Infection virus, log fournis

Résolu
forcepas Messages postés 10 Statut Membre -  
forcepas Messages postés 10 Statut Membre -
Bonjour à tous,
j'espère avoir suivi la procédure forurnie ici pour éradiquer les virus qui sont sur mon ordinateur.
voici donc les résultats des log

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:52:14 06/03/2007
+ Résultat de l'analyse:
C:\WINDOWS\system\smss.exe -> Backdoor.Medbot.eh : Aucune action entreprise.
C:\WINDOWS\system32\__delete_on_reboot__t_c_p_i_p_m_o_n_._e_x_e_ -> Hijacker.Agent.is : Aucune action entreprise.
C:\ywobnat.exe -> Hijacker.Agent.is : Aucune action entreprise.
C:\WINDOWS\system32\__delete_on_reboot__w_i_n_i_t_s_3_2_._d_l_l_ -> Trojan.Agent.qt : Aucune action entreprise.
Fin du rapport

BitDefender Online Scanner
Scan report generated at: Tue, Mar 06, 2007 - 23:09:54
Scan path: C:\;D:\;E:\;G:\;
Statistics

Time
03:06:44

Files
803540

Folders
7774

Boot Sectors
4
Archives
9422
Packed Files
65096
Results
Identified Viruses
17
Infected Files
30
Suspect Files
1
Warnings
0
Disinfected
0
Deleted Files
27
Engines Info
Virus Definitions
403059
Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes
Scanned File
Status

C:\Documents and Settings\All Users\Documents\setup.exe
Infected with: DeepScan:Generic.Horst.AE2AE578

C:\Documents and Settings\All Users\Documents\setup.exe
Disinfection failed

C:\Documents and Settings\All Users\Documents\setup.exe
Deleted

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
Infected with: Trojan.Obfus.Gen

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
Disinfection failed

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll
Delete failed

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
Infected with: Win32.Netsky.D@mm

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
Disinfection failed

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Here is the document][From: jean-pierre.zapata@waters.nestle.com]=>document_full.pif
Deleted

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst
Updated

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
Infected with: Win32.Netsky.D@mm

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
Disinfection failed

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Re: Your software][From: isabellegaland@wanadoo.fr]=>application.pif
Deleted

C:\Documents and Settings\philippe gaches\Local Settings\Application Data\Microsoft\Outlook\archive.pst
Updated

C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
Infected with: Trojan.Spy.Agent.PD

C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
Disinfection failed

C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar=>keygen.exe
Deleted

C:\Documents and Settings\philippe gaches\Mes documents\emule\geovid\Geovid Video To Flash Converter 5.5 Winall Keygen Only Read Nfo-Virility.rar
Update failed

C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
Infected with: Trojan.Downloader.Imloader.C

C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
Disinfection failed

C:\Documents and Settings\philippe gaches\Mes documents\emule\incredimail_install.exe
Deleted

C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
Infected with: Trojan.Downloader.Harnig.XB

C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
Disinfection failed

C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21\keygen.exe
Deleted

C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Infected with: Trojan.Downloader.Harnig.XB

C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Disinfection failed

C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Deleted

C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar
Update failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
Infected with: DeepScan:Generic.Horst.E47F23DF

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240117.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
Infected with: DeepScan:Generic.Horst.2B02E0B8

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240560.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
Infected with: DeepScan:Generic.Horst.2B02E0B8

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP575\A0240674.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
Infected with: DeepScan:Generic.Horst.2B02E0B8

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240677.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
Infected with: DeepScan:Generic.Horst.0D2C46C9

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP576\A0240780.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
Infected with: DeepScan:Generic.Horst.0D2C46C9

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0240783.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
Infected with: DeepScan:Generic.Horst.0D2C46C9

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241055.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
Infected with: DeepScan:Generic.Horst.707F662F

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP577\A0241079.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
Infected with: DeepScan:Generic.Horst.AE2AE578

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP578\A0241088.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
Infected with: DeepScan:Generic.Horst.AE2AE578

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP579\A0241096.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
Infected with: Trojan.Juan.Q

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP618\A0255234.dll
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
Infected with: Trojan.Agent.QT

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256405.dll
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Infected with: Trojan.Downloader.Harnig.XB

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar=>keygen.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256612.lnk=>C:\Documents and Settings\philippe gaches\Mes documents\emule\TomTom_5.21.rar
Update failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
Infected with: Trojan.Downloader.RegClean.A

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256648.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
Infected with: DeepScan:Generic.Horst.D853B2CA

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256649.exe
Deleted

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
Infected with: MemScan:Trojan.Downloader.RegClean.A

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
Disinfection failed

C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256650.exe
Deleted

C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
Infected with: Trojan.Downloader.Istbar.PY

C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
Disinfection failed

C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ISTactivex.inf
Deleted

C:\WINDOWS\Downloaded Program Files\istactivex.inf
Infected with: Trojan.Downloader.Istbar.HG

C:\WINDOWS\Downloaded Program Files\istactivex.inf
Disinfection failed

C:\WINDOWS\Downloaded Program Files\istactivex.inf
Deleted

C:\WINDOWS\system32\hrsoenf.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\hrsoenf.dll
Disinfection failed

C:\WINDOWS\system32\hrsoenf.dll
Deleted

C:\WINDOWS\system32\sffcbodx.dll
Infected with: Trojan.Juan.Q

C:\WINDOWS\system32\sffcbodx.dll
Disinfection failed

C:\WINDOWS\system32\sffcbodx.dll
Delete failed

C:\WINDOWS\system32\sokubdi.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\sokubdi.dll
Disinfection failed

C:\WINDOWS\system32\sokubdi.dll
Delete failed

C:\WINDOWS\system32\spool\drivers\setup.exe
Infected with: DeepScan:Generic.Horst.AE2AE578

C:\WINDOWS\system32\spool\drivers\setup.exe
Disinfection failed

C:\WINDOWS\system32\spool\drivers\setup.exe
Deleted

C:\WINDOWS\system32\v6.exe
Suspected of: Generic.Malware.Sdld.1743F721

C:\WINDOWS\system32\v6.exe
Disinfection failed

C:\WINDOWS\system32\v6.exe
Delete failed

Logfile of HijackThis v1.99.1
Scan saved at 06:32:19, on 07/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\MAGICF~1\MulMouse.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\DIRECT~1\DUControl.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
G:\antivirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe
O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\philippe gaches\Local Settings\Application Data\hrsoenf.dll",wonzzg
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZS
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

J'espère avoir suivi correctement la procédure. Dans tous les cas merci pour votre aide !!!
Cordialement
Philippe

14 réponses

  1. forcepas Messages postés 10 Statut Membre 1
     
    bonjour,
    voici le résultat des nettoyages de ce matin

    SDFix: Version 1.69

    Run by PG - 08/03/2007 @ 11:48:26,34

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\SDFix

    Safe Mode:
    Checking Services:

    Killing PID 184 'smss.exe'
    Killing PID 256 'winlogon.exe'
    Killing PID 256 'winlogon.exe'

    Restoring Windows Registry Entries
    Restoring Default Hosts File

    Rebooting...

    Normal Mode:
    Checking Files:

    Below files will be copied to Backups folder then removed:

    C:\WINDOWS\SYSTEM32\5M0T51~1.HTM - Deleted
    C:\WINDOWS\SYSTEM32\CLTEFR~1.HTM - Deleted
    C:\WINDOWS\SYSTEM32\E3B82K~1.HTM - Deleted
    C:\WINDOWS\SYSTEM32\K23I0J~1.HTM - Deleted
    C:\WINDOWS\SYSTEM32\Q0FD5M~1.HTM - Deleted
    C:\WINDOWS\system32\rpcc.dll - Deleted
    C:\WINDOWS\system32\TFTP360 - Deleted

    ADS Check:

    C:\WINDOWS\system32
    No streams found.

    Final Check:

    Remaining Services:
    ------------------

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:Connection Manager"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:*:Enabled:ActiveSync Application"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
    "C:\\WINDOWS\\system32\\CIMSVR.exe"="C:\\WINDOWS\\system32\\CIMSVR.exe:*:Enabled:Logitech IM Video Companion Server"
    "C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
    "C:\\WINDOWS\\system32\\ftp.exe"="C:\\WINDOWS\\system32\\ftp.exe:*:Disabled:Logiciel de transfert de fichiers"
    "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
    "C:\\Program Files\\Namo\\WebEditor 6 Trial\\bin\\WebEditor.exe"="C:\\Program Files\\Namo\\WebEditor 6 Trial\\bin\\WebEditor.exe:*:Disabled:Namo WebEditor 6"
    "C:\\Program Files\\Namo\\WebCanvas Trial\\bin\\WebCanvas.exe"="C:\\Program Files\\Namo\\WebCanvas Trial\\bin\\WebCanvas.exe:*:Disabled:WebCanvas Application (Version d'évaluation)"
    "C:\\Program Files\\Intuisphere\\Cariboost Free Edition v1\\cariboost.exe"="C:\\Program Files\\Intuisphere\\Cariboost Free Edition v1\\cariboost.exe:*:Enabled:cariboost"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe:*:Enabled:Orb"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe:*:Enabled:OrbTray"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe:*:Enabled:OrbTVGuide"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe:*:Enabled:OrbChannelScan"
    "C:\\Documents and Settings\\All Users\\Application Data\\Spontania4IM\\spontaniavideo.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Spontania4IM\\spontaniavideo.exe:*:Disabled:Dialcom Spontania video4IM"
    "C:\\Program Files\\HP\\Image Zone Express\\HP_IZE.exe"="C:\\Program Files\\HP\\Image Zone Express\\HP_IZE.exe:*:Enabled:HP Image Zone Express"
    "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    Remaining Files:
    ---------------

    Backups Folder: - C:\SDFix\backups\backups.zip

    Checking For Files with Hidden Attributes :

