Virus ou trojan ? avec system32\netsh.exe
Résolu
rude boy
Messages postés
22
Date d'inscription
Statut
Membre
Dernière intervention
-
jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention -
jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
Depuis un nettoyage de disque classique ou est ce un hasard ? il apparait à chaque lancement de windows le masque DOs suivant:
C:\WINDOWS\System32\netsh.exe
Et depuis mon PC rame un maximum.
Quelqu'un peut t'il m'aider je suis un utilisateur Pc trés pas technique j'ai besoin d'aide simple
Merci par avance
Depuis un nettoyage de disque classique ou est ce un hasard ? il apparait à chaque lancement de windows le masque DOs suivant:
C:\WINDOWS\System32\netsh.exe
Et depuis mon PC rame un maximum.
Quelqu'un peut t'il m'aider je suis un utilisateur Pc trés pas technique j'ai besoin d'aide simple
Merci par avance
A voir également:
- C:\windows\system32\netsh.exe
- Clé windows 8 - Guide
- Montage video windows - Guide
- Windows ne démarre pas - Guide
- Windows movie maker - Télécharger - Montage & Édition
- Restauration systeme windows 10 - Guide
26 réponses
slt
firefox il te faut mettre la version 2 ou 3
_____________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
firefox il te faut mettre la version 2 ou 3
_____________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
Merci mais comment on colle un rapport hijackthis?
j'ai bien telechargé hijack et renommé j'obtiens un rapport DSL pour les points et virgules mais le pc se plante sans arrêt il bloque à cause de ce satané virus
je ne comprends pas lorsque tu dis de décomprésser hijackthis avec explorer puisque j'ai déjà le fichier .exe grace à firefox grace au lien que tu m'as donné
merci encore pour ton aide
j'ai bien telechargé hijack et renommé j'obtiens un rapport DSL pour les points et virgules mais le pc se plante sans arrêt il bloque à cause de ce satané virus
je ne comprends pas lorsque tu dis de décomprésser hijackthis avec explorer puisque j'ai déjà le fichier .exe grace à firefox grace au lien que tu m'as donné
merci encore pour ton aide
Logfile of HijackThis v1.99.1
Scan saved at 23:43:12, on 29/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.babygo.fr:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [irxsoljvy] c:\windows\system32\irxsoljvy.exe irxsoljvy
O4 - HKLM\..\Run: [vrhtkims] c:\windows\system32\vrhtkims.exe vrhtkims
O4 - HKLM\..\Run: [cmhiytbk] c:\windows\system32\cmhiytbk.exe cmhiytbk
O4 - HKLM\..\Run: [yowcooymk] c:\windows\system32\yowcooymk.exe yowcooymk
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [mslphyxlbj] c:\windows\system32\mslphyxlbj.exe mslphyxlbj
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [yxvwgcjna] c:\windows\system32\yxvwgcjna.exe yxvwgcjna
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Scan saved at 23:43:12, on 29/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.babygo.fr:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [irxsoljvy] c:\windows\system32\irxsoljvy.exe irxsoljvy
O4 - HKLM\..\Run: [vrhtkims] c:\windows\system32\vrhtkims.exe vrhtkims
O4 - HKLM\..\Run: [cmhiytbk] c:\windows\system32\cmhiytbk.exe cmhiytbk
O4 - HKLM\..\Run: [yowcooymk] c:\windows\system32\yowcooymk.exe yowcooymk
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [mslphyxlbj] c:\windows\system32\mslphyxlbj.exe mslphyxlbj
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [yxvwgcjna] c:\windows\system32\yxvwgcjna.exe yxvwgcjna
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bravo tu fais la collection des infections!!! vive norton....
_____________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
____________________
recolle un nouveau rapport hijakchits et dis tes soucis
_____________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
____________________
recolle un nouveau rapport hijakchits et dis tes soucis
ci joint le rapport
ComboFix 08-06-10.1 - HP_Propriétaire 2008-06-11 19:34:02.2 - NTFSx86
Endroit: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe
c:\WINDOWS\system32\cmhiytbk.dat
c:\WINDOWS\system32\irxsoljvy.dat
C:\WINDOWS\system32\irxsoljvy_navup.dat
c:\WINDOWS\system32\mslphyxlbj.dat
c:\WINDOWS\system32\pxgmtziu.dat
C:\WINDOWS\system32\vrhtkims.dat
c:\WINDOWS\system32\vrhtkims_navup.dat
c:\WINDOWS\system32\yowcooymk.dat
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-11 to 2008-06-11 ))))))))))))))))))))))))))))))))))))
.
2008-06-11 09:03 . 2008-06-11 19:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-11 09:03 . 2008-06-11 09:03 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-11 08:13 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 08:13 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-09 23:17 . 2008-06-09 23:17 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
2008-06-09 23:15 . 2008-06-09 23:15 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-09 23:15 . 2008-06-09 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-09 23:15 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-09 23:15 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-09 11:02 . 2008-06-09 11:02 396,288 --a------ C:\HijackThis.exe
2008-06-08 21:06 . 2008-06-11 08:59 <REP> d-------- C:\Program Files\Spyware Doctor
2008-06-08 21:06 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2008-06-06 23:25 . 2008-06-06 23:35 <REP> d-------- C:\!KillBox
2008-06-04 00:21 . 2008-06-04 14:05 3,686,454 --a------ C:\WINDOWS\Papier-peint-PhotoFiltre.bmp
2008-06-02 19:25 . 2008-06-02 19:25 <REP> d-------- C:\Documents and Settings\Leo mon costaud\Application Data\MySpace
2008-06-02 14:54 . 2008-06-02 14:54 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\MySpace
2008-06-02 14:53 . 2008-06-05 19:11 <REP> d-------- C:\Program Files\MySpace
2008-05-31 15:15 . 2008-05-31 15:43 <REP> d-------- C:\Program Files\GUILD WARS
2008-05-25 18:05 . 2008-05-25 18:48 <REP> d-------- C:\Program Files\Roger Wilco
2008-05-25 17:11 . 2008-05-25 18:07 <REP> d-------- C:\Program Files\GameSpy Arcade
2008-05-25 17:10 . 2008-05-25 17:10 <REP> d-------- C:\Program Files\EA GAMES
2008-05-23 07:55 . 2008-05-23 07:56 <REP> d-------- C:\Program Files\QuickTime
2008-05-23 07:40 . 2008-05-23 07:40 <REP> d-------- C:\~QTWTMP.TMP
2008-05-23 07:34 . 2008-05-23 07:36 344 --a------ C:\WINDOWS\QTW.QTW
2008-05-23 07:33 . 2008-05-23 07:33 812 --a------ C:\WINDOWS\QT$INST$.~PC
2008-05-16 13:03 . 2008-05-16 13:03 <REP> d-------- C:\Program Files\Sonic Foundry
2008-05-16 13:02 . 2008-05-16 13:02 <REP> d-------- C:\Program Files\Sonic Foundry Setup
2008-05-16 13:01 . 2008-05-16 13:01 <REP> d-------- C:\Acid Pro 3.0 (build 261)
2008-05-15 21:55 . 2008-05-15 22:05 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-05-15 21:38 . 2008-05-15 21:38 18,432 --a------ C:\host.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-11 06:57 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-06-11 06:41 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-09 14:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-31 06:39 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express
2008-05-30 22:28 --------- d-----w C:\Program Files\Norton Internet Security
2008-05-30 22:27 --------- d-----w C:\Program Files\Symantec
2008-05-30 22:26 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-05-30 22:26 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-05-30 22:26 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-05-30 22:26 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-05-28 16:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-27 05:51 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-05-27 05:48 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\AdobeUM
2008-05-16 18:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-10 05:08 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Sony
2008-05-10 05:04 --------- d-----w C:\Program Files\Steinberg
2008-05-10 05:03 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Publish Providers
2008-05-10 05:03 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\NetMedia Providers
2008-05-10 04:54 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-05-10 04:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-05-10 04:49 --------- d-----w C:\Program Files\Vstplugins
2008-05-10 04:46 --------- d-----w C:\Program Files\Sony
2008-05-09 09:10 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Sony Setup
2008-05-09 09:08 --------- d-----w C:\Program Files\Sony Setup
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-30 09:15 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Vso
2008-04-28 13:46 --------- d-----w C:\Program Files\SLD Codec Pack
2008-04-28 13:45 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-04-27 05:06 118,784 ----a-w C:\WINDOWS\Web\Wallpaper\Living Waterfalls Wallpaper #1.exe
2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-22 07:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-21 21:35 3,928,668 ----a-w C:\ffdshow-rev1946_20080421_xxl.exe
2008-04-20 09:57 --------- d-----w C:\Documents and Settings\Leo mon costaud\Application Data\Media Player Classic
2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-03-28 17:41 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\win32k.sys
2008-03-15 19:59 446,976 ----a-w C:\WINDOWS\system32\ShellMPD.dll
2007-08-12 16:24 7,168 -csha-w C:\Program Files\Thumbs.db
2007-06-17 20:55 13 -c-h--w C:\Documents and Settings\All Users\Application Data\1ÌØ13.sys
2007-05-26 00:25 541 ----a-w C:\Program Files\Raccourci vers emule.lnk
2007-04-22 08:13 47,360 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.sys
2007-03-28 17:00 1,877,574 ----a-w C:\Program Files\Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.4.70328.exe
2007-03-09 14:18 6,116,660 ----a-w C:\Program Files\ONES Trial Setup (EFIGS).exe
2006-07-03 22:34 15,633,443 -c--a-w C:\Program Files\tearsofaclown.m4v
2006-06-27 09:32 757,906 -c--a-w C:\Program Files\MidiMeow_old_1.01.zip
2006-06-27 09:20 1,484,285 ----a-w C:\Program Files\midc.exe
2006-05-01 07:43 770,048 ----a-w C:\Program Files\kmd.exe
2006-04-30 15:02 1,190,317 -c--a-w C:\Program Files\compteur.zip
2006-04-30 13:00 742,889 -c--a-w C:\Program Files\beatsaver.zip
2006-04-29 21:07 0 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat
2005-12-01 20:30 3,262 -c--a-w C:\Program Files\logoB.ico
2005-11-10 09:15 5,790,379 ----a-w C:\Program Files\ac3decoder_install.exe
2003-01-06 09:37 4,286 -c--a-w C:\Program Files\2TONE.ICO
2002-06-29 19:12 8,244 -c--a-w C:\Program Files\LICENSE.TXT
2002-06-29 19:11 272 -c--a-w C:\Program Files\FILE_ID.DIZ
2002-03-10 13:40 766 -c--a-w C:\Program Files\MURIELLE.ICO
2002-02-13 12:13 36,864 -c--a-w C:\Program Files\whatsnew.doc
2001-11-07 12:04 1,869 -c--a-w C:\Program Files\DriverLanguageMap.xml
2001-11-06 02:17 15,420 -c--a-w C:\Program Files\Mdmntstm.CAT
2001-11-05 08:06 64,408 -c--a-w C:\Program Files\Mdmntstm.inf
2001-10-22 18:06 1,992 -c--a-w C:\Program Files\Slclean.ini
2001-10-11 15:56 475,136 -c--a-w C:\Program Files\SLCPAPPL.CPL
2005-05-13 15:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 09:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-13 19:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2006-04-29 21:54 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys
2006-05-20 16:08 56 --sh--r C:\WINDOWS\system32\B621BE3148.sys
2005-06-22 05:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
.
