Sujet Précédent Sujet Suivant

Trojan à supprimer, comment?

zodiaque59 Messages postés 263 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
Je viens de faire un scan de mon pc avec Bitdefender 8 en ligne mais il y a 3 trojan qu'il n'arrive pas a supprimer "Obfus.Gen, Downloader.AHV et Busky.2.Gen" comment puis je les retirer de mon ordinateur.
D'avance merci.
PS: j'ai essayer avec " AVG Anti-Spyware 7,5 , ad-Aware SE Personnal et a-squared Free" mais rien y fait.

11 réponses

Réponse 1 / 11
Utilisateur anonyme
 
Bonjour

Télécharge HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

Fais un scan et poste l'analyse ici.
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Bonjour,
voici ce que tu ma demandé dit moi tout ce que je doit supprimer car en supplement mon pc rame.
Merci

Logfile of HijackThis v1.99.1
Scan saved at 16:51:00, on 05/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1ab4b802-1dd2-11b2-8c65-dd322e8bf683} - C:\WINDOWS\system32\msahgjee.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [xpwqnkc.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll",yirgjue
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: .protected
O4 - Global Startup: .protected
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
0
Réponse 2 / 11
Utilisateur anonyme
 
Re

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer.
* Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
* Démarre ton PC à nouveau.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

Note Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Bonsoir,
Je viens de faire la manipulation que tu ma dit mais cela na pas fait tout ce que tu ma dis, peut etre dus au fait qu'il na rien trouver.
Ci-joint le rapport.
Merci de me donné la suite du programme a faire


VundoFix V6.3.5

Checking Java version...

Java version is 1.4.2.5

Scan started at 17:33:35 05/02/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.3.5

Checking Java version...

Java version is 1.4.2.5

Scan started at 17:53:01 05/02/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...
0
Réponse 3 / 11
Utilisateur anonyme
 
Re

[*]Double-clique VundoFix.exe afin de le lancer.
[*]Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
[*]Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

C:\WINDOWS\system32\msahgjee.dll

[*]Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll

[*]Clique sur le bouton "Add File(s)"
[*]Clique sur le bouton "Close Window".
[*]Clique à nouveau sur "Remove Vundo"
[*]Une invite te demandera si tu veux supprimer les fichiers, clique YES
[*]Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
[*]Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
[*]Démarre ton PC à nouveau.

[*]Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse.
0
zodiaque59 Messages postés 263 Statut Membre 3
 
re bonsoir,


VundoFix V6.3.5

Checking Java version...

Java version is 1.4.2.5

Scan started at 17:33:35 05/02/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.3.5

Checking Java version...

Java version is 1.4.2.5

Scan started at 17:53:01 05/02/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

Beginning removal...

Attempting to delete C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll
C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\msahgjee.dll
C:\WINDOWS\system32\msahgjee.dll Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 19:43:47, on 05/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1ab4b802-1dd2-11b2-8c65-dd322e8bf683} - C:\WINDOWS\system32\msahgjee.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [xpwqnkc.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll",yirgjue
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: .protected
O4 - Global Startup: .protected
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
0
Réponse 4 / 11
Utilisateur anonyme
 
Re

1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

EasyCleaner
https://www.telia.fi/palvelupaattynyt
Installe le dans un répertoire dédié.

2 Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1ab4b802-1dd2-11b2-8c65-dd322e8bf683} - C:\WINDOWS\system32\msahgjee.dll (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [xpwqnkc.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll",yirgjue
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

3 Lance le nettoyage avec CCleaner

4 Lance EasyCleaner.
Utilises les fonctions Inutiles et Registre. Supprimes ce qu'il trouve. Ne pas toucher à la fonction doublons.

5 Fais une défragmentation
http://www.trucsastuces.com/Astuces/76.php

6 Fais une analyse antivirus en ligne sur Kaspersky
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
Sélectionne le poste de travail comme analyse

Colle son rapport ici avec un nouveau log HijackThis.
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Bonjour Chercheurbis,
Se matin en ouvrant mon pc j'avais un essage d'erreur qui dit "Erreur de chargement de C:\DocumentsandSettings\DIDIER\Local settings, le module est introuvable" ?
Je viens de faire ce que tu ma dit dans ton dernier message, mais avec EasyCleaner j'ai fait le Registre mais dans Inutiles quel case je doit cocher.

Voici les 2 Rapports que tu me demande.
Merci pour ton aide, j'attend la suite.

KASPERSKY ON-LINE SCANNER REPORT
Tuesday, February 06, 2007 11:58:58 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 6/02/2007
Enregistrements dans la base antivirus Kaspersky : 250456


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\

Statistiques de l'analyse
Total d'objets analysés 67557
Nombre de virus trouvés 1
Nombre d'objets infectés 4 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:08:58

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Identities\{D0A10A1C-9094-4522-9825-91F69255E429}\Microsoft\Outlook Express\Boîte de réception.dbx L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Identities\{D0A10A1C-9094-4522-9825-91F69255E429}\Microsoft\Outlook Express\Folders.dbx L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Identities\{D0A10A1C-9094-4522-9825-91F69255E429}\Microsoft\Outlook Express\Offline.dbx L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\ntuser.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Program Files\Agnitum\Outpost Firewall\op_data.ldb L'objet est verrouillé ignoré

C:\Program Files\Agnitum\Outpost Firewall\op_data.mdb L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{C657F934-AE0B-49A4-ABCF-3F6A54393D93}\RP70\A0044856.dll Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

C:\System Volume Information\_restore{C657F934-AE0B-49A4-ABCF-3F6A54393D93}\RP70\A0044857.dll Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

C:\System Volume Information\_restore{C657F934-AE0B-49A4-ABCF-3F6A54393D93}\RP71\change.log L'objet est verrouillé ignoré

C:\VundoFix Backups\msahgjee.dll .bad Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

C:\VundoFix Backups\xpwqnkc.dll.bad Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\EventCache\{74FAF4B9-9CB3-4B3C-81EE-17832804CFAB}.bin L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\DEFAULT.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SOFTWARE.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SYSTEM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\Temp\JET2AB5.tmp L'objet est verrouillé ignoré

C:\WINDOWS\Temp\Perflib_Perfdata_b8.dat L'objet est verrouillé ignoré

C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.

Logfile of HijackThis v1.99.1
Scan saved at 12:24:08, on 06/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
O4 - Startup: .protected
O4 - Global Startup: .protected
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Salut Chercheurbis,

Voila j'ai fait ce que tu viens de me dire, mais je ne vois pas vraiment de changement.
J'ai deja eu des problemes avec mon pc si tu veut regarde dans les message d'aide que j'ai fait et les manipulation que lon ma fait faire mais pour l'instant rien a faire.
Encore une fois merci du temps que tu me consacre.
Je ne sais plus quoi faire!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
Utilisateur anonyme
 
Bonjour

Tu peux tout cocher dans Inutiles d'Easy Cleaner.

Deux fichiers infectés dans la sauvegarde de Vundo et deux dans le systéme de restauration.

Supprime C:\VundoFix Backups

Clique sur Démarrer - Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Cocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

Puis redémarrer l'ordinateur et faire l'opération inverse en décochant la case Désactiver la restauration systéme.

Comment se comporte le PC ?
0
Réponse 6 / 11
Utilisateur anonyme
 
Re

J'ai regardé le (long) post concernant ton ralentissement.

Je ne vois pas trop quoi faire de plus. Tu vas faire deux scans afin de vérifier s'il n'y a pas de fichiers infectieux cachés.

* Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau
http://www.malekal.com/download/DiagHelp.zip
- Fais un clic droit sur le fichier et extraire tout
- Un nouveau dossier chercher va être créé DiagHelp
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
- Une fenêtre va s'ouvrir, choisis l'option 1
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
- A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller

* Télécharge WinPFind3U.exe sur ton bureau.
http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe

Double clique sur le fichier téléchargé : un dossier nommé WinPFind3U va apparaitre sur ton bureau.
Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.
Sous le groupe Files Created Within sélectionne 30 days
Sous le groupe Files Modified Within sélectionne 30 days
Sous le groupe String Search sélectionne Non-Microsoft
A présent clique sur le bouton Run Scan dans la barre d'outils
Patiente, cela peut durer plusieurs minutes.
Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.
Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.
Copie/Colle le contenu du rapport dans ta prochaine réponse.

Attention, les rapports sont long, poste les en deux messages.
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Bonjour Chercheurbis,
Voila le rapport de DiagHelp

C:\WINDOWS\System32\nvapps.xml -->07/02/2007 06:47:55
C:\WINDOWS\System32\tmpwisc2.exe -->04/02/2007 10:19:25
C:\WINDOWS\System32\d3d8caps.dat -->02/02/2007 17:23:06
C:\WINDOWS\System32\wpa.dbl -->01/02/2007 07:31:11
C:\WINDOWS\System32\tmp.txt -->29/01/2007 15:24:52
C:\WINDOWS\System32\tmp.reg -->29/01/2007 15:24:52
C:\WINDOWS\System32\tmpwisc3.exe -->29/01/2007 07:35:12
C:\WINDOWS\System32\rmoc3260.dll -->22/01/2007 11:15:57
C:\WINDOWS\System32\pndx5032.dll -->22/01/2007 11:15:23
C:\WINDOWS\System32\pndx5016.dll -->22/01/2007 11:15:23
C:\WINDOWS\System32\pncrt.dll -->22/01/2007 11:15:17
C:\WINDOWS\System32\nscompat.tlb -->21/01/2007 11:35:07
C:\WINDOWS\System32\amcompat.tlb -->21/01/2007 11:35:07
C:\WINDOWS\System32\tmpwisc1.exe -->21/01/2007 07:49:50
C:\WINDOWS\System32\WinSecureDisc.pkg -->21/01/2007 07:42:22
C:\WINDOWS\System32\isc_cpl.cpl -->20/01/2007 16:10:56
C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -->18/01/2007 10:20:31
C:\WINDOWS\System32\uxtuneup.dll -->17/01/2007 14:47:52
C:\WINDOWS\System32\CONFIG.NT -->16/01/2007 17:58:16
C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:07
C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20
C:\WINDOWS\System32\dsm_fr.qm -->13/01/2007 02:08:31
C:\WINDOWS\System32\divxsm.tlb -->13/01/2007 02:08:31
C:\WINDOWS\System32\DivXsm.exe -->13/01/2007 02:08:31
C:\WINDOWS\System32\qt-dx331.dll -->13/01/2007 02:08:29

C:\WINDOWS\WindowsUpdate.log -->07/02/2007 06:55:39
C:\WINDOWS\0.log -->07/02/2007 06:48:22
C:\WINDOWS\wiadebug.log -->07/02/2007 06:48:14
C:\WINDOWS\ODBC.INI -->07/02/2007 06:48:13
C:\WINDOWS\transp.gif -->07/02/2007 06:48:09
C:\WINDOWS\wiaservc.log -->07/02/2007 06:48:05
C:\WINDOWS\bootstat.dat -->07/02/2007 06:47:41
C:\WINDOWS\SchedLgU.Txt -->06/02/2007 19:36:28
C:\WINDOWS\setupapi.log -->06/02/2007 08:50:02
C:\WINDOWS\.protected -->21/01/2007 07:50:39
C:\WINDOWS\SiSAudioRack.ini -->18/01/2007 10:41:19
C:\WINDOWS\win.ini -->14/01/2007 16:18:01
C:\WINDOWS\iun6002ev.exe -->29/12/2006 08:18:52
C:\WINDOWS\warhead.ini -->13/12/2006 11:20:17
C:\WINDOWS\WindowsShell.Manifest -->06/12/2006 17:52:57