    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\GbDetect.dll
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll
    C:\Program Files\Adobe\Acrobat 7.0\Esl\AiodLite.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\ACE.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\Acrofx32.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeLinguistic.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\agldt28l.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AGM.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\atl.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AXE16SharedExpat.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AXE8SharedExpat.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AXEParser.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AXSLE.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\BIB.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\CoolType.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\edb1drv.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\edb500x.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\epic_eula.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\esdupdate.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\eularesen_US.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\eularesfr_FR.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\JP2KLib.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\libaglcnv28.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\Onix32.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\rt3d.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\SVGCore.DLL
    C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\en_US\svgrsrc.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\ImageViewer\fr_FR\svgrsrc.dll
    C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\OLS\OnlineServices.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\ACE.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\AGM.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\asn.er.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\BIB.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\BIBUtils.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\coldware.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\CoolType.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\MPS.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\OPP.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\PCDlib32.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\PDFL50.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\plugin.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Pspdll16.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Pspdll32.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Sangam.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Shfolder.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\SVGExport.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\SVGRE.dll
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\THUMBVW.DLL
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\System\AI90Res.dll
    C:\Program Files\Adobe\Photoshop Elements\ACE.dll
    C:\Program Files\Adobe\Photoshop Elements\ActiveShare.dll
    C:\Program Files\Adobe\Photoshop Elements\AGM.dll
    C:\Program Files\Adobe\Photoshop Elements\Asn.er.dll
    C:\Program Files\Adobe\Photoshop Elements\Bib.dll
    C:\Program Files\Adobe\Photoshop Elements\CoolType.dll
    C:\Program Files\Adobe\Photoshop Elements\HtmlViewLib.dll
    C:\Program Files\Adobe\Photoshop Elements\MPS.dll
    C:\Program Files\Adobe\Photoshop Elements\MSVCP60.DLL
    C:\Program Files\Adobe\Photoshop Elements\Msvcrt10.dll
    C:\Program Files\Adobe\Photoshop Elements\pcdlib32.dll
    C:\Program Files\Adobe\Photoshop Elements\PDFL47.dll
    C:\Program Files\Adobe\Photoshop Elements\Photoshop.dll
    C:\Program Files\Adobe\Photoshop Elements\PictureCD.dll
    C:\Program Files\Adobe\Photoshop Elements\plugin.dll
    C:\Program Files\Adobe\Photoshop Elements\PSUT9516.DLL
    C:\Program Files\Adobe\Photoshop Elements\Psut9532.dll
    C:\Program Files\Adobe\Photoshop Elements\PSViews.dll
    C:\Program Files\Adobe\Photoshop Elements\SfUpload.dll
    C:\Program Files\Adobe\Photoshop Elements\Shfolder.dll
    C:\Program Files\Adobe\Photoshop Elements\UID.mr.dll
    C:\Program Files\Adobe\Photoshop Elements\Uninst.dll
    C:\Program Files\Adobe\Photoshop Elements\Modules externes\Libraries\Plugin.dll
    C:\Program Files\Ahead\ImageDrive\idriveinst.dll
    C:\Program Files\Ahead\ImageDrive\imagedrv.dll
    C:\Program Files\Ahead\Nero\AudioPluginMgr.dll
    C:\Program Files\Ahead\Nero\CDCopy.dll
    C:\Program Files\Ahead\Nero\cdr100.dll
    C:\Program Files\Ahead\Nero\cdr50s.dll
    C:\Program Files\Ahead\Nero\CDROM.dll
    C:\Program Files\Ahead\Nero\cdu920.dll
    C:\Program Files\Ahead\Nero\cr2200cs.dll
    C:\Program Files\Ahead\Nero\Drweb32.dll
    C:\Program Files\Ahead\Nero\DVDREALLOC.dll
    C:\Program Files\Ahead\Nero\Dws114x.dll
    C:\Program Files\Ahead\Nero\em2v.dll
    C:\Program Files\Ahead\Nero\Equalize.dll
    C:\Program Files\Ahead\Nero\FATImporter.dll
    C:\Program Files\Ahead\Nero\GENCUSH.dll
    C:\Program Files\Ahead\Nero\Generatr.dll
    C:\Program Files\Ahead\Nero\GenFAT.dll
    C:\Program Files\Ahead\Nero\geniso.dll
    C:\Program Files\Ahead\Nero\GenPCHy.dll
    C:\Program Files\Ahead\Nero\GenUDF.dll
    C:\Program Files\Ahead\Nero\image.dll
    C:\Program Files\Ahead\Nero\ImageGen.dll
    C:\Program Files\Ahead\Nero\ims.dll
    C:\Program Files\Ahead\Nero\ISOFS.dll
    C:\Program Files\Ahead\Nero\KARAOKE.dll
    C:\Program Files\Ahead\Nero\mfc42.DLL
    C:\Program Files\Ahead\Nero\MMC.dll
    C:\Program Files\Ahead\Nero\MPGEnc.dll
    C:\Program Files\Ahead\Nero\msvcrt.dll
    C:\Program Files\Ahead\Nero\Nedsp.dll
    C:\Program Files\Ahead\Nero\NeEm2a.dll
    C:\Program Files\Ahead\Nero\NeHDBlkAccess.dll
    C:\Program Files\Ahead\Nero\NeMP3Dmo.dll
    C:\Program Files\Ahead\Nero\NeMP3Hlp.dll
    C:\Program Files\Ahead\Nero\neroAPI.dll
    C:\Program Files\Ahead\Nero\NeroCom.dll
    C:\Program Files\Ahead\Nero\neroDB.dll
    C:\Program Files\Ahead\Nero\neroErr.dll
    C:\Program Files\Ahead\Nero\NeroMediaCon.dll
    C:\Program Files\Ahead\Nero\NeroNet.dll
    C:\Program Files\Ahead\Nero\neroscsi.dll
    C:\Program Files\Ahead\Nero\neRSDB.dll
    C:\Program Files\Ahead\Nero\NetRecorder.dll
    C:\Program Files\Ahead\Nero\NeVCDEngine.dll
    C:\Program Files\Ahead\Nero\newtrf.dll
    C:\Program Files\Ahead\Nero\READHD16.dll
    C:\Program Files\Ahead\Nero\ReadHD32.dll
    C:\Program Files\Ahead\Nero\ro1420c.dll
    C:\Program Files\Ahead\Nero\SHORTCUT.DLL
    C:\Program Files\Ahead\Nero\TMPVImporter.dll
    C:\Program Files\Ahead\Nero\UDFImporter.dll
    C:\Program Files\Ahead\Nero\VCDMenu.dll
    C:\Program Files\Ahead\Nero\VMPEG2Enc.dll
    C:\Program Files\Ahead\Nero\VMPEGEnc.dll
    C:\Program Files\Ahead\Nero\VMPEGEncNDX.dll
    C:\Program Files\Ahead\Nero\WNASPI32.DLL
    C:\Program Files\Ahead\Nero MediaHome\NMSIndexService.dll
    C:\Program Files\Ahead\Nero MediaHome\NMSMediaServer.dll
    C:\Program Files\Ahead\Nero PhotoSnap\BasicFilters.dll
    C:\Program Files\Ahead\Nero PhotoSnap\FImgPlg.dll
    C:\Program Files\Ahead\Nero PhotoSnap\FreeImage.dll
    C:\Program Files\Ahead\Nero PhotoSnap\MFC71.dll
    C:\Program Files\Ahead\Nero PhotoSnap\msvcp71.dll
    C:\Program Files\Ahead\Nero PhotoSnap\msvcr71.dll
    C:\Program Files\Ahead\Nero PhotoSnap\msvcrt.dll
    C:\Program Files\Ahead\Nero PhotoSnap\NSPluginMgr.dll
    C:\Program Files\Ahead\Nero PhotoSnap\PhotoEffects.dll
    C:\Program Files\Ahead\Nero PhotoSnap\PhotoEffectsLib.dll
    C:\Program Files\Ahead\Nero PhotoSnap\XImgPlg.dll
    C:\Program Files\Ahead\Nero ShowTime\DriveSpeed.dll
    C:\Program Files\Ahead\Nero ShowTime\NeRSDB.dll
    C:\Program Files\Ahead\Nero ShowTime\NMSUPnPIndexService.dll
    C:\Program Files\Ahead\Nero Wave Editor\waveedit.dll
    C:\Program Files\Ahead\NeroVision\AMCDocBase.dll
    C:\Program Files\Ahead\NeroVision\AMCDOM.dll
    C:\Program Files\Ahead\NeroVision\AMCUIBase.dll
    C:\Program Files\Ahead\NeroVision\DVDBlockAcc.dll
    C:\Program Files\Ahead\NeroVision\DVDDoc.DLL
    C:\Program Files\Ahead\NeroVision\DVDEngine.dll
    C:\Program Files\Ahead\NeroVision\DVDUI.DLL
    C:\Program Files\Ahead\NeroVision\em2v.DLL
    C:\Program Files\Ahead\NeroVision\ExpressDoc.DLL
    C:\Program Files\Ahead\NeroVision\ExpressUI.dll
    C:\Program Files\Ahead\NeroVision\GCCore.dll
    C:\Program Files\Ahead\NeroVision\GCFX.DLL
    C:\Program Files\Ahead\NeroVision\GCHW.DLL
    C:\Program Files\Ahead\NeroVision\GCHWCfg.DLL
    C:\Program Files\Ahead\NeroVision\GCLib.DLL
    C:\Program Files\Ahead\NeroVision\GDIPainter.dll
    C:\Program Files\Ahead\NeroVision\HDCC.dll
    C:\Program Files\Ahead\NeroVision\HTMLGallery.dll
    C:\Program Files\Ahead\NeroVision\mfc42.dll
    C:\Program Files\Ahead\NeroVision\MMTools.dll
    C:\Program Files\Ahead\NeroVision\MSVCP60.dll
    C:\Program Files\Ahead\NeroVision\msvcrt.dll
    C:\Program Files\Ahead\NeroVision\NeAcEnc.dll
    C:\Program Files\Ahead\NeroVision\NeAnalyzer.dll
    C:\Program Files\Ahead\NeroVision\NeEm2a.dll
    C:\Program Files\Ahead\NeroVision\NeMediaOut.dll
    C:\Program Files\Ahead\NeroVision\NeroMediaCon.dll
    C:\Program Files\Ahead\NeroVision\NeroVisionAPI.dll
    C:\Program Files\Ahead\NeroVision\NeVcr.dll
    C:\Program Files\Ahead\NeroVision\NeVideoFX.dll
    C:\Program Files\Ahead\NeroVision\NeVideoFXW.dll
    C:\Program Files\Ahead\NeroVision\SHORTCUT.DLL
    C:\Program Files\Ahead\NeroVision\VCDDoc.DLL
    C:\Program Files\Ahead\NeroVision\VCDEngine.dll
    C:\Program Files\Ahead\NeroVision\VCDUI.DLL
    C:\Program Files\Ahead\NeroVision\NeroFiles\cdr100.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\cdr50s.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\CDROM.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\cdu920.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\cr2200cs.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\DVDREALLOC.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\Dws114x.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\gencush.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\Generatr.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\geniso.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\GenUDF.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\image.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\ImageGen.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\ims.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\ISOFS.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\MMC.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\NeroAPI.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\NeroErr.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\neroscsi.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\NeRSDB.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\NeVCDEngine.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\newtrf.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\ro1420c.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\UDFImporter.dll
    C:\Program Files\Ahead\NeroVision\NeroFiles\WNASPI32.DLL
    C:\Program Files\Ahead\Shared\AudioPlugins\DefConvertor.dll
    C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO.dll
    C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO_dmo.dll
    C:\Program Files\Ahead\Shared\AudioPlugins\mp3PRO_hlp.dll
    C:\Program Files\Ahead\WMPBurn\NeroBurnPlugin.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\alcoholx.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\AXShlEx.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\DevSupp.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\pfctoc.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_BUL.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_CAT.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_Chs.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_Cht.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_CZ.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_DA.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_ES.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_FI.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_FR.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_GE.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_GR.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_HR.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_IT.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_JPN.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_KR.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_NL.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PL.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PT.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_PT_BR.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SK.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SR.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_SV.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\ccdmount.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\nrgmount.dll
    C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Images\pdimount.dll
    C:\Program Files\ArcSoft\Panorama Maker\EzFile.dll
    C:\Program Files\ArcSoft\Panorama Maker\Filefpx.dll
    C:\Program Files\ArcSoft\Panorama Maker\FPXLIB.DLL
    C:\Program Files\ArcSoft\Panorama Maker\JPEGLIB.DLL
    C:\Program Files\ArcSoft\Panorama Maker\PmkRes.dll
    C:\Program Files\ArcSoft\Panorama Maker\Res_Dll.dll
    C:\Program Files\ArcSoft\Panorama Maker\Stitch30.dll
    C:\Program Files\ASUS\ASUS Digital VCR\converter.dll
    C:\Program Files\ASUS\SmartDoctor\ASUSRC.dll
    C:\Program Files\ASUS\SmartDoctor\EIO.dll
    C:\Program Files\ASUS\SmartDoctor\msvcp60.dll
    C:\Program Files\ASUS\SmartDoctor\nvapi9x.dll
    C:\Program Files\ASUS\SmartDoctor\nvgpio.dll
    C:\Program Files\ASUS\SmartDoctor\ResDLL.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\ACD_RES.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\AppBarCom.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\AppBarCom_RES.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\ATIPDLXX.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\clds.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\CLInet.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\clwo.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\DVD_RES.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\HWTest.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\msvcp60.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\Msvcrt.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\OSD_MLang.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\pdvdaux.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\PwrDVDRC.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\PwrDVDV.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\pwrdvdvx.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\pwrdvdx.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\SNX_HID.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\UI_RES.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\ui_skin.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Crystal\Crystal.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Epiphany\Epiphany.dll
    C:\Program Files\ASUSTek\ASUSDVD XP\Skins\Neo\Neo.dll
    C:\Program Files\audiograbber\ag12free.dll
    C:\Program Files\audiograbber\lame_enc.dll
    C:\Program Files\audiograbber\libVorbis.dll
    C:\Program Files\audiograbber\WMA8Connect.dll
    C:\Program Files\AvantGo Connect\malssp.dll
    C:\Program Files\AvantGo Connect\AvantGo\agmal.dll
    C:\Program Files\AvantGo Connect\AvantGo\agproxy.dll
    C:\Program Files\Borland\Common Files\BDE\bantam.dll
    C:\Program Files\Borland\Common Files\BDE\BLW32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDAPI32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDASCI32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDBAT32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDDA3532.DLL
    C:\Program Files\Borland\Common Files\BDE\IDDAO32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDDBAS32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDDR32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDODBC32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDPDX32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDPROV32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDQBE32.DLL
    C:\Program Files\Borland\Common Files\BDE\IDR2000C.DLL
    C:\Program Files\Borland\Common Files\BDE\IDSQL32.DLL
    C:\Program Files\Caere\OmniPagePro90\CRAM32.DLL
    C:\Program Files\Caere\OmniPagePro90\Inetwh16.dll
    C:\Program Files\Caere\OmniPagePro90\INETWH32.dll
    C:\Program Files\Caere\OmniPagePro90\IQTRAN32.DLL
    C:\Program Files\Caere\OmniPagePro90\IQ_COM32.DLL
    C:\Program Files\Caere\OmniPagePro90\IQ_UTL32.DLL
    C:\Program Files\Caere\OmniPagePro90\ivwres1.dll
    C:\Program Files\Caere\OmniPagePro90\metafile.dll
    C:\Program Files\Caere\OmniPagePro90\OPHOOK16.DLL
    C:\Program Files\Caere\OmniPagePro90\OPHOOK32.dll
    C:\Program Files\Caere\OmniPagePro90\OPImgLib.dll
    C:\Program Files\Caere\OmniPagePro90\opreg32.dll
    C:\Program Files\Caere\OmniPagePro90\opresfrn.dll
    C:\Program Files\Caere\OmniPagePro90\opsrc32.dll
    C:\Program Files\Caere\OmniPagePro90\opstor32.dll
    C:\Program Files\Caere\OmniPagePro90\OPUTIL16.DLL
    C:\Program Files\Caere\OmniPagePro90\PAIGE32.DLL
    C:\Program Files\Caere\OmniPagePro90\PLINE32.DLL
    C:\Program Files\Caere\OmniPagePro90\regcmn32.dll
    C:\Program Files\Caere\OmniPagePro90\rgresfrn.dll
    C:\Program Files\Caere\OmniPagePro90\rgreslang.dll
    C:\Program Files\Caere\OmniPagePro90\SSLIB32.DLL
    C:\Program Files\Caere\OmniPagePro90\TABCTL32.DLL
    C:\Program Files\Caere\OmniPagePro90\train.dll
    C:\Program Files\Caere\OmniPagePro90\WFTP32.DLL
    C:\Program Files\Caere\OmniPagePro90\wizard32.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\cefpix.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\Cfpapi.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\cfpJpeg.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\Hiffl32.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\Iffjpg32.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\Iffpcx32.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\Ifftif32.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\SGTBRES.dll
    C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.dll
    C:\Program Files\Canon\ScanGear Toolbox FAU\CEFPIX.DLL
    C:\Program Files\Canon\ScanGear Toolbox FAU\Cfpapi.dll
    C:\Program Files\Canon\ScanGear Toolbox FAU\cfpJpeg.dll
    C:\Program Files\Canon\ScanGear Toolbox FAU\Hiffl32.dll
    C:\Program Files\Canon\ScanGear Toolbox FAU\Iffjpg32.dll
    C:\Program Files\Canon\ScanGear Toolbox FAU\Iffpcx32.dll
    C:\Program Files\Canon\ScanGear Toolbox FAU\Ifftif32.dll
    C:\Program Files\Canon\ScanGear Toolbox FAU\SGTBRESF.DLL
    C:\Program Files\Canon\ScanGear Toolbox FAU\Uninst.dll
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\formdll.dll
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkeng.dll
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkprops.dll
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkres.dll
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkx.dll
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\vcomctl.dll
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\voicebar.dll
    C:\Program Files\Common Files\X10\Common\x10lv.dll
    C:\Program Files\Common Files\X10\Common\x10net.dll
    C:\Program Files\Common Files\X10\Common\xsetup.dll
    C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\NUVTWAIN.DLL
    C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\YUV2RGB.DLL
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\appframe.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\audvid.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\cdpath.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\controls.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\datacomp.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\dbinfo.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\DSSMS32R.DLL
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\gio.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lfbmp10N.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\LFCMP10N.DLL
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lffpx10N.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\lffpx7.dll
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\LFKODAK.DLL
    C:\Program Files\UNWISE.EXE
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe
    C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA\instmsiw.exe
    C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA\setup.exe
    C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Illustrator.exe
    C:\Program Files\Adobe\Photoshop Elements\PhotoshopElements.exe
    C:\Program Files\Ahead\CoverDesigner\CoverDes.exe
    C:\Program Files\Ahead\ImageDrive\ImageDrive.exe
    C:\Program Files\Ahead\Nero\nero.exe
    C:\Program Files\Ahead\Nero\NeroCmd.exe
    C:\Program Files\Ahead\Nero\NRESTORE.EXE
    C:\Program Files\Ahead\Nero\Uninstall\UNNero.exe
    C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe
    C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
    C:\Program Files\Ahead\Nero BackItUp\NBR.exe
    C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe
    C:\Program Files\Ahead\Nero MediaHome\NMSTranscoder.exe
    C:\Program Files\Ahead\Nero PhotoSnap\PhotoSnap.exe
    C:\Program Files\Ahead\Nero PhotoSnap\PhotoSnapViewer.exe
    C:\Program Files\Ahead\Nero Recode\Recode.exe
    C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe
    C:\Program Files\Ahead\Nero SoundTrax\SoundTrax.exe
    C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
    C:\Program Files\Ahead\Nero Toolkit\CDSpeed.exe
    C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe
    C:\Program Files\Ahead\Nero Toolkit\hwinfo.exe
    C:\Program Files\Ahead\Nero Toolkit\InfoTool.exe
    C:\Program Files\Ahead\Nero Wave Editor\DXEnum.exe
    C:\Program Files\Ahead\Nero Wave Editor\WaveEdit.exe
    C:\Program Files\Ahead\NeroVision\NeroVision.exe
    C:\Program Files\Ahead\WMPBurn\WMPBurn.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\AxCmd.exe
    C:\Program Files\ArcSoft\Panorama Maker\pmk3.exe
    C:\Program Files\ASUS\ASUS Digital VCR\ASUSDVCR.exe
    C:\Program Files\ASUS\ASUS Digital VCR\Schedule.exe
    C:\Program Files\ASUS\ASUS Digital VCR\TVSetup_Wizard.exe
    C:\Program Files\ASUS\ASUS GameFace\devinstall.exe
    C:\Program Files\ASUS\ASUS GameFace\devremove.exe
    C:\Program Files\ASUS\ASUS GameFace\GameFace.exe
    C:\Program Files\ASUS\SmartDoctor\2DTEST.EXE
    C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files\ASUSTek\ASUSDVD XP\CLDMA.exe
    C:\Program Files\ASUSTek\ASUSDVD XP\cltest.exe
    C:\Program Files\ASUSTek\ASUSDVD XP\ddtester.exe
    C:\Program Files\ASUSTek\ASUSDVD XP\PowerDVD.exe
    C:\Program Files\audiograbber\audiograbber.exe
    C:\Program Files\audiograbber\lame.exe
    C:\Program Files\audiograbber\uninstall.exe
    C:\Program Files\AvantGo Connect\malfile.exe
    C:\Program Files\AvantGo Connect\AvantGo\agsubs.exe
    C:\Program Files\Award\WinFlash\WinFlash.exe
    C:\Program Files\Borland\Common Files\BDE\BDEADMIN.EXE
    C:\Program Files\Broadcom\DrvInst\bdrvinst.exe
    C:\Program Files\Caere\OmniPagePro90\caerereg.exe
    C:\Program Files\Caere\OmniPagePro90\ITP32.EXE
    C:\Program Files\Caere\OmniPagePro90\omnipage.exe
    C:\Program Files\Caere\OmniPagePro90\OP9Deins.exe
    C:\Program Files\Caere\OmniPagePro90\OPWARE16.EXE
    C:\Program Files\Caere\OmniPagePro90\OPware32.exe
    C:\Program Files\Caere\OmniPagePro90\Setbrows.exe
    C:\Program Files\Caere\OmniPagePro90\uninstall.exe
    C:\Program Files\Canon\ScanGear Toolbox CS\40comupd.exe
    C:\Program Files\Canon\ScanGear Toolbox CS\chreg.exe
    C:\Program Files\Canon\ScanGear Toolbox CS\SGTBox.exe
    C:\Program Files\Canon\ScanGear Toolbox CS\SGTBPBM.exe
    C:\Program Files\Canon\ScanGear Toolbox FAU\40comupd.exe
    C:\Program Files\Canon\ScanGear Toolbox FAU\CHREG.EXE
    C:\Program Files\Canon\ScanGear Toolbox FAU\SGTBoxf.exe
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\inkform.exe
    C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms\voicefrm.exe
    C:\Program Files\Common Files\X10\Common\rundll32.exe
    C:\Program Files\Common Files\X10\Common\x10.exe
    C:\Program Files\Common Files\X10\Common\X10nets.exe
    C:\Program Files\COSMOPOLITAN\COSMOPOLITAN Virtual Lookÿ3\exe\DSSAGENT.EXE
    C:\Program Files\ASUSTek\ASUSDVD XP\clpciid.sys
    C:\Program Files\Broadcom\DrvInst\b57w2k.sys
    C:\Program Files\Broadcom\DrvInst\b57xp32.sys
    C:\Program Files\Common Files\X10\Common\x10prod.sys
    C:\Program Files\Common Files\X10\DriverInstall\VA10A Video Capture\NUVISION.SYS
    C:\Program Files\Common Files\X10\DriverInstall\VA11A Video Capture\CA506AA.Sys
    C:\Program Files\Common Files\X10\DriverInstall\VA11A Video Capture\CA506AV.Sys
    C:\Program Files\Common Files\X10\DriverInstall\Wireless Transceivers\X10uif.Sys
    C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp
    C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
    C:\Program Files\ArcSoft\Panorama Maker\ui\bottom1.tmp
    C:\Program Files\ArcSoft\Panorama Maker\ui\bottom2.tmp
    C:\Program Files\ArcSoft\Panorama Maker\ui\pmviewer.tmp

