Trojan à supprimer, comment?

zodiaque59 Messages postés 263 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
Je viens de faire un scan de mon pc avec Bitdefender 8 en ligne mais il y a 3 trojan qu'il n'arrive pas a supprimer "Obfus.Gen, Downloader.AHV et Busky.2.Gen" comment puis je les retirer de mon ordinateur.
D'avance merci.
PS: j'ai essayer avec " AVG Anti-Spyware 7,5 , ad-Aware SE Personnal et a-squared Free" mais rien y fait.
Configuration: Windows XP
Firefox 2.0.0.1

11 réponses

  1. Utilisateur anonyme
     
    Bonjour

    Télécharge HijackThis v1.99.1
    http://pchelpbordeaux.free.fr/logiciels.html
    Tutorial
    http://pchelpbordeaux.free.fr/tuto.html
    Démo en image
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    Fais un scan et poste l'analyse ici.
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      Bonjour,
      voici ce que tu ma demandé dit moi tout ce que je doit supprimer car en supplement mon pc rame.
      Merci

      Logfile of HijackThis v1.99.1
      Scan saved at 16:51:00, on 05/02/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.5730.0011)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
      C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
      C:\WINDOWS\system32\slserv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Outlook Express\msimn.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1ab4b802-1dd2-11b2-8c65-dd322e8bf683} - C:\WINDOWS\system32\msahgjee.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [xpwqnkc.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll",yirgjue
      O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
      O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      O4 - Startup: .protected
      O4 - Global Startup: .protected
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
      O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
      O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
      0
  2. Utilisateur anonyme
     
    Re

    Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
    http://www.atribune.org/ccount/click.php?id=4

    * Double-clique VundoFix.exe afin de le lancer.
    * Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
    * Clique sur le bouton Scan for Vundo.
    * Lorsque le scan est complété, clique sur le bouton Remove Vundo
    * Une invite te demandera si tu veux supprimer les fichiers, clique YES
    * Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    * Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
    * Démarre ton PC à nouveau.
    * Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

    Note Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      Bonsoir,
      Je viens de faire la manipulation que tu ma dit mais cela na pas fait tout ce que tu ma dis, peut etre dus au fait qu'il na rien trouver.
      Ci-joint le rapport.
      Merci de me donné la suite du programme a faire


      VundoFix V6.3.5

      Checking Java version...

      Java version is 1.4.2.5

      Scan started at 17:33:35 05/02/2007

      Listing files found while scanning....

      No infected files were found.


      Beginning removal...

      VundoFix V6.3.5

      Checking Java version...

      Java version is 1.4.2.5

      Scan started at 17:53:01 05/02/2007

      Listing files found while scanning....

      No infected files were found.


      Beginning removal...
      0
  3. Utilisateur anonyme
     
    Re

    [*]Double-clique VundoFix.exe afin de le lancer.
    [*]Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
    [*]Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

    C:\WINDOWS\system32\msahgjee.dll

    [*]Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

    C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll

    [*]Clique sur le bouton "Add File(s)"
    [*]Clique sur le bouton "Close Window".
    [*]Clique à nouveau sur "Remove Vundo"
    [*]Une invite te demandera si tu veux supprimer les fichiers, clique YES
    [*]Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    [*]Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
    [*]Démarre ton PC à nouveau.

    [*]Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse.
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      re bonsoir,


      VundoFix V6.3.5

      Checking Java version...

      Java version is 1.4.2.5

      Scan started at 17:33:35 05/02/2007

      Listing files found while scanning....

      No infected files were found.


      Beginning removal...

      VundoFix V6.3.5

      Checking Java version...

      Java version is 1.4.2.5

      Scan started at 17:53:01 05/02/2007

      Listing files found while scanning....

      No infected files were found.


      Beginning removal...

      Beginning removal...

      Attempting to delete C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll
      C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll Has been deleted!

      Attempting to delete C:\WINDOWS\system32\msahgjee.dll
      C:\WINDOWS\system32\msahgjee.dll Has been deleted!

      Performing Repairs to the registry.
      Done!

      Logfile of HijackThis v1.99.1
      Scan saved at 19:43:47, on 05/02/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.5730.0011)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
      C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
      C:\WINDOWS\system32\slserv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Outlook Express\msimn.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1ab4b802-1dd2-11b2-8c65-dd322e8bf683} - C:\WINDOWS\system32\msahgjee.dll (file missing)
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [xpwqnkc.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll",yirgjue
      O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
      O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      O4 - Startup: .protected
      O4 - Global Startup: .protected
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
      O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
      O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
      0
  4. Utilisateur anonyme
     
    Re

    1 Télécharge
    CCleaner.

    http://www.filehippo.com/download_ccleaner.html
    Installe le dans un répertoire dédié.

    EasyCleaner
    https://www.telia.fi/palvelupaattynyt
    Installe le dans un répertoire dédié.

    2 Relance un scan HijackThis et coche les lignes ci-dessous :

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1ab4b802-1dd2-11b2-8c65-dd322e8bf683} - C:\WINDOWS\system32\msahgjee.dll (file missing)
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [xpwqnkc.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\DIDIER\Local Settings\Application Data\xpwqnkc.dll",yirgjue
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*

    Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

    3 Lance le nettoyage avec CCleaner

    4 Lance EasyCleaner.
    Utilises les fonctions Inutiles et Registre. Supprimes ce qu'il trouve. Ne pas toucher à la fonction doublons.

    5 Fais une défragmentation
    http://www.trucsastuces.com/Astuces/76.php

    6 Fais une analyse antivirus en ligne sur Kaspersky
    https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    Sélectionne le poste de travail comme analyse

    Colle son rapport ici avec un nouveau log HijackThis.
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      Bonjour Chercheurbis,
      Se matin en ouvrant mon pc j'avais un essage d'erreur qui dit "Erreur de chargement de C:\DocumentsandSettings\DIDIER\Local settings, le module est introuvable" ?
      Je viens de faire ce que tu ma dit dans ton dernier message, mais avec EasyCleaner j'ai fait le Registre mais dans Inutiles quel case je doit cocher.

      Voici les 2 Rapports que tu me demande.
      Merci pour ton aide, j'attend la suite.

      KASPERSKY ON-LINE SCANNER REPORT
      Tuesday, February 06, 2007 11:58:58 AM
      Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
      Kaspersky On-line Scanner version : 5.0.83.0
      Dernière mise à jour de la base antivirus Kaspersky : 6/02/2007
      Enregistrements dans la base antivirus Kaspersky : 250456


      Paramètres d'analyse
      Analyser avec la base antivirus suivante standard
      Analyser les archives vrai
      Analyser les bases de messagerie vrai

      Cible de l'analyse Poste de travail
      A:\
      C:\
      D:\
      E:\

      Statistiques de l'analyse
      Total d'objets analysés 67557
      Nombre de virus trouvés 1
      Nombre d'objets infectés 4 / 0
      Nombre d'objets suspects 0
      Durée de l'analyse 02:08:58

      Nom de l'objet infecté Nom du virus Dernière action
      C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Cookies\index.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Application Data\Identities\{D0A10A1C-9094-4522-9825-91F69255E429}\Microsoft\Outlook Express\Boîte de réception.dbx L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Application Data\Identities\{D0A10A1C-9094-4522-9825-91F69255E429}\Microsoft\Outlook Express\Folders.dbx L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Application Data\Identities\{D0A10A1C-9094-4522-9825-91F69255E429}\Microsoft\Outlook Express\Offline.dbx L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\ntuser.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\DIDIER\ntuser.dat.LOG L'objet est verrouillé ignoré

      C:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

      C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré

      C:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré

      C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

      C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

      C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré

      C:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré

      C:\Program Files\Agnitum\Outpost Firewall\op_data.ldb L'objet est verrouillé ignoré

      C:\Program Files\Agnitum\Outpost Firewall\op_data.mdb L'objet est verrouillé ignoré

      C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

      C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

      C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

      C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré

      C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

      C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

      C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

      C:\System Volume Information\_restore{C657F934-AE0B-49A4-ABCF-3F6A54393D93}\RP70\A0044856.dll Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

      C:\System Volume Information\_restore{C657F934-AE0B-49A4-ABCF-3F6A54393D93}\RP70\A0044857.dll Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

      C:\System Volume Information\_restore{C657F934-AE0B-49A4-ABCF-3F6A54393D93}\RP71\change.log L'objet est verrouillé ignoré

      C:\VundoFix Backups\msahgjee.dll .bad Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

      C:\VundoFix Backups\xpwqnkc.dll.bad Infecté : Trojan-Downloader.Win32.Busky.gen ignoré

      C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

      C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

      C:\WINDOWS\SoftwareDistribution\EventCache\{74FAF4B9-9CB3-4B3C-81EE-17832804CFAB}.bin L'objet est verrouillé ignoré

      C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

      C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

      C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

      C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\DEFAULT.LOG L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SOFTWARE.LOG L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

      C:\WINDOWS\system32\config\SYSTEM.LOG L'objet est verrouillé ignoré

      C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

      C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

      C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

      C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

      C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

      C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

      C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

      C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

      C:\WINDOWS\Temp\JET2AB5.tmp L'objet est verrouillé ignoré

      C:\WINDOWS\Temp\Perflib_Perfdata_b8.dat L'objet est verrouillé ignoré

      C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

      C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

      C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

      C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

      Analyse terminée.

      Logfile of HijackThis v1.99.1
      Scan saved at 12:24:08, on 06/02/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.5730.0011)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
      C:\WINDOWS\system32\slserv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
      C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
      C:\Program Files\Outlook Express\msimn.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
      O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
      O4 - Startup: .protected
      O4 - Global Startup: .protected
      O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
      O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
      O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
      O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
      0
    2. zodiaque59 Messages postés 263 Statut Membre 3
       
      Salut Chercheurbis,

      Voila j'ai fait ce que tu viens de me dire, mais je ne vois pas vraiment de changement.
      J'ai deja eu des problemes avec mon pc si tu veut regarde dans les message d'aide que j'ai fait et les manipulation que lon ma fait faire mais pour l'instant rien a faire.
      Encore une fois merci du temps que tu me consacre.
      Je ne sais plus quoi faire!
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Bonjour

    Tu peux tout cocher dans Inutiles d'Easy Cleaner.

    Deux fichiers infectés dans la sauvegarde de Vundo et deux dans le systéme de restauration.

    Supprime C:\VundoFix Backups

    Clique sur Démarrer - Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Cocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

    Puis redémarrer l'ordinateur et faire l'opération inverse en décochant la case Désactiver la restauration systéme.

    Comment se comporte le PC ?
    0
  7. Utilisateur anonyme
     
    Re

    J'ai regardé le (long) post concernant ton ralentissement.

    Je ne vois pas trop quoi faire de plus. Tu vas faire deux scans afin de vérifier s'il n'y a pas de fichiers infectieux cachés.

    * Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau
    http://www.malekal.com/download/DiagHelp.zip
    - Fais un clic droit sur le fichier et extraire tout
    - Un nouveau dossier chercher va être créé DiagHelp
    - Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
    - Une fenêtre va s'ouvrir, choisis l'option 1
    - L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
    - A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
    - Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
    -- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
    -- A nouveau menu Edition / copier
    -- Dans un nouveau message ici, faire un clic droit / coller

    * Télécharge WinPFind3U.exe sur ton bureau.
    http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe

    Double clique sur le fichier téléchargé : un dossier nommé WinPFind3U va apparaitre sur ton bureau.
    Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.
    Sous le groupe Files Created Within sélectionne 30 days
    Sous le groupe Files Modified Within sélectionne 30 days
    Sous le groupe String Search sélectionne Non-Microsoft
    A présent clique sur le bouton Run Scan dans la barre d'outils
    Patiente, cela peut durer plusieurs minutes.
    Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.
    Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.
    Copie/Colle le contenu du rapport dans ta prochaine réponse.

    Attention, les rapports sont long, poste les en deux messages.
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      Bonjour Chercheurbis,
      Voila le rapport de DiagHelp

      C:\WINDOWS\System32\nvapps.xml -->07/02/2007 06:47:55
      C:\WINDOWS\System32\tmpwisc2.exe -->04/02/2007 10:19:25
      C:\WINDOWS\System32\d3d8caps.dat -->02/02/2007 17:23:06
      C:\WINDOWS\System32\wpa.dbl -->01/02/2007 07:31:11
      C:\WINDOWS\System32\tmp.txt -->29/01/2007 15:24:52
      C:\WINDOWS\System32\tmp.reg -->29/01/2007 15:24:52
      C:\WINDOWS\System32\tmpwisc3.exe -->29/01/2007 07:35:12
      C:\WINDOWS\System32\rmoc3260.dll -->22/01/2007 11:15:57
      C:\WINDOWS\System32\pndx5032.dll -->22/01/2007 11:15:23
      C:\WINDOWS\System32\pndx5016.dll -->22/01/2007 11:15:23
      C:\WINDOWS\System32\pncrt.dll -->22/01/2007 11:15:17
      C:\WINDOWS\System32\nscompat.tlb -->21/01/2007 11:35:07
      C:\WINDOWS\System32\amcompat.tlb -->21/01/2007 11:35:07
      C:\WINDOWS\System32\tmpwisc1.exe -->21/01/2007 07:49:50
      C:\WINDOWS\System32\WinSecureDisc.pkg -->21/01/2007 07:42:22
      C:\WINDOWS\System32\isc_cpl.cpl -->20/01/2007 16:10:56
      C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -->18/01/2007 10:20:31
      C:\WINDOWS\System32\uxtuneup.dll -->17/01/2007 14:47:52
      C:\WINDOWS\System32\CONFIG.NT -->16/01/2007 17:58:16
      C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:07
      C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20
      C:\WINDOWS\System32\dsm_fr.qm -->13/01/2007 02:08:31
      C:\WINDOWS\System32\divxsm.tlb -->13/01/2007 02:08:31
      C:\WINDOWS\System32\DivXsm.exe -->13/01/2007 02:08:31
      C:\WINDOWS\System32\qt-dx331.dll -->13/01/2007 02:08:29

      C:\WINDOWS\WindowsUpdate.log -->07/02/2007 06:55:39
      C:\WINDOWS\0.log -->07/02/2007 06:48:22
      C:\WINDOWS\wiadebug.log -->07/02/2007 06:48:14
      C:\WINDOWS\ODBC.INI -->07/02/2007 06:48:13
      C:\WINDOWS\transp.gif -->07/02/2007 06:48:09
      C:\WINDOWS\wiaservc.log -->07/02/2007 06:48:05
      C:\WINDOWS\bootstat.dat -->07/02/2007 06:47:41
      C:\WINDOWS\SchedLgU.Txt -->06/02/2007 19:36:28
      C:\WINDOWS\setupapi.log -->06/02/2007 08:50:02
      C:\WINDOWS\.protected -->21/01/2007 07:50:39
      C:\WINDOWS\SiSAudioRack.ini -->18/01/2007 10:41:19
      C:\WINDOWS\win.ini -->14/01/2007 16:18:01
      C:\WINDOWS\iun6002ev.exe -->29/12/2006 08:18:52
      C:\WINDOWS\warhead.ini -->13/12/2006 11:20:17
      C:\WINDOWS\WindowsShell.Manifest -->06/12/2006 17:52:57

