcirt.dll; OK
C:\hp\drivers\printers\deskjet\msvcrt.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\Digital Imaging\Help\imaging01.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\Digital Imaging\Help\imaging02.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\Digital Imaging\Help\imaging04.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\Digital Imaging\Help\imaging05.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\archive.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\browser.exe; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\appshell.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\caps.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\chardet.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\chrome.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\docshell.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\dugprot.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\editor.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\embedcomponents.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gfx2.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gkcontent.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gkgfxwin.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gklayout.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gkparser.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gkplugin.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gkview.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\gkwidget.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\imggif.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\imgjpeg.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\imglib2.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\imgpng.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\imgppm.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\iubroker.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\jar50.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\jsdom.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\jsurl.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\lwbrk.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\necko.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\nkcache.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\nphppui.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\nsgif.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\nsjpg.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\nslocale.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\nspng.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\profile.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\rdf.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\shistory.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\strres.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucharuti.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\uconv.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucvcn.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucvibm.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucvja.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucvko.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucvlatin.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucvtw.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\ucvtw2.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\urildr.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\utilitybroker.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\webbrwsr.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\xpc3250.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\components\xppref32.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\dialup.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\gkgfx.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\hlw.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\hpfutility.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\hpvcirt.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\hpvcp60.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\hpvcrt.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\hpxmldispatch.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\img3250.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\internetupdate.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\jpeg3250.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\js3250.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\mozreg.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\nspr4.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\patchw32.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\plc4.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\plds4.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\printpcl.exe; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\search.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\u32.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\xerces-c_1_3.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\xpcom.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\z32.dll; OK
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\zlib.dll; OK
C:\hp\drivers\printers\deskjet\setup.exe; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\asycfilt.dll; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\comcat.dll; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\mfc42.dll; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\msvcp60.dll; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\msvcrt.dll; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\oleaut32.dll; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\olepro32.dll; OK
C:\hp\drivers\printers\deskjet\System32\Redist\MS\System\stdole2.tlb; OK
C:\hp\drivers\printers\deskjet\tls704d.dll; OK
C:\hp\drivers\printers\deskjet\usbmon.dll; OK
C:\hp\drivers\printers\deskjet\usbprint.sys; OK
C:\hp\drivers\printers\deskjet\util\cfgmgr32.dll; OK
C:\hp\drivers\printers\deskjet\util\common\hpfpdi08.exe; OK
C:\hp\drivers\printers\deskjet\util\common\hpzghl08.exe; OK
C:\hp\drivers\printers\deskjet\util\common\hpzpin08.exe; OK
C:\hp\drivers\printers\deskjet\util\setupapi.dll; OK
C:\hp\drivers\video\ATI\ATINBTXX.SYS; OK
C:\hp\drivers\video\ATI\ATINMDXX.SYS; OK
C:\hp\drivers\video\ATI\ATINPDXX.SYS; OK
C:\hp\drivers\video\ATI\ATINRAXX.SYS; OK
C:\hp\drivers\video\ATI\ATINRVXX.SYS; OK
C:\hp\drivers\video\ATI\ATINSNXX.SYS; OK
C:\hp\drivers\video\ATI\ATINTTXX.SYS; OK
C:\hp\drivers\video\ATI\ATINTUXX.SYS; OK
C:\hp\drivers\video\ATI\atinxbxx.sys; OK
C:\hp\drivers\video\ATI\ATINXSXX.SYS; OK
C:\hp\drivers\video\ATI\ATIVDAXX.AX; OK
C:\hp\drivers\video\ATI\ATIVMVXX.AX; OK
C:\hp\drivers\video\ATI\ativtmxx.dll; OK
C:\hp\drivers\video\ATI\B_10322\atiiiexx.dll; OK
C:\hp\drivers\video\ATI\CPanel\CPANEL.dll; OK
C:\hp\drivers\video\ATI\CPanel\Setup.exe; OK
C:\hp\drivers\video\nVidia_nForce2_Gart\nvugart.exe; OK
C:\hp\drivers\video\nVidia_nForce2_Gart\nv_agp.sys; OK
C:\hp\drivers\webcam\HPortal.dll; OK
C:\hp\drivers\webcam\HVideoS.exe; OK
C:\hp\drivers\webcam\HVideoSp.dll; OK
C:\hp\drivers\webcam\LHPortal.dll; OK
C:\hp\drivers\webcam\LQCTwn32.dll; OK
C:\hp\drivers\webcam\LVCD.sys; OK
C:\hp\drivers\webcam\LVCM.sys; OK
C:\hp\drivers\webcam\LVCodec2.dll; OK
C:\hp\drivers\webcam\lvcoinst.dll; OK
C:\hp\drivers\webcam\LVComC.dll; OK
C:\hp\drivers\webcam\LVComS.exe; OK
C:\hp\drivers\webcam\LVSF.dll; OK
C:\hp\drivers\webcam\Lvui2.dll; OK
C:\hp\drivers\webcam\LVUI2RC.dll; OK
C:\hp\drivers\webcam\LVUSBSta.sys; OK
C:\hp\drivers\webcam\lvWIAext.dll; OK
C:\hp\drivers\webcam\PCSmart.dll; OK
C:\hp\drivers\webcam\qctwn32.ds; OK
C:\hp\drivers\webcam\VSF.ax; OK
C:\hp\DTIcons\shortcut.exe; OK
C:\hp\DTIcons\warranty\splash.exe; OK
C:\hp\IAccess\IAccess.exe; OK
C:\hp\IAccess\WBDCC34I.DLL; OK
C:\hp\IAccess\WBOCC34I.DLL; OK
C:\hp\IAccess\wilx34i.dll; OK
C:\hp\IAccess\wwctl34i.dll; OK
C:\hp\IAccess\wwwnt34i.dll; OK
C:\hp\KBD\AOL.DLL; OK
C:\hp\KBD\CFG.DLL; OK
C:\hp\KBD\HPPICT.EXE; OK
C:\hp\KBD\kbd.exe; OK
C:\hp\KBD\KBDCPL.DLL; OK
C:\hp\KBD\KBUPDATE.EXE; OK
C:\hp\KBD\KEYROUTE.OCX; OK
C:\hp\KBD\LED.DLL; OK
C:\hp\KBD\MSG.DLL; OK
C:\hp\KBD\MSIKBDIF.DLL; OK
C:\hp\KBD\ONL.DLL; OK
C:\hp\KBD\OSD.DLL; OK
C:\hp\KBD\PS2.DLL; OK
C:\hp\KBD\REDIRECT.OCX; OK
C:\hp\KBD\SCT.DLL; OK
C:\hp\KBD\STATIC\Common\hpkey.exe; OK
C:\hp\KBD\URL.DLL; OK
C:\hp\KBD\USB.DLL; OK
C:\hp\patches\33FR1BEL\Preload-HP-PSTN-Desktop2.exe; OK
C:\hp\patches\34EU2IHT\34EU2IHT\DVRX\iSetup.dll; OK
C:\hp\patches\34EU2IHT\34EU2IHT\DVRX\Setup.exe; OK
C:\hp\patches\34EU2IHT\34EU2IHT\Files\IHT.exe; OK
C:\hp\patches\34EU2IHT\34EU2IHT\Files\WinCinemaMgr.exe; OK
C:\hp\patches\34EU2IHT\34EU2IHT\Files\WINDEx.dll; OK
C:\hp\patches\34EU2IHT\34EU2IHT\Update.exe; OK
C:\hp\patches\34EU2IHT\InterVideo_HomeTheater_ALL_WW_6305-01.exe; OK
C:\hp\patches\34WW17I1\34WW17I1\7_in_1_CardReader.exe; OK
C:\hp\patches\34WW17I1\34WW17I1\HP6DOT06.exe; OK
C:\hp\patches\34WW1MON\34WW1MON\Monitor_INF_FPatch_ALL_WW_XP_5989-03.exe; OK
C:\hp\patches\34WW2CDC\Files\CD Creator.exe; OK
C:\hp\patches\34WW2CDC\Files\ToolsCDLauncher.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-ARA.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-CHS.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-CHT.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-DAN.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-DEU.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-ENU.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-ESN.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-FIN.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-FRA.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-ITA.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-JPN.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-KOR.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-NLD.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-NOR.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-PTG.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-RUS.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-SVE.exe; OK