    Add/Remove Programs List:

    a-squared Free 2.1
    Adobe Photoshop CS2
    Adobe Photoshop Elements
    Adobe SVG Viewer 3.0
    ASUS Digital VCR
    ASUS Display Drivers
    ASUS Display Drivers
    avast! Antivirus
    AVG Anti-Spyware 7.5
    BetaPlayer
    Canon ScanGear Toolbox CS 2.5
    Canon ScanGear Toolbox FAU 2.5
    Canon-SE TWAIN
    Capture NX
    Cariboost Free Edition v1
    CCleaner (remove only)
    cTide (remove only)
    DirectUpdate
    DivX 5.0.2 Pro Bundle
    DivXG400
    DVD Audio Extractor 4.2.0
    eMule
    FileZilla (remove only)
    Microsoft Flight Simulator 2004 Un siŠcle d'aviation
    Free - Kit de connexion
    Fugawi 3.0.3 Update
    GpsGate
    GXTranscoder
    HijackThis 1.99.1
    hp print screen utility
    Microsoft Internationalized Domain Names Mitigation APIs
    Windows Internet Explorer 7
    Img2Ozf Version 2
    Label Maker Plus 2.1
    ASUS SmartDoctor
    MainConcept MainActor v5.2
    ASUS GameFace
    MapSource - Trip & Waypoint Manager v2
    MainConcept DV Codec
    Broadcom Gigabit Integrated Controller
    PPC 2003 - MSN (R) Messenger Update
    IrfanView (remove only)
    K!TV
    Kaspersky On-line Scanner
    Kaspersky Online Scanner
    Correctif Windows XP - KB834707
    Correctif Windows XP - KB867282
    Correctif Windows XP - KB873333
    Correctif Windows XP - KB873339
    Correctif Windows XP - KB885250
    Correctif Windows XP - KB885835
    Correctif Windows XP - KB885836
    Correctif Windows XP - KB885884
    Correctif Windows XP - KB886185
    Correctif Windows XP - KB887472
    Correctif Windows XP - KB887742
    Correctif Windows XP - KB888113
    Correctif Windows XP - KB888302
    Correctif Windows XP - KB890047
    Correctif Windows XP - KB890175
    Correctif Windows XP - KB890859
    Correctif Windows XP - KB890923
    Correctif Windows XP - KB891781
    Correctif Windows XP - KB893066
    Correctif Windows XP - KB893086
    KC Softwares VideoInspector
    Macromedia Shockwave Player
    Magic Function
    MapSource
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 2.0
    Monitor Calibration Wizard 1.0
    Monkey's Audio
    MouseRemote (TM)
    Mozilla Firefox (2.0.0.1)
    Microsoft Compression Client Pack 1.0 for Windows XP
    Nero 6 Ultra Edition
    NeroVision Express 3
    Microsoft National Language Support Downlevel APIs
    NVIDIA Drivers
    Nvu 1.0
    OmniPage Pro 9.0
    Orb
    OziExplorer 3.95
    PDAwin TV remote controller
    PhotoFiltre
    PICVideo Codecs
    Pinnacle MPEG Realtime Codec
    QuickPar 0.9
    QuickTime
    Rippack v3 beta 16.1
    Adobe Flash Player 9 ActiveX
    Skype with Doro225
    Skype 2.5
    Spybot - Search & Destroy 1.4
    Windows Genuine Advantage Validation Tool
    Lecteur Windows Mediaÿ11
    Windows XP Service Pack 2
    WinFlash
    WinRAR Archiveur
    WinZip
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    X10 Hardware(TM)
    PDFCreator
    Microsoft Office 2000 CD-ROMÿ2
    Windows Movie Maker 2 Winter Fun Pack
    ASUS SmartDoctor
    HP Software Update
    AutoUpdate
    Microsoft AutoRoute
    ArcSoft Panorama Maker 3.0
    Grand Atlas Routier et Touristique de France
    Memory-Map Navigator
    MovieShaker 3.1 pour MICROMV
    MainConcept MainActor v5.2
    NikonCapture
    Adobe Photoshop CS2
    Macromedia Flash 8
    Logitech SetPoint
    J2SE Runtime Environment 5.0 Update 9
    J2SE Runtime Environment 5.0 Update 10
    J2SE Runtime Environment 5.0 Update 11
    Macromedia Extension Manager
    Google Earth
    Microsoft SQL Server 2005 Mobile Edition Device SDK
    Visionneuse Journal Windows Microsoft
    IGN Rando
    Kasuei Hitchhiker
    Windows Movie Maker 2.0
    SAGEM F@st 800-908
    Theme Generator V2
    XPC 802.11b+g Wireless Kit
    MapSource
    ASUS GameFace
    Microsoft .NET Compact Framework 2.0 SP1
    Adobe Illustrator 10 Evaluation
    Neodivx
    ASUSDVD XP
    HP Photosmart Essential
    Symantec Network Driver Update
    Microsoft .NET Framework 2.0
    Java 2 Runtime Environment, SE v1.4.2_04
    Adobe Stock Photos 1.0
    Microsoft .NET Compact Framework 1.0 SP3
    DivX
    Caere Scan Manager 5.1
    MediaPortal
    Macromedia Flash Player 8
    Namo WebUtilities
    Macromedia Flash 8 Video Encoder
    Adobe Common File Installer
    Adobe Help Center 2.0
    Logitech Desktop Messenger
    Microsoft Office XP Professional avec FrontPage
    Macromedia Flash Player 8 Plugin
    ACDSee 9 Gestionnaire de photos
    Logitech IM Video Companion
    Microsoft .NET Framework 1.1 French Language Pack
    MapSource - Trip & Waypoint Manager v2
    MainConcept DV Codec
    Nikon View 6
    Adobe Reader 7.0.8 - Fran‡ais
    NVIDIA WDM Drivers
    Microsoft ActiveSync 4.0
    Adobe Bridge 1.0
    BlueSoleil
    Broadcom Gigabit Integrated Controller
    Microsoft .NET Framework 1.1
    Adobe Lightroom
    GpsViewer
    PPC 2003 - MSN (R) Messenger Update
    Nikon Message Center
    MapSource - European Roads and Recreation v4.00
    h5400_h5500 WLAN Driver 133_Fra
    Micrografx Designer 9.0
    Alcohol 120%
    COSMOPOLITAN Virtual Lookÿ3
    la version d'‚valuation de Namo WebEdiotor 6
    USB Mass Storage Reader
    Windows Live Messenger
    Realtek AC'97 Audio
    Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP

    Finished

    VundoFix V6.3.15

    Checking Java version...

    Java version is 1.4.2.4
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.9
    Old versions of java are exploitable and should be removed.

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Anvshell"="anvshell.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "LiveNote"="livenote.exe"
    "HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb05.exe"
    "LVCOMS"="C:\\Program Files\\Fichiers communs\\Logitech\\QCDriver2\\LVCOMS.EXE"
    "Versato"="C:\\PROGRA~1\\MAGICF~1\\MulMouse.exe"
    "SoundMan"="SOUNDMAN.EXE"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
    "DUControl"="C:\\PROGRA~1\\DIRECT~1\\DUControl.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "KernelFaultCheck"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
    00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
    5c,00,64,00,75,00,6d,00,70,00,72,00,65,00,70,00,20,00,30,00,20,00,2d,00,6b,\
    00,00,00
    "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
    "HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"
    "syswin"="C:\\WINDOWS\\system32\\v6.exe"
    "hrsoenf.dll"="C:\\WINDOWS\\system32\\rundll32.exe \"C:\\Documents and Settings\\philippe gaches\\Local Settings\\Application Data\\hrsoenf.dll\",wonzzg"
    "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
    "2chkdsk"="rundll32.exe \"C:\\WINDOWS\\system32\\ltfyqvvp.dll\",setvm"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"

    Logfile of HijackThis v1.99.1
    Scan saved at 12:02:49, on 08/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
    C:\PROGRA~1\MAGICF~1\MulMouse.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\PROGRA~1\DIRECT~1\DUControl.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
    G:\antivirus\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
    O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
    O4 - HKLM\..\Run: [Anvshell] anvshell.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [LiveNote] livenote.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
    O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
    O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
    O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
    O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: winits32 - winits32.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
    O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    Merci encore pour votre aide.
    A+
    philippe

    Java version is 1.5.0.10

    Java version is 1.5.0.11

    Scan started at 11:18:33 08/03/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\ihhkj.bak1
    C:\WINDOWS\system32\ihhkj.bak2
    C:\WINDOWS\system32\ihhkj.ini
    C:\WINDOWS\system32\jkhhi.dll
    C:\WINDOWS\system32\sffcbodx.dll
    C:\WINDOWS\system32\ututv.ini
    C:\WINDOWS\system32\vtutu.dll
    C:\WINDOWS\system32\yaywvvw.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
    C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ihhkj.bak2
    C:\WINDOWS\system32\ihhkj.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ihhkj.ini
    C:\WINDOWS\system32\ihhkj.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jkhhi.dll
    C:\WINDOWS\system32\jkhhi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sffcbodx.dll
    C:\WINDOWS\system32\sffcbodx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ututv.ini
    C:\WINDOWS\system32\ututv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtutu.dll
    C:\WINDOWS\system32\vtutu.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
    C:\WINDOWS\system32\yaywvvw.dll Could not be deleted.

    Performing Repairs to the registry.
    Done!

    VundoFix V6.3.15

    Checking Java version...

    Java version is 1.4.2.4
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.9
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.10

    Java version is 1.5.0.11

    Scan started at 11:28:54 08/03/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\yaywvvw.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
    C:\WINDOWS\system32\yaywvvw.dll Has been deleted!