      C:\WINDOWS\Alcrmv.exe |01/01/2007 14:50:35
      C:\WINDOWS\alcupd.exe |01/01/2007 14:50:35
      C:\WINDOWS\bdoscandel.exe |25/05/2006 00:22:06
      C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |22/05/2004 10:58:48
      C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |27/05/2004 03:44:01
      C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |02/07/2005 13:46:21
      C:\WINDOWS\Ctregrun.exe |02/06/2004 15:39:48
      C:\WINDOWS\InZU31.exe |03/02/2005 17:03:37
      C:\WINDOWS\IsUn040c.exe |21/05/2004 18:36:48
      C:\WINDOWS\IsUninst.exe |21/05/2004 18:57:28
      C:\WINDOWS\iun6002ev.exe |29/12/2006 08:19:13
      C:\WINDOWS\PATCH.EXE |20/07/2004 17:57:32
      C:\WINDOWS\slrundll.exe |20/08/2004 00:10:02
      C:\WINDOWS\soundman.exe |01/01/2007 14:50:35
      C:\WINDOWS\tsc.exe |20/07/2004 17:59:15
      C:\WINDOWS\twunk_16.exe |28/08/2001 13:00:00
      C:\WINDOWS\twunk_32.exe |28/08/2001 13:00:00
      C:\WINDOWS\uninst.exe |21/09/2006 09:09:00
      C:\WINDOWS\unvise32qt.exe |04/08/2004 17:04:19
      C:\WINDOWS\UpdtNv28.exe |11/10/2006 15:27:31
      C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20
      C:\WINDOWS\BPMNT.dll |20/07/2004 17:59:14
      C:\WINDOWS\HCExtOutput.dll |20/07/2004 17:59:15
      C:\WINDOWS\Iden32.dll |12/09/2006 08:00:35
      C:\WINDOWS\PCDLIB32.DLL |18/04/2005 15:50:18
      C:\WINDOWS\POCE98.DLL |23/09/1998 21:10:16
      C:\WINDOWS\POCELANG.DLL |23/02/1999 14:12:18
      C:\WINDOWS\TMUPDATE.DLL |20/07/2004 17:57:33
      C:\WINDOWS\twain.dll |28/08/2001 13:00:00
      C:\WINDOWS\twain_32.dll |28/08/2001 13:00:00
      C:\WINDOWS\UNZIP.DLL |20/07/2004 17:57:33
      C:\WINDOWS\vsapi32.dll |20/07/2004 17:59:14
      C:\WINDOWS\system32\append.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\aswBoot.exe |30/10/2006 08:38:53
      C:\WINDOWS\system32\ChCfg.exe |30/01/2007 13:05:27
      C:\WINDOWS\system32\debug.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |12/01/2007 02:19:44
      C:\WINDOWS\system32\DivXsm.exe |13/01/2007 02:08:31
      C:\WINDOWS\system32\dosx.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\dumphive.exe |19/12/2006 09:02:40
      C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34
      C:\WINDOWS\system32\edlin.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\exe2bin.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\fastopen.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\hpocon09.exe |24/04/2002 02:25:04
      C:\WINDOWS\system32\hpoinw07.exe |24/04/2002 01:23:54
      C:\WINDOWS\system32\hpoipm07.exe |24/04/2002 01:24:34
      C:\WINDOWS\system32\INFSETUP.exe |03/02/2007 16:17:46
      C:\WINDOWS\system32\InstMed.exe |22/05/2004 11:24:58
      C:\WINDOWS\system32\java.exe |18/01/2007 10:20:33
      C:\WINDOWS\system32\javaw.exe |18/01/2007 10:20:33
      C:\WINDOWS\system32\javaws.exe |18/01/2007 10:20:33
      C:\WINDOWS\system32\keystone.exe |22/10/2006 12:22:00
      C:\WINDOWS\system32\LVCOMSX.EXE |25/02/2004 15:15:50
      C:\WINDOWS\system32\Machnm1.exe |16/09/2006 10:32:57
      C:\WINDOWS\system32\mem.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\nvappbar.exe |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvcolor.exe |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvcplui.exe |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvdspsch.exe |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvsvc32.exe |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvudisp.exe |03/02/2007 11:17:57
      C:\WINDOWS\system32\NVUNINST.EXE |03/02/2007 11:16:52
      C:\WINDOWS\system32\nwiz.exe |22/10/2006 12:22:00
      C:\WINDOWS\system32\PRISMSVR.exe |18/03/2004 13:44:42
      C:\WINDOWS\system32\PSDrvCheck.exe |10/11/2003 16:06:08
      C:\WINDOWS\system32\pxcpya64.exe |20/09/2006 04:06:31
      C:\WINDOWS\system32\pxcpyi64.exe |20/09/2006 04:06:31
      C:\WINDOWS\system32\pxhpinst.exe |20/09/2006 04:06:31
      C:\WINDOWS\system32\pxinsa64.exe |20/09/2006 04:06:31
      C:\WINDOWS\system32\pxinsi64.exe |20/09/2006 04:06:31
      C:\WINDOWS\system32\redir.exe |22/05/2004 07:22:02
      C:\WINDOWS\system32\RTLCPL.exe |30/01/2007 13:04:09
      C:\WINDOWS\system32\setver.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\share.exe |28/08/2001 13:00:00
      C:\WINDOWS\system32\slrundll.exe |20/08/2004 00:10:02
      C:\WINDOWS\system32\slserv.exe |20/08/2004 00:10:02
      C:\WINDOWS\system32\SrchSTS.exe |19/12/2006 09:02:40
      C:\WINDOWS\system32\swreg.exe |19/12/2006 09:02:39
      C:\WINDOWS\system32\swsc.exe |19/12/2006 09:02:40
      C:\WINDOWS\system32\swxcacls.exe |19/12/2006 09:02:40
      C:\WINDOWS\system32\tmpwisc1.exe |31/12/2006 11:08:09
      C:\WINDOWS\system32\tmpwisc2.exe |20/01/2007 16:14:40
      C:\WINDOWS\system32\tmpwisc3.exe |31/12/2006 10:53:17
      C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48
      C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48
      C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48
      C:\WINDOWS\system32\amstream.dll |04/07/2004 08:28:06
      C:\WINDOWS\system32\ati2cqag.dll |20/08/2004 00:09:19
      C:\WINDOWS\system32\ati2dvaa.dll |22/05/2004 07:19:58
      C:\WINDOWS\system32\ati2dvag.dll |22/05/2004 07:19:59
      C:\WINDOWS\system32\ati3d1ag.dll |22/05/2004 07:20:10
      C:\WINDOWS\system32\ati3d2ag.dll |22/05/2004 07:20:16
      C:\WINDOWS\system32\ati3duag.dll |20/08/2004 00:09:19
      C:\WINDOWS\system32\ativtmxx.dll |20/08/2004 00:09:19
      C:\WINDOWS\system32\ativvaxx.dll |20/08/2004 00:09:19
      C:\WINDOWS\system32\atmfd.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\atmlib.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\compatui.dll |22/05/2004 07:14:58
      C:\WINDOWS\system32\ctdvda32.dll |30/01/2005 06:19:47
      C:\WINDOWS\system32\dgrpsetu.dll |21/05/2004 19:21:18
      C:\WINDOWS\system32\dgsetup.dll |21/05/2004 19:21:18
      C:\WINDOWS\system32\DivX.dll |13/01/2007 02:03:26
      C:\WINDOWS\system32\divxdec_0407.dll |26/10/2004 23:38:18
      C:\WINDOWS\system32\divxdec_040c.dll |26/10/2004 23:38:18
      C:\WINDOWS\system32\divxdec_0411.dll |26/10/2004 23:38:18
      C:\WINDOWS\system32\DivXWMPExtType.dll |12/01/2007 02:19:45
      C:\WINDOWS\system32\divx_xx07.dll |13/01/2007 02:03:26
      C:\WINDOWS\system32\divx_xx0c.dll |13/01/2007 02:03:26
      C:\WINDOWS\system32\divx_xx11.dll |13/01/2007 02:03:26
      C:\WINDOWS\system32\dpl100.dll |11/08/2006 00:03:58
      C:\WINDOWS\system32\dpu10.dll |13/01/2007 02:03:29
      C:\WINDOWS\system32\dpu11.dll |11/07/2006 23:54:31
      C:\WINDOWS\system32\dpuGUI10.dll |13/01/2007 02:03:30
      C:\WINDOWS\system32\dpuGUI11.dll |11/07/2006 23:54:31
      C:\WINDOWS\system32\dpus10.dll |26/10/2004 23:39:03
      C:\WINDOWS\system32\dpus11.dll |13/01/2007 02:03:29
      C:\WINDOWS\system32\dpv10.dll |26/10/2004 23:39:04
      C:\WINDOWS\system32\dpv11.dll |11/07/2006 23:54:31
      C:\WINDOWS\system32\dtu100.dll |13/01/2007 02:03:31
      C:\WINDOWS\system32\encdec.dll |22/05/2004 07:20:24
      C:\WINDOWS\system32\EqnClass.Dll |21/05/2004 19:21:18
      C:\WINDOWS\system32\GCPL_FRENCH.dll |21/05/2004 18:58:05
      C:\WINDOWS\system32\hpocoi08.dll |22/05/2004 05:29:55
      C:\WINDOWS\system32\hpoidm07.dll |24/04/2002 02:05:06
      C:\WINDOWS\system32\hpoidr07.dll |24/04/2002 01:22:56
      C:\WINDOWS\system32\hpoipr07.dll |24/04/2002 01:25:06
      C:\WINDOWS\system32\hpoipt07.dll |24/04/2002 01:26:16
      C:\WINDOWS\system32\hpoisn07.dll |24/04/2002 01:26:30
      C:\WINDOWS\system32\hpomem07.dll |24/04/2002 01:33:42
      C:\WINDOWS\system32\HPOtap07.dll |24/04/2002 01:32:36
      C:\WINDOWS\system32\hpousd07.dll |24/04/2002 01:58:36
      C:\WINDOWS\system32\hsfcisp2.dll |20/08/2004 00:09:27
      C:\WINDOWS\system32\hticons.dll |21/05/2004 18:30:51
      C:\WINDOWS\system32\hypertrm.dll |21/05/2004 18:30:51
      C:\WINDOWS\system32\Iacenc.dll |18/11/1998 14:33:16
      C:\WINDOWS\system32\iccvid.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\indounin.dll |27/01/1999 12:39:06
      C:\WINDOWS\system32\ir32_32.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\ir41_qc.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\ir41_qcx.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\ir50_32.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\ir50_qc.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\ir50_qcx.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\isrdbg32.dll |21/05/2004 18:32:55
      C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 06:56:08
      C:\WINDOWS\system32\jgaw400.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\jgdw400.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\jgmd400.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\jgpl400.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\jgsd400.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\jgsh400.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\LCamCpl.dll |25/02/2004 16:04:04
      C:\WINDOWS\system32\lfbmp11n.dll |10/05/2000 11:34:12
      C:\WINDOWS\system32\lfbmp12n.dll |25/02/2004 13:38:42
      C:\WINDOWS\system32\LFCMP11n.DLL |10/05/2000 11:34:14
      C:\WINDOWS\system32\LFCMP12n.DLL |25/02/2004 13:38:42
      C:\WINDOWS\system32\lfeps11n.dll |10/05/2000 11:34:14
      C:\WINDOWS\system32\lffax11n.dll |10/05/2000 11:34:14
      C:\WINDOWS\system32\lffax12n.dll |25/02/2004 13:38:42
      C:\WINDOWS\system32\lfgif11n.dll |09/05/2000 18:41:26
      C:\WINDOWS\system32\lfpcd11n.dll |10/05/2000 11:34:16
      C:\WINDOWS\system32\lfpcx11n.dll |10/05/2000 11:34:16
      C:\WINDOWS\system32\Lfpng11n.dll |10/05/2000 11:34:18
      C:\WINDOWS\system32\lfpsd11n.dll |10/05/2000 11:34:20
      C:\WINDOWS\system32\lftga11n.dll |10/05/2000 11:34:20
      C:\WINDOWS\system32\lftif11n.dll |10/05/2000 11:34:22
      C:\WINDOWS\system32\lftif12n.dll |25/02/2004 13:38:42
      C:\WINDOWS\system32\lfwmf11n.dll |10/05/2000 11:34:22
      C:\WINDOWS\system32\libdivx.dll |12/07/2006 00:40:00
      C:\WINDOWS\system32\libeay32.dll |28/04/2005 05:22:34
      C:\WINDOWS\system32\LQCUI2.dll |25/02/2004 15:35:10
      C:\WINDOWS\system32\LTDIS11n.dll |10/05/2000 11:34:24
      C:\WINDOWS\system32\LTDIS12n.dll |25/02/2004 13:38:46
      C:\WINDOWS\system32\ltefx12n.dll |25/02/2004 13:38:46
      C:\WINDOWS\system32\ltfil11n.DLL |09/05/2000 18:41:26
      C:\WINDOWS\system32\ltfil12n.DLL |25/02/2004 13:38:46
      C:\WINDOWS\system32\ltimg11n.dll |10/05/2000 11:34:28
      C:\WINDOWS\system32\ltimg12n.dll |25/02/2004 13:38:46
      C:\WINDOWS\system32\ltkrn11n.dll |10/05/2000 11:34:32
      C:\WINDOWS\system32\ltkrn12n.dll |25/02/2004 13:38:48
      C:\WINDOWS\system32\Ltwvc11n.dll |10/05/2000 11:34:36
      C:\WINDOWS\system32\Ltwvc12n.dll |25/02/2004 13:38:52
      C:\WINDOWS\system32\LVCodec2.dll |22/05/2004 11:24:40
      C:\WINDOWS\system32\lvcoinst.dll |22/05/2004 11:24:41
      C:\WINDOWS\system32\LVCOMCX.dll |25/02/2004 15:18:46
      C:\WINDOWS\system32\Lvkrn12n.dll |25/02/2004 13:38:52
      C:\WINDOWS\system32\LVMAENUM.dll |25/02/2004 15:16:56
      C:\WINDOWS\system32\LVUI2.dll |22/05/2004 11:24:41
      C:\WINDOWS\system32\LVUI2RC.dll |22/05/2004 11:24:41
      C:\WINDOWS\system32\mdmxsdk.dll |20/08/2004 00:09:30
      C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06
      C:\WINDOWS\system32\mrvfwext.dll |22/05/2004 10:49:24
      C:\WINDOWS\system32\msdmo.dll |04/07/2004 08:28:06
      C:\WINDOWS\system32\msencode.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 19:46:58
      C:\WINDOWS\system32\mtxparhd.dll |20/08/2004 00:09:35
      C:\WINDOWS\system32\Npindeo.dll |20/11/1998 12:38:58
      C:\WINDOWS\system32\nv4_disp.dll |22/05/2004 07:21:33
      C:\WINDOWS\system32\nvapi.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvcod.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvcodins.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvcpl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvcpluir.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvdisps.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvdispsr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvexpbar.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvgames.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvgamesr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvhwvid.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nview.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvmccs.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvmccsrs.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvmccss.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvmccssr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvmctray.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvmobls.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvmoblsr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvnt4cpl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvoglnt.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsar.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrscs.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsda.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsde.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsel.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrseng.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrses.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsesm.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsfi.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsfr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrshe.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrshu.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsit.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsja.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsko.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsnl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsno.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrspl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrspt.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsptb.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrsru.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrssk.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrssl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrssv.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrstr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrszhc.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvrszht.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvshell.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvvitvs.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvvitvsr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwddi.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwdmcpl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwimg.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsar.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrscs.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsda.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsde.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsel.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrseng.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrses.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsesm.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsfi.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsfr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrshe.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrshu.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsit.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsja.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsko.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsnl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsno.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrspl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrspt.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsptb.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrsru.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrssk.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrssl.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrssv.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrstr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrszhc.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwrszht.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwss.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\nvwssr.dll |22/10/2006 12:22:00
      C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16
      C:\WINDOWS\system32\PCDLIB32.DLL |10/05/2000 11:34:38
      C:\WINDOWS\system32\pncrt.dll |17/06/2004 18:42:31
      C:\WINDOWS\system32\pndx5016.dll |19/02/2005 13:10:33
      C:\WINDOWS\system32\pndx5032.dll |19/02/2005 13:10:33
      C:\WINDOWS\system32\PRISMAPI.dll |18/03/2004 13:41:02
      C:\WINDOWS\system32\PRISMNDI.dll |18/03/2004 13:49:14
      C:\WINDOWS\system32\PSIKey.dll |26/10/2004 23:38:24
      C:\WINDOWS\system32\psisdecd.dll |04/07/2004 08:28:10
      C:\WINDOWS\system32\px.dll |20/09/2006 04:06:30
      C:\WINDOWS\system32\pxdrv.dll |20/09/2006 04:06:31
      C:\WINDOWS\system32\pxmas.dll |20/09/2006 04:06:30
      C:\WINDOWS\system32\pxwave.dll |20/09/2006 04:06:30
      C:\WINDOWS\system32\QCUI2.dll |25/02/2004 15:37:58
      C:\WINDOWS\system32\qedwipes.dll |04/07/2004 08:28:06
      C:\WINDOWS\system32\qt-dx331.dll |27/07/2006 18:28:42
      C:\WINDOWS\system32\qt-mt331.dll |26/10/2004 23:39:05
      C:\WINDOWS\system32\rmoc3260.dll |17/06/2004 18:42:41
      C:\WINDOWS\system32\RtlCPAPI.dll |30/01/2007 13:04:04
      C:\WINDOWS\system32\s3gnb.dll |20/08/2004 00:09:39
      C:\WINDOWS\system32\sbe.dll |22/05/2004 07:20:39
      C:\WINDOWS\system32\slbcsp.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\slbiop.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\slbrccsp.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\slcoinst.dll |20/08/2004 00:09:41
      C:\WINDOWS\system32\slextspk.dll |20/08/2004 00:09:41
      C:\WINDOWS\system32\slgen.dll |20/08/2004 00:09:41
      C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18
      C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18
      C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18
      C:\WINDOWS\system32\spxcoins.dll |21/05/2004 19:21:18
      C:\WINDOWS\system32\ssldivx.dll |12/07/2006 00:40:00
      C:\WINDOWS\system32\ssleay32.dll |28/04/2005 05:22:34
      C:\WINDOWS\system32\tsd32.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20
      C:\WINDOWS\system32\uxtuneup.dll |20/01/2007 11:24:51
      C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29
      C:\WINDOWS\system32\vxblock.dll |20/09/2006 04:06:30
      C:\WINDOWS\system32\W32N50.dll |02/07/2005 11:02:35
      C:\WINDOWS\system32\win87em.dll |28/08/2001 13:00:00
      C:\WINDOWS\system32\WINFOXUT.dll |03/02/2007 05:39:45
      C:\WINDOWS\system32\WooDial2000.dll |21/05/2004 19:10:30