((((((((((((((((((((((((((((( snapshot@2008-06-11_ 9.15.04.79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-11 06:59:24 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-11 17:21:25 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 15:52:45 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 12:58:06 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 12:58:06 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:39 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-03-01 12:58:06 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 12:58:06 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 12:58:08 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:39 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-03-01 12:58:08 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 12:58:09 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 12:58:10 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 12:58:10 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-03-01 12:58:10 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2008-03-01 12:58:10 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 12:58:10 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 12:58:11 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 12:58:11 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-03-01 12:58:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{160E258C-A042-AC8C-1BB4-E737E455607D}]
C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 12:51 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 20:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04 52736]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-14 05:05 344064]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 22:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35 49152]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 22:52 49152]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-02 06:06 180269]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [ ]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"option that obj byte"="C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19 221184]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [ ]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [ ]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 23:59 115816]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 01:11 771704]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]
"host"="C:\host.exe" [2008-05-15 21:38 18432]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]
C:\Documents and Settings\Leo mon costaud\Menu D‚marrer\Programmes\D‚marrage\
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2005-01-02 05:34:31 27136]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-05-21 16:38:28 113664]
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-10-09 02:16:54 610365]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 22:40:10 210520]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2006-03-14 20:12:21 65588]
TrayMin210.exe.lnk - C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe [2007-07-13 16:16:43 278528]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.YV12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-14 01:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\emule.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
R0 IFP300;iRiver Internet Audio Player IFP-300;C:\WINDOWS\system32\DRIVERS\ifp300.sys [2003-03-06 09:57]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]
S2 NMSAccessU;NMSAccessU;C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{4C0B4B83-CB98-4C7A-8787-F94A71DCD58D}\NMSAccessU.exe []
S3 mamotou;mamotou;C:\WINDOWS\system32\DRIVERS\mamotou.sys [2005-11-07 18:50]
S3 Slnt7554;USB Soft Modem Driver;C:\WINDOWS\system32\DRIVERS\slnt7554.sys [2004-08-03 22:41]
S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2005-11-22 18:04]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2005-11-22 18:04]
S3 USBAV708;Instant VideoMPX;C:\WINDOWS\system32\DRIVERS\USBAV708.SYS [2004-07-06 22:35]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b778f9fe-6fe5-11dc-9c54-0013d3fe875f}]
\Shell\AutoRun\command - H:\start.exe
\Shell\iledefrance\command - H:\start.exe
*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-06-11 17:27:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-16 10:47:20 C:\WINDOWS\Tasks\Connexion facile à Internet.job"
- C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exef/remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
"2008-06-05 18:12:41 C:\WINDOWS\Tasks\HPCeeSchedule.job"
- C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe
"2008-06-10 16:09:36 C:\WINDOWS\Tasks\Norton Internet Security - Analyse système complète - HP_Propriétaire.job"
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK:
"2008-06-11 17:42:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
"2008-06-11 17:19:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 19:40:41
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
C:\WINDOWS\explorer.exe [1368] 0x84C04020
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\system32\SETUPAPI.dll
-> ?:\WINDOWS\system32\SETUPAPI.dll
-> ?:\WINDOWS\system32\SETUPAPI.dll
.
Temps d'accomplissement: 2008-06-11 19:42:58
ComboFix-quarantined-files.txt 2008-06-11 17:42:47
Pre-Run: 34,751,565,824 octets libres
Post-Run: 34,733,551,616 octets libres
422 --- E O F --- 2008-06-11 08:34:17
ComboFix 08-06-10.1 - HP_Propriétaire 2008-06-11 19:34:02.2 - NTFSx86
Endroit: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe
c:\WINDOWS\system32\cmhiytbk.dat
c:\WINDOWS\system32\irxsoljvy.dat
C:\WINDOWS\system32\irxsoljvy_navup.dat
c:\WINDOWS\system32\mslphyxlbj.dat
c:\WINDOWS\system32\pxgmtziu.dat
C:\WINDOWS\system32\vrhtkims.dat
c:\WINDOWS\system32\vrhtkims_navup.dat
c:\WINDOWS\system32\yowcooymk.dat
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-11 to 2008-06-11 ))))))))))))))))))))))))))))))))))))
.
2008-06-11 09:03 . 2008-06-11 19:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-11 09:03 . 2008-06-11 09:03 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-11 08:13 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 08:13 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-09 23:17 . 2008-06-09 23:17 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
2008-06-09 23:15 . 2008-06-09 23:15 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-09 23:15 . 2008-06-09 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-09 23:15 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-09 23:15 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-09 11:02 . 2008-06-09 11:02 396,288 --a------ C:\HijackThis.exe
2008-06-08 21:06 . 2008-06-11 08:59 <REP> d-------- C:\Program Files\Spyware Doctor
2008-06-08 21:06 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2008-06-06 23:25 . 2008-06-06 23:35 <REP> d-------- C:\!KillBox
2008-06-04 00:21 . 2008-06-04 14:05 3,686,454 --a------ C:\WINDOWS\Papier-peint-PhotoFiltre.bmp
2008-06-02 19:25 . 2008-06-02 19:25 <REP> d-------- C:\Documents and Settings\Leo mon costaud\Application Data\MySpace
2008-06-02 14:54 . 2008-06-02 14:54 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\MySpace
2008-06-02 14:53 . 2008-06-05 19:11 <REP> d-------- C:\Program Files\MySpace
2008-05-31 15:15 . 2008-05-31 15:43 <REP> d-------- C:\Program Files\GUILD WARS
2008-05-25 18:05 . 2008-05-25 18:48 <REP> d-------- C:\Program Files\Roger Wilco
2008-05-25 17:11 . 2008-05-25 18:07 <REP> d-------- C:\Program Files\GameSpy Arcade
2008-05-25 17:10 . 2008-05-25 17:10 <REP> d-------- C:\Program Files\EA GAMES
2008-05-23 07:55 . 2008-05-23 07:56 <REP> d-------- C:\Program Files\QuickTime
2008-05-23 07:40 . 2008-05-23 07:40 <REP> d-------- C:\~QTWTMP.TMP
2008-05-23 07:34 . 2008-05-23 07:36 344 --a------ C:\WINDOWS\QTW.QTW
2008-05-23 07:33 . 2008-05-23 07:33 812 --a------ C:\WINDOWS\QT$INST$.~PC
2008-05-16 13:03 . 2008-05-16 13:03 <REP> d-------- C:\Program Files\Sonic Foundry
2008-05-16 13:02 . 2008-05-16 13:02 <REP> d-------- C:\Program Files\Sonic Foundry Setup
2008-05-16 13:01 . 2008-05-16 13:01 <REP> d-------- C:\Acid Pro 3.0 (build 261)
2008-05-15 21:55 . 2008-05-15 22:05 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-05-15 21:38 . 2008-05-15 21:38 18,432 --a------ C:\host.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-11 06:57 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-06-11 06:41 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-09 14:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-31 06:39 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express
2008-05-30 22:28 --------- d-----w C:\Program Files\Norton Internet Security
2008-05-30 22:27 --------- d-----w C:\Program Files\Symantec
2008-05-30 22:26 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-05-30 22:26 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-05-30 22:26 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-05-30 22:26 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-05-28 16:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-27 05:51 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-05-27 05:48 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\AdobeUM