    Performing Repairs to the registry.
    Done!
    1
  2. Utilisateur anonyme
     
    Bonjour

    Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau
    http://www.malekal.com/download/DiagHelp.zip
    - Fais un clic droit sur le fichier et extraire tout
    - Un nouveau dossier chercher va être créé DiagHelp
    - Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
    - Une fenêtre va s'ouvrir, choisis l'option 1
    - L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
    - A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
    - Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
    -- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
    -- A nouveau menu Edition / copier
    -- Dans un nouveau message ici, faire un clic droit / coller
    0
    1. forcepas Messages postés 10 Statut Membre 1
       
      Je faiscela ce soir. Merci
      A+
      0
  3. forcepas Messages postés 10 Statut Membre 1
     
    voici ce que donne dial
    C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 18:26:08
    C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 18:25:24
    C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 00:56:13
    C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 00:56:00
    C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 00:51:58
    C:\WINDOWS\System32/drivers\pfc.sys -->18/12/2006 21:35:05
    C:\WINDOWS\System32/drivers\wpdusb.sys -->18/10/2006 20:00:00

    C:\WINDOWS\WindowsUpdate.log -->07/03/2007 19:08:54
    C:\WINDOWS\QTFont.qfn -->07/03/2007 19:08:48
    C:\WINDOWS\0.log -->07/03/2007 19:08:06
    C:\WINDOWS\wiadebug.log -->07/03/2007 19:08:00
    C:\WINDOWS\wiaservc.log -->07/03/2007 19:07:41
    C:\WINDOWS\bootstat.dat -->07/03/2007 19:07:23
    C:\WINDOWS\SchedLgU.Txt -->07/03/2007 08:19:03
    C:\WINDOWS\setupapi.log -->07/03/2007 06:50:31
    C:\WINDOWS\QTFont.for -->06/03/2007 23:28:16
    C:\WINDOWS\win.ini -->02/03/2007 19:19:32
    C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe -->19/02/2007 06:30:04
    C:\WINDOWS\autoload.exe -->07/02/2007 18:55:48
    C:\WINDOWS\NeroDigital.ini -->15/01/2007 17:43:54
    C:\WINDOWS\ODBCINST.INI -->28/12/2006 17:53:21
    C:\WINDOWS\Thumbs.db -->25/12/2006 16:54:44

    C:\WINDOWS\alcrmv.exe |10/03/2004 18:45:34
    C:\WINDOWS\alcupd.exe |10/03/2004 18:45:34
    C:\WINDOWS\anvshell.exe |24/07/2003 15:19:16
    C:\WINDOWS\anvunis.exe |02/05/2004 07:33:17
    C:\WINDOWS\autoload.exe |02/01/2004 18:13:23
    C:\WINDOWS\bdoscandel.exe |25/05/2006 01:22:06
    C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |11/01/2004 19:25:15
    C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |24/12/2006 11:58:17
    C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe |19/02/2007 17:46:42
    C:\WINDOWS\callvers.exe |20/01/2004 18:48:36
    C:\WINDOWS\Delvid.exe |02/05/2004 08:44:01
    C:\WINDOWS\IPUI_DivXG400.exe |06/02/2005 19:27:53
    C:\WINDOWS\IsUn040c.exe |04/01/2004 16:40:52
    C:\WINDOWS\IsUn0411.exe |03/01/2004 22:58:17
    C:\WINDOWS\IsUninst.exe |02/01/2004 18:21:24
    C:\WINDOWS\iun6002.exe |09/12/2004 20:37:24
    C:\WINDOWS\livenote.exe |02/05/2004 07:33:18
    C:\WINDOWS\liveupd.exe |02/05/2004 07:33:17
    C:\WINDOWS\MGXCLEAN.EXE |12/01/2004 21:58:18
    C:\WINDOWS\psuninst2.exe |10/02/2007 08:06:21
    C:\WINDOWS\shutdownaware.exe |02/05/2004 08:44:01
    C:\WINDOWS\slrundll.exe |27/11/2004 22:48:46
    C:\WINDOWS\soundman.exe |10/03/2004 18:52:18
    C:\WINDOWS\twunk_16.exe |24/08/2001 13:00:00
    C:\WINDOWS\twunk_32.exe |24/08/2001 13:00:00
    C:\WINDOWS\unin040c.exe |04/01/2004 16:46:36
    C:\WINDOWS\Uninsop9.exe |04/01/2004 16:47:08
    C:\WINDOWS\uninst.exe |15/02/2004 19:36:00
    C:\WINDOWS\Unnero.exe |03/01/2004 23:07:37
    C:\WINDOWS\UNNeroVision.exe |28/11/2004 21:20:07
    C:\WINDOWS\unvise32.exe |06/01/2004 12:49:28
    C:\WINDOWS\unvise32qt.exe |03/01/2004 22:56:33
    C:\WINDOWS\Unwise.exe |09/12/2004 20:38:38
    C:\WINDOWS\WNMHINDR.EXE |09/12/2004 20:39:51
    C:\WINDOWS\_g6uninst.exe |06/01/2004 12:37:21
    C:\WINDOWS\cygwin1.dll |16/01/2005 22:36:31
    C:\WINDOWS\cygz.dll |16/01/2005 22:36:31
    C:\WINDOWS\eio.dll |02/05/2004 07:33:18
    C:\WINDOWS\esellerateEngine.dll |08/10/2004 03:48:48
    C:\WINDOWS\twain.dll |24/08/2001 13:00:00
    C:\WINDOWS\twain_32.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\append.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\aswBoot.exe |22/09/2006 05:50:31
    C:\WINDOWS\system32\CIMSVR.exe |11/01/2004 19:27:03
    C:\WINDOWS\system32\debug.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\DivXsm.exe |09/08/2005 23:13:59
    C:\WINDOWS\system32\dosx.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34
    C:\WINDOWS\system32\edlin.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\exe2bin.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\fastopen.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\FileOps.exe |30/08/2006 17:27:20
    C:\WINDOWS\system32\java.exe |16/02/2007 06:21:24
    C:\WINDOWS\system32\javaw.exe |16/02/2007 06:21:24
    C:\WINDOWS\system32\javaws.exe |16/02/2007 06:21:24
    C:\WINDOWS\system32\keystone.exe |02/05/2004 07:33:23
    C:\WINDOWS\system32\LVComS.exe |11/01/2004 19:00:47
    C:\WINDOWS\system32\mem.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\mscdexnt.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\NeroCheck.exe |20/09/2005 20:54:07
    C:\WINDOWS\system32\nlsfunc.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\nvappbar.exe |02/05/2004 07:33:23
    C:\WINDOWS\system32\nvcolor.exe |24/02/2005 06:32:00
    C:\WINDOWS\system32\nvdspsch.exe |28/01/2004 23:45:00
    C:\WINDOWS\system32\nvsvc32.exe |02/05/2004 07:33:14
    C:\WINDOWS\system32\nvudisp.exe |09/02/2004 19:18:23
    C:\WINDOWS\system32\nw16.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\nwiz.exe |02/05/2004 07:33:23
    C:\WINDOWS\system32\redir.exe |03/01/2004 20:29:45
    C:\WINDOWS\system32\RegistryCleanerSetup.exe |05/03/2007 23:56:46
    C:\WINDOWS\system32\RTLCPL.EXE |10/03/2004 18:45:36
    C:\WINDOWS\system32\setver.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\share.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\slrundll.exe |27/11/2004 22:48:48
    C:\WINDOWS\system32\slserv.exe |27/11/2004 22:48:48
    C:\WINDOWS\system32\UNWISE.EXE |21/02/2005 19:59:57
    C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48
    C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48
    C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48
    C:\WINDOWS\system32\vwipxspx.exe |24/08/2001 13:00:00
    C:\WINDOWS\system32\ZyDelReg.exe |21/09/2005 18:30:51
    C:\WINDOWS\system32\a3d.dll |02/01/2004 18:14:37
    C:\WINDOWS\system32\ACDV.dll |20/06/2005 13:56:52
    C:\WINDOWS\system32\AGFUNC.DLL |04/01/2004 16:43:57
    C:\WINDOWS\system32\amstream.dll |02/01/2004 18:22:48
    C:\WINDOWS\system32\anv4disp.dll |02/05/2004 07:33:12
    C:\WINDOWS\system32\anvcinst.dll |02/01/2004 18:21:47
    C:\WINDOWS\system32\anvctrl.dll |02/05/2004 07:33:19
    C:\WINDOWS\system32\anvioctl.dll |22/08/2002 15:56:14
    C:\WINDOWS\system32\anvmini.dll |26/12/2001 03:25:30
    C:\WINDOWS\system32\Asteroid5.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\Asteroid6.dll |10/05/2004 17:56:50
    C:\WINDOWS\system32\ASUSASV2.DLL |11/01/2004 18:50:43
    C:\WINDOWS\system32\asusosdnt.dll |02/05/2004 07:33:20
    C:\WINDOWS\system32\asustips.dll |02/05/2004 07:33:18
    C:\WINDOWS\system32\AsusVr.dll |02/05/2004 07:33:19
    C:\WINDOWS\system32\asus_tv_tune.dll |11/01/2004 18:50:44
    C:\WINDOWS\system32\ati2cqag.dll |27/11/2004 22:48:57
    C:\WINDOWS\system32\ati2dvaa.dll |03/01/2004 20:30:36
    C:\WINDOWS\system32\ati2dvag.dll |03/01/2004 20:30:36
    C:\WINDOWS\system32\ati3d1ag.dll |03/01/2004 20:30:36
    C:\WINDOWS\system32\ati3d2ag.dll |03/01/2004 20:30:36
    C:\WINDOWS\system32\ati3duag.dll |27/11/2004 22:48:56
    C:\WINDOWS\system32\ativtmxx.dll |27/11/2004 22:48:56
    C:\WINDOWS\system32\ativvaxx.dll |27/11/2004 22:48:56
    C:\WINDOWS\system32\atmfd.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\atmlib.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\Audio3D.dll |02/01/2004 18:14:37
    C:\WINDOWS\system32\avisynth.dll |24/02/2004 19:47:45
    C:\WINDOWS\system32\axVideoConvert.dll |19/10/2004 19:33:30
    C:\WINDOWS\system32\BASSMOD.dll |02/01/2006 18:51:03
    C:\WINDOWS\system32\bSearch2.dll |19/10/2004 19:33:41
    C:\WINDOWS\system32\btinstall.dll |03/09/2006 14:10:27
    C:\WINDOWS\system32\CIMSVRps.dll |11/01/2004 19:27:03
    C:\WINDOWS\system32\CIMVIEW.dll |11/01/2004 19:27:03
    C:\WINDOWS\system32\CML4.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\CML5.dll |10/05/2004 17:56:50
    C:\WINDOWS\system32\cMPG1V.dll |11/01/2004 18:50:43
    C:\WINDOWS\system32\cMPG2V.dll |11/01/2004 18:50:43
    C:\WINDOWS\system32\compatui.dll |03/01/2004 20:30:07
    C:\WINDOWS\system32\cygwin1.dll |16/01/2005 22:36:31
    C:\WINDOWS\system32\cygz.dll |16/01/2005 22:36:31
    C:\WINDOWS\system32\czs_ui.dll |13/05/2002 14:05:32
    C:\WINDOWS\system32\D066UCPL.DLL |04/01/2004 16:43:57
    C:\WINDOWS\system32\D066UFW.DLL |04/01/2004 16:43:57
    C:\WINDOWS\system32\D066UUD.DLL |04/01/2004 16:43:57
    C:\WINDOWS\system32\D066UUTY.DLL |04/01/2004 16:43:57
    C:\WINDOWS\system32\DBCLIENT.DLL |09/05/2004 17:16:17
    C:\WINDOWS\system32\Decomb.dll |24/02/2004 19:47:45
    C:\WINDOWS\system32\deimg.dll |13/05/2002 14:05:32
    C:\WINDOWS\system32\deImg010.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\deImg110.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\deimg301.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\deimg401.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\deImg404.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\deimg602.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\Deimg603.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\DEMOMCDVD_32.DLL |23/11/2004 11:05:40
    C:\WINDOWS\system32\dgrpsetu.dll |02/01/2004 17:23:05
    C:\WINDOWS\system32\dgsetup.dll |02/01/2004 17:23:05
    C:\WINDOWS\system32\DivX.dll |26/03/2002 20:18:21
    C:\WINDOWS\system32\divx_xx07.dll |09/08/2005 23:13:52
    C:\WINDOWS\system32\divx_xx0c.dll |09/08/2005 23:13:51
    C:\WINDOWS\system32\divx_xx11.dll |09/08/2005 23:13:51
    C:\WINDOWS\system32\dpl100.dll |09/08/2005 23:12:28
    C:\WINDOWS\system32\dpu11.dll |09/08/2005 23:12:27
    C:\WINDOWS\system32\dpuGUI11.dll |09/08/2005 23:12:28
    C:\WINDOWS\system32\dpus11.dll |09/08/2005 23:12:27
    C:\WINDOWS\system32\dpv11.dll |09/08/2005 23:12:27
    C:\WINDOWS\system32\DRAGNKL1.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\dtu100.dll |09/08/2005 23:12:28
    C:\WINDOWS\system32\eiomini.dll |02/05/2004 07:33:20
    C:\WINDOWS\system32\encdec.dll |26/11/2002 15:15:52
    C:\WINDOWS\system32\EqnClass.Dll |02/01/2004 17:23:04
    C:\WINDOWS\system32\Fs40uUsd.dll |05/09/2006 08:40:51
    C:\WINDOWS\system32\FViGxDS1.dll |08/04/1999 14:47:00
    C:\WINDOWS\system32\gsLPAC.dll |19/10/2004 19:33:40
    C:\WINDOWS\system32\HHActiveX.dll |20/03/2002 21:01:58
    C:\WINDOWS\system32\HPODXPAT.DLL |27/05/2004 14:00:52
    C:\WINDOWS\system32\hpzcoi05.dll |18/03/2002 12:52:42
    C:\WINDOWS\system32\hpzcon05.dll |18/03/2002 12:52:42
    C:\WINDOWS\system32\hpzlnt05.dll |18/03/2002 12:52:43
    C:\WINDOWS\system32\hsfcisp2.dll |27/11/2004 22:48:53
    C:\WINDOWS\system32\hticons.dll |02/01/2004 17:50:51
    C:\WINDOWS\system32\hypertrm.dll |02/01/2004 17:50:51
    C:\WINDOWS\system32\Iacenc.dll |18/11/1998 15:33:16
    C:\WINDOWS\system32\iccvid.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\Igxbm40.dll |17/05/2000 10:13:34
    C:\WINDOWS\system32\Igxfrm2x.dll |03/05/1999 11:12:28
    C:\WINDOWS\system32\IGXFRM40.dll |07/03/2001 16:10:12
    C:\WINDOWS\system32\igxwlcm2.dll |02/06/2000 07:57:48
    C:\WINDOWS\system32\imagr5.dll |20/09/2005 20:54:08
    C:\WINDOWS\system32\imagx5.dll |20/09/2005 20:54:08
    C:\WINDOWS\system32\ImagX7.dll |28/11/2004 21:12:37
    C:\WINDOWS\system32\ImagXpr5.dll |20/09/2005 20:54:08
    C:\WINDOWS\system32\ImagXpr7.dll |28/11/2004 21:12:37
    C:\WINDOWS\system32\ImagXR7.dll |28/11/2004 21:12:37
    C:\WINDOWS\system32\ImagXRA7.dll |28/11/2004 21:12:37
    C:\WINDOWS\system32\indounin.dll |27/01/1999 13:39:06
    C:\WINDOWS\system32\InsDrvZD.dll |21/09/2005 18:30:49
    C:\WINDOWS\system32\ir32_32.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\ir41_qc.dll |14/11/2002 12:59:36
    C:\WINDOWS\system32\ir41_qcx.dll |14/11/2002 12:59:36
    C:\WINDOWS\system32\ir50_qc.dll |14/11/2002 12:59:38
    C:\WINDOWS\system32\ir50_qcx.dll |14/11/2002 12:59:40
    C:\WINDOWS\system32\isrdbg32.dll |02/01/2004 17:52:10
    C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 07:56:08
    C:\WINDOWS\system32\JGA1500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGAA500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGAD500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGAP500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGAR500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGAU500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\jgaw400.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\JGDR500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\jgdw400.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\JGDW500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGEA500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGED500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGEM500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGFI500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGFR500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGFS500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGGI500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGI1500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGI3500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGI5500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGID500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGIP500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGIQ500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGIT500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGM1500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGMC500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\jgmd400.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\JGME500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGMI500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGMP500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGN1500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGOS500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGPD500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\jgpl400.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\JGPL500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGPP500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGS1500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGS3500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\jgsd400.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\jgsh400.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\JGSN500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\JGST500.DLL |13/05/2002 15:13:58
    C:\WINDOWS\system32\jkhhi.dll |05/03/2007 22:38:29
    C:\WINDOWS\system32\lame_enc.dll |19/10/2004 21:55:41
    C:\WINDOWS\system32\Lfbmp10n.dll |29/03/1999 11:04:52
    C:\WINDOWS\system32\Lfcal10n.dll |29/03/1999 11:04:52
    C:\WINDOWS\system32\Lfcmp10n.dll |29/03/1999 11:04:52
    C:\WINDOWS\system32\Lffax10n.dll |29/03/1999 11:04:52
    C:\WINDOWS\system32\Lffpx10n.dll |29/03/1999 11:04:52
    C:\WINDOWS\system32\Lffpx7.dll |21/11/1997 17:03:20
    C:\WINDOWS\system32\Lfgif10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfica10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfimg10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfkodak.dll |30/09/1997 13:30:02
    C:\WINDOWS\system32\Lflmb10n.dll |30/11/1998 12:52:52
    C:\WINDOWS\system32\Lfmac10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfmsp10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfpcd10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfpct10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfpcx10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfpng10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfpsd10n.dll |29/03/1999 11:04:54
    C:\WINDOWS\system32\Lfras10n.dll |29/03/1999 11:04:56
    C:\WINDOWS\system32\Lftga10n.dll |29/03/1999 11:04:56
    C:\WINDOWS\system32\Lftif10n.dll |29/03/1999 11:04:56
    C:\WINDOWS\system32\Lfwfx10n.dll |29/03/1999 11:04:56
    C:\WINDOWS\system32\libcurl.dll |05/09/2006 08:40:53
    C:\WINDOWS\system32\libeay32.dll |09/08/2005 23:13:31
    C:\WINDOWS\system32\libssl32.dll |05/09/2006 08:40:54
    C:\WINDOWS\system32\lpaccodec.dll |19/10/2004 19:33:40
    C:\WINDOWS\system32\lpac_codec_api.dll |19/10/2004 19:33:40
    C:\WINDOWS\system32\Ltann10n.dll |01/12/1998 12:58:18
    C:\WINDOWS\system32\Ltdis10n.dll |29/03/1999 11:04:56
    C:\WINDOWS\system32\Ltfil10n.dll |01/12/1998 12:58:14
    C:\WINDOWS\system32\ltfyqvvp.dll |06/03/2007 23:28:13
    C:\WINDOWS\system32\Ltimg10n.dll |30/11/1998 12:09:14
    C:\WINDOWS\system32\Ltkrn10n.dll |01/12/1998 12:58:06
    C:\WINDOWS\system32\lvcodec2.dll |11/01/2004 19:00:46
    C:\WINDOWS\system32\lvcoinst.dll |11/01/2004 19:00:48
    C:\WINDOWS\system32\LVComC.dll |11/01/2004 19:00:47
    C:\WINDOWS\system32\LVUI2.dll |11/01/2004 19:00:47
    C:\WINDOWS\system32\LVUI2RC.dll |11/01/2004 19:27:47
    C:\WINDOWS\system32\MACDll.dll |19/10/2004 19:33:40
    C:\WINDOWS\system32\malslib.dll |20/04/2005 20:11:35
    C:\WINDOWS\system32\mdmxsdk.dll |27/11/2004 22:48:52
    C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06
    C:\WINDOWS\system32\MimicICM.dll |11/01/2004 19:27:03
    C:\WINDOWS\system32\mp4fil32.dll |26/03/2002 20:18:22
    C:\WINDOWS\system32\MPEG2DEC.dll |24/02/2004 19:47:45
    C:\WINDOWS\system32\MpegAudio.dll |14/03/2005 07:28:42
    C:\WINDOWS\system32\MpegVideo.dll |14/03/2005 07:28:42
    C:\WINDOWS\system32\msdmo.dll |02/01/2004 18:22:49
    C:\WINDOWS\system32\msencode.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 20:46:58
    C:\WINDOWS\system32\mtxparhd.dll |27/11/2004 22:48:50
    C:\WINDOWS\system32\MultiSZ.dll |03/01/2004 23:07:36
    C:\WINDOWS\system32\NEFLibrary2.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\NEFLibrary3.dll |10/05/2004 17:56:51
    C:\WINDOWS\system32\NkNEFPlugin.dll |02/01/2006 18:55:22
    C:\WINDOWS\system32\NMH040A.DLL |09/12/2004 20:39:51
    C:\WINDOWS\system32\NMOCOD.DLL |14/03/2004 18:27:32
    C:\WINDOWS\system32\NMORENU.DLL |14/03/2004 18:27:33
    C:\WINDOWS\system32\NMSCKN.DLL |14/03/2004 18:27:33
    C:\WINDOWS\system32\NMW3VWN.DLL |14/03/2004 18:27:33
    C:\WINDOWS\system32\Npindeo.dll |20/11/1998 13:38:58
    C:\WINDOWS\system32\nv4_disp.dll |02/05/2004 07:33:12
    C:\WINDOWS\system32\nvcod.dll |02/05/2004 07:33:21
    C:\WINDOWS\system32\nvcodins.dll |02/05/2004 07:33:21
    C:\WINDOWS\system32\nvcpl.dll |02/05/2004 07:33:14
    C:\WINDOWS\system32\nvgpio.dll |02/05/2004 07:33:19
    C:\WINDOWS\system32\nvhwvid.dll |24/02/2005 06:32:00
    C:\WINDOWS\system32\nview.dll |02/05/2004 07:33:23
    C:\WINDOWS\system32\nvmctray.dll |02/05/2004 07:33:15
    C:\WINDOWS\system32\nvnt4cpl.dll |02/05/2004 07:33:16
    C:\WINDOWS\system32\nvoglnt.dll |02/05/2004 07:33:14
    C:\WINDOWS\system32\nvrsar.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrscs.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsda.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsde.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsel.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrseng.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrses.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsesm.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsfi.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsfr.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrshe.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrshu.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsit.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsja.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsko.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsnl.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsno.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrspl.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrspt.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsptb.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrsru.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrssk.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrssl.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrssv.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrstr.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrszhc.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvrszht.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvshell.dll |02/05/2004 07:33:23
    C:\WINDOWS\system32\nvwddi.dll |02/05/2004 07:33:16
    C:\WINDOWS\system32\nvwdmcpl.dll |02/05/2004 07:33:16
    C:\WINDOWS\system32\nvwimg.dll |02/05/2004 07:33:23
    C:\WINDOWS\system32\nvwrsar.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrscs.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsda.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsde.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsel.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrseng.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrses.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsesm.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsfi.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsfr.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrshe.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrshu.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsit.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsja.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsko.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsnl.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsno.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrspl.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrspt.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsptb.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrsru.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrssk.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrssl.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrssv.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrstr.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrszhc.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\nvwrszht.dll |06/10/2003 14:16:00
    C:\WINDOWS\system32\opshel32.dll |04/01/2004 16:47:08
    C:\WINDOWS\system32\osdmini.dll |02/05/2004 07:33:20
    C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16
    C:\WINDOWS\system32\PcdLib32.dll |25/02/1998 10:45:10
    C:\WINDOWS\system32\pdfcmnnt.dll |30/06/2006 22:30:27
    C:\WINDOWS\system32\picn1020.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\picn1120.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\picn20.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\Pixdfltn.dll |04/05/2000 12:55:46
    C:\WINDOWS\system32\Pixlocn.dll |04/05/2000 12:55:46
    C:\WINDOWS\system32\Pixpermn.dll |04/05/2000 12:55:46
    C:\WINDOWS\system32\pscAdimg.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscCllct.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscCStUI.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscDcd.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscDevUI.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscDvlp.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\Pscl2STI.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscll.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscParse.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\pscSetup.dll |13/05/2002 14:05:34
    C:\WINDOWS\system32\psdkdll.dll |13/05/2002 14:05:36
    C:\WINDOWS\system32\psdkReg.dll |13/05/2002 14:05:36
    C:\WINDOWS\system32\PsisDecd.dll |03/01/2004 22:31:32
    C:\WINDOWS\system32\psParse.dll |13/05/2002 14:05:36
    C:\WINDOWS\system32\PVLJPG20.DLL |25/02/2003 09:36:02
    C:\WINDOWS\system32\Pvmjpg20.dll |19/12/2000 12:26:54
    C:\WINDOWS\system32\PVWV220.DLL |25/02/2003 09:32:24
    C:\WINDOWS\system32\qedwipes.dll |02/01/2004 18:22:49
    C:\WINDOWS\system32\qt-dx331.dll |09/08/2005 23:12:28
    C:\WINDOWS\system32\RCSigProc.dll |10/05/2004 17:56:48
    C:\WINDOWS\system32\RedEye.dll |10/05/2004 17:56:52
    C:\WINDOWS\system32\rpcc.dll |05/03/2007 19:43:10
    C:\WINDOWS\system32\RTLCPAPI.dll |10/03/2004 18:45:36
    C:\WINDOWS\system32\S32EVNT1.DLL |04/01/2004 19:32:06
    C:\WINDOWS\system32\s3gnb.dll |27/11/2004 22:48:49
    C:\WINDOWS\system32\sbe.dll |26/11/2002 15:15:50
    C:\WINDOWS\system32\scnlib32.dll |04/05/2000 12:58:02
    C:\WINDOWS\system32\scriptpw.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\sffcbodx.dll |05/03/2007 22:39:06
    C:\WINDOWS\system32\Sig_Proc.dll |03/01/2004 21:44:27
    C:\WINDOWS\system32\slbcsp.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\slbiop.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\slbrccsp.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\slcoinst.dll |27/11/2004 22:48:48
    C:\WINDOWS\system32\slextspk.dll |27/11/2004 22:48:48
    C:\WINDOWS\system32\slgen.dll |27/11/2004 22:48:48
    C:\WINDOWS\system32\sokubdi.dll |05/03/2007 19:44:15
    C:\WINDOWS\system32\sonymaea.dll |06/09/2005 20:47:40
    C:\WINDOWS\system32\sonymaeb.dll |06/09/2005 20:47:40
    C:\WINDOWS\system32\sonymqad.dll |06/09/2005 20:47:39
    C:\WINDOWS\system32\sonymsea.dll |06/09/2005 20:47:40
    C:\WINDOWS\system32\sonymvdp.dll |06/09/2005 20:47:40
    C:\WINDOWS\system32\sonymvea.dll |06/09/2005 20:47:40
    C:\WINDOWS\system32\sonymveb.dll |06/09/2005 20:47:41
    C:\WINDOWS\system32\sonymvec.dll |06/09/2005 20:47:41
    C:\WINDOWS\system32\sonymvqt.dll |06/09/2005 20:47:40
    C:\WINDOWS\system32\sonytsea.dll |06/09/2005 20:47:41
    C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18
    C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18
    C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18
    C:\WINDOWS\system32\spxcoins.dll |02/01/2004 17:23:05
    C:\WINDOWS\system32\ssleay32.dll |09/08/2005 23:13:31
    C:\WINDOWS\system32\StdFilters2.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\StdFilters3.dll |10/05/2004 17:56:52
    C:\WINDOWS\system32\Strato3.dll |03/01/2004 21:44:28
    C:\WINDOWS\system32\Strato4.dll |10/05/2004 17:56:53
    C:\WINDOWS\system32\Strato5.dll |02/01/2006 18:55:18
    C:\WINDOWS\system32\tsd32.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\TwnLib20.dll |28/11/2004 21:12:37
    C:\WINDOWS\system32\TwnLib4.dll |28/11/2004 21:19:50
    C:\WINDOWS\system32\UCS32P.DLL |04/01/2004 16:43:57
    C:\WINDOWS\system32\UNACEV2.DLL |21/03/2002 15:39:02
    C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\vtutu.dll |05/03/2007 22:38:29
    C:\WINDOWS\system32\win87em.dll |24/08/2001 13:00:00
    C:\WINDOWS\system32\WNASPI32.DLL |10/09/1999 12:06:00
    C:\WINDOWS\system32\XVID.DLL |24/02/2004 19:48:38
    C:\WINDOWS\system32\yaywvvw.dll |05/03/2007 19:44:10
    C:\WINDOWS\system32\ZDBRGDLL.dll |21/09/2005 18:30:51
    C:\WINDOWS\system32\ZDPN50.dll |21/09/2005 18:30:51
    C:\WINDOWS\system32\_psisdecd.dll |24/12/2006 11:59:10