      Le volume dans le lecteur C n'a pas de nom.
      Le numéro de série du volume est F852-3CA5

      Répertoire de C:\WINDOWS\system32

      20/08/2004 00:09 6 144 csrss.exe
      1 fichier(s) 6 144 octets
      0 Rép(s) 25 518 133 248 octets libres

      Contenu de Downloaded Program Files
      Le volume dans le lecteur C n'a pas de nom.
      Le numéro de série du volume est F852-3CA5

      Répertoire de C:\WINDOWS\Downloaded Program Files

      06/02/2007 08:50 <REP> .
      06/02/2007 08:50 <REP> ..
      07/12/2004 15:07 32 bdcore.dll
      01/03/2005 13:08 118 784 bdupd.dll
      24/08/2005 00:00 2 390 catalog.dat
      20/12/2006 15:19 <REP> CONFLICT.1
      05/02/2007 08:13 <REP> CONFLICT.2
      05/12/2006 17:16 516 CTPID.inf
      06/12/2006 11:10 38 696 CTPID.ocx
      11/08/2006 09:40 523 CTSUEng.inf
      11/08/2006 09:36 225 280 CTSUEng.ocx
      21/05/2004 18:34 65 desktop.ini
      25/07/2002 18:13 24 576 dwusplay.dll
      25/07/2002 18:13 196 608 dwusplay.exe
      24/08/2005 00:00 6 899 ecbootil.vxd
      24/08/2005 00:00 288 376 ecmsvr32.dll
      06/12/2004 15:55 325 240 EphotoAxRes.dll
      07/06/2006 10:09 1 249 erma.inf
      22/12/2006 12:20 1 564 hardwaredetection.inf
      06/10/2005 18:19 168 448 IEAWSDC.DLL
      06/10/2005 18:19 452 ieawsdc.inf
      08/04/2006 23:59 274 432 InternetUtil2.dll
      01/03/2005 13:08 53 248 ipsupd.dll
      16/06/2004 06:02 323 584 isusweb.dll
      25/08/2003 17:12 1 096 iuctl.inf
      08/08/2006 11:45 576 kavwebscan.inf
      09/03/2005 14:42 6 742 lang.ini
      11/12/2006 16:44 367 LegitCheckControl.inf
      07/12/2004 15:07 32 libfn.dll
      18/02/2005 15:22 126 live.ini
      05/12/2005 19:58 83 680 LogInfo.dll
      20/01/2000 14:25 1 162 Microsoft XML Parser for Java.osd
      18/01/2007 00:27 345 512 MSDcode.dll
      24/08/2005 00:00 124 536 naveng32.dll
      24/08/2005 00:00 706 168 navex32a.dll
      28/08/2006 10:05 227 opuc.inf
      31/05/2006 03:15 10 oscan81.ocx_x
      09/03/2005 14:43 6 828 scanoptions.tsi
      24/08/2005 00:00 91 440 scrauth.dat
      03/06/2005 12:24 395 SnapfishActivia1000.inf
      03/06/2005 12:24 286 720 SnapfishActivia1000.ocx
      08/12/2003 12:58 3 759 swflash.inf
      24/08/2005 00:00 8 145 symaveng.cat
      24/08/2005 00:00 901 symaveng.inf
      24/08/2005 00:00 12 616 tcdefs.dat
      24/08/2005 00:00 722 450 tcscan7.dat
      24/08/2005 00:00 165 937 tcscan8.dat
      24/08/2005 00:00 403 280 tcscan9.dat
      24/08/2005 00:00 453 tinf.dat
      24/08/2005 00:00 148 tinfidx.dat
      24/08/2005 00:00 1 957 tinfl.dat
      19/06/2001 16:10 122 880 TLIEFlashCtrlU.dll
      24/08/2005 00:00 41 449 tscan1.dat
      24/08/2005 00:00 1 237 tscan1hd.dat
      24/08/2005 00:00 5 516 v.grd
      24/08/2005 00:00 2 225 v.sig
      24/08/2005 00:00 106 244 virscan.inf
      24/08/2005 00:00 958 590 virscan1.dat
      24/08/2005 00:00 559 396 virscan2.dat
      24/08/2005 00:00 145 136 virscan3.dat
      24/08/2005 00:00 320 105 virscan4.dat
      24/08/2005 00:00 1 248 502 virscan5.dat
      24/08/2005 00:00 385 075 virscan6.dat
      24/08/2005 00:00 2 475 818 virscan7.dat
      24/08/2005 00:00 1 380 757 virscan8.dat
      24/08/2005 00:00 2 593 142 virscan9.dat
      24/08/2005 00:00 32 virscant.dat
      27/08/2005 20:03 2 072 vscanmsx.dat
      27/10/2002 18:32 3 036 wmv9dmo.inf
      30/06/2003 21:41 1 689 WMV9VCM.inf
      26/05/2005 04:19 291 wuweb.inf
      24/08/2005 00:00 224 zdone.dat
      68 fichier(s) 15 379 641 octets

      Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1

      20/12/2006 15:19 <REP> .
      20/12/2006 15:19 <REP> ..
      07/12/2004 16:07 32 bdcore.dll
      01/03/2005 14:08 118 784 bdupd.dll
      01/03/2005 14:08 53 248 ipsupd.dll
      09/03/2005 15:42 6 742 lang.ini
      07/12/2004 16:07 32 libfn.dll
      18/02/2005 16:22 126 live.ini
      31/05/2006 04:15 10 oscan81.ocx_x
      09/03/2005 15:43 6 828 scanoptions.tsi
      8 fichier(s) 185 802 octets

      Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2

      05/02/2007 08:13 <REP> .
      05/02/2007 08:13 <REP> ..
      07/12/2004 16:07 32 bdcore.dll
      01/03/2005 14:08 118 784 bdupd.dll
      01/03/2005 14:08 53 248 ipsupd.dll
      16/03/2005 11:34 7 407 lang.ini
      07/12/2004 16:07 32 libfn.dll
      14/03/2005 13:38 126 live.ini
      01/06/2006 02:57 1 331 oscan8.inf
      01/06/2006 02:54 471 040 oscan8.ocx
      31/05/2006 04:15 10 oscan81.ocx_x
      14/03/2005 13:58 7 073 scanoptions.tsi
      10 fichier(s) 659 083 octets

      Total des fichiers listés :
      86 fichier(s) 16 224 526 octets
      8 Rép(s) 25 518 125 056 octets libres

      Recherche de rootkit! (Merci S!Ri)

      Recherche d'infections connues




      Liste des programmes installes

      a-squared Free 2.1
      Ad-Aware SE Personal
      Adobe Acrobat 5.0
      Adobe Flash Player 9
      Adobe Reader 7.0.9 - Français
      Agnitum Outpost Firewall Pro
      Archiveur WinRAR
      Ashampoo Magical Optimizer
      avast! Antivirus
      AVG Anti-Spyware 7.5
      BlindWrite 6
      Camera Driver
      CartaGoGo v2.0.8
      CCleaner (remove only)
      ConvertXtoDVD 2.1.10.209
      Correctif pour Windows XP (KB914440)
      Correctif Windows XP - KB834707
      Correctif Windows XP - KB867282
      Correctif Windows XP - KB873333
      Correctif Windows XP - KB873339
      Correctif Windows XP - KB885250
      Correctif Windows XP - KB885835
      Correctif Windows XP - KB885836
      Correctif Windows XP - KB885884
      Correctif Windows XP - KB886185
      Correctif Windows XP - KB887472
      Correctif Windows XP - KB887742
      Correctif Windows XP - KB888113
      Correctif Windows XP - KB888302
      Correctif Windows XP - KB890047
      Correctif Windows XP - KB890175
      Correctif Windows XP - KB890859
      Correctif Windows XP - KB890923
      Correctif Windows XP - KB891781
      Correctif Windows XP - KB893066
      Correctif Windows XP - KB893086
      Creative Desktop Wireless
      DivX Codec
      DivX Player
      EasyCleaner
      eMule
      EnveloppesEditor1.08
      EVEREST Home Edition v2.20
      FoneSync
      Google Toolbar for Internet Explorer
      HardwareDetection
      Hijackthis Version Française
      Hotfix for Windows XP (KB915865)
      Hotfix for Windows XP (KB926239)
      hp psc 700 series
      HP Share-to-Web
      HP Software Update
      Installation de Microsoft Works Suite 2001
      J2SE Runtime Environment 5.0 Update 10
      Java 2 Runtime Environment Standard Edition v1.3.1_03
      Java 2 Runtime Environment, SE v1.4.2_05
      Kaspersky Online Scanner
      L&H TTS3000 Français
      Language pack for Ad-Aware SE
      Lecteur Windows Media 11
      Logiciel d'impression photo HP
      Logiciel QuickCam de Logitech
      Logitech Desktop Messenger
      Macro complémentaire Microsoft Word pour Works Suite
      Microsoft .NET Framework 2.0
      Microsoft .NET Framework 2.0
      Microsoft Compression Client Pack 1.0 for Windows XP
      Microsoft Data Access Components KB870669
      Microsoft Internationalized Domain Names Mitigation APIs
      Microsoft National Language Support Downlevel APIs
      Microsoft Office 2000 SR-1 Disque 2
      Microsoft Office XP Standard
      Microsoft Picture It! Express 7.0
      Microsoft Picture It! Photo 2001
      Microsoft User-Mode Driver Framework Feature Pack 1.0
      Microsoft Works 6.0
      Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
      Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
      Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
      Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
      Mise à jour de sécurité pour Windows XP (KB883939)
      Mise à jour de sécurité pour Windows XP (KB890046)
      Mise à jour de sécurité pour Windows XP (KB893756)
      Mise à jour de sécurité pour Windows XP (KB896358)
      Mise à jour de sécurité pour Windows XP (KB896422)
      Mise à jour de sécurité pour Windows XP (KB896423)
      Mise à jour de sécurité pour Windows XP (KB896424)
      Mise à jour de sécurité pour Windows XP (KB896428)
      Mise à jour de sécurité pour Windows XP (KB896688)
      Mise à jour de sécurité pour Windows XP (KB899587)
      Mise à jour de sécurité pour Windows XP (KB899588)
      Mise à jour de sécurité pour Windows XP (KB899591)
      Mise à jour de sécurité pour Windows XP (KB900725)
      Mise à jour de sécurité pour Windows XP (KB901017)
      Mise à jour de sécurité pour Windows XP (KB901214)
      Mise à jour de sécurité pour Windows XP (KB902400)
      Mise à jour de sécurité pour Windows XP (KB903235)
      Mise à jour de sécurité pour Windows XP (KB904706)
      Mise à jour de sécurité pour Windows XP (KB905414)
      Mise à jour de sécurité pour Windows XP (KB905749)
      Mise à jour de sécurité pour Windows XP (KB905915)
      Mise à jour de sécurité pour Windows XP (KB908519)
      Mise à jour de sécurité pour Windows XP (KB908531)
      Mise à jour de sécurité pour Windows XP (KB911280)
      Mise à jour de sécurité pour Windows XP (KB911562)
      Mise à jour de sécurité pour Windows XP (KB911567)
      Mise à jour de sécurité pour Windows XP (KB911927)
      Mise à jour de sécurité pour Windows XP (KB912812)
      Mise à jour de sécurité pour Windows XP (KB912919)
      Mise à jour de sécurité pour Windows XP (KB913446)
      Mise à jour de sécurité pour Windows XP (KB913580)
      Mise à jour de sécurité pour Windows XP (KB914388)
      Mise à jour de sécurité pour Windows XP (KB914389)
      Mise à jour de sécurité pour Windows XP (KB916281)
      Mise à jour de sécurité pour Windows XP (KB917159)
      Mise à jour de sécurité pour Windows XP (KB917344)
      Mise à jour de sécurité pour Windows XP (KB917422)
      Mise à jour de sécurité pour Windows XP (KB917953)
      Mise à jour de sécurité pour Windows XP (KB918439)
      Mise à jour de sécurité pour Windows XP (KB918899)
      Mise à jour de sécurité pour Windows XP (KB919007)
      Mise à jour de sécurité pour Windows XP (KB920213)
      Mise à jour de sécurité pour Windows XP (KB920214)
      Mise à jour de sécurité pour Windows XP (KB920670)
      Mise à jour de sécurité pour Windows XP (KB920683)
      Mise à jour de sécurité pour Windows XP (KB920685)
      Mise à jour de sécurité pour Windows XP (KB921398)
      Mise à jour de sécurité pour Windows XP (KB921883)
      Mise à jour de sécurité pour Windows XP (KB922616)
      Mise à jour de sécurité pour Windows XP (KB922760)
      Mise à jour de sécurité pour Windows XP (KB922819)
      Mise à jour de sécurité pour Windows XP (KB923191)
      Mise à jour de sécurité pour Windows XP (KB923414)
      Mise à jour de sécurité pour Windows XP (KB923694)
      Mise à jour de sécurité pour Windows XP (KB923980)
      Mise à jour de sécurité pour Windows XP (KB924191)
      Mise à jour de sécurité pour Windows XP (KB924270)
      Mise à jour de sécurité pour Windows XP (KB924496)
      Mise à jour de sécurité pour Windows XP (KB925486)
      Mise à jour de sécurité pour Windows XP (KB926255)
      Mise à jour pour Windows XP (KB894391)
      Mise à jour pour Windows XP (KB896727)
      Mise à jour pour Windows XP (KB898461)
      Mise à jour pour Windows XP (KB900485)
      Mise à jour pour Windows XP (KB904942)
      Mise à jour pour Windows XP (KB910437)
      Mise à jour pour Windows XP (KB916595)
      Mise à jour pour Windows XP (KB920872)
      Mise à jour pour Windows XP (KB922582)
      Mon Assistant Internet
      Mozilla Firefox (2.0.0.1)
      MSXML 4.0 SP2 (KB927978)
      NVIDIA Drivers
      OS Pack Works Suite
      Programme de gestion Camera de Logitech®
      RealPlayer
      Realtek AC'97 Audio
      SafeCast Shared Components
      Security Update for Microsoft .NET Framework 2.0 (KB922770)
      Security Update pour Microsoft .NET Framework 2.0 (KB917283)
      Shockwave
      Spybot - Search & Destroy 1.4
      Suppress plus 1.8
      Synchronisation de Works
      TuneUp Utilities 2007
      VideoLAN VLC media player 0.8.5
      VSO CopyToDVD 4
      VSO Inspector 1.2.5
      WebFldrs XP
      Windows Genuine Advantage v1.3.0254.0
      Windows Installer 3.1 (KB893803)
      Windows Installer 3.1 (KB893803)
      Windows Internet Explorer 7
      Windows Live Messenger
      Windows Media Format 11 runtime
      Windows Media Format 11 runtime
      Windows Media Player 11
      Windows XP Service Pack 2
      WinFast(R) Display Driver
      Yahoo! Toolbar avec bloqueur de fenêtres pop-up