2008-05-16 18:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-10 05:08 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Sony
2008-05-10 05:04 --------- d-----w C:\Program Files\Steinberg
2008-05-10 05:03 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Publish Providers
2008-05-10 05:03 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\NetMedia Providers
2008-05-10 04:54 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-05-10 04:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-05-10 04:49 --------- d-----w C:\Program Files\Vstplugins
2008-05-10 04:46 --------- d-----w C:\Program Files\Sony
2008-05-09 09:10 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Sony Setup
2008-05-09 09:08 --------- d-----w C:\Program Files\Sony Setup
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-30 09:15 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Vso
2008-04-28 13:46 --------- d-----w C:\Program Files\SLD Codec Pack
2008-04-28 13:45 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-04-27 05:06 118,784 ----a-w C:\WINDOWS\Web\Wallpaper\Living Waterfalls Wallpaper #1.exe
2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-22 07:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-21 21:35 3,928,668 ----a-w C:\ffdshow-rev1946_20080421_xxl.exe
2008-04-20 09:57 --------- d-----w C:\Documents and Settings\Leo mon costaud\Application Data\Media Player Classic
2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-03-28 17:41 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\win32k.sys
2008-03-15 19:59 446,976 ----a-w C:\WINDOWS\system32\ShellMPD.dll
2007-08-12 16:24 7,168 -csha-w C:\Program Files\Thumbs.db
2007-06-17 20:55 13 -c-h--w C:\Documents and Settings\All Users\Application Data\1ÌØ13.sys
2007-05-26 00:25 541 ----a-w C:\Program Files\Raccourci vers emule.lnk
2007-04-22 08:13 47,360 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.sys
2007-03-28 17:00 1,877,574 ----a-w C:\Program Files\Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.4.70328.exe
2007-03-09 14:18 6,116,660 ----a-w C:\Program Files\ONES Trial Setup (EFIGS).exe
2006-07-03 22:34 15,633,443 -c--a-w C:\Program Files\tearsofaclown.m4v
2006-06-27 09:32 757,906 -c--a-w C:\Program Files\MidiMeow_old_1.01.zip
2006-06-27 09:20 1,484,285 ----a-w C:\Program Files\midc.exe
2006-05-01 07:43 770,048 ----a-w C:\Program Files\kmd.exe
2006-04-30 15:02 1,190,317 -c--a-w C:\Program Files\compteur.zip
2006-04-30 13:00 742,889 -c--a-w C:\Program Files\beatsaver.zip
2006-04-29 21:07 0 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat
2005-12-01 20:30 3,262 -c--a-w C:\Program Files\logoB.ico
2005-11-10 09:15 5,790,379 ----a-w C:\Program Files\ac3decoder_install.exe
2003-01-06 09:37 4,286 -c--a-w C:\Program Files\2TONE.ICO
2002-06-29 19:12 8,244 -c--a-w C:\Program Files\LICENSE.TXT
2002-06-29 19:11 272 -c--a-w C:\Program Files\FILE_ID.DIZ
2002-03-10 13:40 766 -c--a-w C:\Program Files\MURIELLE.ICO
2002-02-13 12:13 36,864 -c--a-w C:\Program Files\whatsnew.doc
2001-11-07 12:04 1,869 -c--a-w C:\Program Files\DriverLanguageMap.xml
2001-11-06 02:17 15,420 -c--a-w C:\Program Files\Mdmntstm.CAT
2001-11-05 08:06 64,408 -c--a-w C:\Program Files\Mdmntstm.inf
2001-10-22 18:06 1,992 -c--a-w C:\Program Files\Slclean.ini
2001-10-11 15:56 475,136 -c--a-w C:\Program Files\SLCPAPPL.CPL
2005-05-13 15:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 09:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-13 19:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2006-04-29 21:54 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys
2006-05-20 16:08 56 --sh--r C:\WINDOWS\system32\B621BE3148.sys
2005-06-22 05:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
.
((((((((((((((((((((((((((((( snapshot@2008-06-11_ 9.15.04.79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-11 06:59:24 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-11 17:21:25 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 15:52:45 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 12:58:06 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 12:58:06 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:39 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-03-01 12:58:06 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 12:58:06 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 12:58:08 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:39 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-03-01 12:58:08 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 12:58:09 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 12:58:10 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 12:58:10 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-03-01 12:58:10 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2008-03-01 12:58:10 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 12:58:10 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 12:58:11 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 12:58:11 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-03-01 12:58:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{160E258C-A042-AC8C-1BB4-E737E455607D}]
C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 12:51 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 20:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04 52736]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-14 05:05 344064]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 22:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35 49152]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 22:52 49152]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-02 06:06 180269]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [ ]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"option that obj byte"="C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19 221184]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [ ]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [ ]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 23:59 115816]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 01:11 771704]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]
"host"="C:\host.exe" [2008-05-15 21:38 18432]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]
C:\Documents and Settings\Leo mon costaud\Menu D‚marrer\Programmes\D‚marrage\
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2005-01-02 05:34:31 27136]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-05-21 16:38:28 113664]
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-10-09 02:16:54 610365]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 22:40:10 210520]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2006-03-14 20:12:21 65588]
TrayMin210.exe.lnk - C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe [2007-07-13 16:16:43 278528]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.YV12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-14 01:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\emule.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
R0 IFP300;iRiver Internet Audio Player IFP-300;C:\WINDOWS\system32\DRIVERS\ifp300.sys [2003-03-06 09:57]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]
S2 NMSAccessU;NMSAccessU;C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{4C0B4B83-CB98-4C7A-8787-F94A71DCD58D}\NMSAccessU.exe []
S3 mamotou;mamotou;C:\WINDOWS\system32\DRIVERS\mamotou.sys [2005-11-07 18:50]
S3 Slnt7554;USB Soft Modem Driver;C:\WINDOWS\system32\DRIVERS\slnt7554.sys [2004-08-03 22:41]
S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2005-11-22 18:04]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2005-11-22 18:04]
S3 USBAV708;Instant VideoMPX;C:\WINDOWS\system32\DRIVERS\USBAV708.SYS [2004-07-06 22:35]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b778f9fe-6fe5-11dc-9c54-0013d3fe875f}]
\Shell\AutoRun\command - H:\start.exe
\Shell\iledefrance\command - H:\start.exe
*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-06-11 17:27:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-16 10:47:20 C:\WINDOWS\Tasks\Connexion facile à Internet.job"
- C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exef/remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
"2008-06-05 18:12:41 C:\WINDOWS\Tasks\HPCeeSchedule.job"
- C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe
"2008-06-10 16:09:36 C:\WINDOWS\Tasks\Norton Internet Security - Analyse système complète - HP_Propriétaire.job"
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK:
"2008-06-11 17:42:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
"2008-06-11 17:19:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 19:40:41
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
C:\WINDOWS\explorer.exe [1368] 0x84C04020
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\system32\SETUPAPI.dll
-> ?:\WINDOWS\system32\SETUPAPI.dll
-> ?:\WINDOWS\system32\SETUPAPI.dll
.