C:\hp\patches\34WW3WOR\QFE824146\WindowsXP-KB824146-x86-TRK.exe; OK
C:\hp\recovery\splash.exe; OK
C:\hp\region\wallpaper\WBDCC34I.DLL; OK
C:\hp\region\wallpaper\WBOCC34I.DLL; OK
C:\hp\region\wallpaper\wilx34i.dll; OK
C:\hp\region\wallpaper\wp.exe; OK
C:\hp\region\wallpaper\wwctl34i.dll; OK
C:\hp\region\wallpaper\wwwnt34i.dll; OK
C:\hp\register\REGINIT.EXE; OK
C:\hp\support\HPSysInfo.exe; OK
C:\hp\VINETLINK\autorun.exe; OK
C:\hp\VINETLINK\InetCtrl.dll; OK
C:\hp\VINETLINK\VINETLINK.exe; OK
C:\I386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL; OK
C:\I386\ASMS\6000\MSFT\VCRTL\ATL.DLL; OK
C:\I386\ASMS\6000\MSFT\VCRTL\MFC42.DLL; OK
C:\I386\ASMS\6000\MSFT\VCRTL\MFC42U.DLL; OK
C:\I386\ASMS\6000\MSFT\VCRTL\MSVCP60.DLL; OK
C:\I386\ASMS\6000\MSFT\VCRTLINT\MFC42FRA.DLL; OK
C:\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL; OK
C:\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCIRT.DLL; OK
C:\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL; OK
C:\I386\AUTOCHK.EXE; OK
C:\I386\AUTOFMT.EXE; OK
C:\I386\CABINET.DLL; OK
C:\I386\DBGENG.DLL; OK
C:\I386\DBGHELP.DLL; OK
C:\I386\DRW\1033\DWINTL.DLL; OK
C:\I386\DRW\1036\DWINTL.DLL; OK
C:\I386\DRW\DWWIN.EXE; OK
C:\I386\DRW\FAULTH.DLL; OK
C:\I386\EXPAND.EXE; OK
C:\I386\EXTS.DLL; OK
C:\I386\HWDB.DLL; OK
C:\I386\IMAGEHLP.DLL; OK
C:\I386\KBDA1.DLL; OK
C:\I386\KBDA2.DLL; OK
C:\I386\KBDA3.DLL; OK
C:\I386\KBDAL.DLL; OK
C:\I386\KBDARME.DLL; OK
C:\I386\KBDARMW.DLL; OK
C:\I386\KBDAZE.DLL; OK
C:\I386\KBDAZEL.DLL; OK
C:\I386\KBDBE.DLL; OK
C:\I386\KBDBLR.DLL; OK
C:\I386\KBDBR.DLL; OK
C:\I386\KBDBU.DLL; OK
C:\I386\KBDCA.DLL; OK
C:\I386\KBDCR.DLL; OK
C:\I386\KBDCZ.DLL; OK
C:\I386\KBDCZ1.DLL; OK
C:\I386\KBDCZ2.DLL; OK
C:\I386\KBDDA.DLL; OK
C:\I386\KBDDIV1.DLL; OK
C:\I386\KBDDIV2.DLL; OK
C:\I386\KBDDV.DLL; OK
C:\I386\KBDES.DLL; OK
C:\I386\KBDEST.DLL; OK
C:\I386\KBDFA.DLL; OK
C:\I386\KBDFC.DLL; OK
C:\I386\KBDFI.DLL; OK
C:\I386\KBDFR.DLL; OK
C:\I386\KBDGAE.DLL; OK
C:\I386\KBDGEO.DLL; OK
C:\I386\KBDGKL.DLL; OK
C:\I386\KBDGR.DLL; OK
C:\I386\KBDGR1.DLL; OK
C:\I386\KBDHE.DLL; OK
C:\I386\KBDHE220.DLL; OK
C:\I386\KBDHE319.DLL; OK
C:\I386\KBDHEB.DLL; OK
C:\I386\KBDHELA2.DLL; OK
C:\I386\KBDHELA3.DLL; OK
C:\I386\KBDHEPT.DLL; OK
C:\I386\KBDHU.DLL; OK
C:\I386\KBDHU1.DLL; OK
C:\I386\KBDIC.DLL; OK
C:\I386\KBDINDEV.DLL; OK
C:\I386\KBDINGUJ.DLL; OK
C:\I386\KBDINHIN.DLL; OK
C:\I386\KBDINKAN.DLL; OK
C:\I386\KBDINMAR.DLL; OK
C:\I386\KBDINPUN.DLL; OK
C:\I386\KBDINTAM.DLL; OK
C:\I386\KBDINTEL.DLL; OK
C:\I386\KBDIR.DLL; OK
C:\I386\KBDIT.DLL; OK
C:\I386\KBDIT142.DLL; OK
C:\I386\KBDKAZ.DLL; OK
C:\I386\KBDKYR.DLL; OK
C:\I386\KBDLA.DLL; OK
C:\I386\KBDLT.DLL; OK
C:\I386\KBDLT1.DLL; OK
C:\I386\KBDLV.DLL; OK
C:\I386\KBDLV1.DLL; OK
C:\I386\KBDMON.DLL; OK
C:\I386\KBDNE.DLL; OK
C:\I386\KBDNEC.DLL; OK
C:\I386\KBDNO.DLL; OK
C:\I386\KBDPL.DLL; OK
C:\I386\KBDPL1.DLL; OK
C:\I386\KBDPO.DLL; OK
C:\I386\KBDRO.DLL; OK
C:\I386\KBDRU.DLL; OK
C:\I386\KBDRU1.DLL; OK
C:\I386\KBDSF.DLL; OK
C:\I386\KBDSG.DLL; OK
C:\I386\KBDSL.DLL; OK
C:\I386\KBDSL1.DLL; OK
C:\I386\KBDSP.DLL; OK
C:\I386\KBDSW.DLL; OK
C:\I386\KBDSYR1.DLL; OK
C:\I386\KBDSYR2.DLL; OK
C:\I386\KBDTAT.DLL; OK
C:\I386\KBDTH0.DLL; OK
C:\I386\KBDTH1.DLL; OK
C:\I386\KBDTH2.DLL; OK
C:\I386\KBDTH3.DLL; OK
C:\I386\KBDTUF.DLL; OK
C:\I386\KBDTUQ.DLL; OK
C:\I386\KBDUK.DLL; OK
C:\I386\KBDUR.DLL; OK
C:\I386\KBDURDU.DLL; OK
C:\I386\KBDUS.DLL; OK
C:\I386\KBDUSL.DLL; OK
C:\I386\KBDUSR.DLL; OK
C:\I386\KBDUSX.DLL; OK
C:\I386\KBDUZB.DLL; OK
C:\I386\KBDVNTC.DLL; OK
C:\I386\KBDYCC.DLL; OK
C:\I386\KBDYCL.DLL; OK
C:\I386\KSECDD.SYS; OK
C:\I386\NETSETUP.EXE; OK
C:\I386\NTDLL.DLL; OK
C:\I386\NTFS.SYS; OK
C:\I386\NTSD.EXE; OK
C:\I386\NTSDEXTS.DLL; OK
C:\I386\PIDGEN.DLL; OK
C:\I386\REGEDIT.EXE; OK
C:\I386\SPCMDCON.SYS; OK
C:\I386\SYSPARSE.EXE; OK
C:\I386\SYSTEM32\NTDLL.DLL; OK
C:\I386\SYSTEM32\SMSS.EXE; OK
C:\I386\TELNET.EXE; OK
C:\I386\USETUP.EXE; OK
C:\I386\WINNT32.EXE; OK
C:\I386\WINNT32A.DLL; OK
C:\I386\WINNT32U.DLL; OK
C:\I386\WINNTBBA.DLL; OK
C:\I386\WINNTBBU.DLL; OK
C:\I386\WINNTUPG\APMUPGRD.DLL; OK
C:\I386\WINNTUPG\BOSCOMP.DLL; OK
C:\I386\WINNTUPG\CFGMGR32.DLL; OK
C:\I386\WINNTUPG\CLUSCOMP.DLL; OK
C:\I386\WINNTUPG\FSFILTER.DLL; OK
C:\I386\WINNTUPG\FTCOMP.DLL; OK
C:\I386\WINNTUPG\INPUPGRD.DLL; OK
C:\I386\WINNTUPG\MS\MODEMSHR\MDMSHRUP.DLL; OK
C:\I386\WINNTUPG\MS\SNA\IBMMGUG.DLL; OK
C:\I386\WINNTUPG\MS\SNA\NTSNAUPG.DLL; OK
C:\I386\WINNTUPG\MS\SNA\SNADLCUG.DLL; OK
C:\I386\WINNTUPG\MSMQCOMP.DLL; OK
C:\I386\WINNTUPG\NETUPGRD.DLL; OK
C:\I386\WINNTUPG\NTDSUPG.DLL; OK
C:\I386\WINNTUPG\OEM\DIGI\ASYNC\DGUPGRD.DLL; OK
C:\I386\WINNTUPG\OEM\DIGI\ISDN\BRI\DIGIUPG.DLL; OK
C:\I386\WINNTUPG\OEM\DIGI\ISDN\PRI\DIGPRIUP.DLL; OK
C:\I386\WINNTUPG\OEM\DIGI\REALPORT\DGRPUPG.DLL; OK
C:\I386\WINNTUPG\OEM\EQN\EQNUPGRD.DLL; OK
C:\I386\WINNTUPG\OEM\SPX\MPS\SPXUPGRD.DLL; OK
C:\I386\WINNTUPG\OEM\TIGERJET\TJUPG.DLL; OK
C:\I386\WINNTUPG\SETUPAPI.DLL; OK
C:\I386\WINNTUPG\TSCOMP.DLL; OK
C:\I386\WINNTUPG\VIDUPGRD.DLL; OK
C:\I386\WSDU.DLL; OK
C:\I386\WSDUENG.DLL; OK
C:\Kaspersky\avcmhk5.mhk; OK
C:\Kaspersky\Getvlist.exe; OK
C:\Kaspersky\ipc.dll; OK
C:\Kaspersky\kavss.dll; OK
C:\Kaspersky\kavss.exe; OK
C:\Kaspersky\kavssd.dll; OK
C:\Kaspersky\kavssdi.dll; OK
C:\Kaspersky\kavssi.dll; OK
C:\Kaspersky\KAVUpd.dll; OK
C:\Kaspersky\kavupd.exe; OK
C:\Kaspersky\kavvlg.dll; OK
C:\Kaspersky\msvlclnt.dll; OK
C:\Kaspersky\mwavscan.com; OK
C:\Kaspersky\psapi.dll; OK
C:\Kaspersky\riched32.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\AdavMpa.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\AdavMplex.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\AlbumBase.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\ArcPlugInMgr.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\ArcRegister.exe; OK
C:\Program Files\ArcSoft\ShowBiz 2\ArcTitleMgr.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\ASFWriter.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\AudioFmt.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\audioplayer.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\BasicDVD.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Capture.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\cdisplayer.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\CDPlay.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\CDRip.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\CheckDVDFileFormat.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\CheckUpdate.exe; OK
C:\Program Files\ArcSoft\ShowBiz 2\dgui.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\discapi.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\dtype32.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\dtype32x.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\DVCII.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\dvcombine.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\DVDEngine.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\DVIntcpt.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\DVRMSAttr.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\dvrmssave.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\dxpubtool.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\editwin.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\EzDll.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\EzFile.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\FileDump.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\Filefpx.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\FPXLIB.DLL; OK
C:\Program Files\ArcSoft\ShowBiz 2\GmDV2Mpeg.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GmDvsd.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GmProK7.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GmProP3.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GmProP4.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GmVfwCap.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMo4E.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMoK7.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMoK7x.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMoP2.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMoP2x.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMoP3.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMoP3x.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMoP4.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMotion.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMotionCaptureEncoder.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\GoMotionDVtoMPEG.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\JPEGLIB.DLL; OK
C:\Program Files\ArcSoft\ShowBiz 2\lpcm2pcm.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\mediaexport.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\mediaimport.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\mpegapi.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\MPEGWriter.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\MplexFilter.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\msvcp60.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\PadusDll.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\PadusRes.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pcdlib32.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc1028.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc1031.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc1033.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc1034.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc1036.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc1040.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc1041.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Pfc2052.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Plug-Ins\Effect\arcsofteffect.vft; OK
C:\Program Files\ArcSoft\ShowBiz 2\Plug-Ins\Effect\ASEffectRes.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Plug-Ins\Effect\DGUI.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Plug-Ins\Title\ATitle\artisttitle.te; OK