      Le volume dans le lecteur C n'a pas de nom.
      Le numéro de série du volume est F852-3CA5

      Répertoire de C:\Program Files

      06/02/2007 07:21 <REP> .
      06/02/2007 07:21 <REP> ..
      29/01/2007 09:41 <REP> 3B Software
      08/10/2006 08:10 <REP> Adobe
      29/01/2007 10:27 <REP> Agnitum
      03/02/2007 15:28 <REP> AIDA32 - Enterprise System Information
      08/09/2006 07:02 <REP> Alp-enveloppe
      22/10/2006 16:47 <REP> Alwil Software
      26/01/2007 11:41 <REP> Ashampoo
      05/02/2007 14:08 <REP> a-squared Free
      03/01/2007 08:36 <REP> Avance Sound Manager
      10/09/2006 15:10 <REP> CartaGoGo
      10/09/2006 08:41 <REP> Cartes de visite
      29/11/2006 10:58 <REP> CCleaner
      20/08/2004 17:52 <REP> cdimage
      06/01/2007 07:23 <REP> CleanUp!(2)
      18/11/2005 08:33 <REP> Creative
      11/09/2006 05:13 <REP> DesignPro
      06/04/2004 18:18 <REP> directx
      03/02/2007 15:23 <REP> DivX
      01/02/2007 12:08 <REP> eMule
      06/02/2007 11:28 <REP> EnveloppesEditor1.08
      21/05/2004 23:27 <REP> EuroTool
      29/01/2007 10:27 <REP> Fichiers communs
      03/02/2007 07:59 <REP> FoneSync
      09/12/2006 07:19 <REP> FreshDevices
      13/11/2006 07:16 <REP> FriendFinder Messenger
      02/02/2007 07:11 <REP> Google
      08/11/2006 13:49 <REP> Grisoft
      30/01/2007 13:07 <REP> HardwareDetection
      02/11/2006 16:40 <REP> Hewlett-Packard
      06/02/2007 12:23 <REP> Hijackthis Version Française
      27/09/2006 06:38 <REP> HP
      25/01/2007 08:15 <REP> hugin
      21/04/2006 08:59 <REP> IncrediMail
      19/02/2005 08:02 <REP> InterActual
      06/02/2007 13:33 <REP> Internet Explorer
      19/02/2005 08:02 <REP> InterVideo
      26/11/2005 09:53 <REP> Jasc Software Inc
      03/02/2007 15:31 <REP> Java
      06/04/2004 18:29 <REP> JavaSoft
      12/12/2006 18:08 <REP> Lavalys
      14/11/2006 13:16 <REP> Lavasoft
      17/09/2006 06:23 <REP> LCDTest
      19/12/2005 07:24 <REP> LG Sofware Innovations
      29/01/2005 05:00 <REP> LiveUpdate
      22/05/2004 11:25 <REP> Logitech
      19/02/2005 07:56 <REP> Messenger
      21/05/2004 23:28 <REP> Microsoft AutoRoute
      07/04/2004 02:07 <REP> Microsoft Encarta
      02/03/2006 08:34 <REP> microsoft frontpage
      21/05/2004 23:28 <REP> Microsoft Money
      02/03/2006 08:40 <REP> Microsoft Office
      03/11/2006 05:14 <REP> Microsoft Picture It! 7
      23/01/2007 06:44 <REP> Microsoft Picture It! PhotoPub
      18/08/2005 06:28 <REP> Microsoft Works
      07/04/2004 02:08 <REP> Microsoft Works Suite 2001
      10/03/2006 11:12 <REP> Motive
      02/09/2004 20:10 <REP> Movie Maker
      06/02/2007 17:36 <REP> Mozilla Firefox
      21/05/2004 23:26 <REP> MSN
      07/04/2004 02:06 <REP> MSN Gaming Zone
      17/12/2006 12:56 <REP> MSN Messenger
      15/11/2006 10:21 <REP> MSXML 4.0
      31/01/2007 13:05 <REP> Multi_Media_France
      02/09/2004 20:01 <REP> NetMeeting
      07/04/2004 02:08 <REP> NewTech Infosystems
      10/03/2006 11:11 <REP> Numericable
      15/12/2006 08:40 <REP> Outlook Express
      06/04/2004 18:23 <REP> Raccourcis de programmes
      19/02/2005 13:09 <REP> Real
      30/01/2007 13:04 <REP> Realtek AC97
      08/09/2004 18:11 <REP> Snapshot Viewer
      03/01/2007 08:36 <REP> Softwin
      04/02/2007 11:41 <REP> splus
      26/01/2007 17:08 <REP> Spybot - Search & Destroy
      06/02/2007 07:21 <REP> ToniArts
      20/01/2007 11:23 <REP> TuneUp Utilities 2006
      20/01/2007 17:49 <REP> TuneUp Utilities 2007
      04/02/2007 10:34 <REP> Ultimate Cleaner
      12/04/2004 09:30 <REP> VideoLAN
      08/01/2007 13:44 <REP> VSO
      12/12/2006 07:56 <REP> Windows Live Toolbar
      06/04/2004 18:21 <REP> Windows Media Components
      15/11/2006 16:03 <REP> Windows Media Connect 2
      24/01/2007 06:51 <REP> Windows Media Player
      02/09/2004 20:00 <REP> Windows NT
      06/01/2007 07:23 <REP> WinRAR
      03/01/2007 08:36 <REP> WinZip
      07/04/2004 02:06 <REP> xerox
      04/02/2007 17:01 <REP> Yahoo!
      0 fichier(s) 0 octets
      91 Rép(s) 25 517 887 488 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le numéro de série du volume est F852-3CA5

      Répertoire de C:\Program Files\fichiers communs

      29/01/2007 10:27 <REP> .
      29/01/2007 10:27 <REP> ..
      10/12/2006 08:29 <REP> Adobe
      29/01/2007 10:27 <REP> Agnitum Shared
      31/10/2006 06:14 <REP> Ahead
      21/05/2004 23:27 <REP> Designer
      03/01/2007 08:36 <REP> DriveCleaner 2006 Free
      17/11/2005 17:24 278 528 FDEUnInstaller.exe
      07/04/2004 03:05 <REP> FotoWire
      01/04/2006 09:40 <REP> InstallShield
      19/02/2005 08:02 <REP> InterVideo
      04/08/2004 20:25 <REP> Java
      27/10/2006 05:20 <REP> KAV Shared Files
      04/03/2006 09:13 <REP> L&H
      22/05/2004 11:24 <REP> Logitech
      20/12/2004 05:05 <REP> Macrovision Shared
      03/01/2007 07:53 <REP> Microsoft Shared
      07/04/2004 02:06 <REP> MSSoap
      07/04/2004 02:06 <REP> ODBC
      19/02/2005 13:11 <REP> Real
      03/01/2007 08:36 <REP> Softwin
      07/04/2004 02:06 <REP> SpeechEngines
      22/10/2006 16:25 <REP> Symantec Shared
      29/12/2006 08:18 <REP> System
      20/01/2007 11:23 <REP> Wise Installation Wizard
      08/04/2004 04:02 <REP> xing shared
      1 fichier(s) 278 528 octets
      25 Rép(s) 25 517 887 488 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le numéro de série du volume est F852-3CA5

      Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

      02/03/2006 08:46 <REP> .
      02/03/2006 08:46 <REP> ..
      22/02/2006 16:07 <REP> 1033
      02/03/2006 08:46 <REP> 1036
      11/07/2003 10:15 1 292 872 MSONSEXT.DLL
      13/02/2001 08:23 58 784 MSOSV.DLL
      03/06/1999 14:09 122 937 MSOWS409.DLL
      07/03/2001 09:00 127 033 MSOWS40c.DLL
      06/08/2000 08:04 401 462 MSVCP60.DLL
      29/01/2004 15:08 69 632 PKMAXCTL.DLL
      29/01/2004 15:08 868 352 PKMCDO.DLL
      29/01/2004 15:08 53 248 PKMCORE.DLL
      29/01/2004 15:08 102 400 PKMFORMS.DLL
      29/01/2004 15:38 634 880 PKMRES.DLL
      29/01/2004 15:08 28 672 PKMSSTLB.DLL
      22/01/2001 02:25 40 960 PKMTEMPL.DLL
      29/01/2004 15:08 24 576 PKMTRACE.DLL
      11/07/2003 02:25 80 448 PKMWS.DLL
      29/01/2004 15:08 237 568 PROMDEMO.DLL
      18/03/1999 04:37 593 977 RAGENT.DLL
      29/01/2004 15:08 184 320 SECMGR.DLL
      29/01/2004 15:08 315 392 VAIDDMGR.DLL
      29/01/2004 15:08 32 768 VAIMEM.DLL
      19 fichier(s) 5 270 281 octets
      4 Rép(s) 25 517 887 488 octets libres
      Le volume dans le lecteur C n'a pas de nom.
      Le numéro de série du volume est F852-3CA5

      Répertoire de C:\

      11/11/2001 00:00 68 096 diff.exe
      01/01/2007 13:58 35 113 704 directx_9c_redist.exe
      09/07/2004 04:08 472 576 dxsetup.exe
      27/08/2006 14:10 103 424 grep.exe
      15/04/2004 04:07 91 430 patch_lovsan.exe
      15/04/2004 04:05 1 292 576 WindowsXP-KB823980-x86-FRA.exe
      04/02/2003 20:30 73 728 XP_PageFileMon.exe
      7 fichier(s) 37 215 534 octets
      0 Rép(s) 25 517 883 392 octets libres
      c:\Documents and Settings\All Users.WINDOWS\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\CIP\oj-uninstall_v1.3fr.exe
      c:\Documents and Settings\All Users.WINDOWS\Application Data\GTek\GTUpdate\AUpdate\Channels\ch2\CIP\oj-uninstall_v1.3fr.exe
      c:\Documents and Settings\Default User\Application Data\Microsoft\Installer\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}\MnyIco.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\getMac.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\patch.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\tsc.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\dumphive.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\GenericRenosFix.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\Process.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\Reboot.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\restart.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\SmiUpdate.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\SrchSTS.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\swreg.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\swsc.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\swxcacls.exe
      c:\Documents and Settings\DIDIER\.housecall6.6\SmitfraudFix\unzip.exe
      c:\Documents and Settings\DIDIER\Application Data\ezpinst.exe
      c:\Documents and Settings\DIDIER\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
      c:\Documents and Settings\DIDIER\Application Data\Image Zone Express\HPSoftwareUpdate.exe
      c:\Documents and Settings\DIDIER\Bureau\OutpostProInstallFr.exe
      c:\Documents and Settings\DIDIER\Bureau\VundoFix.exe
      c:\Documents and Settings\DIDIER\Mes documents\ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe
      c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\divxplay.exe
      c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\googletoolbarinstaller.exe
      c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\vsorep.exe
      c:\Documents and Settings\DIDIER\Mes documents\dhelleboid\Lang\Language-pack 2\UNWISE.EXE
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\diff.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\FilesInfoCmd.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\Fport.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\grep.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\LFiles.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\LISTDLLS.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\pslist.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\streams.exe
      c:\Documents and Settings\DIDIER\Mes documents\DiagHelp\swreg.exe
      c:\Documents and Settings\DIDIER\Mes documents\Unzipped\wocar25\DISK1\_ISDEL.EXE
      c:\Documents and Settings\DIDIER\Mes documents\Unzipped\wocar25\DISK1\SETUP.EXE
      c:\Documents and Settings\DIDIER\Mes documents\Unzipped\wocar25\DISK1\UNINST.EXE
      c:\Documents and Settings\HELLEBOID\Application Data\Microsoft\Installer\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}\MnyIco.exe
      c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}\MnyIco.exe
      c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
      c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
      c:\Documents and Settings\DIDIER\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
      c:\Documents and Settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\8b7rwott.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
      c:\Documents and Settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\8b7rwott.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
      c:\Documents and Settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\8b7rwott.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
      c:\Documents and Settings\DIDIER\Application Data\OfficeUpdate12\oudetect.dll
      0
    2. zodiaque59 Messages postés 263 Statut Membre 3
       