C:\WINDOWS\Alcrmv.exe |01/01/2007 14:50:35
C:\WINDOWS\alcupd.exe |01/01/2007 14:50:35
C:\WINDOWS\bdoscandel.exe |25/05/2006 00:22:06
C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |22/05/2004 10:58:48
C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |27/05/2004 03:44:01
C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |02/07/2005 13:46:21
C:\WINDOWS\Ctregrun.exe |02/06/2004 15:39:48
C:\WINDOWS\InZU31.exe |03/02/2005 17:03:37
C:\WINDOWS\IsUn040c.exe |21/05/2004 18:36:48
C:\WINDOWS\IsUninst.exe |21/05/2004 18:57:28
C:\WINDOWS\iun6002ev.exe |29/12/2006 08:19:13
C:\WINDOWS\PATCH.EXE |20/07/2004 17:57:32
C:\WINDOWS\slrundll.exe |20/08/2004 00:10:02
C:\WINDOWS\soundman.exe |01/01/2007 14:50:35
C:\WINDOWS\tsc.exe |20/07/2004 17:59:15
C:\WINDOWS\twunk_16.exe |28/08/2001 13:00:00
C:\WINDOWS\twunk_32.exe |28/08/2001 13:00:00
C:\WINDOWS\uninst.exe |21/09/2006 09:09:00
C:\WINDOWS\unvise32qt.exe |04/08/2004 17:04:19
C:\WINDOWS\UpdtNv28.exe |11/10/2006 15:27:31
C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20
C:\WINDOWS\BPMNT.dll |20/07/2004 17:59:14
C:\WINDOWS\HCExtOutput.dll |20/07/2004 17:59:15
C:\WINDOWS\Iden32.dll |12/09/2006 08:00:35
C:\WINDOWS\PCDLIB32.DLL |18/04/2005 15:50:18
C:\WINDOWS\POCE98.DLL |23/09/1998 21:10:16
C:\WINDOWS\POCELANG.DLL |23/02/1999 14:12:18
C:\WINDOWS\TMUPDATE.DLL |20/07/2004 17:57:33
C:\WINDOWS\twain.dll |28/08/2001 13:00:00
C:\WINDOWS\twain_32.dll |28/08/2001 13:00:00
C:\WINDOWS\UNZIP.DLL |20/07/2004 17:57:33
C:\WINDOWS\vsapi32.dll |20/07/2004 17:59:14
C:\WINDOWS\system32\append.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\aswBoot.exe |30/10/2006 08:38:53
C:\WINDOWS\system32\ChCfg.exe |30/01/2007 13:05:27
C:\WINDOWS\system32\debug.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |12/01/2007 02:19:44
C:\WINDOWS\system32\DivXsm.exe |13/01/2007 02:08:31
C:\WINDOWS\system32\dosx.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\dumphive.exe |19/12/2006 09:02:40
C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34
C:\WINDOWS\system32\edlin.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\exe2bin.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\fastopen.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\hpocon09.exe |24/04/2002 02:25:04
C:\WINDOWS\system32\hpoinw07.exe |24/04/2002 01:23:54
C:\WINDOWS\system32\hpoipm07.exe |24/04/2002 01:24:34
C:\WINDOWS\system32\INFSETUP.exe |03/02/2007 16:17:46
C:\WINDOWS\system32\InstMed.exe |22/05/2004 11:24:58
C:\WINDOWS\system32\java.exe |18/01/2007 10:20:33
C:\WINDOWS\system32\javaw.exe |18/01/2007 10:20:33
C:\WINDOWS\system32\javaws.exe |18/01/2007 10:20:33
C:\WINDOWS\system32\keystone.exe |22/10/2006 12:22:00
C:\WINDOWS\system32\LVCOMSX.EXE |25/02/2004 15:15:50
C:\WINDOWS\system32\Machnm1.exe |16/09/2006 10:32:57
C:\WINDOWS\system32\mem.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\nvappbar.exe |22/10/2006 12:22:00
C:\WINDOWS\system32\nvcolor.exe |22/10/2006 12:22:00
C:\WINDOWS\system32\nvcplui.exe |22/10/2006 12:22:00
C:\WINDOWS\system32\nvdspsch.exe |22/10/2006 12:22:00
C:\WINDOWS\system32\nvsvc32.exe |22/10/2006 12:22:00
C:\WINDOWS\system32\nvudisp.exe |03/02/2007 11:17:57
C:\WINDOWS\system32\NVUNINST.EXE |03/02/2007 11:16:52
C:\WINDOWS\system32\nwiz.exe |22/10/2006 12:22:00
C:\WINDOWS\system32\PRISMSVR.exe |18/03/2004 13:44:42
C:\WINDOWS\system32\PSDrvCheck.exe |10/11/2003 16:06:08
C:\WINDOWS\system32\pxcpya64.exe |20/09/2006 04:06:31
C:\WINDOWS\system32\pxcpyi64.exe |20/09/2006 04:06:31
C:\WINDOWS\system32\pxhpinst.exe |20/09/2006 04:06:31
C:\WINDOWS\system32\pxinsa64.exe |20/09/2006 04:06:31
C:\WINDOWS\system32\pxinsi64.exe |20/09/2006 04:06:31
C:\WINDOWS\system32\redir.exe |22/05/2004 07:22:02
C:\WINDOWS\system32\RTLCPL.exe |30/01/2007 13:04:09
C:\WINDOWS\system32\setver.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\share.exe |28/08/2001 13:00:00
C:\WINDOWS\system32\slrundll.exe |20/08/2004 00:10:02
C:\WINDOWS\system32\slserv.exe |20/08/2004 00:10:02
C:\WINDOWS\system32\SrchSTS.exe |19/12/2006 09:02:40
C:\WINDOWS\system32\swreg.exe |19/12/2006 09:02:39
C:\WINDOWS\system32\swsc.exe |19/12/2006 09:02:40
C:\WINDOWS\system32\swxcacls.exe |19/12/2006 09:02:40
C:\WINDOWS\system32\tmpwisc1.exe |31/12/2006 11:08:09
C:\WINDOWS\system32\tmpwisc2.exe |20/01/2007 16:14:40
C:\WINDOWS\system32\tmpwisc3.exe |31/12/2006 10:53:17
C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48
C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48
C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48
C:\WINDOWS\system32\amstream.dll |04/07/2004 08:28:06
C:\WINDOWS\system32\ati2cqag.dll |20/08/2004 00:09:19
C:\WINDOWS\system32\ati2dvaa.dll |22/05/2004 07:19:58
C:\WINDOWS\system32\ati2dvag.dll |22/05/2004 07:19:59
C:\WINDOWS\system32\ati3d1ag.dll |22/05/2004 07:20:10
C:\WINDOWS\system32\ati3d2ag.dll |22/05/2004 07:20:16
C:\WINDOWS\system32\ati3duag.dll |20/08/2004 00:09:19
C:\WINDOWS\system32\ativtmxx.dll |20/08/2004 00:09:19
C:\WINDOWS\system32\ativvaxx.dll |20/08/2004 00:09:19
C:\WINDOWS\system32\atmfd.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\atmlib.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\compatui.dll |22/05/2004 07:14:58
C:\WINDOWS\system32\ctdvda32.dll |30/01/2005 06:19:47
C:\WINDOWS\system32\dgrpsetu.dll |21/05/2004 19:21:18
C:\WINDOWS\system32\dgsetup.dll |21/05/2004 19:21:18
C:\WINDOWS\system32\DivX.dll |13/01/2007 02:03:26
C:\WINDOWS\system32\divxdec_0407.dll |26/10/2004 23:38:18
C:\WINDOWS\system32\divxdec_040c.dll |26/10/2004 23:38:18
C:\WINDOWS\system32\divxdec_0411.dll |26/10/2004 23:38:18
C:\WINDOWS\system32\DivXWMPExtType.dll |12/01/2007 02:19:45
C:\WINDOWS\system32\divx_xx07.dll |13/01/2007 02:03:26
C:\WINDOWS\system32\divx_xx0c.dll |13/01/2007 02:03:26
C:\WINDOWS\system32\divx_xx11.dll |13/01/2007 02:03:26
C:\WINDOWS\system32\dpl100.dll |11/08/2006 00:03:58
C:\WINDOWS\system32\dpu10.dll |13/01/2007 02:03:29
C:\WINDOWS\system32\dpu11.dll |11/07/2006 23:54:31
C:\WINDOWS\system32\dpuGUI10.dll |13/01/2007 02:03:30
C:\WINDOWS\system32\dpuGUI11.dll |11/07/2006 23:54:31
C:\WINDOWS\system32\dpus10.dll |26/10/2004 23:39:03
C:\WINDOWS\system32\dpus11.dll |13/01/2007 02:03:29
C:\WINDOWS\system32\dpv10.dll |26/10/2004 23:39:04
C:\WINDOWS\system32\dpv11.dll |11/07/2006 23:54:31
C:\WINDOWS\system32\dtu100.dll |13/01/2007 02:03:31
C:\WINDOWS\system32\encdec.dll |22/05/2004 07:20:24
C:\WINDOWS\system32\EqnClass.Dll |21/05/2004 19:21:18
C:\WINDOWS\system32\GCPL_FRENCH.dll |21/05/2004 18:58:05
C:\WINDOWS\system32\hpocoi08.dll |22/05/2004 05:29:55
C:\WINDOWS\system32\hpoidm07.dll |24/04/2002 02:05:06
C:\WINDOWS\system32\hpoidr07.dll |24/04/2002 01:22:56
C:\WINDOWS\system32\hpoipr07.dll |24/04/2002 01:25:06
C:\WINDOWS\system32\hpoipt07.dll |24/04/2002 01:26:16
C:\WINDOWS\system32\hpoisn07.dll |24/04/2002 01:26:30
C:\WINDOWS\system32\hpomem07.dll |24/04/2002 01:33:42
C:\WINDOWS\system32\HPOtap07.dll |24/04/2002 01:32:36
C:\WINDOWS\system32\hpousd07.dll |24/04/2002 01:58:36
C:\WINDOWS\system32\hsfcisp2.dll |20/08/2004 00:09:27
C:\WINDOWS\system32\hticons.dll |21/05/2004 18:30:51
C:\WINDOWS\system32\hypertrm.dll |21/05/2004 18:30:51
C:\WINDOWS\system32\Iacenc.dll |18/11/1998 14:33:16
C:\WINDOWS\system32\iccvid.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\indounin.dll |27/01/1999 12:39:06
C:\WINDOWS\system32\ir32_32.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\ir41_qc.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\ir41_qcx.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\ir50_32.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\ir50_qc.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\ir50_qcx.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\isrdbg32.dll |21/05/2004 18:32:55
C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 06:56:08
C:\WINDOWS\system32\jgaw400.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\jgdw400.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\jgmd400.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\jgpl400.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\jgsd400.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\jgsh400.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\LCamCpl.dll |25/02/2004 16:04:04
C:\WINDOWS\system32\lfbmp11n.dll |10/05/2000 11:34:12
C:\WINDOWS\system32\lfbmp12n.dll |25/02/2004 13:38:42
C:\WINDOWS\system32\LFCMP11n.DLL |10/05/2000 11:34:14
C:\WINDOWS\system32\LFCMP12n.DLL |25/02/2004 13:38:42
C:\WINDOWS\system32\lfeps11n.dll |10/05/2000 11:34:14
C:\WINDOWS\system32\lffax11n.dll |10/05/2000 11:34:14
C:\WINDOWS\system32\lffax12n.dll |25/02/2004 13:38:42
C:\WINDOWS\system32\lfgif11n.dll |09/05/2000 18:41:26
C:\WINDOWS\system32\lfpcd11n.dll |10/05/2000 11:34:16
C:\WINDOWS\system32\lfpcx11n.dll |10/05/2000 11:34:16
C:\WINDOWS\system32\Lfpng11n.dll |10/05/2000 11:34:18
C:\WINDOWS\system32\lfpsd11n.dll |10/05/2000 11:34:20
C:\WINDOWS\system32\lftga11n.dll |10/05/2000 11:34:20
C:\WINDOWS\system32\lftif11n.dll |10/05/2000 11:34:22
C:\WINDOWS\system32\lftif12n.dll |25/02/2004 13:38:42
C:\WINDOWS\system32\lfwmf11n.dll |10/05/2000 11:34:22
C:\WINDOWS\system32\libdivx.dll |12/07/2006 00:40:00
C:\WINDOWS\system32\libeay32.dll |28/04/2005 05:22:34
C:\WINDOWS\system32\LQCUI2.dll |25/02/2004 15:35:10
C:\WINDOWS\system32\LTDIS11n.dll |10/05/2000 11:34:24
C:\WINDOWS\system32\LTDIS12n.dll |25/02/2004 13:38:46
C:\WINDOWS\system32\ltefx12n.dll |25/02/2004 13:38:46
C:\WINDOWS\system32\ltfil11n.DLL |09/05/2000 18:41:26
C:\WINDOWS\system32\ltfil12n.DLL |25/02/2004 13:38:46
C:\WINDOWS\system32\ltimg11n.dll |10/05/2000 11:34:28
C:\WINDOWS\system32\ltimg12n.dll |25/02/2004 13:38:46
C:\WINDOWS\system32\ltkrn11n.dll |10/05/2000 11:34:32
C:\WINDOWS\system32\ltkrn12n.dll |25/02/2004 13:38:48
C:\WINDOWS\system32\Ltwvc11n.dll |10/05/2000 11:34:36
C:\WINDOWS\system32\Ltwvc12n.dll |25/02/2004 13:38:52
C:\WINDOWS\system32\LVCodec2.dll |22/05/2004 11:24:40
C:\WINDOWS\system32\lvcoinst.dll |22/05/2004 11:24:41
C:\WINDOWS\system32\LVCOMCX.dll |25/02/2004 15:18:46
C:\WINDOWS\system32\Lvkrn12n.dll |25/02/2004 13:38:52
C:\WINDOWS\system32\LVMAENUM.dll |25/02/2004 15:16:56
C:\WINDOWS\system32\LVUI2.dll |22/05/2004 11:24:41
C:\WINDOWS\system32\LVUI2RC.dll |22/05/2004 11:24:41
C:\WINDOWS\system32\mdmxsdk.dll |20/08/2004 00:09:30
C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06
C:\WINDOWS\system32\mrvfwext.dll |22/05/2004 10:49:24
C:\WINDOWS\system32\msdmo.dll |04/07/2004 08:28:06
C:\WINDOWS\system32\msencode.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 19:46:58
C:\WINDOWS\system32\mtxparhd.dll |20/08/2004 00:09:35
C:\WINDOWS\system32\Npindeo.dll |20/11/1998 12:38:58
C:\WINDOWS\system32\nv4_disp.dll |22/05/2004 07:21:33
C:\WINDOWS\system32\nvapi.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvcod.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvcodins.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvcpl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvcpluir.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvdisps.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvdispsr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvexpbar.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvgames.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvgamesr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvhwvid.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nview.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvmccs.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvmccsrs.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvmccss.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvmccssr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvmctray.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvmobls.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvmoblsr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvnt4cpl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvoglnt.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsar.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrscs.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsda.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsde.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsel.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrseng.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrses.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsesm.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsfi.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsfr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrshe.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrshu.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsit.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsja.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsko.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsnl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsno.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrspl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrspt.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsptb.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrsru.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrssk.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrssl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrssv.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrstr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrszhc.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvrszht.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvshell.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvvitvs.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvvitvsr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwddi.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwdmcpl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwimg.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsar.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrscs.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsda.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsde.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsel.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrseng.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrses.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsesm.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsfi.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsfr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrshe.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrshu.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsit.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsja.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsko.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsnl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsno.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrspl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrspt.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsptb.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrsru.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrssk.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrssl.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrssv.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrstr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrszhc.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwrszht.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwss.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\nvwssr.dll |22/10/2006 12:22:00
C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16
C:\WINDOWS\system32\PCDLIB32.DLL |10/05/2000 11:34:38
C:\WINDOWS\system32\pncrt.dll |17/06/2004 18:42:31
C:\WINDOWS\system32\pndx5016.dll |19/02/2005 13:10:33
C:\WINDOWS\system32\pndx5032.dll |19/02/2005 13:10:33
C:\WINDOWS\system32\PRISMAPI.dll |18/03/2004 13:41:02
C:\WINDOWS\system32\PRISMNDI.dll |18/03/2004 13:49:14
C:\WINDOWS\system32\PSIKey.dll |26/10/2004 23:38:24
C:\WINDOWS\system32\psisdecd.dll |04/07/2004 08:28:10
C:\WINDOWS\system32\px.dll |20/09/2006 04:06:30
C:\WINDOWS\system32\pxdrv.dll |20/09/2006 04:06:31
C:\WINDOWS\system32\pxmas.dll |20/09/2006 04:06:30
C:\WINDOWS\system32\pxwave.dll |20/09/2006 04:06:30
C:\WINDOWS\system32\QCUI2.dll |25/02/2004 15:37:58
C:\WINDOWS\system32\qedwipes.dll |04/07/2004 08:28:06
C:\WINDOWS\system32\qt-dx331.dll |27/07/2006 18:28:42
C:\WINDOWS\system32\qt-mt331.dll |26/10/2004 23:39:05
C:\WINDOWS\system32\rmoc3260.dll |17/06/2004 18:42:41
C:\WINDOWS\system32\RtlCPAPI.dll |30/01/2007 13:04:04
C:\WINDOWS\system32\s3gnb.dll |20/08/2004 00:09:39
C:\WINDOWS\system32\sbe.dll |22/05/2004 07:20:39
C:\WINDOWS\system32\slbcsp.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\slbiop.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\slbrccsp.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\slcoinst.dll |20/08/2004 00:09:41
C:\WINDOWS\system32\slextspk.dll |20/08/2004 00:09:41
C:\WINDOWS\system32\slgen.dll |20/08/2004 00:09:41
C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18
C:\WINDOWS\system32\spxcoins.dll |21/05/2004 19:21:18
C:\WINDOWS\system32\ssldivx.dll |12/07/2006 00:40:00
C:\WINDOWS\system32\ssleay32.dll |28/04/2005 05:22:34
C:\WINDOWS\system32\tsd32.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20
C:\WINDOWS\system32\uxtuneup.dll |20/01/2007 11:24:51
C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29
C:\WINDOWS\system32\vxblock.dll |20/09/2006 04:06:30
C:\WINDOWS\system32\W32N50.dll |02/07/2005 11:02:35
C:\WINDOWS\system32\win87em.dll |28/08/2001 13:00:00
C:\WINDOWS\system32\WINFOXUT.dll |03/02/2007 05:39:45
C:\WINDOWS\system32\WooDial2000.dll |21/05/2004 19:10:30