    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\WINDOWS\system

    10/09/1999 12:06 4 672 WOWPOST.EXE
    1 fichier(s) 4 672 octets
    0 Rép(s) 28 263 833 600 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\WINDOWS\system32

    19/08/2004 16:09 6 144 csrss.exe
    1 fichier(s) 6 144 octets
    0 Rép(s) 28 263 833 600 octets libres

    Contenu de Downloaded Program Files
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\WINDOWS\Downloaded Program Files

    07/03/2007 06:50 <REP> .
    07/03/2007 06:50 <REP> ..
    07/12/2004 16:07 32 bdcore.dll
    01/03/2005 14:08 118 784 bdupd.dll
    06/03/2007 22:54 <REP> CONFLICT.1
    06/03/2007 07:05 <REP> CONFLICT.2
    06/03/2007 07:05 <REP> CONFLICT.3
    06/03/2007 07:05 <REP> CONFLICT.4
    02/01/2004 17:53 65 desktop.ini
    28/01/2004 15:57 232 dtc32.inf
    25/07/2002 16:13 24 576 dwusplay.dll
    25/07/2002 16:13 196 608 dwusplay.exe
    03/10/2005 14:43 274 432 fixengine.dll
    21/07/2006 11:30 1 703 GuidedSolutions.inf
    26/06/2006 12:30 346 680 hpbasicdetection3.dll
    21/07/2006 11:30 221 184 HPCommunication.dll
    08/07/2005 15:22 319 488 HPeDiag.dll
    14/09/2006 17:30 88 136 HPGetDownloadManager.ocx
    11/08/2005 10:11 135 168 hpscripting.dll
    13/05/2004 17:03 348 160 inotes.dll
    24/03/2005 10:40 860 inotes.inf
    08/04/2006 22:59 274 432 InternetUtil2.dll
    01/03/2005 14:08 53 248 ipsupd.dll
    25/07/2002 16:05 172 032 isusweb.dll
    25/08/2003 18:12 1 096 iuctl.inf
    12/10/2006 03:07 898 jinstall-1_5_0_09.inf
    08/08/2006 11:45 576 kavwebscan.inf
    09/03/2005 15:42 6 742 lang.ini
    27/07/2006 12:52 367 LegitCheckControl.inf
    07/12/2004 16:07 32 libfn.dll
    18/02/2005 16:22 126 live.ini
    29/05/2003 15:00 160 864 messengerstatsclient.dll
    29/05/2003 15:00 77 408 msgrchkr.dll
    01/06/2006 02:57 1 331 oscan8.inf
    01/06/2006 02:54 471 040 oscan8.ocx
    31/05/2006 04:15 10 oscan81.ocx_x
    25/02/2004 14:45 307 200 rulesengine.dll
    09/03/2005 15:43 6 828 scanoptions.tsi
    09/11/2006 14:36 5 019 swflash.inf
    27/06/2006 21:25 229 984 XUpload.ocx
    34 fichier(s) 3 845 341 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1

    06/03/2007 22:54 <REP> .
    06/03/2007 22:54 <REP> ..
    0 fichier(s) 0 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2