Temps d'accomplissement: 2008-06-11 19:42:58
ComboFix-quarantined-files.txt 2008-06-11 17:42:47
Pre-Run: 34,751,565,824 octets libres
Post-Run: 34,733,551,616 octets libres
422 --- E O F --- 2008-06-11 08:34:17
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
____________
recolle un nouveau rapport hijakchits et dis tes soucis
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
____________
recolle un nouveau rapport hijakchits et dis tes soucis
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP_Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 11/06/2008 | 21:01:32,21 ] [ PC : RUDEBOY ]
[ MAJ : 07-06-2008 | 22:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[17/06/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1Þ13.sys
[27/05/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[25/12/2006|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/11/2007|09:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[10/09/2006|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blue Ref Option That
[23/02/2007|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[24/11/2004|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/09/2006|11:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[21/12/2007|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/01/2005|05:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[04/05/2008|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[02/01/2005|06:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[23/07/2007|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LUUnInstall.LiveUpdate
[09/06/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/03/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/06/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/11/2006|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[29/11/2007|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[05/11/2007|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[29/05/2006|07:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[23/05/2008|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/08/2006|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/02/2008|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Recisio
[02/01/2005|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[30/04/2006|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[02/01/2005|05:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[10/05/2008|06:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[12/11/2006|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[11/06/2008|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[11/06/2008|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[03/11/2007|16:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[29/02/2008|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[06/05/2006|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VUG
[21/12/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[01/09/2006|07:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/09/2006|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/07/2007|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[02/07/2007|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[16/05/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/11/2007|22:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/07/2007|19:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2005|06:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[02/01/2005|06:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[29/03/2008|09:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[27/05/2008|07:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[27/10/2007|12:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[29/11/2007|09:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AVS4YOU
[25/12/2006|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Blender Foundation
[11/02/2007|17:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dcdl_prefs
[24/11/2004|00:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\desktop.ini
[18/09/2006|14:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[11/09/2006|01:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[30/04/2006|15:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[22/01/2007|17:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[01/05/2006|12:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[09/10/2006|19:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPSU_48BitScanUpdate.log
[09/07/2007|19:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[31/05/2008|08:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Image Zone Express
[01/05/2006|13:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
[21/05/2007|09:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jasc
[03/03/2008|23:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
[10/05/2006|07:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[13/11/2006|19:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[09/06/2008|23:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[10/11/2007|23:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[23/02/2007|09:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[29/04/2006|23:57] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[27/08/2007|08:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Morpheus Software
[10/09/2006|16:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[01/02/2007|17:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[15/11/2006|10:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
[02/06/2008|14:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MySpace
[05/11/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NCH Swift Sound
[10/05/2008|07:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NetMedia Providers
[10/03/2008|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Oui-Oui2_prefs.cst
[09/10/2006|19:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[18/09/2006|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
[18/09/2006|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_InstantShareJPG.log
[22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.cat
[22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.inf
[22/04/2007|10:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.log
[22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.sys
[21/12/2007|20:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Printer Info Cache
[10/05/2008|07:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Publish Providers
[08/06/2008|00:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\QuickZip45.ini
[02/01/2005|06:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[10/07/2007|11:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\RecordPad
[01/03/2008|09:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
[09/06/2007|21:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Serif
[21/05/2007|22:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Shareaza
[01/06/2006|19:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Simple Star
[10/05/2006|07:44] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[10/05/2008|07:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony
[09/05/2008|11:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony Setup
[24/09/2007|00:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Steinberg
[22/06/2006|21:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[29/04/2006|23:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[06/05/2007|10:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TaoUSign
[01/06/2006|23:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems
[18/09/2006|14:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[30/04/2008|11:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
[10/07/2007|11:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WavCodec.wff
[29/04/2006|23:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\wklnhst.dat
[01/07/2006|15:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\wxMozze
[29/03/2008|10:01] C:\DOCUME~1\LEOMON~1\APPLIC~1\Adobe
[16/10/2007|15:21] C:\DOCUME~1\LEOMON~1\APPLIC~1\Apple Computer
[14/02/2007|10:39] C:\DOCUME~1\LEOMON~1\APPLIC~1\dcdl_prefs
[24/11/2004|00:13] C:\DOCUME~1\LEOMON~1\APPLIC~1\desktop.ini
[24/11/2007|10:29] C:\DOCUME~1\LEOMON~1\APPLIC~1\Google
[04/01/2008|15:07] C:\DOCUME~1\LEOMON~1\APPLIC~1\HP
[02/09/2007|10:14] C:\DOCUME~1\LEOMON~1\APPLIC~1\HPQ
[25/11/2004|05:26] C:\DOCUME~1\LEOMON~1\APPLIC~1\Identities
[01/03/2007|16:31] C:\DOCUME~1\LEOMON~1\APPLIC~1\Macromedia
[20/04/2008|11:57] C:\DOCUME~1\LEOMON~1\APPLIC~1\Media Player Classic
[04/11/2007|18:28] C:\DOCUME~1\LEOMON~1\APPLIC~1\Microsoft
[19/08/2007|15:34] C:\DOCUME~1\LEOMON~1\APPLIC~1\Mozilla
[02/06/2008|19:25] C:\DOCUME~1\LEOMON~1\APPLIC~1\MySpace
[29/12/2007|10:57] C:\DOCUME~1\LEOMON~1\APPLIC~1\QuickZip45.ini
[04/05/2007|22:41] C:\DOCUME~1\LEOMON~1\APPLIC~1\Real
[08/12/2007|11:47] C:\DOCUME~1\LEOMON~1\APPLIC~1\Sonic
[16/07/2007|21:48] C:\DOCUME~1\LEOMON~1\APPLIC~1\Sun
[02/01/2005|06:29] C:\DOCUME~1\LEOMON~1\APPLIC~1\Symantec
[23/05/2007|22:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[05/02/2007|18:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[29/05/2008|09:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
[10/07/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\NCH Swift Sound
[02/06/2008|14:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[16/05/2008 12:47][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[11/06/2008 20:18][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/06/2008 18:09][--a------] C:\WINDOWS\tasks\Norton Internet Security - Analyse systŠme complŠte - HP_Propri‚taire.job
[11/06/2008 19:27][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[11/06/2008 20:57][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[05/06/2008 20:12][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[11/06/2008 19:21][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[06/01/2003|11:37] C:\Program Files\2TONE.ICO
[27/08/2007|08:50] C:\Program Files\3D Flash Animator 4.9.6.5
[10/11/2005|11:15] C:\Program Files\ac3decoder_install.exe
[21/05/2007|16:38] C:\Program Files\Adobe
[29/05/2006|08:54] C:\Program Files\Ahead
[27/12/2007|13:03] C:\Program Files\Apple Software Update
[05/10/2006|08:06] C:\Program Files\Ashampoo
[24/05/2007|19:49] C:\Program Files\a-squared Anti-Malware
[02/07/2007|17:18] C:\Program Files\Astro
[02/01/2005|05:52] C:\Program Files\ATI Technologies
[03/03/2008|23:40] C:\Program Files\Audacity
[25/06/2006|19:38] C:\Program Files\AviSynth 2.5
[29/11/2007|10:53] C:\Program Files\AVS4YOU