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est F852-3CA5

Répertoire de C:\WINDOWS\system32

20/08/2004 00:09 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 25 518 133 248 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est F852-3CA5

Répertoire de C:\WINDOWS\Downloaded Program Files

06/02/2007 08:50 <REP> .
06/02/2007 08:50 <REP> ..
07/12/2004 15:07 32 bdcore.dll
01/03/2005 13:08 118 784 bdupd.dll
24/08/2005 00:00 2 390 catalog.dat
20/12/2006 15:19 <REP> CONFLICT.1
05/02/2007 08:13 <REP> CONFLICT.2
05/12/2006 17:16 516 CTPID.inf
06/12/2006 11:10 38 696 CTPID.ocx
11/08/2006 09:40 523 CTSUEng.inf
11/08/2006 09:36 225 280 CTSUEng.ocx
21/05/2004 18:34 65 desktop.ini
25/07/2002 18:13 24 576 dwusplay.dll
25/07/2002 18:13 196 608 dwusplay.exe
24/08/2005 00:00 6 899 ecbootil.vxd
24/08/2005 00:00 288 376 ecmsvr32.dll
06/12/2004 15:55 325 240 EphotoAxRes.dll
07/06/2006 10:09 1 249 erma.inf
22/12/2006 12:20 1 564 hardwaredetection.inf
06/10/2005 18:19 168 448 IEAWSDC.DLL
06/10/2005 18:19 452 ieawsdc.inf
08/04/2006 23:59 274 432 InternetUtil2.dll
01/03/2005 13:08 53 248 ipsupd.dll
16/06/2004 06:02 323 584 isusweb.dll
25/08/2003 17:12 1 096 iuctl.inf
08/08/2006 11:45 576 kavwebscan.inf
09/03/2005 14:42 6 742 lang.ini
11/12/2006 16:44 367 LegitCheckControl.inf
07/12/2004 15:07 32 libfn.dll
18/02/2005 15:22 126 live.ini
05/12/2005 19:58 83 680 LogInfo.dll
20/01/2000 14:25 1 162 Microsoft XML Parser for Java.osd
18/01/2007 00:27 345 512 MSDcode.dll
24/08/2005 00:00 124 536 naveng32.dll
24/08/2005 00:00 706 168 navex32a.dll
28/08/2006 10:05 227 opuc.inf
31/05/2006 03:15 10 oscan81.ocx_x
09/03/2005 14:43 6 828 scanoptions.tsi
24/08/2005 00:00 91 440 scrauth.dat
03/06/2005 12:24 395 SnapfishActivia1000.inf
03/06/2005 12:24 286 720 SnapfishActivia1000.ocx
08/12/2003 12:58 3 759 swflash.inf
24/08/2005 00:00 8 145 symaveng.cat
24/08/2005 00:00 901 symaveng.inf
24/08/2005 00:00 12 616 tcdefs.dat
24/08/2005 00:00 722 450 tcscan7.dat
24/08/2005 00:00 165 937 tcscan8.dat
24/08/2005 00:00 403 280 tcscan9.dat
24/08/2005 00:00 453 tinf.dat
24/08/2005 00:00 148 tinfidx.dat
24/08/2005 00:00 1 957 tinfl.dat
19/06/2001 16:10 122 880 TLIEFlashCtrlU.dll
24/08/2005 00:00 41 449 tscan1.dat
24/08/2005 00:00 1 237 tscan1hd.dat
24/08/2005 00:00 5 516 v.grd
24/08/2005 00:00 2 225 v.sig
24/08/2005 00:00 106 244 virscan.inf
24/08/2005 00:00 958 590 virscan1.dat
24/08/2005 00:00 559 396 virscan2.dat
24/08/2005 00:00 145 136 virscan3.dat
24/08/2005 00:00 320 105 virscan4.dat
24/08/2005 00:00 1 248 502 virscan5.dat
24/08/2005 00:00 385 075 virscan6.dat
24/08/2005 00:00 2 475 818 virscan7.dat
24/08/2005 00:00 1 380 757 virscan8.dat
24/08/2005 00:00 2 593 142 virscan9.dat
24/08/2005 00:00 32 virscant.dat
27/08/2005 20:03 2 072 vscanmsx.dat
27/10/2002 18:32 3 036 wmv9dmo.inf
30/06/2003 21:41 1 689 WMV9VCM.inf
26/05/2005 04:19 291 wuweb.inf
24/08/2005 00:00 224 zdone.dat
68 fichier(s) 15 379 641 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1

20/12/2006 15:19 <REP> .
20/12/2006 15:19 <REP> ..
07/12/2004 16:07 32 bdcore.dll
01/03/2005 14:08 118 784 bdupd.dll
01/03/2005 14:08 53 248 ipsupd.dll
09/03/2005 15:42 6 742 lang.ini
07/12/2004 16:07 32 libfn.dll
18/02/2005 16:22 126 live.ini
31/05/2006 04:15 10 oscan81.ocx_x
09/03/2005 15:43 6 828 scanoptions.tsi
8 fichier(s) 185 802 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2

05/02/2007 08:13 <REP> .
05/02/2007 08:13 <REP> ..
07/12/2004 16:07 32 bdcore.dll
01/03/2005 14:08 118 784 bdupd.dll
01/03/2005 14:08 53 248 ipsupd.dll
16/03/2005 11:34 7 407 lang.ini
07/12/2004 16:07 32 libfn.dll
14/03/2005 13:38 126 live.ini
01/06/2006 02:57 1 331 oscan8.inf
01/06/2006 02:54 471 040 oscan8.ocx
31/05/2006 04:15 10 oscan81.ocx_x
14/03/2005 13:58 7 073 scanoptions.tsi
10 fichier(s) 659 083 octets

Total des fichiers listés :
86 fichier(s) 16 224 526 octets
8 Rép(s) 25 518 125 056 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues




Liste des programmes installes

a-squared Free 2.1
Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Flash Player 9
Adobe Reader 7.0.9 - Français
Agnitum Outpost Firewall Pro
Archiveur WinRAR
Ashampoo Magical Optimizer
avast! Antivirus
AVG Anti-Spyware 7.5
BlindWrite 6
Camera Driver
CartaGoGo v2.0.8
CCleaner (remove only)
ConvertXtoDVD 2.1.10.209
Correctif pour Windows XP (KB914440)
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885884
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB893066
Correctif Windows XP - KB893086
Creative Desktop Wireless
DivX Codec
DivX Player
EasyCleaner
eMule
EnveloppesEditor1.08
EVEREST Home Edition v2.20
FoneSync
Google Toolbar for Internet Explorer
HardwareDetection
Hijackthis Version Française
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
hp psc 700 series
HP Share-to-Web
HP Software Update
Installation de Microsoft Works Suite 2001
J2SE Runtime Environment 5.0 Update 10
Java 2 Runtime Environment Standard Edition v1.3.1_03
Java 2 Runtime Environment, SE v1.4.2_05
Kaspersky Online Scanner
L&H TTS3000 Français
Language pack for Ad-Aware SE
Lecteur Windows Media 11
Logiciel d'impression photo HP
Logiciel QuickCam de Logitech
Logitech Desktop Messenger
Macro complémentaire Microsoft Word pour Works Suite
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disque 2
Microsoft Office XP Standard
Microsoft Picture It! Express 7.0
Microsoft Picture It! Photo 2001
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works 6.0
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows XP (KB883939)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896422)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896424)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB896688)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899588)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB903235)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB905915)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB908531)
Mise à jour de sécurité pour Windows XP (KB911280)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911567)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912812)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913446)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB916281)
Mise à jour de sécurité pour Windows XP (KB917159)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917422)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB918899)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920214)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921398)
Mise à jour de sécurité pour Windows XP (KB921883)
Mise à jour de sécurité pour Windows XP (KB922616)
Mise à jour de sécurité pour Windows XP (KB922760)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923694)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924191)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924496)
Mise à jour de sécurité pour Windows XP (KB925486)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB896727)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB904942)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mon Assistant Internet
Mozilla Firefox (2.0.0.1)
MSXML 4.0 SP2 (KB927978)
NVIDIA Drivers
OS Pack Works Suite
Programme de gestion Camera de Logitech®
RealPlayer
Realtek AC'97 Audio
SafeCast Shared Components
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update pour Microsoft .NET Framework 2.0 (KB917283)
Shockwave
Spybot - Search & Destroy 1.4
Suppress plus 1.8
Synchronisation de Works
TuneUp Utilities 2007
VideoLAN VLC media player 0.8.5
VSO CopyToDVD 4
VSO Inspector 1.2.5
WebFldrs XP
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 2
WinFast(R) Display Driver
Yahoo! Toolbar avec bloqueur de fenêtres pop-up



Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est F852-3CA5

Répertoire de C:\Program Files

06/02/2007 07:21 <REP> .
06/02/2007 07:21 <REP> ..
29/01/2007 09:41 <REP> 3B Software
08/10/2006 08:10 <REP> Adobe
29/01/2007 10:27 <REP> Agnitum
03/02/2007 15:28 <REP> AIDA32 - Enterprise System Information
08/09/2006 07:02 <REP> Alp-enveloppe
22/10/2006 16:47 <REP> Alwil Software
26/01/2007 11:41 <REP> Ashampoo
05/02/2007 14:08 <REP> a-squared Free
03/01/2007 08:36 <REP> Avance Sound Manager
10/09/2006 15:10 <REP> CartaGoGo
10/09/2006 08:41 <REP> Cartes de visite
29/11/2006 10:58 <REP> CCleaner
20/08/2004 17:52 <REP> cdimage
06/01/2007 07:23 <REP> CleanUp!(2)
18/11/2005 08:33 <REP> Creative
11/09/2006 05:13 <REP> DesignPro
06/04/2004 18:18 <REP> directx
03/02/2007 15:23 <REP> DivX
01/02/2007 12:08 <REP> eMule
06/02/2007 11:28 <REP> EnveloppesEditor1.08
21/05/2004 23:27 <REP> EuroTool
29/01/2007 10:27 <REP> Fichiers communs
03/02/2007 07:59 <REP> FoneSync
09/12/2006 07:19 <REP> FreshDevices
13/11/2006 07:16 <REP> FriendFinder Messenger
02/02/2007 07:11 <REP> Google
08/11/2006 13:49 <REP> Grisoft
30/01/2007 13:07 <REP> HardwareDetection
02/11/2006 16:40 <REP> Hewlett-Packard
06/02/2007 12:23 <REP> Hijackthis Version Française
27/09/2006 06:38 <REP> HP
25/01/2007 08:15 <REP> hugin
21/04/2006 08:59 <REP> IncrediMail
19/02/2005 08:02 <REP> InterActual
06/02/2007 13:33 <REP> Internet Explorer
19/02/2005 08:02 <REP> InterVideo
26/11/2005 09:53 <REP> Jasc Software Inc
03/02/2007 15:31 <REP> Java
06/04/2004 18:29 <REP> JavaSoft
12/12/2006 18:08 <REP> Lavalys
14/11/2006 13:16 <REP> Lavasoft
17/09/2006 06:23 <REP> LCDTest
19/12/2005 07:24 <REP> LG Sofware Innovations
29/01/2005 05:00 <REP> LiveUpdate
22/05/2004 11:25 <REP> Logitech
19/02/2005 07:56 <REP> Messenger
21/05/2004 23:28 <REP> Microsoft AutoRoute
07/04/2004 02:07 <REP> Microsoft Encarta
02/03/2006 08:34 <REP> microsoft frontpage
21/05/2004 23:28 <REP> Microsoft Money
02/03/2006 08:40 <REP> Microsoft Office
03/11/2006 05:14 <REP> Microsoft Picture It! 7
23/01/2007 06:44 <REP> Microsoft Picture It! PhotoPub
18/08/2005 06:28 <REP> Microsoft Works
07/04/2004 02:08 <REP> Microsoft Works Suite 2001
10/03/2006 11:12 <REP> Motive
02/09/2004 20:10 <REP> Movie Maker
06/02/2007 17:36 <REP> Mozilla Firefox
21/05/2004 23:26 <REP> MSN
07/04/2004 02:06 <REP> MSN Gaming Zone
17/12/2006 12:56 <REP> MSN Messenger
15/11/2006 10:21 <REP> MSXML 4.0
31/01/2007 13:05 <REP> Multi_Media_France
02/09/2004 20:01 <REP> NetMeeting
07/04/2004 02:08 <REP> NewTech Infosystems
10/03/2006 11:11 <REP> Numericable
15/12/2006 08:40 <REP> Outlook Express
06/04/2004 18:23 <REP> Raccourcis de programmes
19/02/2005 13:09 <REP> Real
30/01/2007 13:04 <REP> Realtek AC97
08/09/2004 18:11 <REP> Snapshot Viewer
03/01/2007 08:36 <REP> Softwin
04/02/2007 11:41 <REP> splus
26/01/2007 17:08 <REP> Spybot - Search & Destroy
06/02/2007 07:21 <REP> ToniArts
20/01/2007 11:23 <REP> TuneUp Utilities 2006
20/01/2007 17:49 <REP> TuneUp Utilities 2007
04/02/2007 10:34 <REP> Ultimate Cleaner
12/04/2004 09:30 <REP> VideoLAN
08/01/2007 13:44 <REP> VSO
12/12/2006 07:56 <REP> Windows Live Toolbar
06/04/2004 18:21 <REP> Windows Media Components
15/11/2006 16:03 <REP> Windows Media Connect 2
24/01/2007 06:51 <REP> Windows Media Player
02/09/2004 20:00 <REP> Windows NT
06/01/2007 07:23 <REP> WinRAR
03/01/2007 08:36 <REP> WinZip
07/04/2004 02:06 <REP> xerox
04/02/2007 17:01 <REP> Yahoo!
0 fichier(s) 0 octets
91 Rép(s) 25 517 887 488 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est F852-3CA5

Répertoire de C:\Program Files\fichiers communs

29/01/2007 10:27 <REP> .
29/01/2007 10:27 <REP> ..
10/12/2006 08:29 <REP> Adobe
29/01/2007 10:27 <REP> Agnitum Shared
31/10/2006 06:14 <REP> Ahead
21/05/2004 23:27 <REP> Designer
03/01/2007 08:36 <REP> DriveCleaner 2006 Free
17/11/2005 17:24 278 528 FDEUnInstaller.exe
07/04/2004 03:05 <REP> FotoWire
01/04/2006 09:40 <REP> InstallShield
19/02/2005 08:02 <REP> InterVideo
04/08/2004 20:25 <REP> Java
27/10/2006 05:20 <REP> KAV Shared Files
04/03/2006 09:13 <REP> L&H
22/05/2004 11:24 <REP> Logitech
20/12/2004 05:05 <REP> Macrovision Shared
03/01/2007 07:53 <REP> Microsoft Shared
07/04/2004 02:06 <REP> MSSoap
07/04/2004 02:06 <REP> ODBC
19/02/2005 13:11 <REP> Real
03/01/2007 08:36 <REP> Softwin
07/04/2004 02:06 <REP> SpeechEngines
22/10/2006 16:25 <REP> Symantec Shared
29/12/2006 08:18 <REP> System
20/01/2007 11:23 <REP> Wise Installation Wizard
08/04/2004 04:02 <REP> xing shared
1 fichier(s) 278 528 octets
25 Rép(s) 25 517 887 488 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est F852-3CA5

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

02/03/2006 08:46 <REP> .
02/03/2006 08:46 <REP> ..
22/02/2006 16:07 <REP> 1033
02/03/2006 08:46 <REP> 1036
11/07/2003 10:15 1 292 872 MSONSEXT.DLL
13/02/2001 08:23 58 784 MSOSV.DLL
03/06/1999 14:09 122 937 MSOWS409.DLL
07/03/2001 09:00 127 033 MSOWS40c.DLL
06/08/2000 08:04 401 462 MSVCP60.DLL
29/01/2004 15:08 69 632 PKMAXCTL.DLL
29/01/2004 15:08 868 352 PKMCDO.DLL
29/01/2004 15:08 53 248 PKMCORE.DLL
29/01/2004 15:08 102 400 PKMFORMS.DLL
29/01/2004 15:38 634 880 PKMRES.DLL
29/01/2004 15:08 28 672 PKMSSTLB.DLL
22/01/2001 02:25 40 960 PKMTEMPL.DLL
29/01/2004 15:08 24 576 PKMTRACE.DLL
11/07/2003 02:25 80 448 PKMWS.DLL
29/01/2004 15:08 237 568 PROMDEMO.DLL
18/03/1999 04:37 593 977 RAGENT.DLL
29/01/2004 15:08 184 320 SECMGR.DLL
29/01/2004 15:08 315 392 VAIDDMGR.DLL
29/01/2004 15:08 32 768 VAIMEM.DLL
19 fichier(s) 5 270 281 octets
4 Rép(s) 25 517 887 488 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est F852-3CA5

Répertoire de C:\

11/11/2001 00:00 68 096 diff.exe
01/01/2007 13:58 35 113 704 directx_9c_redist.exe
09/07/2004 04:08 472 576 dxsetup.exe
27/08/2006 14:10 103 424 grep.exe
15/04/2004 04:07 91 430 patch_lovsan.exe
15/04/2004 04:05 1 292 576 WindowsXP-KB823980-x86-FRA.exe
04/02/2003 20:30 73 728 XP_PageFileMon.exe
7 fichier(s) 37 215 534 octets
0 Rép(s) 25 517 883 392 octets libres
c:\Documents and Settings\All Users.WINDOWS\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\CIP\oj-uninstall_v1.3fr.exe
c:\Documents and Settings\All Users.WINDOWS\Application Data\GTek\GTUpdate\AUpdate\Channels\ch2\CIP\oj-uninstall_v1.3fr.exe
c:\Documents and Settings\Default User\Application Data\Microsoft\Installer\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}\MnyIco.exe
c:\Documents and Settings\DIDIER\.housecall6.6\getMac.exe
c:\Documents and Settings\DIDIER\.housecall6.6\patch.exe
c:\Documents and Settings\DIDIER\.housecall6.6\tsc.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\dumphive.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\Process.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\Reboot.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\restart.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\swreg.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\swsc.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\swxcacls.exe
c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\unzip.exe
c:\Documents and Settings\DIDIER\Application Data\ezpinst.exe
c:\Documents and Settings\DIDIER\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
c:\Documents and Settings\DIDIER\Application Data\Image Zone Express\HPSoftwareUpdate.exe
c:\Documents and Settings\DIDIER\Bureau\OutpostProInstallFr.exe
c:\Documents and Settings\DIDIER\Bureau\VundoFix.exe
c:\Documents and Settings\DIDIER\Mes documents\ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe
c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\divxplay.exe
c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\googletoolbarinstaller.exe
c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\vsorep.exe
c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\Lang\Language-pack 2\UNWISE.EXE
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\diff.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\Fport.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\grep.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\LFiles.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\pslist.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\streams.exe
c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\swreg.exe
c:\Documents and Settings\DIDIER\Mes documents\Unzipped\wocar25\DISK1\_ISDEL.EXE
c:\Documents and Settings\DIDIER\Mes documents\Unzipped\wocar25\DISK1\SETUP.EXE
c:\Documents and Settings\DIDIER\Mes documents\Unzipped\wocar25\DISK1\UNINST.EXE
c:\Documents and Settings\HELLEBOID\Application Data\Microsoft\Installer\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}\MnyIco.exe
c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}\MnyIco.exe
c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\DIDIER\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\8b7rwott.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
c:\Documents and Settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\8b7rwott.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
c:\Documents and Settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\8b7rwott.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
c:\Documents and Settings\DIDIER\Application Data\OfficeUpdate12\oudetect.dll
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Chercheurbis ,
Voici le rapport de WinPFind3