C:\Program Files\ArcSoft\ShowBiz 2\Plug-Ins\Title\ATitle\ArtistTitleRes.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Plug-Ins\Transition\arcsofttransition.vfx; OK
C:\Program Files\ArcSoft\ShowBiz 2\Plug-Ins\Transition\ASTransitionRes.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Preview.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Res_DVDstring.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Res_SD.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\sbzSendMail.exe; OK
C:\Program Files\ArcSoft\ShowBiz 2\scenedetect.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\ShowBiz.exe; OK
C:\Program Files\ArcSoft\ShowBiz 2\ShowRes.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Slide.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\slideshow.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\SLShowRC.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\StdPropPage.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\VDibTool.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\VirtSrc.ax; OK
C:\Program Files\ArcSoft\ShowBiz 2\VXBLOCK.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\Wizard.exe; OK
C:\Program Files\ArcSoft\ShowBiz 2\WMAFile.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\WMAWriter.dll; OK
C:\Program Files\ArcSoft\ShowBiz 2\WMFDll2.dll; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atiicdxx.dll; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atiicdxx.sys; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atiphexx.exe; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atippaxx.dll; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atiprbxx.exe; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atipuixx.dll; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atricdxx.dft; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atricdxx.enu; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.ara; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.chs; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.cht; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.csy; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.dan; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.deu; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.ell; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.enu; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.esp; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.fin; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.fra; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.heb; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.hun; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.ita; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.jpn; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.kor; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.nld; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.nor; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.plk; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.ptb; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.rus; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.sve; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.tha; OK
C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.trk; OK
C:\Program Files\Easy Internet signup\HPDialer.dll; OK
C:\Program Files\Easy Internet signup\HPHTTP.dll; OK
C:\Program Files\Easy Internet signup\HPSdpApp.exe; OK
C:\Program Files\Easy Internet signup\HPSender.dll; OK
C:\Program Files\Easy Internet signup\HPUpdater.exe; OK
C:\Program Files\Easy Internet signup\HTTPTransport.dll; OK
C:\Program Files\Easy Internet signup\ISPSignup.exe; OK
C:\Program Files\Fichiers communs\Designer\MSADDNDR.DLL; OK
C:\Program Files\Fichiers communs\Hewlett-Packard\Scanjet\hpgscnsv.dll; OK
C:\Program Files\Fichiers communs\HP\Digital Imaging\Bin\hpqfmt01.dll; OK
C:\Program Files\Fichiers communs\HP\InstantShare\hpISdownsampler.dll; OK
C:\Program Files\Fichiers communs\HP\InstantShare\hpodcpxe.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\fldrview.ocx; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodae.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodai.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodaierr.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodaud.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodcore3.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodcpx2.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodcpxe.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodcrop.ocx; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodctr.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpoddoh.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpoddrv.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpoddsb.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodexif.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodimg3.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodinet2.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodinet2enu.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodinet2FRA.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodloc3.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodlog3.exe; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\HPODMmc.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodmp.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodmpv.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodmpv_md.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodpc3.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodprint.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodprt3.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodPrtC.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodrend.exe; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\HPODRunTimelineFilter.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodserv.exe; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodskin2.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\HPODSlideVideoMPEG.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\HPODThumb.ocx; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodtrim.ocx; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodtrk.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodvid.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodwiz3.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodwiz3enu.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodwiz3FRA.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\hpodxmlutil.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\HPODXPAT.DLL; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\IPicEnc.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LCODCCMP.DLL; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\lfbmp13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LFCMP13n.DLL; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LFCMP13s.DLL; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\lffax13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\lfgif13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\lfpcd13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\Lfpct13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\Lfpng13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\lftif13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LMVClr.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LMVCrop.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LMVRGBxf.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LMVRot.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LMVRsz.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LTCLR13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LTDIS13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\ltefx13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\ltfil13n.DLL; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\ltimg13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\ltkrn13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\LTStlImgRd.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\lttwn13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\Ltwvc13n.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\LeadTools\PCDLIB32.DLL; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\pcexp\COMMON\VIEW\PLUGIN\HPODXPAT.DLL; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\toolame.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\vcdliba.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\vcdlibb.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\vcdlibm2.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\xanalyze.dll; OK
C:\Program Files\Fichiers communs\HP\Memories Disc\2.0\xaudio.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IDriver.exe; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IScript7.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\ISRT.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IUser7.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\objps7.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\_ISRES1033.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver2.exe; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IScript8.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\ISRT.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IUser8.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\objps8.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\_ISRES1033.dll; OK
C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\ctor.dll; OK
C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\IKernel.exe; OK
C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\ILog.dll; OK
C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\iuser.dll; OK
C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\objectps.dll; OK
C:\Program Files\Fichiers communs\InstallShield\IScript\IScript.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\setup.dll; OK
