W323/sdbot.worm!ftp

comment le detruire je suis un apprentiLogfile of HijackThis v1.99.1
Scan saved at 12:55:26, on 20/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\AOL\1169691297\ee\AOLSoftware.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Generic\USB Card Reader Driver v2.2c\Disk_Monitor.exe
C:\WINDOWS\System32\ctfmon.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Documents and Settings\ManhHung\Bureau\test.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\sisUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1169691297\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v2.2c\Disk_Monitor.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f06cfe2cac984d51aab3648df6ffcc51
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f06cfe2cac984d51aab3648df6ffcc51
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for ¼ææ: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

BitDefender Log File !!!!!
Product : BitDefender Total Security 2008
Version : BitDefender UIScanner v.11
Log date : 16:23:14 20/01/2008
Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\full_scan\1200842594_1_00.xml

Scan Paths:Path0000: C:\
Path0001: E:\


Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes


Target selection options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : No
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :


Target ProcessingDefault action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None


Scan engines summaryNumber of virus signatures : 955843
Archive plugins : 41
Email plugins : 6
Scan plugins : 12
Archive plugins : 41
System plugins : 4
Unpack plugins : 7


Overall scan summaryScanned items : 73234
Infected items : 0
Suspicious items : 0
Resolved items : 0
Individual viruses found : 0
Scanned directories : 4863
Scanned boot sectors : 3
Scanned archives : 17
Input-output errors : 24
c'est beber il est vrai que t cool!!!!!!!!!!!!!!!!!!!!!!!!!!

Scan time : 00:00:59:09
Files per second : 20


Scanned processes summaryScanned : 59
Infected : 0


Scanned registry keys summaryScanned : 331
Infected : 0


Scanned cookies summaryScanned : 1
Infected : 0


Remaining issues:Object Name Threat Name Final Status


Resolved issues:Object Name Threat Name Final Status
Configuration: Windows XP
Firefox 2.0.0.6

recoucou j'ai reussi à desinstaller bitdefender grace a l 'histo du site TROP BIEN CE SITE!!!!!!!

je lance navilog en tant qu'administrateur mais je nai pas le mot de passe.......

comment faire c est pas risquer tout sa?

salut denis

je vais faire ce ke tu me di!!!!
just un truc jé encore bitdefender et jé aussi Mcafree
j arrive pas a supprimé bitdefender ??????comment faire

j'ai appliqué combofix mais je n'ai pas eu de rapport de plus pendant son boulot mcafree le detetecter comme fichier soupsçon je disais de continuer le travail en cours;;;Bizar????

mais ou est le rapport de combofix?
denis help ma cop m'embrouille car je suis tjs devant le pc;;;;;

c'est çà le compte rendu de combofix
ComboFix 08-01-20.1 - ManhHung 2008-01-21 12:52:22.2 - NTFSx86
Running from: C:\Documents and Settings\ManhHung\Bureau\ComboFix.exe

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2007-12-21 to 2008-01-21 ))))))))))))))))))))))))))))))))))))
.