WinPFind3 logfile created on: 07/02/2007 07:34:34
WinPFind3U by OldTimer - Version 1.0.15 Folder = C:\Documents and Settings\DIDIER\Bureau\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1048052 Kb Total Physical Memory | 691356 Kb Available Physical Memory | 65,97% Memory free
2521480 Kb Paging File | 2239676 Kb Available in Paging File | 88,82% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37246700 Kb Total Space | 24919000 Kb Free Space | 66,90% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded


[Processes - Non-Microsoft Only]
amo_ta~1.exe -> %ProgramFiles%\Ashampoo\Ashampoo Magical Optimizer\AMO_Taskplaner.exe -> [Ver = | Size = 1244160 bytes | Modified Date = 05/05/2006 14:40:04 | Attr = ]
ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 15/01/2007 18:28:58 | Attr = ]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15/01/2007 18:28:32 | Attr = ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15/01/2007 18:28:52 | Attr = ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15/01/2007 18:27:52 | Attr = ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 05/08/2006 17:10:10 | Attr = ]
cdac11ba.exe -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.020 | Size = 54784 bytes | Modified Date = 20/12/2004 05:05:16 | Attr = ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 01/02/2007 07:21:58 | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 15:13:20 | Attr = ]
lvcomsx.exe -> %System32%\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.7.1036 | Size = 221184 bytes | Modified Date = 19/07/2005 16:32:18 | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
outpost.exe -> %ProgramFiles%\Agnitum\Outpost Firewall\outpost.exe -> Agnitum Ltd. [Ver = 4.0.591.7319 | Size = 94720 bytes | Modified Date = 19/01/2007 14:46:30 | Attr = ]
slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Modified Date = 20/08/2004 00:10:02 | Attr = ]
soundman.exe -> %SystemRoot%\soundman.exe -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 17/11/2006 05:42:52 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.15.0 | Size = 308736 bytes | Modified Date = 06/02/2007 09:57:26 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 05/08/2006 17:10:10 | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15/01/2007 18:28:52 | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15/01/2007 18:28:32 | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15/01/2007 18:27:52 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 15:13:20 | Attr = ]
(C-DillaCdaC11BA) C-DillaCdaC11BA [Win32_Own | Auto | Running] -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.020 | Size = 54784 bytes | Modified Date = 20/12/2004 05:05:16 | Attr = ]
(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 20/08/2004 00:09:52 | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 01/02/2007 07:21:54 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14/11/2005 00:06:04 | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
(OutpostFirewall) Outpost Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Agnitum\Outpost Firewall\outpost.exe -> Agnitum Ltd. [Ver = 4.0.591.7319 | Size = 94720 bytes | Modified Date = 19/01/2007 14:46:30 | Attr = ]
(SLService) SmartLinkService [Win32_Own | Auto | Running] -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Modified Date = 20/08/2004 00:10:02 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 15/01/2007 18:28:58 | Attr = ]
LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.4.7.1034 | Size = 458752 bytes | Modified Date = 08/06/2005 15:24:32 | Attr = ]
LVCOMSX -> %System32%\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.7.1036 | Size = 221184 bytes | Modified Date = 19/07/2005 16:32:18 | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
Outpost Firewall -> %ProgramFiles%\Agnitum\Outpost Firewall\outpost.exe -> Agnitum Ltd. [Ver = 4.0.591.7319 | Size = 94720 bytes | Modified Date = 19/01/2007 14:46:30 | Attr = ]
OutpostFeedBack -> %ProgramFiles%\Agnitum\Outpost Firewall\feedback.exe -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 335872 bytes | Modified Date = 23/01/2007 13:54:28 | Attr = ]
SoundMan -> %SystemRoot%\soundman.exe -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 17/11/2006 05:42:52 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Ashampoo Magical Optimizer Taskplaner -> %ProgramFiles%\Ashampoo\Ashampoo Magical Optimizer\AMO_Taskplaner.exe -> [Ver = | Size = 1244160 bytes | Modified Date = 05/05/2006 14:40:04 | Attr = ]
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
Skype -> Reg Data - Value does not exist -> File not found
< Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command
regfile [merge] -> Reg Data - Key not found ->
scrfile [open] -> "%1" /S ->
scrfile [config] -> %1 ->
*Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew\\Command ->
NewLinkHere -> -> File not found
%1 -> -> File not found
*Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bfc\ShellNew\\Command ->
Briefcase_Create -> -> File not found
%2!d! -> -> File not found
%1 -> -> File not found
< ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -> ->
{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> ->
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ->
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ->
{44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ->
{5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ->
{6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub ->
{73FA19D0-2D75-11D2-995D-00C04F98BBC9} -> ->
{7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ->
{89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll ->
{89820200-ECBD-11cf-8B85-00AA005B4383} -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ->
{89B4C1CD-B018-4511-B0A1-5476DBF70820} -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ->
<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -> C:\WINDOWS\system32\ieudinit.exe
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP ->
>{26923b43-4d38-484f-9b9e-de460746276c} -> C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ->
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ->
>{E54A439F-A4B0-4526-A16B-B4E2ECE95B3D} -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ->
< WOW Command Line [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW
*wowcmdline* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW\\wowcmdline ->
-a -> -> File not found
< Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
BootExecute -> autocheck autochk *; ->
< SSODL [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
{fbeb8a05-beee-4442-804e-409d6c4515e9} [HKLM] -> Reg Data - Key not found [CDBurn] -> File not found
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28/09/2006 15:13:28 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> •
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = Ma page d'accueil ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> https://www.google.com/?gws_rd=ssl ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar -> https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm ->
HKLM: Start Page -> https://www.google.com/?gws_rd=ssl ->
HKLM: CustomizeSearch -> https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/toolbar/ie8/sidebar.html ->
HKLM: SearchAssistant -> http://www.google.com/toolbar/ie8/sidebar.html ->
HKCU: Search Bar -> http://www.google.com/toolbar/ie8/sidebar.html ->
HKCU: Search Page -> https://www.google.com/?gws_rd=ssl ->
HKCU: Start Page -> https://www.sfr.fr/offres-numericable.html ->
HKCU: SearchAssistant -> http://www.google.com/toolbar/ie8/sidebar.html ->
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 31/05/2005 01:04:00 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09/11/2006 15:21:52 | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8193 - Reg Data - Key not found ->
{24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} -> 8201 - Reg Data - Key not found ->
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> 8198 - Reg Data - Key not found ->
{2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} -> 8196 - Reg Data - Key not found ->
{4528BBE0-4E08-11D5-AD55-00010333D0AD} -> 8194 - Reg Data - Key not found ->
{85d1f590-48f4-11d9-9669-0800200c9a66} -> 8199 - Reg Data - Key not found ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8197 - Reg Data - Key not found ->
{e2e2dd38-d088-4134-82b7-f2ba38496583} -> 8200 - Reg Data - Key not found ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8195 - Reg Data - Key not found ->
NextId -> 8202 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{44627E97-789B-40d4-B5C2-58BD171129A1} -> Reg Data - Value does not exist [ButtonText: Réglage rapide de Outpost Firewall Pro] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&xporter vers Microsoft Excel -> Reg Data - Value does not exist -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Barre des tâches et menu Démarrer] -> File not found
{10F0C2A9-8E38-43E1-204D-45524C494E20} [HKLM] -> Reg Data - Key not found [Secure Delete] -> File not found
{1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [nView Desktop Context Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
{26F05DD3-6EDC-48C8-B2D6-8754AB9B0F8B} [HKLM] -> Reg Data - Key not found [AntiSpywarePopMenu Shell Extension] -> File not found
{2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD shell extension] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
{2BB59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> Reg Data - Key not found [ImageResizer Shell Extension] -> File not found
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3} [HKLM] -> %ProgramFiles%\Logitech\Video\Namespc2.dll [Mes photos Logitech] -> Logitech Inc. [Ver = 8.4.7.1034 | Size = 135168 bytes | Modified Date = 08/06/2005 15:25:52 | Attr = ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> Reg Data - Key not found [Extension Affichage Panorama du Panneau de configuration] -> File not found
{44440D00-FF19-4AFC-B765-9A0970567D97} [HKLM] -> %System32%\uxtuneup.dll [TuneUp Theme Extension] -> TuneUp Software GmbH [Ver = 1.0.0.2 | Size = 24072 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
{472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15/01/2007 18:23:14 | Attr = ]
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} [HKLM] -> %ProgramFiles%\TuneUp Utilities 2007\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> TuneUp Software GmbH [Ver = 2.0.0.2 | Size = 25608 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Extensions de l'environnement de compression de fichiers] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Comptes d'utilisateurs] -> File not found
{7F1CF152-04F8-453A-B34C-E609530A9DC8} [HKLM] -> Reg Data - Key not found [NeroDigitalPropSheetHandler] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Menu contextuel de cryptage] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [Extension icône HyperTerminal] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 28/08/2001 13:00:00 | Attr = ]
{A4DF5659-0801-4A60-9607-1C48695EFDA9} [HKLM] -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll [Dossier de téléchargement Share-to-Web ] -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 131072 bytes | Modified Date = 03/07/2001 09:10:36 | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
{B327765E-D724-4347-8B16-78AE18552FC3} [HKLM] -> Reg Data - Key not found [NeroDigitalIconHandler] -> File not found
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
{B446400D-0030-457b-8F64-422A19605186} [HKLM] -> %ProgramFiles%\Logitech\ImageStudio\NameSpc.dll [Logitech Gallery] -> Logitech Inc. [Ver = 7.2.0.1125 | Size = 53248 bytes | Modified Date = 11/09/2002 11:55:22 | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2488 | Size = 54848 bytes | Modified Date = 22/01/2007 11:15:30 | Attr = ]
{F5D92341-0A64-11D0-9956-0000E8096023} [HKLM] -> Reg Data - Key not found [CD Copy Shell Extension] -> File not found
{F5D92342-0A64-11D0-9956-0000E8096023} [HKLM] -> Reg Data - Key not found [CD Wizard Shell Extension] -> File not found
{F5D92344-0A64-11D0-9956-0000E8096023} [HKLM] -> Reg Data - Key not found [InstantWrite Shellextension] -> File not found
{FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> %System32%\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} [HKLM] -> %ProgramFiles%\Agnitum\Outpost Firewall\op_shell.dll [ASW] -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 155648 bytes | Modified Date = 23/01/2007 13:51:18 | Attr = ]
{472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15/01/2007 18:23:14 | Attr = ]
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 06/10/2006 12:40:48 | Attr = ]
{2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} [HKLM] -> %ProgramFiles%\TuneUp Utilities 2007\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> TuneUp Software GmbH [Ver = 2.0.0.2 | Size = 25608 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} [HKLM] -> %ProgramFiles%\Agnitum\Outpost Firewall\op_shell.dll [ASW] -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 155648 bytes | Modified Date = 23/01/2007 13:51:18 | Attr = ]
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 06/10/2006 12:40:48 | Attr = ]
{2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} [HKLM] -> %ProgramFiles%\TuneUp Utilities 2007\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> TuneUp Software GmbH [Ver = 2.0.0.2 | Size = 25608 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [00nView] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} [HKLM] -> %ProgramFiles%\Agnitum\Outpost Firewall\op_shell.dll [ASW] -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 155648 bytes | Modified Date = 23/01/2007 13:51:18 | Attr = ]
{472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15/01/2007 18:23:14 | Attr = ]
{2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{7D4D6379-F301-4311-BEBA-E26EB0561882} [HKLM] -> Reg Data - Key not found [NeroDigitalColumnHandler Class] -> File not found
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 14/12/2004 02:20:02 | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{11632C5A-03E2-4BDB-8730-E2857D90226A} -> () ->
{86659E12-02FA-4542-84D0-4B2A81D7AB97} -> (802.11g USB 2.0 adapter) ->
{9299F62C-E668-4C58-A69B-FF6EEA22D90A} -> (Inventel Gateway) ->
{B8C458FF-45F5-4CBF-8121-EB503FF6F4EC} -> (Carte réseau Fast Ethernet PCI Realtek RTL8139 Family) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
ms-itss -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{02BCC737-B171-4746-94C9-0D8A0B2C0089} -> - CodeBase = https://templates.office.com/?legRedir=true&CorrelationId=f61ec0eb-a945-4805-b3e3-720355ebd416 ->
{0742B9EF-8C83-41CA-BFBA-830A59E23533} -> Microsoft Data Collection Control - CodeBase = https://support.serviceshub.microsoft.com/supportforbusiness/create ->
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715} -> Creative Software AutoUpdate - CodeBase = http://www.creative.com/su/ocx/15026/CTSUEng.cab ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -> YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab ->
{406B5949-7190-4245-91A9-30A17DE16AD0} -> Snapfish Activia - CodeBase = http://www3.snapfish.fr/SnapfishActivia.cab ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://www.bitdefender.fr/scan8/oscan8.cab ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/... ->
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -> HardwareDetection Control - CodeBase = http://charon777.free.fr/plugins/hardwaredetection.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F} -> Update Class - CodeBase = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38967.1385069444 ->
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc4.cab ->
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_05 - CodeBase = https://www.oracle.com/java/technologies/ ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} -> Creative Software AutoUpdate Support Package - CodeBase = http://www.creative.com/su/ocx/15028/CTPID.cab ->
Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->