    06/03/2007 07:05 <REP> .
    06/03/2007 07:05 <REP> ..
    0 fichier(s) 0 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.3

    06/03/2007 07:05 <REP> .
    06/03/2007 07:05 <REP> ..
    0 fichier(s) 0 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.4

    06/03/2007 07:05 <REP> .
    06/03/2007 07:05 <REP> ..
    0 fichier(s) 0 octets

    Total des fichiers listés :
    34 fichier(s) 3 845 341 octets
    14 Rép(s) 28 263 829 504 octets libres

    Recherche de rootkit! (Merci S!Ri)

    Recherche d'infections connues

    Liste des programmes installes

    a-squared Free 2.1
    ACDSee 9 Gestionnaire de photos
    Adobe Bridge 1.0
    Adobe Common File Installer
    Adobe Flash Player 9 ActiveX
    Adobe Help Center 2.0
    Adobe Illustrator 10 Evaluation
    Adobe Lightroom
    Adobe Photoshop CS2
    Adobe Photoshop CS2
    Adobe Photoshop Elements
    Adobe Reader 7.0.8 - Français
    Adobe Stock Photos 1.0
    Adobe SVG Viewer 3.0
    Alcohol 120%
    ArcSoft Panorama Maker 3.0
    ASUS Digital VCR
    ASUS Display Drivers
    ASUS Display Drivers
    ASUS GameFace
    ASUS GameFace
    ASUS SmartDoctor
    ASUS SmartDoctor
    ASUSDVD XP
    AutoUpdate
    avast! Antivirus
    AVG Anti-Spyware 7.5
    BetaPlayer
    BlueSoleil
    Broadcom Gigabit Integrated Controller
    Broadcom Gigabit Integrated Controller
    Caere Scan Manager 5.1
    Canon-SE TWAIN
    Canon ScanGear Toolbox CS 2.5
    Canon ScanGear Toolbox FAU 2.5
    Capture NX
    Cariboost Free Edition v1
    CCleaner (remove only)
    Correctif pour Windows XP (KB914440)
    Correctif Windows XP - KB834707
    Correctif Windows XP - KB867282
    Correctif Windows XP - KB873333
    Correctif Windows XP - KB873339
    Correctif Windows XP - KB885250
    Correctif Windows XP - KB885835
    Correctif Windows XP - KB885836
    Correctif Windows XP - KB885884
    Correctif Windows XP - KB886185
    Correctif Windows XP - KB887472
    Correctif Windows XP - KB887742
    Correctif Windows XP - KB888113
    Correctif Windows XP - KB888302
    Correctif Windows XP - KB890047
    Correctif Windows XP - KB890175
    Correctif Windows XP - KB890859
    Correctif Windows XP - KB890923
    Correctif Windows XP - KB891781
    Correctif Windows XP - KB893066
    Correctif Windows XP - KB893086
    COSMOPOLITAN Virtual Look 3
    cTide (remove only)
    DirectUpdate
    DivX
    DivX 5.0.2 Pro Bundle
    DivXG400
    DVD Audio Extractor 4.2.0
    eMule
    Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP
    FileZilla (remove only)
    Free - Kit de connexion
    Fugawi 3.0.3 Update
    Google Earth
    GpsGate
    GpsViewer
    Grand Atlas Routier et Touristique de France
    GXTranscoder
    h5400_h5500 WLAN Driver 133_Fra
    HijackThis 1.99.1
    Hotfix for Windows XP (KB909394)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    hp deskjet 5550 series (Supprimer uniquement)
    HP Photosmart Essential
    hp print screen utility
    HP Software Update
    IGN Rando
    Img2Ozf Version 2
    IrfanView (remove only)
    J2SE Runtime Environment 5.0 Update 10
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 9
    Java 2 Runtime Environment, SE v1.4.2_04
    K!TV
    Kaspersky On-line Scanner
    Kaspersky Online Scanner
    Kasuei Hitchhiker
    KC Softwares VideoInspector
    la version d'évaluation de Namo WebEdiotor 6
    Label Maker Plus 2.1
    Lecteur Windows Media 11
    Logitech Desktop Messenger
    Logitech IM Video Companion
    Logitech SetPoint
    Macromedia Extension Manager
    Macromedia Flash 8
    Macromedia Flash 8 Video Encoder
    Macromedia Flash Player 8
    Macromedia Flash Player 8 Plugin
    Macromedia Shockwave Player
    Magic Function
    MainConcept DV Codec
    MainConcept DV Codec
    MainConcept MainActor v5.2
    MainConcept MainActor v5.2
    MapSource
    MapSource
    MapSource - European Roads and Recreation v4.00
    MapSource - Trip & Waypoint Manager v2
    MapSource - Trip & Waypoint Manager v2
    MediaPortal
    Memory-Map Navigator
    Micrografx Designer 9.0
    Microsoft .NET Compact Framework 1.0 SP3
    Microsoft .NET Compact Framework 2.0 SP1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 French Language Pack
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft .NET Framework 2.0
    Microsoft .NET Framework 2.0
    Microsoft ActiveSync 4.0
    Microsoft AutoRoute
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Flight Simulator 2004 Un siècle d'aviation
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2000 CD-ROM 2
    Microsoft Office XP Professional avec FrontPage
    Microsoft SQL Server 2005 Mobile Edition Device SDK
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
    Mise à jour de sécurité pour Windows XP (KB890046)
    Mise à jour de sécurité pour Windows XP (KB893756)
    Mise à jour de sécurité pour Windows XP (KB896358)
    Mise à jour de sécurité pour Windows XP (KB896422)
    Mise à jour de sécurité pour Windows XP (KB896423)
    Mise à jour de sécurité pour Windows XP (KB896424)
    Mise à jour de sécurité pour Windows XP (KB896428)
    Mise à jour de sécurité pour Windows XP (KB899587)
    Mise à jour de sécurité pour Windows XP (KB899589)
    Mise à jour de sécurité pour Windows XP (KB899591)
    Mise à jour de sécurité pour Windows XP (KB900725)
    Mise à jour de sécurité pour Windows XP (KB901017)
    Mise à jour de sécurité pour Windows XP (KB901214)
    Mise à jour de sécurité pour Windows XP (KB902400)
    Mise à jour de sécurité pour Windows XP (KB904706)
    Mise à jour de sécurité pour Windows XP (KB905414)
    Mise à jour de sécurité pour Windows XP (KB905749)
    Mise à jour de sécurité pour Windows XP (KB905915)
    Mise à jour de sécurité pour Windows XP (KB908519)
    Mise à jour de sécurité pour Windows XP (KB908531)
    Mise à jour de sécurité pour Windows XP (KB911562)
    Mise à jour de sécurité pour Windows XP (KB911567)
    Mise à jour de sécurité pour Windows XP (KB911927)
    Mise à jour de sécurité pour Windows XP (KB912812)
    Mise à jour de sécurité pour Windows XP (KB912919)
    Mise à jour de sécurité pour Windows XP (KB913446)
    Mise à jour de sécurité pour Windows XP (KB913580)
    Mise à jour de sécurité pour Windows XP (KB914388)
    Mise à jour de sécurité pour Windows XP (KB914389)
    Mise à jour de sécurité pour Windows XP (KB916281)
    Mise à jour de sécurité pour Windows XP (KB917159)
    Mise à jour de sécurité pour Windows XP (KB917344)
    Mise à jour de sécurité pour Windows XP (KB917422)
    Mise à jour de sécurité pour Windows XP (KB917953)
    Mise à jour de sécurité pour Windows XP (KB918118)
    Mise à jour de sécurité pour Windows XP (KB918439)
    Mise à jour de sécurité pour Windows XP (KB918899)
    Mise à jour de sécurité pour Windows XP (KB919007)
    Mise à jour de sécurité pour Windows XP (KB920213)
    Mise à jour de sécurité pour Windows XP (KB920214)
    Mise à jour de sécurité pour Windows XP (KB920670)
    Mise à jour de sécurité pour Windows XP (KB920683)
    Mise à jour de sécurité pour Windows XP (KB920685)
    Mise à jour de sécurité pour Windows XP (KB921398)
    Mise à jour de sécurité pour Windows XP (KB921883)
    Mise à jour de sécurité pour Windows XP (KB922616)
    Mise à jour de sécurité pour Windows XP (KB922760)
    Mise à jour de sécurité pour Windows XP (KB922819)
    Mise à jour de sécurité pour Windows XP (KB923191)
    Mise à jour de sécurité pour Windows XP (KB923414)
    Mise à jour de sécurité pour Windows XP (KB923694)
    Mise à jour de sécurité pour Windows XP (KB923980)
    Mise à jour de sécurité pour Windows XP (KB924191)
    Mise à jour de sécurité pour Windows XP (KB924270)
    Mise à jour de sécurité pour Windows XP (KB924496)
    Mise à jour de sécurité pour Windows XP (KB924667)
    Mise à jour de sécurité pour Windows XP (KB925486)
    Mise à jour de sécurité pour Windows XP (KB926255)
    Mise à jour de sécurité pour Windows XP (KB926436)
    Mise à jour de sécurité pour Windows XP (KB927779)
    Mise à jour de sécurité pour Windows XP (KB927802)
    Mise à jour de sécurité pour Windows XP (KB928255)
    Mise à jour de sécurité pour Windows XP (KB928843)
    Mise à jour pour Windows XP (KB894391)
    Mise à jour pour Windows XP (KB898461)
    Mise à jour pour Windows XP (KB900485)
    Mise à jour pour Windows XP (KB904942)
    Mise à jour pour Windows XP (KB910437)
    Mise à jour pour Windows XP (KB911280)
    Mise à jour pour Windows XP (KB916595)
    Mise à jour pour Windows XP (KB920872)
    Mise à jour pour Windows XP (KB922582)
    Mise à jour pour Windows XP (KB931836)
    Monitor Calibration Wizard 1.0
    Monkey's Audio
    MouseRemote (TM)
    MovieShaker 3.1 pour MICROMV
    Mozilla Firefox (2.0.0.1)
    MSXML 4.0 SP2 (KB927978)
    Namo WebUtilities
    Neodivx
    Nero 6 Ultra Edition
    NeroVision Express 3
    Nikon Message Center
    Nikon View 6
    NikonCapture
    NVIDIA Drivers
    NVIDIA WDM Drivers
    Nvu 1.0
    OmniPage Pro 9.0
    Orb
    OziExplorer 3.95
    PDAwin TV remote controller
    PDFCreator
    PhotoFiltre
    PICVideo Codecs
    Pinnacle MPEG Realtime Codec
    PPC 2003 - MSN (R) Messenger Update
    PPC 2003 - MSN (R) Messenger Update
    QuickPar 0.9
    QuickTime
    Realtek AC'97 Audio
    Rippack v3 beta 16.1
    SAGEM F@st 800-908
    Security Update for Microsoft .NET Framework 2.0 (KB922770)
    Security Update pour Microsoft .NET Framework 2.0 (KB917283)
    Skype 2.5
    Skype with Doro225
    Spybot - Search & Destroy 1.4
    Symantec Network Driver Update
    Theme Generator V2
    USB Mass Storage Reader
    Visionneuse Journal Windows Microsoft
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool
    Windows Installer 3.1 (KB893803)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live Messenger
    Windows Media Encoder 9 Series
    Windows Media Encoder 9 Series
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 10 Hotfix - KB894476
    Windows Media Player 11
    Windows Movie Maker 2 Winter Fun Pack
    Windows Movie Maker 2.0
    Windows XP Service Pack 2
    WinFlash
    WinRAR Archiveur
    WinZip
    X10 Hardware(TM)
    XPC 802.11b+g Wireless Kit

    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\Program Files

    02/03/2007 19:24 <REP> Adobe
    06/03/2007 07:04 <REP> a-squared Free
    06/03/2007 18:06 <REP> CCleaner
    22/10/2004 17:56 <REP> cTide
    13/01/2007 18:04 <REP> CyberLink
    09/05/2004 16:24 <REP> DirectUpdate
    02/07/2005 07:20 <REP> directx
    14/10/2005 20:33 <REP> DivX
    13/01/2007 19:54 <REP> DVD Audio Extractor
    02/07/2005 07:20 <REP> easydivx
    05/03/2007 19:28 <REP> e....
    01/01/2007 17:34 <REP> ffdshow
    13/01/2007 18:03 <REP> Fichiers communs
    16/04/2006 20:07 <REP> FileZilla
    26/03/2004 18:50 <REP> Free.fr
    05/09/2006 08:48 <REP> G6 FTP Server
    25/06/2004 18:45 <REP> garmin
    21/07/2005 21:19 <REP> Google
    28/04/2004 18:20 <REP> Grand Atlas Routier France
    06/03/2007 18:22 <REP> Grisoft
    02/07/2005 07:20 <REP> GSpot
    10/06/2004 22:02 <REP> GT2002
    15/01/2007 18:35 <REP> GXTranscoder
    19/10/2006 06:44 <REP> Hewlett-Packard
    05/01/2004 18:41 <REP> HighMAT CD Writing Wizard
    19/10/2006 06:46 <REP> HP
    04/01/2004 16:40 <REP> hp deskjet 5550 series
    14/03/2004 18:27 <REP> IGN Rando
    22/09/2006 07:00 <REP> Indentsoft Label Maker Plus
    02/01/2004 18:14 <REP> Intel
    18/02/2007 17:57 <REP> Internet Explorer
    30/09/2006 06:32 <REP> Intuisphere
    02/01/2005 17:53 <REP> IrfanView
    03/09/2006 14:13 <REP> IVT Corporation
    16/02/2007 06:21 <REP> Java
    19/10/2006 05:04 <REP> K!TV
    06/07/2005 18:38 <REP> KC Softwares
    31/12/2006 12:55 <REP> KeyGen Crack
    28/06/2006 21:08 <REP> Label Wizard
    05/09/2006 08:40 <REP> LaserSoft
    13/01/2007 18:04 <REP> Logitech
    02/07/2005 07:20 <REP> LOXANE
    31/10/2006 07:22 <REP> Macromedia
    04/09/2004 15:35 <REP> Maction
    02/04/2004 18:55 <REP> Magic Function
    13/09/2006 07:45 <REP> MainConcept
    17/03/2004 22:06 <REP> Memory-Map
    09/02/2005 17:40 <REP> Messenger
    03/05/2004 21:17 <REP> Micrografx
    06/01/2007 19:01 <REP> Microsoft .NET Compact Framework 1.0 SP3
    10/02/2007 08:06 <REP> Microsoft ActiveSync
    20/02/2004 22:04 <REP> Microsoft AutoRoute
    03/01/2004 22:50 <REP> microsoft frontpage
    14/03/2004 19:07 <REP> Microsoft Games
    06/01/2004 12:37 <REP> Microsoft Office
    30/11/2006 07:09 <REP> Microsoft SQL Server 2005 Mobile Edition
    06/01/2007 19:06 <REP> Microsoft.NET
    01/09/2006 13:10 <REP> Monitor Calibration Wizard
    02/07/2005 07:21 <REP> Monkey's Audio
    02/07/2005 07:20 <REP> Morgan
    24/12/2004 17:01 <REP> MouseRemote
    06/09/2005 20:26 <REP> Movie Maker
    01/01/2007 15:42 <REP> Mozilla Firefox
    02/01/2004 17:51 <REP> MSN
    02/01/2004 17:50 <REP> MSN Gaming Zone
    02/03/2007 06:47 <REP> MSN Messenger
    25/12/2006 17:02 <REP> MSXML 4.0
    12/01/2007 06:40 <REP> MUSICMATCH
    04/09/2006 13:49 <REP> Namo
    02/07/2005 07:16 <REP> NetMeeting
    06/01/2007 07:32 <REP> Nikon
    11/09/2006 07:43 <REP> Nvu
    24/04/2004 21:04 <REP> OfficeUpdate11
    06/10/2006 17:58 <REP> Orb Networks
    18/12/2006 21:37 <REP> Outlook Express
    12/07/2004 22:02 <REP> OziExplorer
    30/06/2006 22:31 <REP> PDFCreator
    17/02/2007 17:22 <REP> PhotoFiltre
    02/07/2005 07:52 <REP> Pinnacle
    27/12/2004 22:35 <REP> QuickPar
    02/07/2005 07:22 <REP> QuickTime
    11/01/2004 19:26 <REP> Real
    02/07/2005 07:20 <REP> Realtek Sound Manager
    06/03/2007 07:05 <REP> RealVNC
    13/02/2004 19:24 <REP> RegCleaner
    06/02/2005 19:20 <REP> Rippackv3
    02/01/2004 17:53 <REP> Services en ligne
    01/07/2004 20:45 <REP> Skype
    04/01/2007 07:12 <REP> Skype with Doro225
    30/06/2005 18:28 <REP> SmartSound Software
    03/01/2004 22:50 <REP> Snapshot Viewer
    06/09/2005 20:47 <REP> Sony
    05/03/2007 22:58 <REP> Spybot - Search & Destroy
    03/05/2004 21:15 <REP> Ssce
    19/10/2006 04:39 <REP> Team MediaPortal
    04/01/2007 07:19 <REP> Theme Generator
    19/10/2006 04:33 <REP> Visicom Media
    02/07/2005 07:20 <REP> WDGPS
    29/04/2004 22:51 <REP> Webteh
    02/07/2005 07:20 <REP> WinAce
    04/11/2004 16:46 <REP> Winamp
    06/01/2004 12:01 <REP> Windows Journal Viewer
    11/01/2004 19:26 <REP> Windows Media Components
    08/12/2006 22:00 <REP> Windows Media Connect 2
    08/12/2006 22:58 <REP> Windows Media Player
    27/11/2004 22:44 <REP> Windows NT
    05/01/2004 18:43 <REP> Windows XP Fun Pack
    02/07/2005 07:21 <REP> WinISO
    06/01/2004 12:29 <REP> WinRAR
    30/06/2006 22:05 <REP> WinZip
    01/03/2007 07:22 <REP> WLAN
    24/12/2004 17:09 <REP> X10 Hardware
    02/01/2004 17:54 <REP> xerox
    23/02/2005 19:58 <REP> XoftSpy
    16/09/2006 07:07 <REP> Xpress Software
    18/12/2006 21:23 <REP> Yahoo!
    0 fichier(s) 0 octets
    116 Rép(s) 28 263 501 824 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\Program Files\fichiers communs