C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\Objectps.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\CDO\CDOEX.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\DAO\dao360.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Dashboard Components\10\MSDDSC.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Equation\1036\eeintl.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Euro\MSOEURO.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\BMPIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\CDRIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\CGMIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\DRWIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\DXFIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\emfimp32.flt; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\EPSIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\fpx32.flt; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\GIFIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\JPEGIM32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\PICTIM32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\PNG32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\TIFFIM32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\WMFIMP32.FLT; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\Wpgexp32.flt; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\Wpgimp32.flt; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\itircl54.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Money\aw.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Money\mscps.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSDraw\msdraw.exe; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\IEINFO5.OCX; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\msinfo32.exe; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\MSIOFF10.OCX; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\OFFPRV10.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\OFFPRV10.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSORun\MSORUN.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Bin\MSSADMIN.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Bin\MSSADMWS.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Bin\MSSERROR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Bin\SRCHADM.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Bin\SrchAdmStp.exe; OK
C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Common\MSSITLB.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\1036\DWINTL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\1036\MSOINTL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\DW.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTP.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTPA.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTPS.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSOICONS.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\RICHED20.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\UCS20.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Office10\USP10.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Proof\1036\MSGR3FR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Proof\CHAPI3T1.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Proof\csapi3t1.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Proof\ctapi3t2.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSLID.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSSP3FR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSTH3FR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\ATCONT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\ATFIND.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\ATFLIGHT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\ENCCA.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\ENCCONT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\ERSREGPROFILE.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\GENEMBED.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\MAPOBJ90.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\MSENCDATA.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\MSENCXML.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\PPDBMGR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\PPMGR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\REFJIC.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\REFSV.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\TREEDATA.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\WHEEL2EE.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\WORKSINT.EXE; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2003\WORKSSVC.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Reference Titles\MSREFTL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Shoebox\piolch.exe; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Shoebox\sbox7.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Shoebox\stv7.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Shoebox\WkWinUni.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Smart Tag\FNAME.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Smart Tag\FPERSON.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Smart Tag\IETAG.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Smart Tag\MOFL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Speech\1036\spcplui.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Speech\sapi.cpl; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Speech\sapi.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Speech\sapisvr.exe; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\DOSWRD32.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\html32.cnv; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\msconv97.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\MSWRD632.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\mswrd632.wpc; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\mswrd832.cnv; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\RECOVR32.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\wkcvqd.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\wkcvqd01.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\wkcvqr01.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\wkcvqrtf.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\WORKS332.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\works432.cnv; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\Works532.cnv; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\Works632.cnv; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\WPEQU532.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\WPFT532.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\WPFT632.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\WRD6ER32.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\WRD6EX32.CNV; OK
C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\write32.wpc; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\TRIEDIT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\1036\VBE6INTL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\VBACV10.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\VBACV10D.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\VBACV20.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\VBE6.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\VBE6EXT.OLB; OK
C:\Program Files\Fichiers communs\Microsoft Shared\VGX\vgx.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\1033\NSEXTINT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\1036\MSOSVINT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\1036\NSEXTINT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\MSONSEXT.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\MSOSV.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\MSOWS409.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\MSOWS40c.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\MSVCP60.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMAXCTL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCORE.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMFORMS.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMRES.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMSSTLB.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMTEMPL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMTRACE.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMWS.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PROMDEMO.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\SECMGR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\VAIDDMGR.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\VAIMEM.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\40\bin\fp4autl.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\40\bin\FP4AWEC.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\50\bin\FP5ANWI.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\50\bin\FP5AUTL.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\50\bin\FP5AWEC.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\50\bin\FPENCODE.DLL; OK
C:\Program Files\Fichiers communs\Microsoft Shared\WordArt\Wrdart32.exe; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\dwintl.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\NFmtLng.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\WkApcLng.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\WkCalLng.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\wkgl70.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\WkHlpLng.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\WkPrfLng.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\WkPrL70.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\WkWabLng.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\aw.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\cpitool7.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\cpitv7.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\dw.exe; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\eularegn.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\gtv7.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\HtmlLite.dll; OK
C:\Program Files\Fichiers communs\Microsoft Shared\Works