[30/04/2006|17:03] C:\Program Files\AXEL
[30/04/2006|15:19] C:\Program Files\beatsaver
[30/04/2006|15:00] C:\Program Files\beatsaver.zip
[21/05/2007|10:38] C:\Program Files\Casperlab Software
[09/09/2007|19:12] C:\Program Files\CDBurnerXP Pro 3
[20/05/2007|17:36] C:\Program Files\CoffeeCup Software
[14/10/2001|13:37] C:\Program Files\COINST.DLL
[01/05/2006|12:31] C:\Program Files\COM One
[24/11/2004|03:37] C:\Program Files\ComPlus Applications
[30/04/2006|17:02] C:\Program Files\compteur
[30/04/2006|17:02] C:\Program Files\compteur.zip
[26/10/2007|09:58] C:\Program Files\Cool MP3 Converter
[14/08/2006|12:17] C:\Program Files\DALE SECT BOLT
[14/07/2006|11:54] C:\Program Files\DivX
[30/04/2006|14:20] C:\Program Files\driver internet
[07/11/2001|14:04] C:\Program Files\DriverLanguageMap.xml
[25/05/2008|17:10] C:\Program Files\EA GAMES
[01/03/2008|09:40] C:\Program Files\Ejay
[09/08/2007|18:48] C:\Program Files\Elecard
[28/03/2007|19:00] C:\Program Files\Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.4.70328.exe
[21/05/2007|22:26] C:\Program Files\eMule
[28/07/2007|07:55] C:\Program Files\eMule Acceleration Patch
[14/07/2006|01:16] C:\Program Files\EO Video
[01/07/2006|15:53] C:\Program Files\Evermore
[04/01/2008|22:45] C:\Program Files\Fichiers communs
[29/06/2002|21:11] C:\Program Files\FILE_ID.DIZ
[20/08/2007|10:41] C:\Program Files\Foreignword
[26/10/2007|10:04] C:\Program Files\Free Audio Pack
[30/04/2006|10:46] C:\Program Files\Free.fr
[25/05/2008|18:07] C:\Program Files\GameSpy Arcade
[22/11/2007|22:39] C:\Program Files\Google
[31/05/2008|15:43] C:\Program Files\GUILD WARS
[21/12/2007|12:43] C:\Program Files\Hewlett-Packard
[05/04/2008|20:25] C:\Program Files\HP
[28/05/2008|18:06] C:\Program Files\InstallShield Installation Information
[10/10/2006|09:00] C:\Program Files\Intel
[11/06/2008|10:32] C:\Program Files\Internet Explorer
[02/01/2005|06:09] C:\Program Files\InterVideo
[04/01/2008|22:53] C:\Program Files\iPod
[24/10/2007|21:09] C:\Program Files\iRiver
[04/01/2008|22:54] C:\Program Files\iTunes
[02/07/2007|17:19] C:\Program Files\Jasc Software Inc
[09/03/2008|20:21] C:\Program Files\Java
[26/02/2008|10:05] C:\Program Files\KaraFun
[28/12/2006|15:39] C:\Program Files\KC Softwares
[28/04/2008|15:45] C:\Program Files\K-Lite Codec Pack
[01/05/2006|09:43] C:\Program Files\kmd.exe
[16/08/2006|19:50] C:\Program Files\LafumaUnlimit
[29/06/2002|21:12] C:\Program Files\LICENSE.TXT
[19/08/2006|18:00] C:\Program Files\Logitech
[01/12/2005|22:30] C:\Program Files\logoB.ico
[09/06/2008|23:15] C:\Program Files\Malwarebytes' Anti-Malware
[05/05/2007|12:30] C:\Program Files\Maxis
[06/11/2001|04:17] C:\Program Files\Mdmntstm.CAT
[05/11/2001|10:06] C:\Program Files\Mdmntstm.inf
[27/07/2007|20:11] C:\Program Files\Mediatwins software
[02/01/2005|05:47] C:\Program Files\Messenger
[30/03/2008|16:38] C:\Program Files\Messenger Plus! Live
[29/11/2007|08:52] C:\Program Files\Micro Application
[24/07/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/04/2006|00:02] C:\Program Files\microsoft frontpage
[19/07/2007|20:52] C:\Program Files\Microsoft GIF Animator
[30/04/2006|00:04] C:\Program Files\Microsoft Office
[15/05/2008|22:05] C:\Program Files\Microsoft Silverlight
[10/05/2008|06:54] C:\Program Files\Microsoft SQL Server
[12/12/2007|14:16] C:\Program Files\Microsoft SQL Server Compact Edition
[02/01/2005|06:12] C:\Program Files\Microsoft Works
[27/06/2006|11:20] C:\Program Files\midc.exe
[27/06/2006|11:30] C:\Program Files\MidiMeow_1_02
[27/06/2006|11:32] C:\Program Files\MidiMeow_old_1.01
[27/06/2006|11:32] C:\Program Files\MidiMeow_old_1.01.zip
[14/10/2001|13:37] C:\Program Files\MINIREC.EXE
[23/02/2007|19:21] C:\Program Files\mobile PhoneTools
[10/09/2006|15:49] C:\Program Files\Morpheus Toolbar
[21/03/2007|16:46] C:\Program Files\Movie Maker
[11/06/2008|20:09] C:\Program Files\Mozilla Firefox
[30/07/2007|14:42] C:\Program Files\MP3 Player Utilities
[11/06/2007|19:31] C:\Program Files\MP3 Player Utilities 3.68
[19/06/2007|23:33] C:\Program Files\MSN
[25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
[30/12/2007|19:33] C:\Program Files\MSN Messenger
[15/03/2008|21:59] C:\Program Files\MSN Pictures Displayer
[15/10/2006|03:01] C:\Program Files\MSXML 4.0
[14/10/2001|13:37] C:\Program Files\MTLMNT5.SYS
[14/10/2001|13:37] C:\Program Files\MTLSTRM.SYS
[10/03/2002|15:40] C:\Program Files\MURIELLE.ICO
[02/01/2005|06:15] C:\Program Files\muvee Technologies
[05/06/2008|19:11] C:\Program Files\MySpace
[03/03/2008|23:45] C:\Program Files\NCH Software
[05/11/2007|10:13] C:\Program Files\NCH Swift Sound
[01/02/2006|10:02] C:\Program Files\NetMeeting
[31/05/2008|00:28] C:\Program Files\Norton Internet Security
[14/10/2001|13:37] C:\Program Files\NTMTLFAX.SYS
[09/03/2007|16:18] C:\Program Files\ONES Trial Setup (EFIGS).exe
[25/11/2004|05:27] C:\Program Files\Online Services
[13/08/2007|17:26] C:\Program Files\Online_TV
[10/11/2007|12:05] C:\Program Files\OpenOffice.org 2.3
[13/06/2007|16:44] C:\Program Files\Outlook Express
[06/10/2006|09:13] C:\Program Files\Oxilog
[13/07/2007|16:16] C:\Program Files\Philips
[15/07/2006|12:33] C:\Program Files\PhotoFiltre
[22/07/2007|16:55] C:\Program Files\Pinnacle
[23/05/2008|07:56] C:\Program Files\QuickTime
[14/08/2007|19:42] C:\Program Files\QuickZip4
[26/05/2007|02:25] C:\Program Files\Raccourci vers emule.lnk
[02/01/2005|06:06] C:\Program Files\Real
[22/07/2007|16:53] C:\Program Files\Replay Converter
[25/05/2008|18:48] C:\Program Files\Roger Wilco
[09/06/2007|21:12] C:\Program Files\Serif
[02/01/2005|06:25] C:\Program Files\Services en ligne
[21/05/2007|22:31] C:\Program Files\Shareaza
[01/06/2006|19:11] C:\Program Files\Simple Star
[14/10/2001|13:37] C:\Program Files\SL.LNG
[14/10/2001|13:37] C:\Program Files\SLCLEAN.DLL
[14/10/2001|13:37] C:\Program Files\SLCLEAN.EXE
[22/10/2001|20:06] C:\Program Files\Slclean.ini
[14/10/2001|13:37] C:\Program Files\SLCPAPPL.CHM
[11/10/2001|17:56] C:\Program Files\SLCPAPPL.CPL
[14/10/2001|13:37] C:\Program Files\SLCPAPPL.HLP
[28/04/2008|15:46] C:\Program Files\SLD Codec Pack
[14/10/2001|13:37] C:\Program Files\SLEXTSPK.DLL
[14/10/2001|13:37] C:\Program Files\SLLIGHTS.EXE
[14/10/2001|13:37] C:\Program Files\slnt7554.sys
[14/10/2001|13:37] C:\Program Files\SLNTHAL.SYS
[14/10/2001|13:37] C:\Program Files\SLSERV.EXE
[14/10/2001|13:37] C:\Program Files\SlWdmSup.sys
[09/02/2008|13:31] C:\Program Files\SM
[14/10/2001|13:37] C:\Program Files\SMCFG.EXE
[30/04/2006|00:03] C:\Program Files\Snapshot Viewer
[02/01/2005|06:08] C:\Program Files\Sonic
[16/05/2008|13:03] C:\Program Files\Sonic Foundry
[16/05/2008|13:02] C:\Program Files\Sonic Foundry Setup
[10/05/2008|06:46] C:\Program Files\Sony
[09/05/2008|11:08] C:\Program Files\Sony Setup
[16/08/2007|16:04] C:\Program Files\Spybot - Search & Destroy
[11/06/2008|08:59] C:\Program Files\Spyware Doctor
[10/05/2008|07:04] C:\Program Files\Steinberg
[31/05/2008|00:27] C:\Program Files\Symantec
[04/07/2006|00:34] C:\Program Files\tearsofaclown.m4v
[07/05/2006|11:57] C:\Program Files\The 3DO Company
[12/08/2007|18:24] C:\Program Files\Thumbs.db
[03/11/2007|16:00] C:\Program Files\Ulead Systems
[10/05/2008|06:56] C:\Program Files\Uninstall Information
[14/10/2001|13:37] C:\Program Files\USB_CPL.DLL
[14/10/2001|13:37] C:\Program Files\V90DRV.SYS
[07/12/2006|21:50] C:\Program Files\Vidomi
[22/04/2007|10:13] C:\Program Files\VSO
[10/05/2008|06:49] C:\Program Files\Vstplugins
[03/01/2008|09:36] C:\Program Files\Western Digital Technologies
[13/02/2002|14:13] C:\Program Files\whatsnew.doc
[23/02/2007|19:15] C:\Program Files\WIDCOMM
[14/10/2001|13:37] C:\Program Files\WINDDX.SYS
[03/03/2008|23:47] C:\Program Files\Windows Live
[30/11/2007|08:21] C:\Program Files\Windows Live Toolbar
[01/06/2006|19:07] C:\Program Files\Windows Media Components
[05/02/2007|12:22] C:\Program Files\Windows Media Connect 2
[05/02/2007|12:22] C:\Program Files\Windows Media Player
[01/02/2006|10:02] C:\Program Files\Windows NT
[24/11/2004|03:37] C:\Program Files\WindowsUpdate
[25/06/2007|22:21] C:\Program Files\WinZip
[25/11/2004|05:28] C:\Program Files\xerox
[31/01/2007|23:54] C:\Program Files\Xvid
[03/03/2008|23:50] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[27/05/2008|07:51] C:\Program Files\Fichiers communs\Adobe
[29/05/2006|08:54] C:\Program Files\Fichiers communs\Ahead
[30/04/2006|00:34] C:\Program Files\Fichiers communs\AOL
[04/01/2008|22:45] C:\Program Files\Fichiers communs\Apple
[29/11/2007|10:53] C:\Program Files\Fichiers communs\AVSMedia
[30/04/2006|00:00] C:\Program Files\Fichiers communs\Designer
[02/01/2005|05:56] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2005|05:58] C:\Program Files\Fichiers communs\HP
[02/01/2005|06:22] C:\Program Files\Fichiers communs\InstallShield
[02/01/2005|05:44] C:\Program Files\Fichiers communs\Java
[08/05/2006|18:45] C:\Program Files\Fichiers communs\Knowledge Adventure
[19/08/2006|18:00] C:\Program Files\Fichiers communs\Logitech
[29/11/2007|09:01] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
[02/01/2005|06:15] C:\Program Files\Fichiers communs\muvee Technologies
[25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
[02/01/2005|06:06] C:\Program Files\Fichiers communs\Real
[02/01/2005|06:08] C:\Program Files\Fichiers communs\Roxio Shared
[01/02/2006|10:02] C:\Program Files\Fichiers communs\Services
[02/01/2005|06:07] C:\Program Files\Fichiers communs\Sonic Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
[02/01/2005|06:07] C:\Program Files\Fichiers communs\SureThing Shared
[10/05/2006|16:38] C:\Program Files\Fichiers communs\SWF Studio
[11/06/2008|19:46] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|16:44] C:\Program Files\Fichiers communs\System
[02/01/2005|06:08] C:\Program Files\Fichiers communs\TiVo Shared
[06/05/2006|12:32] C:\Program Files\Fichiers communs\Vivendi Universal
[12/12/2007|14:07] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/09/2007|18:11] C:\Program Files\Fichiers communs\Wise Installation Wizard
[02/01/2005|06:06] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 50
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@adopt.euroclick[2].txt
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 21:02:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\HP_Propri‚taire\Bureau\midifiles\Auteurs\G\George Harrison\Cracker Box Palace.mid
[F:3][D:0]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:51][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:514][D:4]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 21:04:20,37 ]----------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : HP_Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 11/06/2008 | 21:01:32,21 ] [ PC : RUDEBOY ]