    13/01/2007 18:03 <REP> .
    13/01/2007 18:03 <REP> ..
    18/12/2006 21:35 <REP> ACD Systems
    11/10/2006 06:00 <REP> Adobe
    25/09/2006 06:44 <REP> Adobe Systems Shared
    28/11/2004 21:12 <REP> Ahead
    04/01/2004 16:47 <REP> Caere
    03/01/2004 22:47 <REP> Designer
    02/07/2005 07:28 <REP> Fugawi
    28/04/2004 18:20 <REP> GIS
    19/10/2006 06:46 <REP> HP
    03/05/2004 21:15 <REP> iGrafx
    02/07/2005 07:20 <REP> InstallShield
    09/04/2004 11:21 <REP> Java
    24/12/2006 11:56 <REP> Logitech
    31/10/2006 07:23 <REP> Macromedia
    28/04/2004 18:20 <REP> Mapserv
    19/10/2006 06:47 <REP> Microsoft Shared
    02/01/2004 17:51 <REP> MSSoap
    06/01/2007 07:32 <REP> Nikon
    02/07/2005 07:20 <REP> ODBC
    07/06/2004 21:45 <REP> Real
    02/01/2004 17:52 <REP> Services
    03/01/2004 22:58 <REP> Sony Shared
    02/01/2004 17:23 <REP> SpeechEngines
    19/12/2006 06:18 <REP> System
    02/07/2005 07:20 <REP> Ulead Systems
    07/07/2005 20:06 <REP> Vbox
    01/07/2006 17:37 <REP> Wise Installation Wizard
    0 fichier(s) 0 octets
    29 Rép(s) 28 263 510 016 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

    06/01/2004 12:38 <REP> .
    06/01/2004 12:38 <REP> ..
    06/01/2004 12:37 <REP> 1033
    06/01/2004 12:38 <REP> 1036
    15/02/2001 06:45 1 318 912 MSONSEXT.DLL
    03/06/1999 14:09 122 937 MSOWS409.DLL
    07/03/2001 09:00 127 033 MSOWS40c.DLL
    06/08/2000 10:04 401 462 MSVCP60.DLL
    22/01/2001 04:25 69 632 PKMAXCTL.DLL
    22/01/2001 04:25 872 448 PKMCDO.DLL
    22/01/2001 04:25 159 744 PKMCORE.DLL
    07/02/2001 10:59 106 496 PKMFORMS.DLL
    12/02/2001 05:03 684 032 PKMRES.DLL
    22/01/2001 04:25 28 672 PKMSSTLB.DLL
    22/01/2001 04:25 40 960 PKMTEMPL.DLL
    22/01/2001 04:25 24 576 PKMTRACE.DLL
    22/01/2001 04:25 86 016 PKMWS.DLL
    22/01/2001 04:25 237 568 PROMDEMO.DLL
    18/03/1999 06:37 593 977 RAGENT.DLL
    22/01/2001 04:25 184 320 SECMGR.DLL
    22/01/2001 04:25 323 584 VAIDDMGR.DLL
    22/01/2001 04:25 32 768 VAIMEM.DLL
    18 fichier(s) 5 415 137 octets
    4 Rép(s) 28 263 510 016 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\Program Files\common files

    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 6885-B50F

    Répertoire de C:\

    11/11/2001 00:00 68 096 diff.exe
    27/08/2006 14:10 103 424 grep.exe
    2 fichier(s) 171 520 octets
    0 Rép(s) 28 263 510 016 octets libres
    c:\Documents and Settings\All Users\Application Data\vidcap\vidcap.exe
    c:\Documents and Settings\All Users\Menu Démarrer\Programmes\Award Utility\WinFlash.EXE
    c:\Documents and Settings\BB443B11-7D12-450c-9F85-2D32804655F9\temp\hpfinstx.exe
    c:\Documents and Settings\BB443B11-7D12-450c-9F85-2D32804655F9\temp\hpfiui.exe
    c:\Documents and Settings\PG\Application Data\Image Zone Express\HPSoftwareUpdate.exe
    c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{106F886B-A874-43DF-BCC4-01DB57E1F3C6}\IconTmpl5.26D6FF13_F77C_402E_8E96_9E49DFBBAF31.exe
    c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{47BD3745-EAFF-48FC-A9ED-E580C681B5C4}\_18be6784.exe
    c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{7A0BAED2-066E-4B4F-8FA5-472A4655F4C2}\_5af141bb.exe
    c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
    c:\Documents and Settings\PG\Application Data\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe
    c:\Documents and Settings\PG\Local Settings\Temporary Internet Files\Content.IE5\P4WVVHSE\NewMediaCodecInstaller[1].exe
    c:\Documents and Settings\PG\Mes documents\oliv92.exe
    c:\Documents and Settings\PG\Mes documents\SmartDoc.exe
    c:\Documents and Settings\PG\Mes documents\Arnaud\ccsetup136.exe
    c:\Documents and Settings\PG\Mes documents\Arnaud\Setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\5550-fra-win2k_xp.exe
    c:\Documents and Settings\PG\Mes documents\emule\ACEMCP603PRO.exe
    c:\Documents and Settings\PG\Mes documents\emule\Anonymizer_Software.exe
    c:\Documents and Settings\PG\Mes documents\emule\babylon_larousse_fre_eng_spa_ger_ita_fre_multidico.exe
    c:\Documents and Settings\PG\Mes documents\emule\Codec_Sniper.exe
    c:\Documents and Settings\PG\Mes documents\emule\dvdaudioextractor.exe
    c:\Documents and Settings\PG\Mes documents\emule\dws2_trial_e.exe
    c:\Documents and Settings\PG\Mes documents\emule\dxwebsetup.exe
    c:\Documents and Settings\PG\Mes documents\emule\eMule0.44b_Installer.exe
    c:\Documents and Settings\PG\Mes documents\emule\eMule0.47c-Installer.exe
    c:\Documents and Settings\PG\Mes documents\emule\GoogleEarth.exe
    c:\Documents and Settings\PG\Mes documents\emule\grabit_grabit_anglais_11960.exe
    c:\Documents and Settings\PG\Mes documents\emule\ipanonymizer.exe
    c:\Documents and Settings\PG\Mes documents\emule\kav6.0.2.614fr.exe
    c:\Documents and Settings\PG\Mes documents\emule\MAC_399F.exe
    c:\Documents and Settings\PG\Mes documents\emule\modele_meteo_gfs_setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\netstumblerinstaller_0_4_0.exe
    c:\Documents and Settings\PG\Mes documents\emule\PagePlus50PreloaderNoReg.exe
    c:\Documents and Settings\PG\Mes documents\emule\PDFCreator-0_9_1_GPLGhostscript.exe
    c:\Documents and Settings\PG\Mes documents\emule\QuickPar-0.9.1.0-FRA.exe
    c:\Documents and Settings\PG\Mes documents\emule\QuickTimeFullInstaller.exe
    c:\Documents and Settings\PG\Mes documents\emule\sherlock.exe
    c:\Documents and Settings\PG\Mes documents\emule\ShowShifter-Setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\spybotsd14.exe
    c:\Documents and Settings\PG\Mes documents\emule\UVS7_Patch_F.exe
    c:\Documents and Settings\PG\Mes documents\emule\WM9Codecs.exe
    c:\Documents and Settings\PG\Mes documents\emule\XoftSpy410.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\diff.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\dumphive.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\FilesInfoCmd.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\Fport.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\grep.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\LFiles.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\LISTDLLS.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\pslist.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\streams.exe
    c:\Documents and Settings\PG\Mes documents\emule\DiagHelp\DiagHelp\swreg.exe
    c:\Documents and Settings\PG\Mes documents\emule\DIVX\EasyDivX_0820_standard.exe
    c:\Documents and Settings\PG\Mes documents\emule\DVB\dotnetfx.exe
    c:\Documents and Settings\PG\Mes documents\emule\DVB\KTV2.3.0.1\setup-2.3.0.1.exe
    c:\Documents and Settings\PG\Mes documents\emule\DVB\MediaPortal_0.2\setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\DVB\PouchinTV_0.3a\PouchinTV.exe
    c:\Documents and Settings\PG\Mes documents\emule\flaskmpeg_078_39\FlasKMPEG.exe
    c:\Documents and Settings\PG\Mes documents\emule\install_pn15G\Driver_SoftAP\Setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\nv7184_w2kxp\nv7184_w2kxp\nvudisp.exe
    c:\Documents and Settings\PG\Mes documents\emule\nv7184_w2kxp\nv7184_w2kxp\setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\easygifanimator3.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\flash_flash_8_evaluation_francais_15287.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\gmg4.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\namo-webeditor_namo_webeditor_6.0_francais_10166.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\nvu_nvu_1.0_francais_11208.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\setup-e-anim7_01_004c.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\toweb_toweb_1.53_francais_15418.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\TVE2-Eval.exe
    c:\Documents and Settings\PG\Mes documents\emule\outils web\webalbum_setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\svg_tomtom\keygen para mapas tomtom one by FL0RIAN\Keygenerator TomTom GO ONE\Key.exe
    c:\Documents and Settings\PG\Mes documents\emule\svg_tomtom\Keygenerator_TomTom_GO_ONE\Keygenerator TomTom GO ONE\Key.exe
    c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\Start.exe
    c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\2577\AutoRun.exe
    c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\2577\autorun.exe-install
    c:\Documents and Settings\PG\Mes documents\emule\tomtom-one-western-europe copia sd\tt-one wesern-europe\2577\autorun.exe-run
    c:\Documents and Settings\PG\Mes documents\emule\TomTom_5.21\crack.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\autorun.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\hpzglu07.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\setup.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\delay.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\DIRECT~1.EXE
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\hpfinstx.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\hpfldr.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\fra\nt4\Disk1\nt4\hpfsplsh.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpfpdi07.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpzghl07.exe
    c:\Documents and Settings\PG\Mes documents\emule\win2k_xp_HP5550\util\common\hpzpin07.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\wptman.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\archives\Dossiers First30.org\Electricité\Electricité.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\archives\Dossiers First30.org\GPS 152\Updater.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\astro\snav32s.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailc4.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailc6.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailcut4.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\conception\sailcut6.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\conception\vb3dlls.exe
    c:\Documents and Settings\PG\Mes documents\Forcepas\tides\SETUP.EXE
    c:\Documents and Settings\PG\Mes documents\Forcepas\tides\WXTIDE32.EXE
    c:\Documents and Settings\PG\Mes documents\free\vlc-0.8.4a-win32.exe
    c:\Documents and Settings\PG\Mes documents\Garmin\UPDATER.EXE
    c:\Documents and Settings\PG\Mes documents\IPAQ\CalcNow_1.0.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\ctidesetup.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\Microsoft_eMbedded_Visual_Tools_3.0.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\NevoHP54XXUpdate.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\pqv.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\pqview.2.013_ppc.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\PToys.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\setup_msn.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\SkypeForPocketPC.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\TimePiece_1.0.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\GpsGatePPC_beta\GpsGateCE.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\chessppc_chessppc_anglais_12166.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\leofs_ppc_arm.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\Leos_Flight_Simulator_Beta_8_-_ARM_-iPaq-.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\PacFun.ARM.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\jeux\PortaPinSetup300.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\maree_ozons\calcul_maree\CalculMaréePPC.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\Mise à jour MS 2003\FRA_SP_2_00_03b.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\acrobat_reader_pour_pocket_pc_2.0_arm_ipaq_anglais_11360.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\acrobatreader-ppcARM-fr_fr.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\activesync_activesync_4.2_francais_11338.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Microsoft_Transcriber_1.51.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Pocket.15C.Scientific.Calculator.v1.0.ARM.PPC.Cracked-COREPDA\cr-p15c1\CORE10k.EXE
    c:\Documents and Settings\PG\Mes documents\IPAQ\utilitaires\Pocket.15C.Scientific.Calculator.v1.0.ARM.PPC.Cracked-COREPDA\cr-p15c1\setup.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\PocketDivXEncoder_0.3.50.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\PocketTVSetup-0[1].15.3.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\vidéo\betaplayer\betaplayer[1].setup.STABLE.0.5.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\WLAN\ReadMe.exe
    c:\Documents and Settings\PG\Mes documents\IPAQ\WLAN\Setup_h54-5500WLANDrv133.exe
    c
    0
  4. Utilisateur anonyme
     
    Re

    Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
    Les manipulations sont à faire sans interruption et dans l'ordre.
    Si tu ne comprends pas quelque chose, demande des explications avant de commencer.


    $$ TéléchargeSDFix sur ton bureau
    http://downloads.andymanchesta.com/RemovalTools/SDFix.zip

    $$ Télécharge Brute Force Uninstaller (de Merijn)
    http://www.merijn.org/files/bfu.zip
    Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

    $$ FAIS UN CLIC-DROIT sur le lien suivant
    http://metallica.geekstogo.com/EGDACCESS.bfu
    et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

    $$ FAIS UN CLIC-DROIT sur le lien suivant
    http://perso.orange.fr/Chercheur-perso/scripts/toolbar.bfu
    et choisis "Enregistrer la cible sous..." afin de télécharger toolbar.bfu (de Chercheur). Sauvegarde dans le dossier créé (C:\BFU). **Note: si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : toolbar.bfu et BFU.exe (très important).

    $$ Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
    http://www.atribune.org/ccount/click.php?id=4

    * Double-clique VundoFix.exe afin de le lancer.
    * Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
    * Clique sur le bouton Scan for Vundo.
    * Lorsque le scan est complété, clique sur le bouton Remove Vundo
    * Une invite te demandera si tu veux supprimer les fichiers, clique YES
    * Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    * Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

    Note Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

    $$ Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

    $$ Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

    --- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

    EGDACCESS.bfu

    Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
    Clique sur Execute et laisse-le faire son travail.
    Attendre que Complete script execution apparaîsse et clique sur OK.