Réponse 23 / 64

fix200 Messages postés 3243 Date d'inscription Statut Contributeur sécurité Dernière intervention 158

Salut ,

Tu peux déposer le rapport ICIet coller le lien obtenu.

A+

Utilisateur anonyme

Bonjour,
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O20 - Winlogon Notify: __c00DD8A4 - C:\WINDOWS\System32\__c00DD8A4.dat (file missing)
Il restait ceci, il faudrai voir si cela a disparu ou pas

Il faudra purger le PC, et après faire un réparation des fichiers host

Réponse 24 / 64

Utilisateur anonyme

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:14, on 18/07/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\websrvx\websrvx.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Propriétaire\Bureau\drweb-cureit.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX2\446bc7.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX2\ue445.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O2 - BHO: C:\WINDOWS\System32\grffr83hn.dll - {D76AB2A1-00F3-42BD-F434-00BBC39C8953} - C:\WINDOWS\System32\grffr83hn.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-427847312-1974833388-1229068002-500\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe (User 'Administrateur')
O4 - HKUS\S-1-5-18\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook (User 'Default user')
O4 - S-1-5-21-427847312-1974833388-1229068002-500 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Administrateur')
O4 - S-1-5-21-427847312-1974833388-1229068002-500 User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Administrateur')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O20 - Winlogon Notify: __c00DD8A4 - C:\WINDOWS\System32\__c00DD8A4.dat (file missing)
O22 - SharedTaskScheduler: rtasgvfu76ew8ndkfno94 - {D76AB2A1-00F3-42BD-F434-00BBC39C8953} - C:\WINDOWS\System32\grffr83hn.dll
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 64

fix200 Messages postés 3243 Date d'inscription Statut Contributeur sécurité Dernière intervention 158

Salut ,

Pour avancer :

Télécharge HostsXpert

* Dézippe ce fichier et enregistre-le sur ton bureau
* Double clic sur "hostsXpert.exe"
* Clique sur "Restore MS Hosts File" ensuite sur Ok

Ensuite :

Télécharge CCleaner sur ton bureau

▶ Installe le , mais décoche la barre yahoo.