2008-01-21 11:53 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-20 15:03 . 2008-01-21 00:58 121 --a------ C:\WINDOWS\bdagent.INI
2008-01-20 14:40 . 2008-01-21 11:44 <REP> d-------- C:\Program Files\BitDefender
2008-01-19 23:52 . 2008-01-19 23:52 <REP> d--hs---- C:\found.000
2008-01-14 12:09 . 2008-01-14 12:09 <REP> d-------- C:\Program Files\Decibels__2007_-_10-10__Part_1_-_Royal_Sapien_-_Live___San_Francisco_LoveFest[1].part1
2008-01-04 15:10 . 2008-01-11 09:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-04 15:10 . 2008-01-04 15:10 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-30 15:04 . 2007-12-30 15:05 <REP> d-------- C:\Documents and Settings\ManhHung\Application Data\SpywareBot
2007-12-29 15:00 . 2007-12-29 16:15 60 --a------ C:\WINDOWS\yesmessenger.ini
2007-12-29 14:47 . 2007-12-29 16:19 <REP> d-------- C:\Program Files\YesMessenger
2007-12-23 19:35 . 2007-12-23 19:35 <REP> d-------- C:\WINDOWS\provisioning
2007-12-23 19:35 . 2007-12-24 09:39 <REP> d-------- C:\WINDOWS\peernet
2007-12-23 19:29 . 2007-12-23 19:29 <REP> d-------- C:\WINDOWS\ServicePackFiles
2007-12-23 19:24 . 2004-08-03 21:43 20,480 --a------ C:\WINDOWS\system32\sprecovr.exe
2007-12-23 19:20 . 2001-08-28 11:00 4,186,256 --a------ C:\WINDOWS\system32\dllcache\luna.mst
2007-12-23 19:19 . 2006-02-27 13:26 2,542,592 --a------ C:\WINDOWS\system32\dllcache\msoeres.dll
2007-12-23 19:17 . 2007-12-24 09:39 <REP> d-------- C:\WINDOWS\EHome

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-20 00:32 --------- d-----w C:\Program Files\AOL 9.0
2008-01-03 19:29 --------- d-----w C:\Documents and Settings\ManhHung\Application Data\MSN6
2007-12-30 14:05 --------- d-----w C:\Program Files\SpywareBot
2007-12-24 09:37 --------- d-----w C:\Program Files\MSN Messenger
2007-12-18 11:31 --------- d-----w C:\Documents and Settings\ManhHung\Application Data\Uniblue
2007-12-16 18:59 --------- d-----w C:\Program Files\Lexmark X1100 Series
2007-12-16 18:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-16 18:36 --------- d-----w C:\Program Files\FaxTools
2007-12-16 18:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2007-12-13 12:56 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-12-13 12:52 --------- d-----w C:\Program Files\Windows Live Favorites
2007-12-12 16:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com
2007-12-12 06:09 --------- d-----w C:\Documents and Settings\ManhHung\Application Data\HP
2007-12-11 19:16 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-12-11 18:14 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-12-11 18:14 --------- d-----w C:\Program Files\Generic
2007-12-11 14:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSN6
2007-12-11 10:53 --------- d-----w C:\Program Files\McAfee.com
2007-11-29 08:47 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-27 15:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
2007-11-27 15:40 --------- d-----w C:\Program Files\HP
2007-11-27 15:40 --------- d-----w C:\Program Files\Fichiers communs\HP
2007-11-27 15:37 --------- d-----w C:\Program Files\Hewlett-Packard
2007-11-27 15:36 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 10:45 13312]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [2002-05-09 02:19 303104]
"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [ ]
"SiSUSBRG"="C:\WINDOWS\sisUSBrg.exe" [2002-04-25 17:06 32768]
"SoundMan"="SOUNDMAN.EXE" [2002-08-15 05:46 46592 C:\WINDOWS\SOUNDMAN.EXE]
"ASUS Probe"="C:\Program Files\ASUS\Probe\AsusProb.exe" [2002-12-06 15:07 617984]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 11:28 684032]
"NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 10:50 155648]
"AOLSAV"="C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe" [2004-04-26 17:40 75776]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [2007-06-21 11:01 70952]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-01-31 20:41 98304]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1169691297\ee\AOLSoftware.exe" [2006-11-17 14:16 50736]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06 487424]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-18 09:07 185632]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18 151552]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49 163840]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02 53248]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29 303104]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2006-01-11 12:05 212992]
"Disk Monitor"="C:\Program Files\Generic\USB Card Reader Driver v2.2c\Disk_Monitor.exe" [2003-10-16 07:52 438784]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [ ]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 10:45 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

*Newly Created Service* - ATWPKT2
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-21 11:06:20 C:\WINDOWS\Tasks\Liquid Audio Auto Update Agent.job"
- C:\Program Files\Liquid Audio\Liquid Player\UpdateAgent.exe
"2008-01-21 11:31:07 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"