[Files - Created Within 30 days]
diff.exe -> %SystemDrive%\diff.exe -> [Ver = | Size = 68096 bytes | Created Date = 07/02/2007 07:11:13 | Attr = ]
grep.exe -> %SystemDrive%\grep.exe -> [Ver = | Size = 103424 bytes | Created Date = 07/02/2007 07:11:13 | Attr = ]
reboot.cmd -> %SystemDrive%\reboot.cmd -> [Ver = | Size = 853 bytes | Created Date = 07/02/2007 07:11:13 | Attr = ]
IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 3175896 bytes | Created Date = 22/01/2007 16:50:46 | Attr = H ]
Maintenance en 1 clic.lnk -> %AllUsersDesktop%\Maintenance en 1 clic.lnk -> [Ver = | Size = 968 bytes | Created Date = 20/01/2007 11:24:47 | Attr = ]
RealPlayer.lnk -> %AllUsersDesktop%\RealPlayer.lnk -> [Ver = | Size = 951 bytes | Created Date = 22/01/2007 11:16:12 | Attr = ]
TuneUp Utilities 2007.lnk -> %AllUsersDesktop%\TuneUp Utilities 2007.lnk -> [Ver = | Size = 837 bytes | Created Date = 20/01/2007 11:24:47 | Attr = ]
01_Music_auto_rated_at_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\01_Music_auto_rated_at_5_stars.wpl -> [Ver = | Size = 1065 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
02_Music_added_in_the_last_month.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\02_Music_added_in_the_last_month.wpl -> [Ver = | Size = 1282 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
03_Music_rated_at_4_or_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\03_Music_rated_at_4_or_5_stars.wpl -> [Ver = | Size = 1278 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
04_Music_played_in_the_last_month.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\04_Music_played_in_the_last_month.wpl -> [Ver = | Size = 1287 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
05_Pictures_taken_in_the_last_month.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\05_Pictures_taken_in_the_last_month.wpl -> [Ver = | Size = 794 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
06_Pictures_rated_4_or_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\06_Pictures_rated_4_or_5_stars.wpl -> [Ver = | Size = 795 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
07_TV_recorded_in_the_last_week.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\07_TV_recorded_in_the_last_week.wpl -> [Ver = | Size = 1058 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
08_Video_rated_at_4_or_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\08_Video_rated_at_4_or_5_stars.wpl -> [Ver = | Size = 1030 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
09_Music_played_the_most.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\09_Music_played_the_most.wpl -> [Ver = | Size = 1029 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
10_All_Music.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\10_All_Music.wpl -> [Ver = | Size = 1070 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
11_All_Pictures.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\11_All_Pictures.wpl -> [Ver = | Size = 590 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
12_All_Video.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\12_All_Video.wpl -> [Ver = | Size = 1088 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
Ashampoo Magical Optimizer.lnk -> %UserDesktop%\Ashampoo Magical Optimizer.lnk -> [Ver = | Size = 1850 bytes | Created Date = 26/01/2007 11:41:53 | Attr = ]
EasyCleaner.lnk -> %UserDesktop%\EasyCleaner.lnk -> [Ver = | Size = 561 bytes | Created Date = 06/02/2007 07:23:21 | Attr = ]
eMule.lnk -> %UserDesktop%\eMule.lnk -> [Ver = | Size = 670 bytes | Created Date = 31/01/2007 12:00:19 | Attr = ]
One-Click-Optimization.lnk -> %UserDesktop%\One-Click-Optimization.lnk -> [Ver = | Size = 1862 bytes | Created Date = 26/01/2007 11:41:53 | Attr = ]
OutpostProInstallFr.exe -> %UserDesktop%\OutpostProInstallFr.exe -> Agnitum, Ltd. [Ver = 4.0.1007.591 | Size = 13759800 bytes | Created Date = 29/01/2007 10:26:27 | Attr = ]
Suppress plus.lnk -> %UserDesktop%\Suppress plus.lnk -> [Ver = | Size = 638 bytes | Created Date = 04/02/2007 10:47:54 | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.03.0005 | Size = 90112 bytes | Created Date = 05/02/2007 17:32:34 | Attr = ]
WinPFind3U.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.15.0 | Size = 308736 bytes | Created Date = 07/02/2007 07:30:04 | Attr = ]
desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
index.dat -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat -> [Ver = | Size = 16384 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
index.dat -> %UserDesktop%\%USERPROFILE%\Local Settings\Historique\History.IE5\MSHist012007011820070119\index.dat -> [Ver = | Size = 32768 bytes | Created Date = 18/01/2007 14:12:25 | Attr = HS]
desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\1S8P5H0E\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\4WBFEOP3\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\7MX5T5E8\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\ZOKYHDRV\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
3-ReglInterSECTION (1).doc -> %UserDocuments%\3-ReglInterSECTION (1).doc -> [Ver = | Size = 57344 bytes | Created Date = 09/01/2007 10:54:08 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\3-ReglInterSECTION (1).doc:Zone.Identifier ->
affilASB-sect- -1-.doc -> %UserDocuments%\affilASB-sect- -1-.doc -> [Ver = | Size = 75776 bytes | Created Date = 09/01/2007 10:53:55 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\affilASB-sect- -1-.doc:Zone.Identifier ->
Championnats et Concours 2007.xls -> %UserDocuments%\Championnats et Concours 2007.xls -> [Ver = | Size = 20992 bytes | Created Date = 23/01/2007 12:47:27 | Attr = ]
couv%20recto%202006.pdf -> %UserDocuments%\couv%20recto%202006.pdf -> [Ver = | Size = 850431 bytes | Created Date = 05/02/2007 11:04:59 | Attr = ]
memtest86-3.2.iso -> %UserDocuments%\memtest86-3.2.iso -> [Ver = | Size = 1837056 bytes | Created Date = 30/01/2007 12:15:10 | Attr = ]
Rapport scan Kaspersky.html -> %UserDocuments%\Rapport scan Kaspersky.html -> [Ver = | Size = 42270 bytes | Created Date = 06/02/2007 11:58:58 | Attr = ]
RS2006_Chap%20V_p20.pdf -> %UserDocuments%\RS2006_Chap%20V_p20.pdf -> [Ver = | Size = 270400 bytes | Created Date = 05/02/2007 11:13:52 | Attr = ]
Scan Bitdefender.html -> %UserDocuments%\Scan Bitdefender.html -> [Ver = | Size = 23924 bytes | Created Date = 05/02/2007 11:42:37 | Attr = ]
Tampon.doc -> %UserDocuments%\Tampon.doc -> [Ver = | Size = 24064 bytes | Created Date = 19/01/2007 14:37:41 | Attr = ]
ubcd34-full.iso -> %UserDocuments%\ubcd34-full.iso -> [Ver = | Size = 134217728 bytes | Created Date = 04/02/2007 17:33:04 | Attr = ]
ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe -> %UserDocuments%\ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe -> Igor Pavlov [Ver = 4, 23, 0, 0 | Size = 154825570 bytes | Created Date = 04/02/2007 17:31:16 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe:Zone.Identifier ->
chercher.cmd -> %UserDocuments%\DiagHelp\chercher.cmd -> [Ver = | Size = 45920 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
diff.exe -> %UserDocuments%\DiagHelp\diff.exe -> [Ver = | Size = 68096 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
FilesInfoCmd.exe -> %UserDocuments%\DiagHelp\FilesInfoCmd.exe -> Sebdraluorg [Ver = 1.00.0055 | Size = 32768 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
Fport.exe -> %UserDocuments%\DiagHelp\Fport.exe -> [Ver = | Size = 114688 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
go.cmd -> %UserDocuments%\DiagHelp\go.cmd -> [Ver = | Size = 926 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
grep.exe -> %UserDocuments%\DiagHelp\grep.exe -> [Ver = | Size = 103424 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
help.cmd -> %UserDocuments%\DiagHelp\help.cmd -> [Ver = | Size = 1870 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
LFiles.exe -> %UserDocuments%\DiagHelp\LFiles.exe -> Sebdraluorg [Ver = 1.00 | Size = 28672 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
LISTDLLS.exe -> %UserDocuments%\DiagHelp\LISTDLLS.exe -> Sysinternals [Ver = 2.25 | Size = 65536 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
pslist.exe -> %UserDocuments%\DiagHelp\pslist.exe -> Sysinternals [Ver = 1.27 | Size = 86016 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
reboot.cmd -> %UserDocuments%\DiagHelp\reboot.cmd -> [Ver = | Size = 853 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
streams.exe -> %UserDocuments%\DiagHelp\streams.exe -> Sysinternals [Ver = 1.53 | Size = 36864 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
swreg.exe -> %UserDocuments%\DiagHelp\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
tmp.hiv -> %UserDocuments%\DiagHelp\tmp.hiv -> [Ver = | Size = 8192 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
''Titanic'' Celine Dion - My Heart Will Go On(1).mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\''Titanic'' Celine Dion - My Heart Will Go On(1).mp3 -> [Ver = | Size = 5648408 bytes | Created Date = 02/02/2007 13:49:06 | Attr = ]
''Titanic'' Celine Dion - My Heart Will Go On.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\''Titanic'' Celine Dion - My Heart Will Go On.mp3 -> [Ver = | Size = 5652504 bytes | Created Date = 02/02/2007 13:49:08 | Attr = ]
22-Celine Dion & Barbara Streisand - Tell Him.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\22-Celine Dion & Barbara Streisand - Tell Him.mp3 -> [Ver = | Size = 4634954 bytes | Created Date = 02/02/2007 13:49:11 | Attr = ]
Celine Dion & Il Divo - I Believe In You.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion & Il Divo - I Believe In You.mp3 -> [Ver = | Size = 5357696 bytes | Created Date = 02/02/2007 13:50:21 | Attr = ]
Celine Dion & R Kelly - I Believe I Can Fly.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion & R Kelly - I Believe I Can Fly.mp3 -> [Ver = | Size = 5153694 bytes | Created Date = 02/02/2007 13:50:24 | Attr = ]
Celine Dion - A New Day Has Come.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - A New Day Has Come.mp3 -> [Ver = | Size = 6235034 bytes | Created Date = 02/02/2007 13:50:27 | Attr = ]
Celine Dion - All By Myself.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - All By Myself.mp3 -> [Ver = | Size = 4995242 bytes | Created Date = 02/02/2007 13:50:32 | Attr = ]
Celine Dion - Because You Loved Me.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - Because You Loved Me.mp3 -> [Ver = | Size = 4421923 bytes | Created Date = 02/02/2007 13:50:35 | Attr = ]
Celine Dion - My heart will go on (Titanic).mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - My heart will go on (Titanic).mp3 -> [Ver = | Size = 4457997 bytes | Created Date = 02/02/2007 13:50:38 | Attr = ]
Celine Dion - Titanic (techno remix).mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - Titanic (techno remix).mp3 -> [Ver = | Size = 4233526 bytes | Created Date = 02/02/2007 13:50:41 | Attr = ]
Celine Dione - Power of Love.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dione - Power of Love.mp3 -> [Ver = | Size = 5503730 bytes | Created Date = 02/02/2007 13:50:44 | Attr = ]
COMPILATION- 33 - ALBUM - The Best of - Dance Mix 2000 - Whitney Houston - Madonna - Celine Dion.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\COMPILATION- 33 - ALBUM - The Best of - Dance Mix 2000 - Whitney Houston - Madonna - Celine Dion.mp3 -> [Ver = | Size = 115485970 bytes | Created Date = 02/02/2007 13:49:16 | Attr = ]
COUP DE BOULE - Zidane il a taper.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\COUP DE BOULE - Zidane il a taper.mp3 -> [Ver = | Size = 5233165 bytes | Created Date = 02/02/2007 13:50:18 | Attr = ]
Franklin Aretha , Celine Dion, Mariah Carey, Shania Twain & Gloria Estefan - You Make Me Feel Lik.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Franklin Aretha , Celine Dion, Mariah Carey, Shania Twain & Gloria Estefan - You Make Me Feel Lik.mp3 -> [Ver = | Size = 6289536 bytes | Created Date = 02/02/2007 13:50:47 | Attr = ]
Garou & Céline Dion - Sous Le Vent.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Garou & Céline Dion - Sous Le Vent.mp3 -> [Ver = | Size = 5327073 bytes | Created Date = 02/02/2007 13:50:50 | Attr = ]
Mariah Carey & Celine Dion - I Still Believe.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Mariah Carey & Celine Dion - I Still Believe.mp3 -> [Ver = | Size = 3309583 bytes | Created Date = 02/02/2007 13:50:53 | Attr = ]
Mariah Carey - Michael Jackson, Beyonce Knowles, Celine Dion & Friends - What More Can I Give.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Mariah Carey - Michael Jackson, Beyonce Knowles, Celine Dion & Friends - What More Can I Give.mp3 -> [Ver = | Size = 4964480 bytes | Created Date = 02/02/2007 13:50:55 | Attr = ]
Woman in love-Celine Dion & Bee Gees & Barbara Streisand.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Woman in love-Celine Dion & Bee Gees & Barbara Streisand.mp3 -> [Ver = | Size = 5961996 bytes | Created Date = 02/02/2007 13:50:57 | Attr = ]
Picasa.ini -> %UserDocuments%\Mes images\Bateme Lana\Bateme Lana 1\Picasa.ini -> [Ver = | Size = 120 bytes | Created Date = 18/01/2007 13:20:56 | Attr = H ]
WISC8BB491212D942AEB571E580D8CD1B5B_6_0_1256.MSI -> %CommonProgramFiles%\Wise Installation Wizard\WISC8BB491212D942AEB571E580D8CD1B5B_6_0_1256.MSI -> [Ver = | Size = 8094208 bytes | Created Date = 20/01/2007 11:21:35 | Attr = ]
aupdate.0 -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdate.0 -> [Ver = | Size = 6146 bytes | Created Date = 29/01/2007 11:50:31 | Attr = ]
aupdate.dll -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdate.dll -> Agnitum Ltd. [Ver = 4.0.1005.7229 | Size = 1564672 bytes | Created Date = 29/01/2007 10:27:47 | Attr = ]
aupdate.fr -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdate.fr -> [Ver = | Size = 58122 bytes | Created Date = 29/01/2007 10:27:38 | Attr = ]
aupdrun.exe -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdrun.exe -> Agnitum Ltd. [Ver = 4.0.1005.7229 | Size = 557056 bytes | Created Date = 29/01/2007 10:27:48 | Attr = ]
aupdrun.ini -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdrun.ini -> [Ver = | Size = 188 bytes | Created Date = 29/01/2007 11:50:57 | Attr = ]
profiler.0 -> %CommonProgramFiles%\Agnitum Shared\aupdate\profiler.0 -> [Ver = | Size = 512 bytes | Created Date = 29/01/2007 11:50:43 | Attr = ]
rc_macro.lst -> %CommonProgramFiles%\Agnitum Shared\aupdate\rc_macro.lst -> [Ver = | Size = 26920 bytes | Created Date = 29/01/2007 10:27:48 | Attr = ]
update.ini -> %CommonProgramFiles%\Agnitum Shared\aupdate\update.ini -> [Ver = | Size = 767 bytes | Created Date = 29/01/2007 10:27:49 | Attr = ]
zlib.dll -> %CommonProgramFiles%\Agnitum Shared\aupdate\zlib.dll -> [Ver = 1.2.3 | Size = 192512 bytes | Created Date = 29/01/2007 10:27:48 | Attr = ]
devices.ini -> %CommonProgramFiles%\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Created Date = 22/01/2007 11:16:28 | Attr = ]
gdsapi.dll -> %CommonProgramFiles%\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Created Date = 22/01/2007 11:16:07 | Attr = ]
GDSSetup.exe -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 756328 bytes | Created Date = 22/01/2007 11:16:07 | Attr = ]
GoogleToolbarInstaller.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 623632 bytes | Created Date = 22/01/2007 11:16:05 | Attr = ]
GoogleToolbarInstaller98.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller98.exe -> Google [Ver = 3, 0, 131, 0 | Size = 772112 bytes | Created Date = 22/01/2007 11:16:06 | Attr = ]
presets.213.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\presets.213.zip -> [Ver = | Size = 181405 bytes | Created Date = 06/02/2007 13:49:50 | Attr = ]
pr_script.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\pr_script.zip -> [Ver = | Size = 239 bytes | Created Date = 29/01/2007 11:50:55 | Attr = ]
spy6_inc.580.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\spy6_inc.580.zip -> [Ver = | Size = 9933 bytes | Created Date = 06/02/2007 13:49:52 | Attr = ]
spyware6_inc.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\spyware6_inc.zip -> [Ver = | Size = 240 bytes | Created Date = 06/02/2007 13:49:53 | Attr = ]
update2.aus -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\update2.aus -> [Ver = | Size = 6429 bytes | Created Date = 29/01/2007 11:50:32 | Attr = ]
iKernel.rgs -> %CommonProgramFiles%\InstallShield\Professional\RunTime\iKernel.rgs -> [Ver = | Size = 32335 bytes | Created Date = 17/01/2007 14:45:47 | Attr = ]
msgdata.js -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1137 bytes | Created Date = 22/01/2007 11:15:11 | Attr = ]
msgStyle.css -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgStyle.css -> [Ver = | Size = 991 bytes | Created Date = 22/01/2007 11:15:11 | Attr = ]
ctor.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 69715 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
DotNetInstaller.exe -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe -> InstallShield Software Corporation [Ver = 10.1.0.238 | Size = 5632 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 180356 bytes | Created Date = 06/02/2007 07:20:31 | Attr = ]
iKernel.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 733184 bytes | Created Date = 06/02/2007 07:20:37 | Attr = ]
iscript.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 266240 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
iuser.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 172032 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 303236 bytes | Created Date = 06/02/2007 07:20:30 | Attr = ]
ctor.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 69715 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
DotNetInstaller.exe -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe -> InstallShield Software Corporation [Ver = 11.50.0.42618 | Size = 5632 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll -> Macrovision Corporation [Ver = 11.50.42618 | Size = 200836 bytes | Created Date = 30/01/2007 13:03:27 | Attr = ]
iKernel.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 757760 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
iscript.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 274432 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
iuser.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 204800 bytes | Created Date = 30/01/2007 13:03:37 | Attr = ]
setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll -> Macrovision Corporation [Ver = 11.50.42618 | Size = 331908 bytes | Created Date = 30/01/2007 13:03:26 | Attr = ]
SiSAudioRack.ini -> %SystemRoot%\SiSAudioRack.ini -> [Ver = | Size = 52 bytes | Created Date = 18/01/2007 10:41:19 | Attr = ]
transp.gif -> %SystemRoot%\transp.gif -> [Ver = | Size = 49 bytes | Created Date = 29/01/2007 11:04:17 | Attr = ]
Advanced.tvp -> %System32%\Advanced.tvp -> [Ver = | Size = 13852 bytes | Created Date = 03/02/2007 16:17:35 | Attr = ]
alsndmgr.cpl -> %System32%\alsndmgr.cpl -> Realtek Semiconductor Corp. [Ver = 2, 2, 0, 73 | Size = 18804736 bytes | Created Date = 30/01/2007 13:04:05 | Attr = ]
alsndmgr.wav -> %System32%\alsndmgr.wav -> [Ver = | Size = 141016 bytes | Created Date = 30/01/2007 13:04:09 | Attr = ]
CAD.tvp -> %System32%\CAD.tvp -> [Ver = | Size = 11556 bytes | Created Date = 03/02/2007 16:17:27 | Attr = ]
ChCfg.exe -> %System32%\ChCfg.exe -> [Ver = | Size = 49152 bytes | Created Date = 30/01/2007 13:05:27 | Attr = ]
d3d8caps.dat -> %System32%\d3d8caps.dat -> [Ver = | Size = 552 bytes | Created Date = 02/02/2007 17:23:06 | Attr = ]
DCC.tvp -> %System32%\DCC.tvp -> [Ver = | Size = 12854 bytes | Created Date = 03/02/2007 16:17:27 | Attr = ]
DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 635486 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
DivXCodecUpdateChecker.exe -> %System32%\DivXCodecUpdateChecker.exe -> DivX, Inc. [Ver = 6, 2, 5, 7 | Size = 118784 bytes | Created Date = 12/01/2007 02:19:44 | Attr = ]
divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.2.5.34 | Size = 704512 bytes | Created Date = 13/01/2007 02:03:18 | Attr = ]
DivXMedia.ax -> %System32%\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Created Date = 13/01/2007 02:03:16 | Attr = ]
DivXsm.exe -> %System32%\DivXsm.exe -> [Ver = | Size = 520192 bytes | Created Date = 13/01/2007 02:08:31 | Attr = ]
divxsm.tlb -> %System32%\divxsm.tlb -> [Ver = | Size = 4276 bytes | Created Date = 13/01/2007 02:08:31 | Attr = ]
DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Created Date = 12/01/2007 02:19:45 | Attr = ]
divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 806912 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 806912 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 790528 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 13/01/2007 02:03:29 | Attr = ]
dpufr.qm -> %System32%\dpufr.qm -> [Ver = | Size = 8835 bytes | Created Date = 12/01/2007 02:19:24 | Attr = ]
dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 13/01/2007 02:03:30 | Attr = ]
dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 13/01/2007 02:03:29 | Attr = ]
dsm_
0
Réponse 7 / 11
Utilisateur anonyme
 