[ MAJ : 07-06-2008 | 22:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[17/06/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1Þ13.sys
[27/05/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[25/12/2006|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/11/2007|09:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[10/09/2006|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blue Ref Option That
[23/02/2007|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[24/11/2004|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/09/2006|11:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[21/12/2007|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/01/2005|05:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[04/05/2008|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[02/01/2005|06:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[23/07/2007|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LUUnInstall.LiveUpdate
[09/06/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/03/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/06/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/11/2006|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[29/11/2007|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[05/11/2007|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[29/05/2006|07:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[23/05/2008|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/08/2006|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/02/2008|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Recisio
[02/01/2005|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[30/04/2006|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[02/01/2005|05:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[10/05/2008|06:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[12/11/2006|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[11/06/2008|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[11/06/2008|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[03/11/2007|16:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[29/02/2008|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[06/05/2006|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VUG
[21/12/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[01/09/2006|07:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/09/2006|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/07/2007|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[02/07/2007|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[16/05/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/11/2007|22:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[24/11/2004|00:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/07/2007|19:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2005|06:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[02/01/2005|06:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[29/03/2008|09:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[27/05/2008|07:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[27/10/2007|12:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[29/11/2007|09:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AVS4YOU
[25/12/2006|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Blender Foundation
[11/02/2007|17:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dcdl_prefs
[24/11/2004|00:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\desktop.ini
[18/09/2006|14:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[11/09/2006|01:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[30/04/2006|15:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[22/01/2007|17:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[01/05/2006|12:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[09/10/2006|19:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPSU_48BitScanUpdate.log
[09/07/2007|19:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[31/05/2008|08:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Image Zone Express
[01/05/2006|13:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
[21/05/2007|09:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jasc
[03/03/2008|23:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
[10/05/2006|07:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[13/11/2006|19:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[09/06/2008|23:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[10/11/2007|23:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[23/02/2007|09:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[29/04/2006|23:57] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
[27/08/2007|08:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Morpheus Software
[10/09/2006|16:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[01/02/2007|17:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
[15/11/2006|10:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
[02/06/2008|14:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MySpace
[05/11/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NCH Swift Sound
[10/05/2008|07:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NetMedia Providers
[10/03/2008|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Oui-Oui2_prefs.cst
[09/10/2006|19:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[18/09/2006|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
[18/09/2006|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_InstantShareJPG.log
[22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.cat
[22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.inf
[22/04/2007|10:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.log
[22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.sys
[21/12/2007|20:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Printer Info Cache
[10/05/2008|07:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Publish Providers
[08/06/2008|00:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\QuickZip45.ini
[02/01/2005|06:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[10/07/2007|11:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\RecordPad
[01/03/2008|09:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
[09/06/2007|21:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Serif
[21/05/2007|22:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Shareaza
[01/06/2006|19:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Simple Star
[10/05/2006|07:44] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[10/05/2008|07:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony
[09/05/2008|11:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony Setup
[24/09/2007|00:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Steinberg
[22/06/2006|21:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[29/04/2006|23:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[06/05/2007|10:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TaoUSign
[01/06/2006|23:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems
[18/09/2006|14:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[30/04/2008|11:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
[10/07/2007|11:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WavCodec.wff
[29/04/2006|23:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\wklnhst.dat
[01/07/2006|15:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\wxMozze
[29/03/2008|10:01] C:\DOCUME~1\LEOMON~1\APPLIC~1\Adobe
[16/10/2007|15:21] C:\DOCUME~1\LEOMON~1\APPLIC~1\Apple Computer
[14/02/2007|10:39] C:\DOCUME~1\LEOMON~1\APPLIC~1\dcdl_prefs
[24/11/2004|00:13] C:\DOCUME~1\LEOMON~1\APPLIC~1\desktop.ini
[24/11/2007|10:29] C:\DOCUME~1\LEOMON~1\APPLIC~1\Google
[04/01/2008|15:07] C:\DOCUME~1\LEOMON~1\APPLIC~1\HP
[02/09/2007|10:14] C:\DOCUME~1\LEOMON~1\APPLIC~1\HPQ
[25/11/2004|05:26] C:\DOCUME~1\LEOMON~1\APPLIC~1\Identities
[01/03/2007|16:31] C:\DOCUME~1\LEOMON~1\APPLIC~1\Macromedia
[20/04/2008|11:57] C:\DOCUME~1\LEOMON~1\APPLIC~1\Media Player Classic
[04/11/2007|18:28] C:\DOCUME~1\LEOMON~1\APPLIC~1\Microsoft
[19/08/2007|15:34] C:\DOCUME~1\LEOMON~1\APPLIC~1\Mozilla
[02/06/2008|19:25] C:\DOCUME~1\LEOMON~1\APPLIC~1\MySpace
[29/12/2007|10:57] C:\DOCUME~1\LEOMON~1\APPLIC~1\QuickZip45.ini
[04/05/2007|22:41] C:\DOCUME~1\LEOMON~1\APPLIC~1\Real
[08/12/2007|11:47] C:\DOCUME~1\LEOMON~1\APPLIC~1\Sonic
[16/07/2007|21:48] C:\DOCUME~1\LEOMON~1\APPLIC~1\Sun
[02/01/2005|06:29] C:\DOCUME~1\LEOMON~1\APPLIC~1\Symantec
[23/05/2007|22:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[05/02/2007|18:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[29/05/2008|09:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
[10/07/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\NCH Swift Sound
[02/06/2008|14:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[16/05/2008 12:47][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job
[11/06/2008 20:18][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/06/2008 18:09][--a------] C:\WINDOWS\tasks\Norton Internet Security - Analyse systŠme complŠte - HP_Propri‚taire.job
[11/06/2008 19:27][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[11/06/2008 20:57][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[05/06/2008 20:12][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[11/06/2008 19:21][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[06/01/2003|11:37] C:\Program Files\2TONE.ICO
[27/08/2007|08:50] C:\Program Files\3D Flash Animator 4.9.6.5
[10/11/2005|11:15] C:\Program Files\ac3decoder_install.exe
[21/05/2007|16:38] C:\Program Files\Adobe
[29/05/2006|08:54] C:\Program Files\Ahead
[27/12/2007|13:03] C:\Program Files\Apple Software Update
[05/10/2006|08:06] C:\Program Files\Ashampoo
[24/05/2007|19:49] C:\Program Files\a-squared Anti-Malware
[02/07/2007|17:18] C:\Program Files\Astro
[02/01/2005|05:52] C:\Program Files\ATI Technologies
[03/03/2008|23:40] C:\Program Files\Audacity
[25/06/2006|19:38] C:\Program Files\AviSynth 2.5
[29/11/2007|10:53] C:\Program Files\AVS4YOU
[30/04/2006|17:03] C:\Program Files\AXEL
[30/04/2006|15:19] C:\Program Files\beatsaver
[30/04/2006|15:00] C:\Program Files\beatsaver.zip
[21/05/2007|10:38] C:\Program Files\Casperlab Software
[09/09/2007|19:12] C:\Program Files\CDBurnerXP Pro 3
[20/05/2007|17:36] C:\Program Files\CoffeeCup Software
[14/10/2001|13:37] C:\Program Files\COINST.DLL
[01/05/2006|12:31] C:\Program Files\COM One
[24/11/2004|03:37] C:\Program Files\ComPlus Applications
[30/04/2006|17:02] C:\Program Files\compteur