      Chercheurbis ,
      Voici le rapport de WinPFind3

      WinPFind3 logfile created on: 07/02/2007 07:34:34
      WinPFind3U by OldTimer - Version 1.0.15 Folder = C:\Documents and Settings\DIDIER\Bureau\WinPFind3u\
      Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
      Internet Explorer (Version = 7.0.5730.11)

      1048052 Kb Total Physical Memory | 691356 Kb Available Physical Memory | 65,97% Memory free
      2521480 Kb Paging File | 2239676 Kb Available in Paging File | 88,82% Paging File free
      Paging file location(s): C:\pagefile.sys 1536 3072;

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
      Drive C: | 37246700 Kb Total Space | 24919000 Kb Free Space | 66,90% Space Free
      D: Drive not present or media not loaded
      E: Drive not present or media not loaded
      F: Drive not present or media not loaded


      [Processes - Non-Microsoft Only]
      amo_ta~1.exe -> %ProgramFiles%\Ashampoo\Ashampoo Magical Optimizer\AMO_Taskplaner.exe -> [Ver = | Size = 1244160 bytes | Modified Date = 05/05/2006 14:40:04 | Attr = ]
      ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 15/01/2007 18:28:58 | Attr = ]
      ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15/01/2007 18:28:32 | Attr = ]
      ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15/01/2007 18:28:52 | Attr = ]
      ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15/01/2007 18:27:52 | Attr = ]
      aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 05/08/2006 17:10:10 | Attr = ]
      cdac11ba.exe -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.020 | Size = 54784 bytes | Modified Date = 20/12/2004 05:05:16 | Attr = ]
      googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 01/02/2007 07:21:58 | Attr = ]
      guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 15:13:20 | Attr = ]
      lvcomsx.exe -> %System32%\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.7.1036 | Size = 221184 bytes | Modified Date = 19/07/2005 16:32:18 | Attr = ]
      nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      outpost.exe -> %ProgramFiles%\Agnitum\Outpost Firewall\outpost.exe -> Agnitum Ltd. [Ver = 4.0.591.7319 | Size = 94720 bytes | Modified Date = 19/01/2007 14:46:30 | Attr = ]
      slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Modified Date = 20/08/2004 00:10:02 | Attr = ]
      soundman.exe -> %SystemRoot%\soundman.exe -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 17/11/2006 05:42:52 | Attr = ]
      winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.15.0 | Size = 308736 bytes | Modified Date = 06/02/2007 09:57:26 | Attr = ]

      [Win32 Services - Non-Microsoft Only]
      (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [Ver = | Size = 59008 bytes | Modified Date = 05/08/2006 17:10:10 | Attr = ]
      (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15/01/2007 18:28:52 | Attr = ]
      (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15/01/2007 18:28:32 | Attr = ]
      (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15/01/2007 18:27:52 | Attr = ]
      (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 15:13:20 | Attr = ]
      (C-DillaCdaC11BA) C-DillaCdaC11BA [Win32_Own | Auto | Running] -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.020 | Size = 54784 bytes | Modified Date = 20/12/2004 05:05:16 | Attr = ]
      (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 20/08/2004 00:09:52 | Attr = ]
      (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 01/02/2007 07:21:54 | Attr = ]
      (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14/11/2005 00:06:04 | Attr = ]
      (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      (OutpostFirewall) Outpost Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Agnitum\Outpost Firewall\outpost.exe -> Agnitum Ltd. [Ver = 4.0.591.7319 | Size = 94720 bytes | Modified Date = 19/01/2007 14:46:30 | Attr = ]
      (SLService) SmartLinkService [Win32_Own | Auto | Running] -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Modified Date = 20/08/2004 00:10:02 | Attr = ]

      [Registry - Non-Microsoft Only]
      < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 15/01/2007 18:28:58 | Attr = ]
      LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.4.7.1034 | Size = 458752 bytes | Modified Date = 08/06/2005 15:24:32 | Attr = ]
      LVCOMSX -> %System32%\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.7.1036 | Size = 221184 bytes | Modified Date = 19/07/2005 16:32:18 | Attr = ]
      NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      Outpost Firewall -> %ProgramFiles%\Agnitum\Outpost Firewall\outpost.exe -> Agnitum Ltd. [Ver = 4.0.591.7319 | Size = 94720 bytes | Modified Date = 19/01/2007 14:46:30 | Attr = ]
      OutpostFeedBack -> %ProgramFiles%\Agnitum\Outpost Firewall\feedback.exe -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 335872 bytes | Modified Date = 23/01/2007 13:54:28 | Attr = ]
      SoundMan -> %SystemRoot%\soundman.exe -> Realtek Semiconductor Corp. [Ver = 5, 1, 0, 58 | Size = 577536 bytes | Modified Date = 17/11/2006 05:42:52 | Attr = ]
      < OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
      IMAIL -> Installed = 1 ->
      MAPI -> Installed = 1 ->
      MSFS -> Installed = 1 ->
      < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      Ashampoo Magical Optimizer Taskplaner -> %ProgramFiles%\Ashampoo\Ashampoo Magical Optimizer\AMO_Taskplaner.exe -> [Ver = | Size = 1244160 bytes | Modified Date = 05/05/2006 14:40:04 | Attr = ]
      < Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
      Skype -> Reg Data - Value does not exist -> File not found
      < Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command
      regfile [merge] -> Reg Data - Key not found ->
      scrfile [open] -> "%1" /S ->
      scrfile [config] -> %1 ->
      *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew\\Command ->
      NewLinkHere -> -> File not found
      %1 -> -> File not found
      *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bfc\ShellNew\\Command ->
      Briefcase_Create -> -> File not found
      %2!d! -> -> File not found
      %1 -> -> File not found
      < ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
      {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -> ->
      {22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> ->
      {2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ->
      {44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ->
      {44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ->
      {5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ->
      {6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub ->
      {73FA19D0-2D75-11D2-995D-00C04F98BBC9} -> ->
      {7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ->
      {89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll ->
      {89820200-ECBD-11cf-8B85-00AA005B4383} -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ->
      {89B4C1CD-B018-4511-B0A1-5476DBF70820} -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ->
      <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -> C:\WINDOWS\system32\ieudinit.exe
      >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP ->
      >{26923b43-4d38-484f-9b9e-de460746276c} -> C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ->
      >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ->
      >{E54A439F-A4B0-4526-A16B-B4E2ECE95B3D} -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ->
      < WOW Command Line [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW
      *wowcmdline* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW\\wowcmdline ->
      -a -> -> File not found
      < Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
      BootExecute -> autocheck autochk *; ->
      < SSODL [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
      {fbeb8a05-beee-4442-804e-409d6c4515e9} [HKLM] -> Reg Data - Key not found [CDBurn] -> File not found
      < ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
      {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28/09/2006 15:13:28 | Attr = ]
      < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
      < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
      *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
      Control_RunDLL -> -> File not found
      < Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
      < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> •
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
      -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
      < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
      0 -> [Key] ->
      0 -> FriendlyName = Ma page d'accueil ->
      0 -> Source = About:Home ->
      0 -> SubscribedURL = About:Home ->
      < HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
      < Internet Explorer Settings > ->
      HKLM: Default_Page_URL -> https://www.google.com/?gws_rd=ssl ->
      HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
      HKLM: Search Bar -> https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm ->
      HKLM: Start Page -> https://www.google.com/?gws_rd=ssl ->
      HKLM: CustomizeSearch -> https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm ->
      HKLM: Search\\Default_Search_URL -> http://www.google.com/toolbar/ie8/sidebar.html ->
      HKLM: SearchAssistant -> http://www.google.com/toolbar/ie8/sidebar.html ->
      HKCU: Search Bar -> http://www.google.com/toolbar/ie8/sidebar.html ->
      HKCU: Search Page -> https://www.google.com/?gws_rd=ssl ->
      HKCU: Start Page -> https://www.sfr.fr/offres-numericable.html ->
      HKCU: SearchAssistant -> http://www.google.com/toolbar/ie8/sidebar.html ->
      HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
      HKCU: ProxyEnable -> 0 ->
      < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
      msn.com [ - ] -> ->
      < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
      {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
      {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 31/05/2005 01:04:00 | Attr = ]
      {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09/11/2006 15:21:52 | Attr = ]
      {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
      < Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
      {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
      < Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
      {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
      {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
      < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
      {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
      {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
      < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
      ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
      WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]
      WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
      WebBrowser\\{4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
      WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ]
      < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
      {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8193 - Reg Data - Key not found ->
      {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} -> 8201 - Reg Data - Key not found ->
      {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> 8198 - Reg Data - Key not found ->
      {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} -> 8196 - Reg Data - Key not found ->
      {4528BBE0-4E08-11D5-AD55-00010333D0AD} -> 8194 - Reg Data - Key not found ->
      {85d1f590-48f4-11d9-9669-0800200c9a66} -> 8199 - Reg Data - Key not found ->
      {92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8197 - Reg Data - Key not found ->
      {e2e2dd38-d088-4134-82b7-f2ba38496583} -> 8200 - Reg Data - Key not found ->
      {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8195 - Reg Data - Key not found ->
      NextId -> 8202 ->
      < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
      {44627E97-789B-40d4-B5C2-58BD171129A1} -> Reg Data - Value does not exist [ButtonText: Réglage rapide de Outpost Firewall Pro] -> File not found
      < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
      E&xporter vers Microsoft Excel -> Reg Data - Value does not exist -> File not found
      < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
      {0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Barre des tâches et menu Démarrer] -> File not found
      {10F0C2A9-8E38-43E1-204D-45524C494E20} [HKLM] -> Reg Data - Key not found [Secure Delete] -> File not found
      {1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [nView Desktop Context Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      {26F05DD3-6EDC-48C8-B2D6-8754AB9B0F8B} [HKLM] -> Reg Data - Key not found [AntiSpywarePopMenu Shell Extension] -> File not found
      {2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD shell extension] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
      {2BB59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> Reg Data - Key not found [ImageResizer Shell Extension] -> File not found
      {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
      {400CFEE2-39D0-46DC-96DF-E0BB5A4324B3} [HKLM] -> %ProgramFiles%\Logitech\Video\Namespc2.dll [Mes photos Logitech] -> Logitech Inc. [Ver = 8.4.7.1034 | Size = 135168 bytes | Modified Date = 08/06/2005 15:25:52 | Attr = ]
      {42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> Reg Data - Key not found [Extension Affichage Panorama du Panneau de configuration] -> File not found
      {44440D00-FF19-4AFC-B765-9A0970567D97} [HKLM] -> %System32%\uxtuneup.dll [TuneUp Theme Extension] -> TuneUp Software GmbH [Ver = 1.0.0.2 | Size = 24072 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
      {472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15/01/2007 18:23:14 | Attr = ]
      {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} [HKLM] -> %ProgramFiles%\TuneUp Utilities 2007\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> TuneUp Software GmbH [Ver = 2.0.0.2 | Size = 25608 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
      {764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Extensions de l'environnement de compression de fichiers] -> File not found
      {7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Comptes d'utilisateurs] -> File not found
      {7F1CF152-04F8-453A-B34C-E609530A9DC8} [HKLM] -> Reg Data - Key not found [NeroDigitalPropSheetHandler] -> File not found
      {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Menu contextuel de cryptage] -> File not found
      {88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [Extension icône HyperTerminal] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 28/08/2001 13:00:00 | Attr = ]
      {A4DF5659-0801-4A60-9607-1C48695EFDA9} [HKLM] -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll [Dossier de téléchargement Share-to-Web ] -> Hewlett-Packard [Ver = 2,4,0,26 | Size = 131072 bytes | Modified Date = 03/07/2001 09:10:36 | Attr = ]
      {A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      {B327765E-D724-4347-8B16-78AE18552FC3} [HKLM] -> Reg Data - Key not found [NeroDigitalIconHandler] -> File not found
      {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
      {B446400D-0030-457b-8F64-422A19605186} [HKLM] -> %ProgramFiles%\Logitech\ImageStudio\NameSpc.dll [Logitech Gallery] -> Logitech Inc. [Ver = 7.2.0.1125 | Size = 53248 bytes | Modified Date = 11/09/2002 11:55:22 | Attr = ]
      {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2488 | Size = 54848 bytes | Modified Date = 22/01/2007 11:15:30 | Attr = ]
      {F5D92341-0A64-11D0-9956-0000E8096023} [HKLM] -> Reg Data - Key not found [CD Copy Shell Extension] -> File not found
      {F5D92342-0A64-11D0-9956-0000E8096023} [HKLM] -> Reg Data - Key not found [CD Wizard Shell Extension] -> File not found
      {F5D92344-0A64-11D0-9956-0000E8096023} [HKLM] -> Reg Data - Key not found [InstantWrite Shellextension] -> File not found
      {FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> %System32%\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
      {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} [HKLM] -> %ProgramFiles%\Agnitum\Outpost Firewall\op_shell.dll [ASW] -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 155648 bytes | Modified Date = 23/01/2007 13:51:18 | Attr = ]
      {472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15/01/2007 18:23:14 | Attr = ]
      {8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 06/10/2006 12:40:48 | Attr = ]
      {2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
      {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} [HKLM] -> %ProgramFiles%\TuneUp Utilities 2007\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> TuneUp Software GmbH [Ver = 2.0.0.2 | Size = 25608 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
      {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
      < ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
      {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} [HKLM] -> %ProgramFiles%\Agnitum\Outpost Firewall\op_shell.dll [ASW] -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 155648 bytes | Modified Date = 23/01/2007 13:51:18 | Attr = ]
      {8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 06/10/2006 12:40:48 | Attr = ]
      {2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
      {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} [HKLM] -> %ProgramFiles%\TuneUp Utilities 2007\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> TuneUp Software GmbH [Ver = 2.0.0.2 | Size = 25608 bytes | Modified Date = 17/01/2007 14:47:52 | Attr = ]
      {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
      < ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
      {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [00nView] -> [Ver = | Size = 466944 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      {A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 12:22:00 | Attr = ]
      < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
      {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} [HKLM] -> %ProgramFiles%\Agnitum\Outpost Firewall\op_shell.dll [ASW] -> Agnitum Ltd. [Ver = 4.0.1007.7323 | Size = 155648 bytes | Modified Date = 23/01/2007 13:51:18 | Attr = ]
      {472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15/01/2007 18:23:14 | Attr = ]
      {2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> %ProgramFiles%\VSO\copytodvd\CtcdShell.dll [CopyToCD] -> VSO Software [Ver = 4.0.1.49 | Size = 558080 bytes | Modified Date = 14/09/2006 13:14:54 | Attr = ]
      {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126464 bytes | Modified Date = 03/12/2006 14:53:06 | Attr = ]
      < ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
      {7D4D6379-F301-4311-BEBA-E26EB0561882} [HKLM] -> Reg Data - Key not found [NeroDigitalColumnHandler Class] -> File not found
      {F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 14/12/2004 02:20:02 | Attr = ]
      < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
      {11632C5A-03E2-4BDB-8730-E2857D90226A} -> () ->
      {86659E12-02FA-4542-84D0-4B2A81D7AB97} -> (802.11g USB 2.0 adapter) ->
      {9299F62C-E668-4C58-A69B-FF6EEA22D90A} -> (Inventel Gateway) ->
      {B8C458FF-45F5-4CBF-8121-EB503FF6F4EC} -> (Carte réseau Fast Ethernet PCI Realtek RTL8139 Family) ->
      < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
      ipp -> Reg Data - Key not found -> File not found
      msdaipp -> Reg Data - Key not found -> File not found
      ms-itss -> Reg Data - Key not found -> File not found
      < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
      {02BCC737-B171-4746-94C9-0D8A0B2C0089} -> - CodeBase = https://templates.office.com/?legRedir=true&CorrelationId=f61ec0eb-a945-4805-b3e3-720355ebd416 ->
      {0742B9EF-8C83-41CA-BFBA-830A59E23533} -> Microsoft Data Collection Control - CodeBase = https://support.serviceshub.microsoft.com/supportforbusiness/create ->
      {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} -> Creative Software AutoUpdate - CodeBase = http://www.creative.com/su/ocx/15026/CTSUEng.cab ->
      {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr ->
      {17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab ->
      {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -> YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll ->
      {33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB ->
      {33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab ->
      {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab ->
      {406B5949-7190-4245-91A9-30A17DE16AD0} -> Snapfish Activia - CodeBase = http://www3.snapfish.fr/SnapfishActivia.cab ->
      {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://www.bitdefender.fr/scan8/oscan8.cab ->
      {6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/... ->
      {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -> HardwareDetection Control - CodeBase = http://charon777.free.fr/plugins/hardwaredetection.cab ->
      {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
      {9F1C11AA-197B-4942-BA54-47A8489BB47F} -> Update Class - CodeBase = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38967.1385069444 ->
      {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc4.cab ->
      {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_05 - CodeBase = https://www.oracle.com/java/technologies/ ->
      {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
      {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
      {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ->
      {F6ACF75C-C32C-447B-9BEF-46B766368D29} -> Creative Software AutoUpdate Support Package - CodeBase = http://www.creative.com/su/ocx/15028/CTPID.cab ->
      Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->