▶ Lance CCleaner puis Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".

▶ Dans le menu nettoyeur , clique sur "Analyse.

▶ Ensuite clique sur le bouton "Lancer le nettoyage" et laisse le faire.

▶ Maintenant dans l'onglet "Registre" , clique sur "Chercher des erreurs"

▶ Réponds a OUI a la question qui te sera posée.

▶ Enfin , répare les erreurs en cliquant sur " Réparer les erreurs sélectionnés "

N.B : Refais trois fois , une réparation du registre pour que cela soit efficace !

Regarde bien le Tutoriel CCleaner , il est bien expliqué ...

Ensuite :

Télécharge SmitFraudFix:

Recherche:

▶ Double clique sur SmitfraudFix.exe

▶ Tape 1 et et valide par Entrée

▶ A la fin du processus du scan, Un rapport s'ouvre, copie-colle son contenu a ta prochaine reponse.

NOTE: Le rapport se trouve à la racine du disque système

tutoriel smitfraudfix

Nettoyage :

▶ Double clique sur SmitfraudFix.exe

▶ Tape 2 et et valide par Entrée

▶ A la fin du processus du scan, Un rapport s'ouvre, copie-colle son contenu a ta prochaine reponse.

NOTE: Le rapport se trouve à la racine du disque système

tutoriel smitfraudfix

++

Réponse 26 / 64

Utilisateur anonyme

Avant de passer CCleaner je voudrais être sur que le PC est bien désinfecté car apparement tous les executables sont infectés si je les lance...

Réponse 27 / 64

fix200 Messages postés 3243 Date d'inscription Statut Contributeur sécurité Dernière intervention 158

Re ,

je voudrais être sur que le PC est bien désinfecté car apparement tous les executables sont infectés si je les lance...

Je pense que les scan que tu as fait on désinfecté ... mais il reste des traces , et essaye de utiliser le minimum de temps les exe .

Ne fais pas CCleaner et continue ..

Les programmes que je t'ai donné sont pour désinfecter :)

++

Réponse 28 / 64

Utilisateur anonyme

Je crois que c'est mieux de poster le rapport de recherche avant de nettoyer non ?

SmitFraudFix v2.423

Rapport fait à 16:22:23,15, 18/07/2009
Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\websrvx\websrvx.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Propriétaire\Bureau\drweb-cureit.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX2\446bc7.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX2\ue445.exe
C:\WINDOWS\System32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{D76AB2A1-00F3-42BD-F434-00BBC39C8953}"="rtasgvfu76ew8ndkfno94"

[HKEY_CLASSES_ROOT\CLSID\{D76AB2A1-00F3-42BD-F434-00BBC39C8953}\InProcServer32]
@="C:\WINDOWS\System32\grffr83hn.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D76AB2A1-00F3-42BD-F434-00BBC39C8953}\InProcServer32]
@="C:\WINDOWS\System32\grffr83hn.dll"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

xpdx détecté, utilisez un scanner de Rootkit
xpdt détecté, utilisez un scanner de Rootkit
huy32 détecté, utilisez un scanner de Rootkit
pe386 détecté, utilisez un scanner de Rootkit
lzx32 détecté, utilisez un scanner de Rootkit
msguard détecté, utilisez un scanner de Rootkit

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: NVIDIA nForce MCP Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.0.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6BC8B3D3-6128-411A-9128-808DC3685F9A}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6BC8B3D3-6128-411A-9128-808DC3685F9A}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6BC8B3D3-6128-411A-9128-808DC3685F9A}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Utilisateur anonyme

il faut faire smitfraudfix option 2 en mode sans échec pour que l'outil puisse nettoyer

Réponse 29 / 64

fix200 Messages postés 3243 Date d'inscription Statut Contributeur sécurité Dernière intervention 158

EDIT : => Fais le nettoyage en mode sans échec . et colle le rapport smitfraudfix.txt qui se trouve a la racine du disque

Puis :

Télécharge Rooter de l'équipe IDN sur ton bureau

! Déconnecte toi d'internet et ferme toutes applications en cours !

* Exécute Rooter et laisse travailler l'outil .

* Une fois terminé, poste le rapport obtenu pour analyse ...

++

Réponse 30 / 64

Utilisateur anonyme

Problème un peu génant, j'ai refait un DrWeb et il a supprimé ndis.sys
Je pense que c'est à cause de ça que tous mes drivers réseau ne sont plus reconnus. J'essaye de retrouver les pilotes et de les réinstaller.

Réponse 31 / 64

Utilisateur anonyme

Je n'arrive pas à installer les pilote, j'ai essayé ceux de la carte mere, ceux du chipset Nvidia.