[30/04/2006|17:02] C:\Program Files\compteur.zip
[26/10/2007|09:58] C:\Program Files\Cool MP3 Converter
[14/08/2006|12:17] C:\Program Files\DALE SECT BOLT
[14/07/2006|11:54] C:\Program Files\DivX
[30/04/2006|14:20] C:\Program Files\driver internet
[07/11/2001|14:04] C:\Program Files\DriverLanguageMap.xml
[25/05/2008|17:10] C:\Program Files\EA GAMES
[01/03/2008|09:40] C:\Program Files\Ejay
[09/08/2007|18:48] C:\Program Files\Elecard
[28/03/2007|19:00] C:\Program Files\Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.4.70328.exe
[21/05/2007|22:26] C:\Program Files\eMule
[28/07/2007|07:55] C:\Program Files\eMule Acceleration Patch
[14/07/2006|01:16] C:\Program Files\EO Video
[01/07/2006|15:53] C:\Program Files\Evermore
[04/01/2008|22:45] C:\Program Files\Fichiers communs
[29/06/2002|21:11] C:\Program Files\FILE_ID.DIZ
[20/08/2007|10:41] C:\Program Files\Foreignword
[26/10/2007|10:04] C:\Program Files\Free Audio Pack
[30/04/2006|10:46] C:\Program Files\Free.fr
[25/05/2008|18:07] C:\Program Files\GameSpy Arcade
[22/11/2007|22:39] C:\Program Files\Google
[31/05/2008|15:43] C:\Program Files\GUILD WARS
[21/12/2007|12:43] C:\Program Files\Hewlett-Packard
[05/04/2008|20:25] C:\Program Files\HP
[28/05/2008|18:06] C:\Program Files\InstallShield Installation Information
[10/10/2006|09:00] C:\Program Files\Intel
[11/06/2008|10:32] C:\Program Files\Internet Explorer
[02/01/2005|06:09] C:\Program Files\InterVideo
[04/01/2008|22:53] C:\Program Files\iPod
[24/10/2007|21:09] C:\Program Files\iRiver
[04/01/2008|22:54] C:\Program Files\iTunes
[02/07/2007|17:19] C:\Program Files\Jasc Software Inc
[09/03/2008|20:21] C:\Program Files\Java
[26/02/2008|10:05] C:\Program Files\KaraFun
[28/12/2006|15:39] C:\Program Files\KC Softwares
[28/04/2008|15:45] C:\Program Files\K-Lite Codec Pack
[01/05/2006|09:43] C:\Program Files\kmd.exe
[16/08/2006|19:50] C:\Program Files\LafumaUnlimit
[29/06/2002|21:12] C:\Program Files\LICENSE.TXT
[19/08/2006|18:00] C:\Program Files\Logitech
[01/12/2005|22:30] C:\Program Files\logoB.ico
[09/06/2008|23:15] C:\Program Files\Malwarebytes' Anti-Malware
[05/05/2007|12:30] C:\Program Files\Maxis
[06/11/2001|04:17] C:\Program Files\Mdmntstm.CAT
[05/11/2001|10:06] C:\Program Files\Mdmntstm.inf
[27/07/2007|20:11] C:\Program Files\Mediatwins software
[02/01/2005|05:47] C:\Program Files\Messenger
[30/03/2008|16:38] C:\Program Files\Messenger Plus! Live
[29/11/2007|08:52] C:\Program Files\Micro Application
[24/07/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/04/2006|00:02] C:\Program Files\microsoft frontpage
[19/07/2007|20:52] C:\Program Files\Microsoft GIF Animator
[30/04/2006|00:04] C:\Program Files\Microsoft Office
[15/05/2008|22:05] C:\Program Files\Microsoft Silverlight
[10/05/2008|06:54] C:\Program Files\Microsoft SQL Server
[12/12/2007|14:16] C:\Program Files\Microsoft SQL Server Compact Edition
[02/01/2005|06:12] C:\Program Files\Microsoft Works
[27/06/2006|11:20] C:\Program Files\midc.exe
[27/06/2006|11:30] C:\Program Files\MidiMeow_1_02
[27/06/2006|11:32] C:\Program Files\MidiMeow_old_1.01
[27/06/2006|11:32] C:\Program Files\MidiMeow_old_1.01.zip
[14/10/2001|13:37] C:\Program Files\MINIREC.EXE
[23/02/2007|19:21] C:\Program Files\mobile PhoneTools
[10/09/2006|15:49] C:\Program Files\Morpheus Toolbar
[21/03/2007|16:46] C:\Program Files\Movie Maker
[11/06/2008|20:09] C:\Program Files\Mozilla Firefox
[30/07/2007|14:42] C:\Program Files\MP3 Player Utilities
[11/06/2007|19:31] C:\Program Files\MP3 Player Utilities 3.68
[19/06/2007|23:33] C:\Program Files\MSN
[25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
[30/12/2007|19:33] C:\Program Files\MSN Messenger
[15/03/2008|21:59] C:\Program Files\MSN Pictures Displayer
[15/10/2006|03:01] C:\Program Files\MSXML 4.0
[14/10/2001|13:37] C:\Program Files\MTLMNT5.SYS
[14/10/2001|13:37] C:\Program Files\MTLSTRM.SYS
[10/03/2002|15:40] C:\Program Files\MURIELLE.ICO
[02/01/2005|06:15] C:\Program Files\muvee Technologies
[05/06/2008|19:11] C:\Program Files\MySpace
[03/03/2008|23:45] C:\Program Files\NCH Software
[05/11/2007|10:13] C:\Program Files\NCH Swift Sound
[01/02/2006|10:02] C:\Program Files\NetMeeting
[31/05/2008|00:28] C:\Program Files\Norton Internet Security
[14/10/2001|13:37] C:\Program Files\NTMTLFAX.SYS
[09/03/2007|16:18] C:\Program Files\ONES Trial Setup (EFIGS).exe
[25/11/2004|05:27] C:\Program Files\Online Services
[13/08/2007|17:26] C:\Program Files\Online_TV
[10/11/2007|12:05] C:\Program Files\OpenOffice.org 2.3
[13/06/2007|16:44] C:\Program Files\Outlook Express
[06/10/2006|09:13] C:\Program Files\Oxilog
[13/07/2007|16:16] C:\Program Files\Philips
[15/07/2006|12:33] C:\Program Files\PhotoFiltre
[22/07/2007|16:55] C:\Program Files\Pinnacle
[23/05/2008|07:56] C:\Program Files\QuickTime
[14/08/2007|19:42] C:\Program Files\QuickZip4
[26/05/2007|02:25] C:\Program Files\Raccourci vers emule.lnk
[02/01/2005|06:06] C:\Program Files\Real
[22/07/2007|16:53] C:\Program Files\Replay Converter
[25/05/2008|18:48] C:\Program Files\Roger Wilco
[09/06/2007|21:12] C:\Program Files\Serif
[02/01/2005|06:25] C:\Program Files\Services en ligne
[21/05/2007|22:31] C:\Program Files\Shareaza
[01/06/2006|19:11] C:\Program Files\Simple Star
[14/10/2001|13:37] C:\Program Files\SL.LNG
[14/10/2001|13:37] C:\Program Files\SLCLEAN.DLL
[14/10/2001|13:37] C:\Program Files\SLCLEAN.EXE
[22/10/2001|20:06] C:\Program Files\Slclean.ini
[14/10/2001|13:37] C:\Program Files\SLCPAPPL.CHM
[11/10/2001|17:56] C:\Program Files\SLCPAPPL.CPL
[14/10/2001|13:37] C:\Program Files\SLCPAPPL.HLP
[28/04/2008|15:46] C:\Program Files\SLD Codec Pack
[14/10/2001|13:37] C:\Program Files\SLEXTSPK.DLL
[14/10/2001|13:37] C:\Program Files\SLLIGHTS.EXE
[14/10/2001|13:37] C:\Program Files\slnt7554.sys
[14/10/2001|13:37] C:\Program Files\SLNTHAL.SYS
[14/10/2001|13:37] C:\Program Files\SLSERV.EXE
[14/10/2001|13:37] C:\Program Files\SlWdmSup.sys
[09/02/2008|13:31] C:\Program Files\SM
[14/10/2001|13:37] C:\Program Files\SMCFG.EXE
[30/04/2006|00:03] C:\Program Files\Snapshot Viewer
[02/01/2005|06:08] C:\Program Files\Sonic
[16/05/2008|13:03] C:\Program Files\Sonic Foundry
[16/05/2008|13:02] C:\Program Files\Sonic Foundry Setup
[10/05/2008|06:46] C:\Program Files\Sony
[09/05/2008|11:08] C:\Program Files\Sony Setup
[16/08/2007|16:04] C:\Program Files\Spybot - Search & Destroy
[11/06/2008|08:59] C:\Program Files\Spyware Doctor
[10/05/2008|07:04] C:\Program Files\Steinberg
[31/05/2008|00:27] C:\Program Files\Symantec
[04/07/2006|00:34] C:\Program Files\tearsofaclown.m4v
[07/05/2006|11:57] C:\Program Files\The 3DO Company
[12/08/2007|18:24] C:\Program Files\Thumbs.db
[03/11/2007|16:00] C:\Program Files\Ulead Systems
[10/05/2008|06:56] C:\Program Files\Uninstall Information
[14/10/2001|13:37] C:\Program Files\USB_CPL.DLL
[14/10/2001|13:37] C:\Program Files\V90DRV.SYS
[07/12/2006|21:50] C:\Program Files\Vidomi
[22/04/2007|10:13] C:\Program Files\VSO
[10/05/2008|06:49] C:\Program Files\Vstplugins
[03/01/2008|09:36] C:\Program Files\Western Digital Technologies
[13/02/2002|14:13] C:\Program Files\whatsnew.doc
[23/02/2007|19:15] C:\Program Files\WIDCOMM
[14/10/2001|13:37] C:\Program Files\WINDDX.SYS
[03/03/2008|23:47] C:\Program Files\Windows Live
[30/11/2007|08:21] C:\Program Files\Windows Live Toolbar
[01/06/2006|19:07] C:\Program Files\Windows Media Components
[05/02/2007|12:22] C:\Program Files\Windows Media Connect 2
[05/02/2007|12:22] C:\Program Files\Windows Media Player
[01/02/2006|10:02] C:\Program Files\Windows NT
[24/11/2004|03:37] C:\Program Files\WindowsUpdate
[25/06/2007|22:21] C:\Program Files\WinZip
[25/11/2004|05:28] C:\Program Files\xerox
[31/01/2007|23:54] C:\Program Files\Xvid
[03/03/2008|23:50] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[27/05/2008|07:51] C:\Program Files\Fichiers communs\Adobe
[29/05/2006|08:54] C:\Program Files\Fichiers communs\Ahead
[30/04/2006|00:34] C:\Program Files\Fichiers communs\AOL
[04/01/2008|22:45] C:\Program Files\Fichiers communs\Apple
[29/11/2007|10:53] C:\Program Files\Fichiers communs\AVSMedia
[30/04/2006|00:00] C:\Program Files\Fichiers communs\Designer
[02/01/2005|05:56] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2005|05:58] C:\Program Files\Fichiers communs\HP
[02/01/2005|06:22] C:\Program Files\Fichiers communs\InstallShield
[02/01/2005|05:44] C:\Program Files\Fichiers communs\Java
[08/05/2006|18:45] C:\Program Files\Fichiers communs\Knowledge Adventure
[19/08/2006|18:00] C:\Program Files\Fichiers communs\Logitech
[29/11/2007|09:01] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
[02/01/2005|06:15] C:\Program Files\Fichiers communs\muvee Technologies
[25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
[02/01/2005|06:06] C:\Program Files\Fichiers communs\Real
[02/01/2005|06:08] C:\Program Files\Fichiers communs\Roxio Shared
[01/02/2006|10:02] C:\Program Files\Fichiers communs\Services
[02/01/2005|06:07] C:\Program Files\Fichiers communs\Sonic Shared
[25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
[02/01/2005|06:07] C:\Program Files\Fichiers communs\SureThing Shared
[10/05/2006|16:38] C:\Program Files\Fichiers communs\SWF Studio
[11/06/2008|19:46] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|16:44] C:\Program Files\Fichiers communs\System
[02/01/2005|06:08] C:\Program Files\Fichiers communs\TiVo Shared
[06/05/2006|12:32] C:\Program Files\Fichiers communs\Vivendi Universal
[12/12/2007|14:07] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/09/2007|18:11] C:\Program Files\Fichiers communs\Wise Installation Wizard
[02/01/2005|06:06] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 50
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@adopt.euroclick[2].txt
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 21:02:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\HP_Propri‚taire\Bureau\midifiles\Auteurs\G\George Harrison\Cracker Box Palace.mid
[F:3][D:0]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:51][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:514][D:4]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 21:04:20,37 ]----------------------
vire ce crack
=> C:\Documents and Settings\HP_Propri‚taire\Bureau\midifiles\Auteurs\G\George Harrison\Cracker Box Palace.mid
________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
__________
recolle un nouveau rapport hijakchits et dis tes soucis
=> C:\Documents and Settings\HP_Propri‚taire\Bureau\midifiles\Auteurs\G\George Harrison\Cracker Box Palace.mid
________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
__________
recolle un nouveau rapport hijakchits et dis tes soucis
Je le redis mais encore merci pour ton aide précieuse.