    --- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

    toolbar.bfu

    Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\toolbar.bfu
    Clique sur Execute et laisse-le faire son travail.
    Attendre que Complete script execution apparaîsse et clique sur OK.

    Clique Exit pour fermer le programme BFU.

    $$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout"
    Double-clique sur RunThis.bat
    Tape Y pour lancer le script.
    Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
    Presse une touche pour redémarrer

    Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

    Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt", le rapport qui se trouve ici C:\vundofix.txt, le rapport situé ici C:\egd.txt et un nouveau HijackThis.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Bonjour

    Encore du ménage à faire.

    [*]Double-clique VundoFix.exe afin de le lancer.
    [***]Ne clique pas sur "Scan for Vundo"
    [*]Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
    [*]Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

    C:\WINDOWS\system32\sokubdi.dll

    [*]Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

    C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll

    [*]Copie/colle le chemin du fichier suivant dans la troisième case (en bas):

    C:\WINDOWS\system32\ltfyqvvp.dll

    [*]Clique sur le bouton "Add File(s)"
    [*]Clique sur le bouton "Close Window".
    [*]Clique à nouveau sur "Remove Vundo"
    [*]Une invite te demandera si tu veux supprimer les fichiers, clique YES
    [*]Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    [*]Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

    [*]Démarre ton PC à nouveau.

    [*]Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse.
    0
  7. forcepas Messages postés 10 Statut Membre 1
     
    Bonjour
    J'y vais patron....Merci encore, voici les résultats.

    VundoFix V6.3.15

    Checking Java version...

    Java version is 1.4.2.4
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.9
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.10

    Java version is 1.5.0.11

    Scan started at 11:18:33 08/03/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\ihhkj.bak1
    C:\WINDOWS\system32\ihhkj.bak2
    C:\WINDOWS\system32\ihhkj.ini
    C:\WINDOWS\system32\jkhhi.dll
    C:\WINDOWS\system32\sffcbodx.dll
    C:\WINDOWS\system32\ututv.ini
    C:\WINDOWS\system32\vtutu.dll
    C:\WINDOWS\system32\yaywvvw.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\ihhkj.bak1
    C:\WINDOWS\system32\ihhkj.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ihhkj.bak2
    C:\WINDOWS\system32\ihhkj.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ihhkj.ini
    C:\WINDOWS\system32\ihhkj.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jkhhi.dll
    C:\WINDOWS\system32\jkhhi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sffcbodx.dll
    C:\WINDOWS\system32\sffcbodx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ututv.ini
    C:\WINDOWS\system32\ututv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtutu.dll
    C:\WINDOWS\system32\vtutu.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
    C:\WINDOWS\system32\yaywvvw.dll Could not be deleted.

    Performing Repairs to the registry.
    Done!

    VundoFix V6.3.15

    Checking Java version...

    Java version is 1.4.2.4
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.9
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.10

    Java version is 1.5.0.11

    Scan started at 11:28:54 08/03/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\yaywvvw.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\yaywvvw.dll
    C:\WINDOWS\system32\yaywvvw.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\ltfyqvvp.dll
    C:\WINDOWS\system32\ltfyqvvp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sokubdi.dll
    C:\WINDOWS\system32\sokubdi.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Logfile of HijackThis v1.99.1
    Scan saved at 21:07:46, on 08/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
    C:\PROGRA~1\MAGICF~1\MulMouse.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\PROGRA~1\DIRECT~1\DUControl.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
    C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
    G:\antivirus\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
    O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
    O4 - HKLM\..\Run: [Anvshell] anvshell.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [LiveNote] livenote.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
    O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
    O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
    O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
    O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: winits32 - winits32.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
    O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    A+
    Philippe
    0
  8. Utilisateur anonyme
     
    Re

    $$ Télécharge la dernière version de Killbox -> http://www.downloads.subratam.org/KillBox.zip
    Place le programme dans le répertoire qui te plaît.

    $$ redémarre l'ordinateur en mode sans échec

    $$ Relance un scan HijackThis</gras> et coche les lignes ci-dessous :

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {179C9A08-329D-45A0-9929-FE4FAC69D603} - C:\WINDOWS\system32\jkhhi.dll (file missing)
    O2 - BHO: (no name) - {1BAAD8F5-FF92-D181-955B-04BBC19137FC} - C:\WINDOWS\system32\sokubdi.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {8AAF9204-7148-4576-8F68-016875076F73} - C:\WINDOWS\system32\yaywvvw.dll (file missing)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hrsoenf.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll",wonzzg
    O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\ltfyqvvp.dll",setvm
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00000000-0709-0000-0000-000330050660} - http://207.234.185.217/aboxinst_int21.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz4.domino.inetpsa.com/iNotes.cab
    O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx
    O20 - Winlogon Notify: winits32 - winits32.dll (file missing)

    Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

    $$ Lance Pocket Killbox
    --- choisis l'option Delete on Reboot
    --- copie la liste ci-dessous, des fichiers à supprimer (Ctrl-C) et File / Paste from Clipboard
    C:\Documents and Settings\pg\Local Settings\Application Data\hrsoenf.dll
    C:\WINDOWS\system32\ltfyqvvp.dll

    * les boutons "Single File" et "All Files" deviennent actifs mais "Single File" est activé par défaut.
    Il faut alors impérativement activer (cliquer sur) "All Files", impérativement, sinon seul le premier de la liste sera supprimé.
    --- vérifie que tous les fichiers sont enregistrés, par la liste déroulante "Full Path of File to Delete"
    --- coche "Unregister .dll Before Deleting".
    --- clique sur la croix blanche sur fond rouge (Delete File) :

    - "File will be Removed on Reboot, Do you want to reboot now?", réponds OUI si tu es prêt à procéder

    Si Pocket KillBox ne fait pas redémarrer le PC, redémarre le toi même.

    Poste un nouveau Hjackthis.
    0
  9. forcepas Messages postés 10 Statut Membre 1
     
    Bonjour
    voici le dernier log Hijack (enfin j'espère !). En tout cas j'ai retrouvé des temps de boot satisfaisants !
    MERCI,
    A+
    Philippe
    Logfile of HijackThis v1.99.1
    Scan saved at 07:25:47, on 09/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\MAGICF~1\MulMouse.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\PROGRA~1\DIRECT~1\DUControl.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Nikon\NkView6\NkvMon.exe
    C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\hijack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O4 - HKLM\..\Run: [Anvshell] anvshell.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [LiveNote] livenote.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
    O4 - HKLM\..\Run: [Versato] C:\PROGRA~1\MAGICF~1\MulMouse.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [DUControl] C:\PROGRA~1\DIRECT~1\DUControl.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Skype with Doro225.lnk = C:\Program Files\Skype with Doro225\SkypeWithDoro225.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
    O4 - Global Startup: XPC 802.11b+g Wireless Utility.lnk = C:\Program Files\WLAN\XPC 802.11b+g Wireless Kit\ZDWlan.exe
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1D7CF83C-6018-46B8-9951-4A0F2CE226EF}: NameServer = 192.168.0.1
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing)
    O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - C:\PROGRA~1\DIRECT~1\DUService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    0
  10. forcepas Messages postés 10 Statut Membre 1
     
    Bonjour,
    voici le rapport kaspersky demandé. Pour l'instant je n'ai pas demandé le nettoyage. Il me semble qu'un certain nombre de détections est lié aux objets que j'ai retiré en suivant tes indications qui restent dans le PC dans des répertoires de sauvegarde générés par l'utilitaire ? Ensuite de quelle nature sont ces fichiers verrouillés ?
    Merci pour l'analyse
    A+
    Philippe

    Statistiques de l'analyse
    Total d'objets analysés 136656
    Nombre de virus trouvés 7
    Nombre d'objets infectés 13 / 0
    Nombre d'objets suspects 2
    Durée de l'analyse 03:01:45

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip/actalert.exe Suspect : Password-protected-EXE ignoré

    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip ZIP: suspect - 1 ignoré

    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\$_hpcst$.hpc L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\call256.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\callmember256.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\chat512.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\chatmsg256.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\chatmsg512.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\contactgroup256.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\index2.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\message1024.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\message256.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\profile4096.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\user1024.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\user16384.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\user4096.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Application Data\Skype\forcepas\voicemail256.dbb L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Outlook\archive.pst/Dossiers d'archivage/Éléments supprimés/10 Oct 2005 14:33 from eBay Inc:[Norton AntiSpam] EBAY INC: SPEC.rtf Infecté : Trojan-Spy.HTML.Bayfraud.hn ignoré

    C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Outlook\archive.pst Mail MS Mail: infecté - 1 ignoré

    C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Historique\History.IE5\MSHist012007030920070310\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Temp\WCESLog.log L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\Mes documents\emule\TT\crack.exe Infecté : Trojan.Win32.Agent.qt ignoré

    C:\Documents and Settings\pg\Mes documents\emule\TT.rar/keygen.exe Infecté : Trojan-Downloader.Win32.Agent.bfx ignoré

    C:\Documents and Settings\pg\Mes documents\emule\TT1.rar/crack.exe Infecté : Trojan.Win32.Agent.qt ignoré

    C:\Documents and Settings\pg\Mes documents\emule\TT1.rar RAR: infecté - 2 ignoré

    C:\Documents and Settings\pg\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\pg\NTUSER.DAT.LOG L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chandir.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chandir.idx L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chn.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\chn.idx L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\D0000000.FCS L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\inuse.txt L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\L0000004.FCS L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\main.log L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs.idx L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_die.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_die.idx L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_dnd.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_dnd.idx L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_ext.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_ext.idx L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_rcv.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\prs_rcv.idx L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\storydb.dat L'objet est verrouillé ignoré

    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\pg\Data\storydb.idx L'objet est verrouillé ignoré

    C:\SDFix\backups\backups.zip/backups/rpcc.dll Infecté : Trojan-Proxy.Win32.Dlena.cb ignoré

    C:\SDFix\backups\backups.zip ZIP: infecté - 1 ignoré

    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256647.dll Infecté : Trojan.Win32.Agent.qt ignoré

    C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP623\A0256674.exe Infecté : Trojan-Proxy.Win32.Horst.gen ignoré

    C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\A0256772.dll Infecté : Trojan.Win32.BHO.g ignoré

    C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\A0256807.dll Infecté : Trojan-Proxy.Win32.Dlena.cb ignoré

    C:\System Volume Information\_restore{465D02FE-492D-4CC3-B1DF-8C5545E899E7}\RP625\change.log L'objet est verrouillé ignoré

    C:\VundoFix Backups\sffcbodx.dll.bad Infecté : Trojan.Win32.BHO.g ignoré

    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\Perflib_Perfdata_15c.dat L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

    Analyse terminée.
    0
  11. Utilisateur anonyme
     
    Bonjour

    1 Télécharge CCleaner.
    http://www.filehippo.com/download_ccleaner.html
    Installe le dans un répertoire dédié.

    2 Clique sur Démarrer
    Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Cocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

    3 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

    C:\Documents and Settings\pg\Mes documents\emule\TT
    C:\Documents and Settings\pg\Mes documents\emule\TT.rar
    C:\Documents and Settings\pg\Mes documents\emule\TT1.rar
    C:\SDFix
    C:\VundoFix Backups

    4 Lance le nettoyage avec CCleaner

    5 Redémarre normalement

    6 Clique sur Démarrer
    Clic droit sur le Poste de Travail - Propriétés - Restauration du systéme - Décocher la case Désactiver la restauration du systéme et cliquer sur Appliquer.

    As tu encore des dysfonctionnements ?
    0
  12. forcepas Messages postés 10 Statut Membre 1
     
    Bonjour,
    j'ai effectué les dernières manip ce matin. Mais déjà hier, j'ai constaté un fonctionnement normal du PC avec des temps de boot honorables. La bête est convalescente....à surveiller n'est ce pas !

    J'ai l'impression que tout va bien maintenant. Si tel est, aussi, ton sentiment, je ferai un résumé de la solution....Il sera un peu long !

    MERCI ENCORE

    Cordialement
    Philippe
    0
  13. Utilisateur anonyme
     
    Bonjour

    Supprime DiagHelp, Vundofix, SDFix, BFU et Killbox.

    La bête est convalecente, c'est surtout à toi de faire attention maintenant

    C:\Documents and Settings\pg\Mes documents\emule\TT\crack.exe Infecté : Trojan.Win32.Agent.qt ignoré 
    
    C:\Documents and Settings\pg\Mes documents\emule\TT.rar/keygen.exe Infecté : Trojan-Downloader.Win32.Agent.bfx ignoré 
    
    C:\Documents and Settings\pg\Mes documents\emule\TT1.rar/crack.exe Infecté : Trojan.Win32.Agent.qt ignoré 
    
    C:\Documents and Settings\pg\Mes documents\emule\TT1.rar RAR: infecté - 2 ignoré 
    0
  14. forcepas Messages postés 10 Statut Membre 1
     
    Bonjour,
    Tout d'abord un grand merci à Chercheurbis qui m'a complétement pris en charge pendant le nettoyage de mon PC.
    En ce qui concerne la recette à appliquer, elle peut se résumer en l'achat d'un antivirus digne de ce nom. Avast n'a pas suffi à me couvrir pendant cette attaque.
    En dehors de cela, chaque cas est particulier, mais il faut avoir le reflexe de venir avec un rapport hijackthis avant de poster ici.
    Ensuite les choses sont plus faciles pour les experts du forum.
    Il faut suivre leurs conseils à la lettre pour ne pas interférer avec leurs actions.
    Cordialement
    Philippe
    0