      [Files - Created Within 30 days]
      diff.exe -> %SystemDrive%\diff.exe -> [Ver = | Size = 68096 bytes | Created Date = 07/02/2007 07:11:13 | Attr = ]
      grep.exe -> %SystemDrive%\grep.exe -> [Ver = | Size = 103424 bytes | Created Date = 07/02/2007 07:11:13 | Attr = ]
      reboot.cmd -> %SystemDrive%\reboot.cmd -> [Ver = | Size = 853 bytes | Created Date = 07/02/2007 07:11:13 | Attr = ]
      IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 3175896 bytes | Created Date = 22/01/2007 16:50:46 | Attr = H ]
      Maintenance en 1 clic.lnk -> %AllUsersDesktop%\Maintenance en 1 clic.lnk -> [Ver = | Size = 968 bytes | Created Date = 20/01/2007 11:24:47 | Attr = ]
      RealPlayer.lnk -> %AllUsersDesktop%\RealPlayer.lnk -> [Ver = | Size = 951 bytes | Created Date = 22/01/2007 11:16:12 | Attr = ]
      TuneUp Utilities 2007.lnk -> %AllUsersDesktop%\TuneUp Utilities 2007.lnk -> [Ver = | Size = 837 bytes | Created Date = 20/01/2007 11:24:47 | Attr = ]
      01_Music_auto_rated_at_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\01_Music_auto_rated_at_5_stars.wpl -> [Ver = | Size = 1065 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      02_Music_added_in_the_last_month.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\02_Music_added_in_the_last_month.wpl -> [Ver = | Size = 1282 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      03_Music_rated_at_4_or_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\03_Music_rated_at_4_or_5_stars.wpl -> [Ver = | Size = 1278 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      04_Music_played_in_the_last_month.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\04_Music_played_in_the_last_month.wpl -> [Ver = | Size = 1287 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      05_Pictures_taken_in_the_last_month.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\05_Pictures_taken_in_the_last_month.wpl -> [Ver = | Size = 794 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      06_Pictures_rated_4_or_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\06_Pictures_rated_4_or_5_stars.wpl -> [Ver = | Size = 795 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      07_TV_recorded_in_the_last_week.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\07_TV_recorded_in_the_last_week.wpl -> [Ver = | Size = 1058 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      08_Video_rated_at_4_or_5_stars.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\08_Video_rated_at_4_or_5_stars.wpl -> [Ver = | Size = 1030 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      09_Music_played_the_most.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\09_Music_played_the_most.wpl -> [Ver = | Size = 1029 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      10_All_Music.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\10_All_Music.wpl -> [Ver = | Size = 1070 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      11_All_Pictures.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\11_All_Pictures.wpl -> [Ver = | Size = 590 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      12_All_Video.wpl -> %AllUsersDocuments%\Ma musique\Sync Playlists\00206AA6\12_All_Video.wpl -> [Ver = | Size = 1088 bytes | Created Date = 21/01/2007 11:33:18 | Attr = ]
      Ashampoo Magical Optimizer.lnk -> %UserDesktop%\Ashampoo Magical Optimizer.lnk -> [Ver = | Size = 1850 bytes | Created Date = 26/01/2007 11:41:53 | Attr = ]
      EasyCleaner.lnk -> %UserDesktop%\EasyCleaner.lnk -> [Ver = | Size = 561 bytes | Created Date = 06/02/2007 07:23:21 | Attr = ]
      eMule.lnk -> %UserDesktop%\eMule.lnk -> [Ver = | Size = 670 bytes | Created Date = 31/01/2007 12:00:19 | Attr = ]
      One-Click-Optimization.lnk -> %UserDesktop%\One-Click-Optimization.lnk -> [Ver = | Size = 1862 bytes | Created Date = 26/01/2007 11:41:53 | Attr = ]
      OutpostProInstallFr.exe -> %UserDesktop%\OutpostProInstallFr.exe -> Agnitum, Ltd. [Ver = 4.0.1007.591 | Size = 13759800 bytes | Created Date = 29/01/2007 10:26:27 | Attr = ]
      Suppress plus.lnk -> %UserDesktop%\Suppress plus.lnk -> [Ver = | Size = 638 bytes | Created Date = 04/02/2007 10:47:54 | Attr = ]
      VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.03.0005 | Size = 90112 bytes | Created Date = 05/02/2007 17:32:34 | Attr = ]
      WinPFind3U.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.15.0 | Size = 308736 bytes | Created Date = 07/02/2007 07:30:04 | Attr = ]
      desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
      index.dat -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat -> [Ver = | Size = 16384 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
      index.dat -> %UserDesktop%\%USERPROFILE%\Local Settings\Historique\History.IE5\MSHist012007011820070119\index.dat -> [Ver = | Size = 32768 bytes | Created Date = 18/01/2007 14:12:25 | Attr = HS]
      desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\1S8P5H0E\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
      desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\4WBFEOP3\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
      desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\7MX5T5E8\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
      desktop.ini -> %UserDesktop%\%USERPROFILE%\Local Settings\Application Data\Microsoft\Feeds Cache\ZOKYHDRV\desktop.ini -> [Ver = | Size = 67 bytes | Created Date = 18/01/2007 14:12:22 | Attr = HS]
      3-ReglInterSECTION (1).doc -> %UserDocuments%\3-ReglInterSECTION (1).doc -> [Ver = | Size = 57344 bytes | Created Date = 09/01/2007 10:54:08 | Attr = ]
      @Alternate Data Stream - 26 bytes -> %UserDocuments%\3-ReglInterSECTION (1).doc:Zone.Identifier ->
      affilASB-sect- -1-.doc -> %UserDocuments%\affilASB-sect- -1-.doc -> [Ver = | Size = 75776 bytes | Created Date = 09/01/2007 10:53:55 | Attr = ]
      @Alternate Data Stream - 26 bytes -> %UserDocuments%\affilASB-sect- -1-.doc:Zone.Identifier ->
      Championnats et Concours 2007.xls -> %UserDocuments%\Championnats et Concours 2007.xls -> [Ver = | Size = 20992 bytes | Created Date = 23/01/2007 12:47:27 | Attr = ]
      couv%20recto%202006.pdf -> %UserDocuments%\couv%20recto%202006.pdf -> [Ver = | Size = 850431 bytes | Created Date = 05/02/2007 11:04:59 | Attr = ]
      memtest86-3.2.iso -> %UserDocuments%\memtest86-3.2.iso -> [Ver = | Size = 1837056 bytes | Created Date = 30/01/2007 12:15:10 | Attr = ]
      Rapport scan Kaspersky.html -> %UserDocuments%\Rapport scan Kaspersky.html -> [Ver = | Size = 42270 bytes | Created Date = 06/02/2007 11:58:58 | Attr = ]
      RS2006_Chap%20V_p20.pdf -> %UserDocuments%\RS2006_Chap%20V_p20.pdf -> [Ver = | Size = 270400 bytes | Created Date = 05/02/2007 11:13:52 | Attr = ]
      Scan Bitdefender.html -> %UserDocuments%\Scan Bitdefender.html -> [Ver = | Size = 23924 bytes | Created Date = 05/02/2007 11:42:37 | Attr = ]
      Tampon.doc -> %UserDocuments%\Tampon.doc -> [Ver = | Size = 24064 bytes | Created Date = 19/01/2007 14:37:41 | Attr = ]
      ubcd34-full.iso -> %UserDocuments%\ubcd34-full.iso -> [Ver = | Size = 134217728 bytes | Created Date = 04/02/2007 17:33:04 | Attr = ]
      ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe -> %UserDocuments%\ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe -> Igor Pavlov [Ver = 4, 23, 0, 0 | Size = 154825570 bytes | Created Date = 04/02/2007 17:31:16 | Attr = ]
      @Alternate Data Stream - 26 bytes -> %UserDocuments%\ultimate-boot-cd_ultimate_boot_cd_3.4_anglais_11951.exe:Zone.Identifier ->
      chercher.cmd -> %UserDocuments%\DiagHelp\chercher.cmd -> [Ver = | Size = 45920 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
      diff.exe -> %UserDocuments%\DiagHelp\diff.exe -> [Ver = | Size = 68096 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
      FilesInfoCmd.exe -> %UserDocuments%\DiagHelp\FilesInfoCmd.exe -> Sebdraluorg [Ver = 1.00.0055 | Size = 32768 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
      Fport.exe -> %UserDocuments%\DiagHelp\Fport.exe -> [Ver = | Size = 114688 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
      go.cmd -> %UserDocuments%\DiagHelp\go.cmd -> [Ver = | Size = 926 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      grep.exe -> %UserDocuments%\DiagHelp\grep.exe -> [Ver = | Size = 103424 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      help.cmd -> %UserDocuments%\DiagHelp\help.cmd -> [Ver = | Size = 1870 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      LFiles.exe -> %UserDocuments%\DiagHelp\LFiles.exe -> Sebdraluorg [Ver = 1.00 | Size = 28672 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
      LISTDLLS.exe -> %UserDocuments%\DiagHelp\LISTDLLS.exe -> Sysinternals [Ver = 2.25 | Size = 65536 bytes | Created Date = 07/02/2007 07:00:17 | Attr = ]
      pslist.exe -> %UserDocuments%\DiagHelp\pslist.exe -> Sysinternals [Ver = 1.27 | Size = 86016 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      reboot.cmd -> %UserDocuments%\DiagHelp\reboot.cmd -> [Ver = | Size = 853 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      streams.exe -> %UserDocuments%\DiagHelp\streams.exe -> Sysinternals [Ver = 1.53 | Size = 36864 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      swreg.exe -> %UserDocuments%\DiagHelp\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      tmp.hiv -> %UserDocuments%\DiagHelp\tmp.hiv -> [Ver = | Size = 8192 bytes | Created Date = 07/02/2007 07:00:18 | Attr = ]
      ''Titanic'' Celine Dion - My Heart Will Go On(1).mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\''Titanic'' Celine Dion - My Heart Will Go On(1).mp3 -> [Ver = | Size = 5648408 bytes | Created Date = 02/02/2007 13:49:06 | Attr = ]
      ''Titanic'' Celine Dion - My Heart Will Go On.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\''Titanic'' Celine Dion - My Heart Will Go On.mp3 -> [Ver = | Size = 5652504 bytes | Created Date = 02/02/2007 13:49:08 | Attr = ]
      22-Celine Dion & Barbara Streisand - Tell Him.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\22-Celine Dion & Barbara Streisand - Tell Him.mp3 -> [Ver = | Size = 4634954 bytes | Created Date = 02/02/2007 13:49:11 | Attr = ]
      Celine Dion & Il Divo - I Believe In You.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion & Il Divo - I Believe In You.mp3 -> [Ver = | Size = 5357696 bytes | Created Date = 02/02/2007 13:50:21 | Attr = ]
      Celine Dion & R Kelly - I Believe I Can Fly.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion & R Kelly - I Believe I Can Fly.mp3 -> [Ver = | Size = 5153694 bytes | Created Date = 02/02/2007 13:50:24 | Attr = ]
      Celine Dion - A New Day Has Come.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - A New Day Has Come.mp3 -> [Ver = | Size = 6235034 bytes | Created Date = 02/02/2007 13:50:27 | Attr = ]
      Celine Dion - All By Myself.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - All By Myself.mp3 -> [Ver = | Size = 4995242 bytes | Created Date = 02/02/2007 13:50:32 | Attr = ]
      Celine Dion - Because You Loved Me.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - Because You Loved Me.mp3 -> [Ver = | Size = 4421923 bytes | Created Date = 02/02/2007 13:50:35 | Attr = ]
      Celine Dion - My heart will go on (Titanic).mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - My heart will go on (Titanic).mp3 -> [Ver = | Size = 4457997 bytes | Created Date = 02/02/2007 13:50:38 | Attr = ]
      Celine Dion - Titanic (techno remix).mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dion - Titanic (techno remix).mp3 -> [Ver = | Size = 4233526 bytes | Created Date = 02/02/2007 13:50:41 | Attr = ]
      Celine Dione - Power of Love.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Celine Dione - Power of Love.mp3 -> [Ver = | Size = 5503730 bytes | Created Date = 02/02/2007 13:50:44 | Attr = ]
      COMPILATION- 33 - ALBUM - The Best of - Dance Mix 2000 - Whitney Houston - Madonna - Celine Dion.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\COMPILATION- 33 - ALBUM - The Best of - Dance Mix 2000 - Whitney Houston - Madonna - Celine Dion.mp3 -> [Ver = | Size = 115485970 bytes | Created Date = 02/02/2007 13:49:16 | Attr = ]
      COUP DE BOULE - Zidane il a taper.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\COUP DE BOULE - Zidane il a taper.mp3 -> [Ver = | Size = 5233165 bytes | Created Date = 02/02/2007 13:50:18 | Attr = ]
      Franklin Aretha , Celine Dion, Mariah Carey, Shania Twain & Gloria Estefan - You Make Me Feel Lik.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Franklin Aretha , Celine Dion, Mariah Carey, Shania Twain & Gloria Estefan - You Make Me Feel Lik.mp3 -> [Ver = | Size = 6289536 bytes | Created Date = 02/02/2007 13:50:47 | Attr = ]
      Garou & Céline Dion - Sous Le Vent.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Garou & Céline Dion - Sous Le Vent.mp3 -> [Ver = | Size = 5327073 bytes | Created Date = 02/02/2007 13:50:50 | Attr = ]
      Mariah Carey & Celine Dion - I Still Believe.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Mariah Carey & Celine Dion - I Still Believe.mp3 -> [Ver = | Size = 3309583 bytes | Created Date = 02/02/2007 13:50:53 | Attr = ]
      Mariah Carey - Michael Jackson, Beyonce Knowles, Celine Dion & Friends - What More Can I Give.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Mariah Carey - Michael Jackson, Beyonce Knowles, Celine Dion & Friends - What More Can I Give.mp3 -> [Ver = | Size = 4964480 bytes | Created Date = 02/02/2007 13:50:55 | Attr = ]
      Woman in love-Celine Dion & Bee Gees & Barbara Streisand.mp3 -> %UserDocuments%\CD2WAV\Musique Didier\Mon disque (D)\Woman in love-Celine Dion & Bee Gees & Barbara Streisand.mp3 -> [Ver = | Size = 5961996 bytes | Created Date = 02/02/2007 13:50:57 | Attr = ]
      Picasa.ini -> %UserDocuments%\Mes images\Bateme Lana\Bateme Lana 1\Picasa.ini -> [Ver = | Size = 120 bytes | Created Date = 18/01/2007 13:20:56 | Attr = H ]
      WISC8BB491212D942AEB571E580D8CD1B5B_6_0_1256.MSI -> %CommonProgramFiles%\Wise Installation Wizard\WISC8BB491212D942AEB571E580D8CD1B5B_6_0_1256.MSI -> [Ver = | Size = 8094208 bytes | Created Date = 20/01/2007 11:21:35 | Attr = ]
      aupdate.0 -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdate.0 -> [Ver = | Size = 6146 bytes | Created Date = 29/01/2007 11:50:31 | Attr = ]
      aupdate.dll -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdate.dll -> Agnitum Ltd. [Ver = 4.0.1005.7229 | Size = 1564672 bytes | Created Date = 29/01/2007 10:27:47 | Attr = ]
      aupdate.fr -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdate.fr -> [Ver = | Size = 58122 bytes | Created Date = 29/01/2007 10:27:38 | Attr = ]
      aupdrun.exe -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdrun.exe -> Agnitum Ltd. [Ver = 4.0.1005.7229 | Size = 557056 bytes | Created Date = 29/01/2007 10:27:48 | Attr = ]
      aupdrun.ini -> %CommonProgramFiles%\Agnitum Shared\aupdate\aupdrun.ini -> [Ver = | Size = 188 bytes | Created Date = 29/01/2007 11:50:57 | Attr = ]
      profiler.0 -> %CommonProgramFiles%\Agnitum Shared\aupdate\profiler.0 -> [Ver = | Size = 512 bytes | Created Date = 29/01/2007 11:50:43 | Attr = ]
      rc_macro.lst -> %CommonProgramFiles%\Agnitum Shared\aupdate\rc_macro.lst -> [Ver = | Size = 26920 bytes | Created Date = 29/01/2007 10:27:48 | Attr = ]
      update.ini -> %CommonProgramFiles%\Agnitum Shared\aupdate\update.ini -> [Ver = | Size = 767 bytes | Created Date = 29/01/2007 10:27:49 | Attr = ]
      zlib.dll -> %CommonProgramFiles%\Agnitum Shared\aupdate\zlib.dll -> [Ver = 1.2.3 | Size = 192512 bytes | Created Date = 29/01/2007 10:27:48 | Attr = ]
      devices.ini -> %CommonProgramFiles%\Real\Common\devices.ini -> [Ver = | Size = 2534 bytes | Created Date = 22/01/2007 11:16:28 | Attr = ]
      gdsapi.dll -> %CommonProgramFiles%\Real\GToolbar\gdsapi.dll -> [Ver = | Size = 4096 bytes | Created Date = 22/01/2007 11:16:07 | Attr = ]
      GDSSetup.exe -> %CommonProgramFiles%\Real\GToolbar\GDSSetup.exe -> [Ver = | Size = 756328 bytes | Created Date = 22/01/2007 11:16:07 | Attr = ]
      GoogleToolbarInstaller.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller.exe -> Google [Ver = 3, 0, 131, 0 | Size = 623632 bytes | Created Date = 22/01/2007 11:16:05 | Attr = ]
      GoogleToolbarInstaller98.exe -> %CommonProgramFiles%\Real\GToolbar\GoogleToolbarInstaller98.exe -> Google [Ver = 3, 0, 131, 0 | Size = 772112 bytes | Created Date = 22/01/2007 11:16:06 | Attr = ]
      presets.213.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\presets.213.zip -> [Ver = | Size = 181405 bytes | Created Date = 06/02/2007 13:49:50 | Attr = ]
      pr_script.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\pr_script.zip -> [Ver = | Size = 239 bytes | Created Date = 29/01/2007 11:50:55 | Attr = ]
      spy6_inc.580.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\spy6_inc.580.zip -> [Ver = | Size = 9933 bytes | Created Date = 06/02/2007 13:49:52 | Attr = ]
      spyware6_inc.zip -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\spyware6_inc.zip -> [Ver = | Size = 240 bytes | Created Date = 06/02/2007 13:49:53 | Attr = ]
      update2.aus -> %CommonProgramFiles%\Agnitum Shared\aupdate\Downloaded Files\update2.aus -> [Ver = | Size = 6429 bytes | Created Date = 29/01/2007 11:50:32 | Attr = ]
      iKernel.rgs -> %CommonProgramFiles%\InstallShield\Professional\RunTime\iKernel.rgs -> [Ver = | Size = 32335 bytes | Created Date = 17/01/2007 14:45:47 | Attr = ]
      msgdata.js -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgdata.js -> [Ver = | Size = 1137 bytes | Created Date = 22/01/2007 11:15:11 | Attr = ]
      msgStyle.css -> %CommonProgramFiles%\Real\Update_OB\UI\loc\msgStyle.css -> [Ver = | Size = 991 bytes | Created Date = 22/01/2007 11:15:11 | Attr = ]
      ctor.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 69715 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
      DotNetInstaller.exe -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe -> InstallShield Software Corporation [Ver = 10.1.0.238 | Size = 5632 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
      iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 180356 bytes | Created Date = 06/02/2007 07:20:31 | Attr = ]
      iKernel.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 733184 bytes | Created Date = 06/02/2007 07:20:37 | Attr = ]
      iscript.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 266240 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
      iuser.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 172032 bytes | Created Date = 06/02/2007 07:20:38 | Attr = ]
      setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 303236 bytes | Created Date = 06/02/2007 07:20:30 | Attr = ]
      ctor.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 69715 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
      DotNetInstaller.exe -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe -> InstallShield Software Corporation [Ver = 11.50.0.42618 | Size = 5632 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
      iGdi.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll -> Macrovision Corporation [Ver = 11.50.42618 | Size = 200836 bytes | Created Date = 30/01/2007 13:03:27 | Attr = ]
      iKernel.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 757760 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
      iscript.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 274432 bytes | Created Date = 30/01/2007 13:03:36 | Attr = ]
      iuser.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll -> Macrovision Corporation [Ver = 11.50.43969 | Size = 204800 bytes | Created Date = 30/01/2007 13:03:37 | Attr = ]
      setup.dll -> %CommonProgramFiles%\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll -> Macrovision Corporation [Ver = 11.50.42618 | Size = 331908 bytes | Created Date = 30/01/2007 13:03:26 | Attr = ]
      SiSAudioRack.ini -> %SystemRoot%\SiSAudioRack.ini -> [Ver = | Size = 52 bytes | Created Date = 18/01/2007 10:41:19 | Attr = ]
      transp.gif -> %SystemRoot%\transp.gif -> [Ver = | Size = 49 bytes | Created Date = 29/01/2007 11:04:17 | Attr = ]
      Advanced.tvp -> %System32%\Advanced.tvp -> [Ver = | Size = 13852 bytes | Created Date = 03/02/2007 16:17:35 | Attr = ]
      alsndmgr.cpl -> %System32%\alsndmgr.cpl -> Realtek Semiconductor Corp. [Ver = 2, 2, 0, 73 | Size = 18804736 bytes | Created Date = 30/01/2007 13:04:05 | Attr = ]
      alsndmgr.wav -> %System32%\alsndmgr.wav -> [Ver = | Size = 141016 bytes | Created Date = 30/01/2007 13:04:09 | Attr = ]
      CAD.tvp -> %System32%\CAD.tvp -> [Ver = | Size = 11556 bytes | Created Date = 03/02/2007 16:17:27 | Attr = ]
      ChCfg.exe -> %System32%\ChCfg.exe -> [Ver = | Size = 49152 bytes | Created Date = 30/01/2007 13:05:27 | Attr = ]
      d3d8caps.dat -> %System32%\d3d8caps.dat -> [Ver = | Size = 552 bytes | Created Date = 02/02/2007 17:23:06 | Attr = ]
      DCC.tvp -> %System32%\DCC.tvp -> [Ver = | Size = 12854 bytes | Created Date = 03/02/2007 16:17:27 | Attr = ]
      DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 635486 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
      DivXCodecUpdateChecker.exe -> %System32%\DivXCodecUpdateChecker.exe -> DivX, Inc. [Ver = 6, 2, 5, 7 | Size = 118784 bytes | Created Date = 12/01/2007 02:19:44 | Attr = ]
      divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.2.5.34 | Size = 704512 bytes | Created Date = 13/01/2007 02:03:18 | Attr = ]
      DivXMedia.ax -> %System32%\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Created Date = 13/01/2007 02:03:16 | Attr = ]
      DivXsm.exe -> %System32%\DivXsm.exe -> [Ver = | Size = 520192 bytes | Created Date = 13/01/2007 02:08:31 | Attr = ]
      divxsm.tlb -> %System32%\divxsm.tlb -> [Ver = | Size = 4276 bytes | Created Date = 13/01/2007 02:08:31 | Attr = ]
      DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Created Date = 12/01/2007 02:19:45 | Attr = ]
      divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 806912 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
      divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 806912 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
      divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 790528 bytes | Created Date = 13/01/2007 02:03:26 | Attr = ]
      dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 13/01/2007 02:03:29 | Attr = ]
      dpufr.qm -> %System32%\dpufr.qm -> [Ver = | Size = 8835 bytes | Created Date = 12/01/2007 02:19:24 | Attr = ]
      dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 13/01/2007 02:03:30 | Attr = ]
      dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 13/01/2007 02:03:29 | Attr = ]
      dsm_
      0
  8. Utilisateur anonyme
     