Bonjour

Un dossier infectieux visible.

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

$$ Télécharge Brute Force Uninstaller (de Merijn)
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

$$ FAIS UN CLIC-DROIT sur le lien suivant
http://metallica.geekstogo.com/EGDACCESS.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

$$ FAIS UN CLIC-DROIT sur le lien suivant
http://perso.numericable.fr/~altshift/Info/Fichiers/Winsoftware.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger Winsoftware.bfu (de Lazzzy). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir trois fichiers dans le dossier C:\BFU : Winsoftware.bfu, EGDACCESS.bfu et BFU.exe (très important).

$$ Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

$$ Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

--- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

EGDACCESS.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

---Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

Winsoftware.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Winsoftware.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

Clique Exit pour fermer le programme BFU.

$$ Redémarre normalement

$$ Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/combofix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis et le rapport situé ici C:\egd.txt
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Salut,
Je pense avoir compris ce que tu me dit de faire donc d'aprés toi le probleme viendrais de la.
Je vais devoir changer de clavier car la j'en est un sans fil et les manipulations a faire ne fonctionne pas avec, peut tu me dire a quoi cela consiste ce que tu me fait faire, s'est grave le fichier infecter ?
D'apres toi faut t-il que je pense serieusement a devoir quand meme etre obliger de formater mon pc pour que tout redevienne normal, comme tu a pus le voir je ne voudrait pas en passer par la mais si je peut pas faire autremement il faudrat que je me resigne.
Quand pense tu.
Merci de me repondre avant que je lance le programme.
0
Réponse 8 / 11
Utilisateur anonyme
 
Re

Voilà le dossier infectieux 
DriveCleaner 2006 Free

il est rarement seul.
Avec les scans demandés, cela permettra de faire du ménage.