Voici la liste des périphériques dont le pilote est installé (pilote windows) mais qui ne fonctionne pas :

Carte reseau 1394
Miniport reseau etendu (IP)
Miniport reseau etendu (IP) Miniport d'ordonnancement des paquets
Minport reseau étendu (L2TP)
Miniport reseau etendu (PPTP)
Miniport WAN (PPOE)
NVIDIA nForce MCP Networking Controller
NVIDIA nForce MCP Networking Controller - Miniport d'ordonnancement des paquets
Parralèle direct

Réponse 32 / 64

Utilisateur anonyme

Rapport SmitFraudFix :

SmitFraudFix v2.423

Rapport fait à 18:36:09,43, 18/07/2009
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{D76AB2A1-00F3-42BD-F434-00BBC39C8953}"="rtasgvfu76ew8ndkfno94"

[HKEY_CLASSES_ROOT\CLSID\{D76AB2A1-00F3-42BD-F434-00BBC39C8953}\InProcServer32]
@="C:\WINDOWS\System32\grffr83hn.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D76AB2A1-00F3-42BD-F434-00BBC39C8953}\InProcServer32]
@="C:\WINDOWS\System32\grffr83hn.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6BC8B3D3-6128-411A-9128-808DC3685F9A}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6BC8B3D3-6128-411A-9128-808DC3685F9A}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6BC8B3D3-6128-411A-9128-808DC3685F9A}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK.2

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{D76AB2A1-00F3-42BD-F434-00BBC39C8953}"="rtasgvfu76ew8ndkfno94"

[HKEY_CLASSES_ROOT\CLSID\{D76AB2A1-00F3-42BD-F434-00BBC39C8953}\InProcServer32]
@="C:\WINDOWS\System32\grffr83hn.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D76AB2A1-00F3-42BD-F434-00BBC39C8953}\InProcServer32]
@="C:\WINDOWS\System32\grffr83hn.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Réponse 33 / 64

Utilisateur anonyme

Rapport Rooter :

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 1
[32_bits] - x86 Family 6 Model 8 Stepping 1, AuthenticAMD
.
Error OpenService (wscsvc) : 1060
[SharedAccess] STOPPED (state:1) : Windows Firewall -> Disabled !
.
Internet Explorer 6.0.2800.1106
Mozilla Firefox 3.5.1 (fr)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:69 Go - Free:60 Go )
D:\ [Fixed-FAT32] .. ( Total:5 Go - Free:0 Go )
G:\ [Removable]
H:\ [Removable]
I:\ [Removable]
J:\ [Removable]
K:\ [Removable]
L:\ [CD_Rom]
M:\ [CD_Rom]
.
Scan : 19:02.57
Path : K:\Rooter.exe
User : Propriétaire ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (164)
______ \??\C:\WINDOWS\system32\csrss.exe (212)
______ \??\C:\WINDOWS\system32\winlogon.exe (236)
______ C:\WINDOWS\system32\services.exe (280)
______ C:\WINDOWS\system32\lsass.exe (292)
______ C:\WINDOWS\system32\svchost.exe (448)
______ C:\WINDOWS\System32\svchost.exe (476)
______ C:\WINDOWS\system32\spoolsv.exe (676)
______ C:\WINDOWS\Explorer.EXE (776)
______ C:\WINDOWS\System32\HPZipm12.exe (852)
______ C:\WINDOWS\System32\svchost.exe (896)
______ C:\windows\system\hpsysdrv.exe (1200)
______ C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe (1216)
______ C:\WINDOWS\System32\hphmon05.exe (1232)
______ C:\HP\KBD\KBD.EXE (1240)
______ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (1356)
______ C:\Program Files\Multimedia Card Reader\shwicon2k.exe (1364)
______ C:\PROGRA~1\Wanadoo\CnxMon.exe (1428)
______ C:\PROGRA~1\Wanadoo\TaskbarIcon.exe (1460)
______ C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe (1468)
______ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (1476)
______ C:\Program Files\Unlocker\UnlockerAssistant.exe (1484)
______ C:\Program Files\Messenger\msmsgs.exe (1508)
______ C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (1520)
______ C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (1528)
______ C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (1536)
______ C:\WINDOWS\System32\msiexec.exe (1876)
______ C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe (1964)
______ C:\WINDOWS\System32\mmc.exe (888)
______ K:\Rooter.exe (1424)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:5488648704)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:5488680960 | Length:74526842880)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\Connexion Facile à Internet.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 19:03.00
.
C:\Rooter$\Rooter_1.txt - (18/07/2009 | 19:03.00)

Réponse 34 / 64

Utilisateur anonyme

Bon j'en avais marre de galérer et j'ai fait la restauration système.

Voici le rapport HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:21:10, on 18/07/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NAV CfgWiz] c:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Utilisateur anonyme

Tu as fait une restauration système sans purger le PC ? Parce que si t'as fait cela tu risques d'avoir réinfecté le PC
Je t'avais dit que les points de restauration risquaient d'etre infectés
Pour tes drivers, c'est un peu normal car l'infection a du faire quelques dégats

Réponse 35 / 64

Utilisateur anonyme

j'avais supprimé les points de restauration avant

Réponse 36 / 64

Utilisateur anonyme

qd je parle de restauration, c pas restauration windows, mais restauration usine

Réponse 37 / 64

fix200 Messages postés 3243 Date d'inscription Statut Contributeur sécurité Dernière intervention 158

B'jour ,

c pas restauration windows, mais restauration usine

La je comprends , fait moi quand même ceci pour voir si tu t'es réinfecté stp :

Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

▶ Double-clique sur RSIT.exe afin de lancer RSIT.

▶ Clique sur Continue à l'écran " Disclaimer of warranty ".

▶ Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

=> Poste le contenu de log.txt (qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemdrive%\rsit ou C:\rsit

A+

Réponse 38 / 64

Utilisateur anonyme

Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-07-19 11:00:56
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 56 GB (79%) free of 71 GB
Total RAM: 1023 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:09, on 19/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\72435c12e13d6da3bbaa7c93396b47e3\update\update.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

Réponse 39 / 64

Utilisateur anonyme

info.txt logfile of random's system information tool 1.06 2009-07-19 11:01:17

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
BitDefender Internet Security 2009-->MsiExec.exe /X{27148014-3B0A-402B-8130-6B056357D12D}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{F6B1CD0F-DB2D-4666-A168-C46390AD8C4A}
Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Encyclopédie Microsoft Encarta 2003-->MsiExec.exe /I{03460014-3975-4267-9F39-1DC4745090B7}
Extension Système de Microsoft Money-->MsiExec.exe /I{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}
Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe" /uninstall
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Photo & Imaging 3.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
HP Software Update-->MsiExec.exe /X{C05E10AC-BD86-4564-9D16-EF11D7314FB2}
HPImageZone-->MsiExec.exe /X{11946FA8-329A-4DDF-B867-A32781FED8EE}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
Java 2 Runtime Environment, SE v1.4.1_02-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext
Java Web Start-->"C:\Program Files\Java Web Start\uninst-javaws.exe"
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft AutoRoute 2002-->MsiExec.exe /I{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}
Microsoft Money-->MsiExec.exe /I{01A2E33A-8ADA-42D1-9173-8F65149E952F}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Photo 7.0-->MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Multimedia Card Reader-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E05895C5-FE97-4334-8D73-B0089FD07CE3}
NVIDIA Ethernet Driver-->C:\WINDOWS\System32\nvuenet.exe Uninstall C:\WINDOWS\System32\Nvenet.nvu,NVIDIA Ethernet Driver
NVIDIA Gart Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA Gart Driver
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sélecteur d'installation de Microsoft Works Suite 2003-->C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe E:\
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe

======Security center information======

AV: Antivirus BitDefender
FW: Pare-feu BitDefender

======System event log======

Computer Name: PC-CORDIER
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Services Terminal Server.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20090718201611.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PC-CORDIER
Event Code: 35
Message: Le service de temps synchronise maintenant l'heure système avec la
source de temps time.windows.com (ntp.m|0x1|192.168.0.5:123->207.46.232.182:123).

Record Number: 4
Source Name: W32Time
Time Written: 20090718201502.000000+120
Event Type: Informations
User:

Computer Name: PC-CORDIER
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 3
Source Name: EventLog
Time Written: 20090718201430.000000+120
Event Type: Informations
User:

Computer Name: PC-CORDIER
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 1 Uniprocessor Free.

Record Number: 2
Source Name: EventLog
Time Written: 20090718201430.000000+120
Event Type: Informations
User:

Computer Name: PC-CORDIER
Event Code: 115
Message: Le suivi de la Restauration système a été activé sur tous les lecteurs.

Record Number: 1
Source Name: SRService
Time Written: 20090718201342.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: PC-CORDIER
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés.
Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système
et les dernières entrées du registre d'aide.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090718201851.000000+120
Event Type: Informations
User:

Computer Name: PC-CORDIER
Event Code: 1
Message:
Record Number: 4
Source Name: ccEvtMgr
Time Written: 20090718201534.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PC-CORDIER
Event Code: 26
Message:
Record Number: 3
Source Name: ccEvtMgr
Time Written: 20090718201524.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PC-CORDIER
Event Code: 2
Message:
Record Number: 2
Source Name: ccPwdSvc
Time Written: 20090718201520.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PC-CORDIER
Event Code: 1
Message:
Record Number: 1
Source Name: ccPwdSvc
Time Written: 20090718201518.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

Réponse 40 / 64

fix200 Messages postés 3243 Date d'inscription Statut Contributeur sécurité Dernière intervention 158

Arrrrff

Je pense que c'est un début de virut :(

Essai ça :

Télécharge OTM (Old Timer) sur ton bureau:

▶ Sous XP: Double-clique sur OTM.exe afin de le lancer.
* Sous Vista: fais un clic droit sur OTM et choisis "exécuter en tant qu'administrateur"
▶ Copie (Ctrl+C) le texte suivant ci-dessous :

:Processes
explorer.exe
:services

:Reg

:Files
C:\WINDOWS\system32\tmp.txt
C:\WINDOWS\system32\BC.tmp
C:\WINDOWS\system32\BE.tmp
C:\WINDOWS\system32\BD.tmp
C:\WINDOWS\system32\BB.tmp
C:\WINDOWS\system32\BA.tmp
C:\WINDOWS\system32\B0.tmp
C:\WINDOWS\system32\AF.tmp
C:\WINDOWS\system32\AB.tmp
C:\WINDOWS\system32\AA.tmp
C:\WINDOWS\system32\AE.tmp
C:\WINDOWS\system32\A9.tmp
C:\WINDOWS\system32\A8.tmp
C:\WINDOWS\system32\A2.tmp
C:\WINDOWS\system32\A1.tmp
C:\WINDOWS\system32\A6.tmp
C:\WINDOWS\system32\A5.tmp
C:\WINDOWS\system32\AD.tmp
C:\WINDOWS\system32\A4.tmp
C:\WINDOWS\system32\93.tmp
C:\WINDOWS\system32\91.tmp
C:\WINDOWS\system32\8C.tmp
:Commands
[start explorer]
[emptytemp]
[purity]
[reboot]

▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM.

Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. => Accepte en cliquant sur YES.

▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

* Note: Le nom du rapport correspond au moment de sa création : date_heure.log

Ensuite :

Télécharge Dr.Web CureIt sur ton Bureau:

▶ Démarre en mode sans échec. http://forum.telecharger.01net.com/forum/high-tech/SECURITE/Securite/redemarrer-mode-echec-sujet_1526_1.htm (méthode 1)
▶ Double clique drweb-cureit.exe et ensuite clique sur Analyse ;
▶ Clique Ok à l'invite de l'analyse rapide. Ce scan permet l'analyse des processus chargés en mémoire ; s'il trouve des processus infectés, clique le bouton Oui pour tout à l'invite.
**Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" ; vous pouvez quitter en cliquant le "X"
▶ Lorsque le scan rapide est terminé, Clique sur le menu Options >> Changer la configuration;
▶ Choisis l'onglet "Scanner", et décoche "Analyse heuristique". Clique "Ok"
▶ De retour à la fenêtre principale : clique pour activer "Analyse complète";
▶ Clique le bouton avec flèche verte sur la droite, et le scan débutera.
▶ Clique Oui pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
▶ Lorsque le scan sera complété, regarde si tu peux cliquer sur cet icône, adjacent aux fichiers détectés :
▶ Si oui, alors clique dessus et ensuite clique sur l'icône "Suivant", au dessous, et choisis Déplacer en quarantaine l'objet indésirable
▶ Du menu principal de l'outil, au haut à gauche, clique sur le menu Fichier et choisis Enregistrer le rapport
▶ Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
▶ Ferme Dr.Web Cureit* Redémarre ton ordi (*très important*), car certains fichiers peuvent être déplacés/réparés au redémarrage.
▶ Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.

++

Utilisateur anonyme

Bonjour
à fix200, j'aurais fait exactement comme toi, un RSIT

à matdushene,
La prochaine fois, écoute nos conseils, et soit vigilent
Fait ce que te demande fix200

Discussions similaires

écrire un rapport de travail

Votre réponse

Discussions similaires