    Bonjour

    Un dossier infectieux visible.

    Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
    Les manipulations sont à faire sans interruption et dans l'ordre.
    Si tu ne comprends pas quelque chose, demande des explications avant de commencer.


    $$ Télécharge Brute Force Uninstaller (de Merijn)
    http://www.merijn.org/files/bfu.zip
    Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

    $$ FAIS UN CLIC-DROIT sur le lien suivant
    http://metallica.geekstogo.com/EGDACCESS.bfu
    et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

    $$ FAIS UN CLIC-DROIT sur le lien suivant
    http://perso.numericable.fr/~altshift/Info/Fichiers/Winsoftware.bfu
    et choisis "Enregistrer la cible sous..." afin de télécharger Winsoftware.bfu (de Lazzzy). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir trois fichiers dans le dossier C:\BFU : Winsoftware.bfu, EGDACCESS.bfu et BFU.exe (très important).

    $$ Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

    $$ Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

    --- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

    EGDACCESS.bfu

    Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
    Clique sur Execute et laisse-le faire son travail.
    Attendre que Complete script execution apparaîsse et clique sur OK.

    ---Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

    Winsoftware.bfu

    Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Winsoftware.bfu
    Clique sur Execute et laisse-le faire son travail.
    Attendre que Complete script execution apparaîsse et clique sur OK.

    Clique Exit pour fermer le programme BFU.

    $$ Redémarre normalement

    $$ Télécharge Combofix.exe (par sUBs) sur ton Bureau
    http://download.bleepingcomputer.com/sUBs/combofix.exe

    Double clique combofix.exe et suis les invites.
    Lorsque le scan sera complété, un rapport apparaîtra.

    Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis et le rapport situé ici C:\egd.txt
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      Salut,
      Je pense avoir compris ce que tu me dit de faire donc d'aprés toi le probleme viendrais de la.
      Je vais devoir changer de clavier car la j'en est un sans fil et les manipulations a faire ne fonctionne pas avec, peut tu me dire a quoi cela consiste ce que tu me fait faire, s'est grave le fichier infecter ?
      D'apres toi faut t-il que je pense serieusement a devoir quand meme etre obliger de formater mon pc pour que tout redevienne normal, comme tu a pus le voir je ne voudrait pas en passer par la mais si je peut pas faire autremement il faudrat que je me resigne.
      Quand pense tu.
      Merci de me repondre avant que je lance le programme.
      0
  9. Utilisateur anonyme
     
    Re

    Voilà le dossier infectieux
    DriveCleaner 2006 Free 

    il est rarement seul.
    Avec les scans demandés, cela permettra de faire du ménage.