Ensuite, on verra en fonction des résultats.
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Bonjour Chercheurbis,

Desollé pour hier petit probleme perso.
Voici les rapport que tu ma demandé aprés avoir fait les manipulations que tu ma dit de faire:

"DIDIER" - 07-02-09 8:01:53 Service Pack 2
ComboFix 07-02-07 - Running from: "C:\Documents and Settings\DIDIER\Bureau"

((((((((((((((((((((((((((((((( Files Created from 2007-01-09 to 2007-02-09 ))))))))))))))))))))))))))))))))))


2007-02-09 07:50 <REP> d-------- C:\WINDOWS\system32\bfubackups
2007-02-07 07:11 853 --a------ C:\reboot.cmd
2007-02-07 07:11 68,096 --a------ C:\diff.exe
2007-02-07 07:11 103,424 --a------ C:\grep.exe
2007-02-06 13:33 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-02-06 08:49 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-02-06 08:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1.WIN\Application Data\Yahoo! Companion
2007-02-06 07:21 <REP> d-------- C:\Program Files\ToniArts
2007-02-04 11:28 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\Uniblue
2007-02-04 10:47 <REP> d-------- C:\Program Files\splus
2007-02-03 16:17 24,576 --a------ C:\WINDOWS\system32\INFSETUP.exe
2007-02-03 16:17 23,326 --a------ C:\WINDOWS\system32\drivers\aliagp.sys
2007-02-03 16:17 <REP> d-------- C:\WINDOWS\system32\WinFast
2007-02-03 11:17 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-02-03 11:17 <REP> d-------- C:\WINDOWS\nview
2007-02-03 11:16 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-02-03 05:39 679,936 --------- C:\WINDOWS\system32\WINFOXUT.dll
2007-02-03 05:39 13,564 --a------ C:\WINDOWS\system32\drivers\wfsys.sys
2007-02-03 05:39 <REP> d-------- C:\WINDOWS\system32\WinFox
2007-02-02 17:23 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-01-31 13:05 <REP> d-------- C:\Program Files\Multi_Media_France
2007-01-30 13:05 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-01-30 13:04 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2007-01-30 13:04 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2007-01-30 13:04 <REP> d-------- C:\Program Files\Realtek AC97
2007-01-29 11:35 <REP> d-------- C:\DOCUME~1\DIDIER\.housecall6.6
2007-01-29 10:27 <REP> d-------- C:\Program Files\Fichiers communs\Agnitum Shared
2007-01-29 10:27 <REP> d-------- C:\Program Files\Agnitum
2007-01-29 09:41 <REP> d-------- C:\Program Files\3B Software
2007-01-26 11:41 <REP> d-------- C:\Program Files\Ashampoo
2007-01-24 06:52 <REP> d-------- C:\Program Files\Ultimate Cleaner
2007-01-24 06:52 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\Ultimate Cleaner
2007-01-23 09:13 <REP> d-------- C:\Program Files\hugin
2007-01-23 08:50 <REP> d-------- C:\Program Files\AIDA32 - Enterprise System Information
2007-01-21 14:17 <REP> d-------- C:\WINDOWS\NV34001996.TMP
2007-01-20 16:14 145,864 --a------ C:\WINDOWS\system32\tmpwisc2.exe
2007-01-20 11:24 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-01-20 11:24 <REP> d-------- C:\Program Files\TuneUp Utilities 2007
2007-01-17 14:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1.WIN\Application Data\NVIDIA
2007-01-17 14:45 <REP> d-------- C:\NVIDIA
2007-01-17 13:59 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\DivX
2007-01-14 16:16 <REP> d-------- C:\WINDOWS\ie7updates
2007-01-13 02:08 520,192 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-01-13 02:03 806,912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-01-13 02:03 806,912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-01-13 02:03 790,528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-01-13 02:03 635,486 --a------ C:\WINDOWS\system32\DivX.dll
2007-01-13 02:03 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-01-13 02:03 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-01-13 02:03 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-01-13 02:03 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-01-12 02:19 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-01-12 02:19 118,784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-01-09 16:48 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\Snapfish


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-02-09 05:55 -------- d-------- C:\Program Files\mozilla firefox
2007-02-08 14:49 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\vso
2007-02-08 12:10 -------- d-------- C:\Program Files\emule
2007-02-08 08:14 -------- d-------- C:\Program Files\enveloppeseditor1.08
2007-02-06 12:23 -------- d-------- C:\Program Files\hijackthis version fran‡aise
2007-02-06 07:21 -------- d--h----- C:\Program Files\installshield installation information
2007-02-05 14:08 -------- d-------- C:\Program Files\a-squared free
2007-02-04 17:01 -------- d-------- C:\Program Files\yahoo!
2007-02-03 15:31 -------- d-------- C:\Program Files\java
2007-02-03 15:23 -------- d-------- C:\Program Files\divx
2007-02-03 07:59 -------- d-------- C:\Program Files\fonesync
2007-02-02 07:11 -------- d-------- C:\Program Files\google
2007-01-30 13:07 -------- d-------- C:\Program Files\hardwaredetection
2007-01-29 15:24 2854 --a------ C:\WINDOWS\system32\tmp.reg
2007-01-29 07:35 178001 --a------ C:\WINDOWS\system32\tmpwisc3.exe
2007-01-24 06:52 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\dvdcss
2007-01-23 06:44 -------- d-------- C:\Program Files\microsoft picture it! photopub
2007-01-21 07:49 198184 --a------ C:\WINDOWS\system32\tmpwisc1.exe
2007-01-20 11:23 -------- d-------- C:\Program Files\tuneup utilities 2006
2007-01-20 11:23 -------- d-------- C:\Program Files\Fichiers communs\wise installation wizard
2007-01-15 18:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe
2007-01-15 18:26 23352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-01-15 18:25 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-01-15 18:23 90112 --a------ C:\WINDOWS\system32\avastss.scr
2007-01-13 02:08 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-01-13 02:08 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-01-13 02:08 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-01-13 02:03 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-01-13 02:03 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
2007-01-13 02:03 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-01-13 02:03 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-01-12 08:40 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\adobeum
2007-01-08 13:44 -------- d-------- C:\Program Files\vso
2007-01-06 07:23 -------- d-------- C:\Program Files\cleanup!(2)
2007-01-03 08:36 -------- d-------- C:\Program Files\avance sound manager
2007-01-03 08:36 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\officeupdate12
2007-01-01 13:58 35113704 --a------ C:\directx_9c_redist.exe
2006-12-29 14:48 4026112 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2006-12-29 08:18 720896 --a------ C:\WINDOWS\iun6002ev.exe
2006-12-27 18:34 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\drivecleaner 2006 free
2006-12-27 07:06 94080 --a------ C:\WINDOWS\system32\drivers\ezplay.sys
2006-12-27 07:06 94080 --a------ C:\DOCUME~1\DIDIER\Application Data\ezplay.sys
2006-12-27 07:06 87608 --a------ C:\DOCUME~1\DIDIER\Application Data\ezpinst.exe
2006-12-27 07:06 7812 --a------ C:\DOCUME~1\DIDIER\Application Data\ezplay.cat
2006-12-27 07:06 34 --a------ C:\DOCUME~1\DIDIER\Application Data\pplesaeo.log
2006-12-27 07:06 125 --a------ C:\DOCUME~1\DIDIER\Application Data\pplesaeo.ini
2006-12-27 07:06 1104 --a------ C:\DOCUME~1\DIDIER\Application Data\pplesaeo.inf
2006-12-26 15:15 34 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.log
2006-12-26 15:14 7824 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.cat
2006-12-26 15:14 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2006-12-26 15:14 47360 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.sys
2006-12-26 15:14 1144 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.inf
2006-12-21 00:56 94424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-12-21 00:56 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-12-21 00:51 31560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-12-17 12:56 -------- d-------- C:\Program Files\msn messenger
2006-12-15 08:51 72126 --a------ C:\WINDOWS\system32\perfc00c.dat
2006-12-15 08:51 49494 --a------ C:\WINDOWS\system32\perfc040.dat
2006-12-15 08:51 460986 --a------ C:\WINDOWS\system32\perfh00c.dat
2006-12-15 08:51 370414 --a------ C:\WINDOWS\system32\perfh040.dat
2006-12-12 07:56 -------- d-------- C:\Program Files\windows live toolbar
2006-12-10 08:29 -------- d-------- C:\Program Files\Fichiers communs\adobe
2006-12-09 07:19 -------- d-------- C:\Program Files\freshdevices
2006-12-08 09:43 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2006-12-01 05:20 79360 --a------ C:\WINDOWS\system32\swxcacls.exe
2006-11-30 09:24 86094 --a------ C:\WINDOWS\bpmnt.dll
2006-11-30 09:24 71749 --a------ C:\WINDOWS\hcextoutput.dll
2006-11-30 09:24 176709 --a------ C:\WINDOWS\tsc.exe
2006-11-30 09:24 1101904 --a------ C:\WINDOWS\vsapi32.dll
2006-11-30 09:23 69689 --a------ C:\WINDOWS\unzip.dll
2006-11-30 09:23 507904 --a------ C:\WINDOWS\tmupdate.dll
2006-11-30 09:23 286720 --a------ C:\WINDOWS\patch.exe
2006-11-17 05:42 577536 --a------ C:\WINDOWS\soundman.exe
2006-11-16 19:47 524288 --a------ C:\WINDOWS\opuc.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Ashampoo Magical Optimizer Taskplaner"="\"C:\\PROGRA~1\\Ashampoo\\ASHAMP~1\\AMO_TA~1.EXE\" -TRAY"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"Outpost Firewall"="C:\\Program Files\\Agnitum\\Outpost Firewall\\outpost.exe /waitservice"
"OutpostFeedBack"="C:\\Program Files\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup"
"SoundMan"="SOUNDMAN.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"="SOUNDMAN.EXE"
"LogitechGalleryRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"WorksFUD"="C:\\Program Files\\Microsoft Works\\wkfud.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
"Microsoft Works Update Detection"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"Share-to-Web Namespace Daemon"="C:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnd.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"CreativeMouse "="C:\\Program Files\\Creative\\Desktop Wireless\\mouse_2k.exe"
"CreativeKeyboard "="C:\\Program Files\\Creative\\Desktop Wireless\\kb_2k.exe"
"Motive SmartBridge"="C:\\PROGRA~1\\NUMERI~1\\MONASS~1\\SMARTB~1\\MotiveSB.exe"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Edition Découverte\\3.0\\Apps\\apdproxy.exe\""
"CreativeKeyboard"="C:\\Program Files\\Creative\\Desktop Wireless\\kb_2k.exe"
"CreativeMouse"="C:\\Program Files\\Creative\\Desktop Wireless\\mouse_2k.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0

HKLM\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Maintenance en 1 clic.job


********************************************************************

catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-02-09 8:08:02

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"Outpost Firewall"="C:\\Program Files\\Agnitum\\Outpost Firewall\\outpost.exe /waitservice"
"OutpostFeedBack"="C:\\Program Files\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup"
"SoundMan"="SOUNDMAN.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

Logfile of HijackThis v1.99.1
Scan saved at 08:26:52, on 09/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
O4 - Startup: .protected
O4 - Global Startup: .protected
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

J'attends maintenant la suite, quand pense tu ?
Merci
0
Réponse 9 / 11
Pichyam
 
bonjour
j ai eradique trojan tout simplement avec AVG 2007 edition

apres apres le scan il a demande si je voulai suprimer et j ai bien sure accepter et beuh il est parti ...

coordial... pichyam
0
Réponse 10 / 11
Utilisateur anonyme
 
Bonjour

Vérifie si ces fichiers ont disparu, sinon supprime les.

C:\Program Files\Ultimate Cleaner --> Désinstalle le avant.
C:\Documents and Settings\DIDIER\Application Data\Ultimate Cleaner C:\Documents and Settings\DIDIER\Application Data\drivecleaner 2006 free

Vide la corbeille.
0
zodiaque59 Messages postés 263 Statut Membre 3
 
Bonjour Chercheurbis,

Se petit message pour te prevenir que j'ai du formater mon ordinateur pour regler le probleme ainsi que d'autre.
Je te remerci pour l'aide que tu ma apporter car il est rare de trouver des personnes comme toi.

PS: Connaitrais tu un logiciel de retouche d'image gratuit et tres performent pour moi refaire une photo qui date des années 80.

Merci
0
Réponse 11 / 11
Utilisateur anonyme
 
Bonjour

Comme logiciel de retouche d'image, je connais

PhotoFiltre
http://www.photofiltre.com/

The Gimp
http://ww1.gimp-fr.org/?sub1=8616770a-8ecb-11ea-af93-33b024c569ce
0

Discussions similaires

Supprimer compte facebook sans mail
Joris77 -
Mollygwen -

24 réponses
Supprime sur snap mais comment être re ajouté
Nini -
Hirao -

10 réponses