    Ensuite, on verra en fonction des résultats.
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      Bonjour Chercheurbis,

      Desollé pour hier petit probleme perso.
      Voici les rapport que tu ma demandé aprés avoir fait les manipulations que tu ma dit de faire:

      "DIDIER" - 07-02-09 8:01:53 Service Pack 2
      ComboFix 07-02-07 - Running from: "C:\Documents and Settings\DIDIER\Bureau"

      ((((((((((((((((((((((((((((((( Files Created from 2007-01-09 to 2007-02-09 ))))))))))))))))))))))))))))))))))


      2007-02-09 07:50 <REP> d-------- C:\WINDOWS\system32\bfubackups
      2007-02-07 07:11 853 --a------ C:\reboot.cmd
      2007-02-07 07:11 68,096 --a------ C:\diff.exe
      2007-02-07 07:11 103,424 --a------ C:\grep.exe
      2007-02-06 13:33 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
      2007-02-06 08:49 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
      2007-02-06 08:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1.WIN\Application Data\Yahoo! Companion
      2007-02-06 07:21 <REP> d-------- C:\Program Files\ToniArts
      2007-02-04 11:28 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\Uniblue
      2007-02-04 10:47 <REP> d-------- C:\Program Files\splus
      2007-02-03 16:17 24,576 --a------ C:\WINDOWS\system32\INFSETUP.exe
      2007-02-03 16:17 23,326 --a------ C:\WINDOWS\system32\drivers\aliagp.sys
      2007-02-03 16:17 <REP> d-------- C:\WINDOWS\system32\WinFast
      2007-02-03 11:17 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
      2007-02-03 11:17 <REP> d-------- C:\WINDOWS\nview
      2007-02-03 11:16 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
      2007-02-03 05:39 679,936 --------- C:\WINDOWS\system32\WINFOXUT.dll
      2007-02-03 05:39 13,564 --a------ C:\WINDOWS\system32\drivers\wfsys.sys
      2007-02-03 05:39 <REP> d-------- C:\WINDOWS\system32\WinFox
      2007-02-02 17:23 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
      2007-01-31 13:05 <REP> d-------- C:\Program Files\Multi_Media_France
      2007-01-30 13:05 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
      2007-01-30 13:04 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
      2007-01-30 13:04 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
      2007-01-30 13:04 <REP> d-------- C:\Program Files\Realtek AC97
      2007-01-29 11:35 <REP> d-------- C:\DOCUME~1\DIDIER\.housecall6.6
      2007-01-29 10:27 <REP> d-------- C:\Program Files\Fichiers communs\Agnitum Shared
      2007-01-29 10:27 <REP> d-------- C:\Program Files\Agnitum
      2007-01-29 09:41 <REP> d-------- C:\Program Files\3B Software
      2007-01-26 11:41 <REP> d-------- C:\Program Files\Ashampoo
      2007-01-24 06:52 <REP> d-------- C:\Program Files\Ultimate Cleaner
      2007-01-24 06:52 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\Ultimate Cleaner
      2007-01-23 09:13 <REP> d-------- C:\Program Files\hugin
      2007-01-23 08:50 <REP> d-------- C:\Program Files\AIDA32 - Enterprise System Information
      2007-01-21 14:17 <REP> d-------- C:\WINDOWS\NV34001996.TMP
      2007-01-20 16:14 145,864 --a------ C:\WINDOWS\system32\tmpwisc2.exe
      2007-01-20 11:24 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
      2007-01-20 11:24 <REP> d-------- C:\Program Files\TuneUp Utilities 2007
      2007-01-17 14:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1.WIN\Application Data\NVIDIA
      2007-01-17 14:45 <REP> d-------- C:\NVIDIA
      2007-01-17 13:59 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\DivX
      2007-01-14 16:16 <REP> d-------- C:\WINDOWS\ie7updates
      2007-01-13 02:08 520,192 --a------ C:\WINDOWS\system32\DivXsm.exe
      2007-01-13 02:03 806,912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
      2007-01-13 02:03 806,912 --a------ C:\WINDOWS\system32\divx_xx07.dll
      2007-01-13 02:03 790,528 --a------ C:\WINDOWS\system32\divx_xx11.dll
      2007-01-13 02:03 635,486 --a------ C:\WINDOWS\system32\DivX.dll
      2007-01-13 02:03 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
      2007-01-13 02:03 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
      2007-01-13 02:03 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
      2007-01-13 02:03 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
      2007-01-12 02:19 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
      2007-01-12 02:19 118,784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
      2007-01-09 16:48 <REP> d-------- C:\DOCUME~1\DIDIER\Application Data\Snapfish


      (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


      2007-02-09 05:55 -------- d-------- C:\Program Files\mozilla firefox
      2007-02-08 14:49 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\vso
      2007-02-08 12:10 -------- d-------- C:\Program Files\emule
      2007-02-08 08:14 -------- d-------- C:\Program Files\enveloppeseditor1.08
      2007-02-06 12:23 -------- d-------- C:\Program Files\hijackthis version fran‡aise
      2007-02-06 07:21 -------- d--h----- C:\Program Files\installshield installation information
      2007-02-05 14:08 -------- d-------- C:\Program Files\a-squared free
      2007-02-04 17:01 -------- d-------- C:\Program Files\yahoo!
      2007-02-03 15:31 -------- d-------- C:\Program Files\java
      2007-02-03 15:23 -------- d-------- C:\Program Files\divx
      2007-02-03 07:59 -------- d-------- C:\Program Files\fonesync
      2007-02-02 07:11 -------- d-------- C:\Program Files\google
      2007-01-30 13:07 -------- d-------- C:\Program Files\hardwaredetection
      2007-01-29 15:24 2854 --a------ C:\WINDOWS\system32\tmp.reg
      2007-01-29 07:35 178001 --a------ C:\WINDOWS\system32\tmpwisc3.exe
      2007-01-24 06:52 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\dvdcss
      2007-01-23 06:44 -------- d-------- C:\Program Files\microsoft picture it! photopub
      2007-01-21 07:49 198184 --a------ C:\WINDOWS\system32\tmpwisc1.exe
      2007-01-20 11:23 -------- d-------- C:\Program Files\tuneup utilities 2006
      2007-01-20 11:23 -------- d-------- C:\Program Files\Fichiers communs\wise installation wizard
      2007-01-15 18:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe
      2007-01-15 18:26 23352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
      2007-01-15 18:25 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
      2007-01-15 18:23 90112 --a------ C:\WINDOWS\system32\avastss.scr
      2007-01-13 02:08 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
      2007-01-13 02:08 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
      2007-01-13 02:08 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
      2007-01-13 02:03 73728 --a------ C:\WINDOWS\system32\dpl100.dll
      2007-01-13 02:03 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
      2007-01-13 02:03 57344 --a------ C:\WINDOWS\system32\dpv11.dll
      2007-01-13 02:03 294912 --a------ C:\WINDOWS\system32\dpu11.dll
      2007-01-12 08:40 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\adobeum
      2007-01-08 13:44 -------- d-------- C:\Program Files\vso
      2007-01-06 07:23 -------- d-------- C:\Program Files\cleanup!(2)
      2007-01-03 08:36 -------- d-------- C:\Program Files\avance sound manager
      2007-01-03 08:36 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\officeupdate12
      2007-01-01 13:58 35113704 --a------ C:\directx_9c_redist.exe
      2006-12-29 14:48 4026112 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
      2006-12-29 08:18 720896 --a------ C:\WINDOWS\iun6002ev.exe
      2006-12-27 18:34 -------- d-------- C:\DOCUME~1\DIDIER\Application Data\drivecleaner 2006 free
      2006-12-27 07:06 94080 --a------ C:\WINDOWS\system32\drivers\ezplay.sys
      2006-12-27 07:06 94080 --a------ C:\DOCUME~1\DIDIER\Application Data\ezplay.sys
      2006-12-27 07:06 87608 --a------ C:\DOCUME~1\DIDIER\Application Data\ezpinst.exe
      2006-12-27 07:06 7812 --a------ C:\DOCUME~1\DIDIER\Application Data\ezplay.cat
      2006-12-27 07:06 34 --a------ C:\DOCUME~1\DIDIER\Application Data\pplesaeo.log
      2006-12-27 07:06 125 --a------ C:\DOCUME~1\DIDIER\Application Data\pplesaeo.ini
      2006-12-27 07:06 1104 --a------ C:\DOCUME~1\DIDIER\Application Data\pplesaeo.inf
      2006-12-26 15:15 34 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.log
      2006-12-26 15:14 7824 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.cat
      2006-12-26 15:14 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
      2006-12-26 15:14 47360 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.sys
      2006-12-26 15:14 1144 --a------ C:\DOCUME~1\DIDIER\Application Data\pcouffin.inf
      2006-12-21 00:56 94424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
      2006-12-21 00:56 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
      2006-12-21 00:51 31560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
      2006-12-17 12:56 -------- d-------- C:\Program Files\msn messenger
      2006-12-15 08:51 72126 --a------ C:\WINDOWS\system32\perfc00c.dat
      2006-12-15 08:51 49494 --a------ C:\WINDOWS\system32\perfc040.dat
      2006-12-15 08:51 460986 --a------ C:\WINDOWS\system32\perfh00c.dat
      2006-12-15 08:51 370414 --a------ C:\WINDOWS\system32\perfh040.dat
      2006-12-12 07:56 -------- d-------- C:\Program Files\windows live toolbar
      2006-12-10 08:29 -------- d-------- C:\Program Files\Fichiers communs\adobe
      2006-12-09 07:19 -------- d-------- C:\Program Files\freshdevices
      2006-12-08 09:43 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
      2006-12-01 05:20 79360 --a------ C:\WINDOWS\system32\swxcacls.exe
      2006-11-30 09:24 86094 --a------ C:\WINDOWS\bpmnt.dll
      2006-11-30 09:24 71749 --a------ C:\WINDOWS\hcextoutput.dll
      2006-11-30 09:24 176709 --a------ C:\WINDOWS\tsc.exe
      2006-11-30 09:24 1101904 --a------ C:\WINDOWS\vsapi32.dll
      2006-11-30 09:23 69689 --a------ C:\WINDOWS\unzip.dll
      2006-11-30 09:23 507904 --a------ C:\WINDOWS\tmupdate.dll
      2006-11-30 09:23 286720 --a------ C:\WINDOWS\patch.exe
      2006-11-17 05:42 577536 --a------ C:\WINDOWS\soundman.exe
      2006-11-16 19:47 524288 --a------ C:\WINDOWS\opuc.dll


      (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

      *Note* empty entries & legit default entries are not shown

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
      "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
      "Ashampoo Magical Optimizer Taskplaner"="\"C:\\PROGRA~1\\Ashampoo\\ASHAMP~1\\AMO_TA~1.EXE\" -TRAY"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
      "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
      "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
      "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
      "Outpost Firewall"="C:\\Program Files\\Agnitum\\Outpost Firewall\\outpost.exe /waitservice"
      "OutpostFeedBack"="C:\\Program Files\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup"
      "SoundMan"="SOUNDMAN.EXE"
      "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
      "Installed"="1"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
      "Installed"="1"
      "NoChange"="1"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
      "Installed"="1"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"
      "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
      "LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
      "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "SoundMan"="SOUNDMAN.EXE"
      "LogitechGalleryRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
      "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
      "WorksFUD"="C:\\Program Files\\Microsoft Works\\wkfud.exe"
      "Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
      "HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
      "Microsoft Works Update Detection"="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Works Shared\\WkUFind.exe"
      "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
      "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
      "Share-to-Web Namespace Daemon"="C:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnd.exe"
      "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
      "CreativeMouse "="C:\\Program Files\\Creative\\Desktop Wireless\\mouse_2k.exe"
      "CreativeKeyboard "="C:\\Program Files\\Creative\\Desktop Wireless\\kb_2k.exe"
      "Motive SmartBridge"="C:\\PROGRA~1\\NUMERI~1\\MONASS~1\\SMARTB~1\\MotiveSB.exe"
      "Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Edition Découverte\\3.0\\Apps\\apdproxy.exe\""
      "CreativeKeyboard"="C:\\Program Files\\Creative\\Desktop Wireless\\kb_2k.exe"
      "CreativeMouse"="C:\\Program Files\\Creative\\Desktop Wireless\\mouse_2k.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Skype"
      "hkey"="HKCU"
      "inimapping"="0"


      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
      "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
      "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

      [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
      LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
      NetworkService REG_MULTI_SZ DnsCache\0\0
      rpcss REG_MULTI_SZ RpcSs\0\0
      imgsvc REG_MULTI_SZ StiSvc\0\0
      termsvcs REG_MULTI_SZ TermService\0\0
      HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
      DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
      WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
      Usnsvc REG_MULTI_SZ usnsvc\0\0

      HKLM\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
      UxTuneUp



      Contents of the 'Scheduled Tasks' folder
      C:\WINDOWS\tasks\Maintenance en 1 clic.job


      ********************************************************************

      catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
      http://www.gmer.net

      scanning hidden processes ...

      scanning hidden services ...

      scanning hidden autostart entries ...

      scanning hidden files ...

      scan completed successfully
      hidden processes: 0
      hidden services: 0
      hidden files: 0

      ********************************************************************

      Completion time: 07-02-09 8:08:02

      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
      "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
      "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
      "Outpost Firewall"="C:\\Program Files\\Agnitum\\Outpost Firewall\\outpost.exe /waitservice"
      "OutpostFeedBack"="C:\\Program Files\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup"
      "SoundMan"="SOUNDMAN.EXE"
      "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
      "Installed"="1"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
      "Installed"="1"
      "NoChange"="1"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
      "Installed"="1"

      Logfile of HijackThis v1.99.1
      Scan saved at 08:26:52, on 09/02/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.5730.0011)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/offres-numericable.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
      O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Ashampoo Magical Optimizer Taskplaner] "C:\PROGRA~1\Ashampoo\ASHAMP~1\AMO_TA~1.EXE" -TRAY
      O4 - Startup: .protected
      O4 - Global Startup: .protected
      O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
      O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.serviceshub.microsoft.com/supportforbusiness/create
      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
      O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

      J'attends maintenant la suite, quand pense tu ?
      Merci
      0
  10. Pichyam
     
    bonjour
    j ai eradique trojan tout simplement avec AVG 2007 edition

    apres apres le scan il a demande si je voulai suprimer et j ai bien sure accepter et beuh il est parti ...

    coordial... pichyam
    0
  11. Utilisateur anonyme
     
    Bonjour

    Vérifie si ces fichiers ont disparu, sinon supprime les.

    C:\Program Files\Ultimate Cleaner --> Désinstalle le avant.
    C:\Documents and Settings\DIDIER\Application Data\Ultimate Cleaner C:\Documents and Settings\DIDIER\Application Data\drivecleaner 2006 free

    Vide la corbeille.
    0
    1. zodiaque59 Messages postés 263 Statut Membre 3
       
      Bonjour Chercheurbis,

      Se petit message pour te prevenir que j'ai du formater mon ordinateur pour regler le probleme ainsi que d'autre.
      Je te remerci pour l'aide que tu ma apporter car il est rare de trouver des personnes comme toi.

      PS: Connaitrais tu un logiciel de retouche d'image gratuit et tres performent pour moi refaire une photo qui date des années 80.

      Merci
      0