Tu as le merci de toute ma petite famille
J'ai bien viré le fichier midifile et voici le dernier rapport
Le Pc fonctionne beaucoup mieux même s'il rame encore parfois.
Le masque DOs apparait encore Windowss\system32\netsh.exe mais disparait trés vite.
Sinon, NORTON ne me permet plus d'avoir l'anti phishing malgrés les manip de Symantec??, est ce dû à mes virus?,
amilleMalwarebytes' Anti-Malware 1.15
Version de la base de données: 843
19:44:22 12/06/2008
mbam-log-6-12-2008 (19-44-22).txt
Type de recherche: Examen rapide
Eléments examinés: 55868
Temps écoulé: 28 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Tu as le merci de toute ma petite famille
J'ai bien viré le fichier midifile et voici le dernier rapport
Le Pc fonctionne beaucoup mieux même s'il rame encore parfois.
Le masque DOs apparait encore Windowss\system32\netsh.exe mais disparait trés vite.
Sinon, NORTON ne me permet plus d'avoir l'anti phishing malgrés les manip de Symantec??, est ce dû à mes virus?,
amilleMalwarebytes' Anti-Malware 1.15
Version de la base de données: 843
19:44:22 12/06/2008
mbam-log-6-12-2008 (19-44-22).txt
Type de recherche: Examen rapide
Eléments examinés: 55868
Temps écoulé: 28 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!
_________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!
_________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
Je n'ai pas réussi à obtenir le rapport j'ai fait un imp ecran mais rien dans mes documents ??,
sinon il y a eu 3 fichiers infectés supprimés
sinon il y a eu 3 fichiers infectés supprimés
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:21:14, on 14/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - ?p=ZK
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{4C0B4B83-CB98-4C7A-8787-F94A71DCD58D}\NMSAccessU.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/HP_PRO~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif
Scan saved at 18:21:14, on 14/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - ?p=ZK
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{4C0B4B83-CB98-4C7A-8787-F94A71DCD58D}\NMSAccessU.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/HP_PRO~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - ?p=ZK
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
_________________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
___________________
norton etant très moyen :
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - ?p=ZK
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
_________________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
___________________
norton etant très moyen :
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
# Rapport Lopxp fait le 14/06/2008 à 23:50:54
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2008-05-27 à 05:51:32 - Adobe
2007-12-27 à 11:03:26 - Apple
2006-12-25 à 12:27:31 - Apple Computer
2007-11-29 à 07:02:53 - AVS4YOU
2006-09-10 à 09:21:29 - Blue Ref Option That
2007-02-23 à 17:21:29 - BVRP Software
2006-09-03 à 09:24:45 - Google
2007-12-21 à 12:37:14 - Hewlett-Packard
2005-01-02 à 03:59:06 - HP
2005-01-02 à 04:07:44 - InstallShield
2008-06-09 à 21:15:26 - Malwarebytes
2008-03-26 à 19:40:54 - Messenger Plus!
2008-06-02 à 12:54:11 - Microsoft
2006-11-15 à 08:10:06 - muvee Technologies
2007-11-28 à 23:25:02 - NCH Software
2007-11-05 à 08:20:49 - NCH Swift Sound
2006-05-29 à 05:38:08 - Pinnacle
2006-08-19 à 15:59:51 - QuickTime
2008-02-26 à 08:05:22 - Recisio
2005-01-02 à 03:41:49 - SBSI
2006-04-29 à 22:03:50 - SBT
2005-01-02 à 03:58:30 - Sonic
2008-05-10 à 04:52:05 - Sony
2006-11-12 à 08:25:23 - Spybot - Search & Destroy
2008-06-13 à 19:25:13 - Symantec
2008-06-11 à 06:41:36 - TEMP
2007-11-03 à 14:01:27 - Ulead Systems
2008-02-29 à 19:35:38 - vsosdk
2006-05-06 à 10:36:55 - VUG
2007-12-21 à 12:41:42 - WEBREG
2006-09-01 à 05:32:05 - Windows Genuine Advantage
2006-09-01 à 14:18:06 - Windows Live Toolbar
2007-07-05 à 17:05:45 - WindowsLiveInstaller
2007-07-02 à 15:17:10 - WinZip
2008-05-16 à 18:59:14 - WLInstaller
+- C:\Documents and Settings\Default User\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2004-11-25 à 03:26:00 - Identities
2007-07-05 à 17:05:43 - Microsoft
2005-01-02 à 04:06:37 - Real
2005-01-02 à 04:29:22 - Symantec
+- C:\Documents and Settings\Default User\Local Settings\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2005-01-02 à 03:40:16 - ApplicationHistory
2005-01-02 à 04:17:52 - Microsoft
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
+- C:\Documents and Settings\HP_Propri‚taire\Application Data
2008-03-29 à 07:48:08 - Adobe
2008-05-27 à 05:48:19 - AdobeUM
2007-10-27 à 10:46:04 - Apple Computer
2007-11-29 à 07:02:55 - AVS4YOU
2006-12-25 à 14:37:42 - Blender Foundation
2006-09-10 à 23:00:17 - Google
2006-04-30 à 13:32:46 - Help
2007-01-22 à 15:28:18 - HP
2006-05-01 à 10:39:48 - HPQ
2007-07-09 à 17:37:17 - Identities
2008-05-31 à 06:39:44 - Image Zone Express
2006-05-01 à 11:53:10 - InterVideo
2007-05-21 à 07:14:27 - Jasc
2008-03-03 à 21:54:42 - Lavasoft
2006-05-10 à 05:43:25 - Leadertech
2006-11-13 à 17:46:45 - Macromedia
2008-06-09 à 21:17:07 - Malwarebytes
2007-11-10 à 21:15:15 - Media Player Classic
2007-02-23 à 07:12:49 - Microsoft
2006-04-29 à 21:57:45 - Microsoft Web Folders
2007-08-27 à 06:59:07 - Morpheus Software
2006-09-10 à 14:48:34 - Mozilla
2007-02-01 à 15:43:38 - MSNInstaller
2006-11-15 à 08:10:07 - muvee Technologies
2008-06-02 à 12:54:10 - MySpace
2007-11-05 à 08:13:59 - NCH Swift Sound
2008-05-10 à 05:03:57 - NetMedia Providers
2007-12-21 à 18:46:39 - Printer Info Cache
2008-05-10 à 05:03:57 - Publish Providers
2005-01-02 à 04:06:37 - Real
2007-07-10 à 09:26:51 - RecordPad
2008-03-01 à 07:54:37 - SecuROM
2007-06-09 à 19:16:29 - Serif
2007-05-21 à 20:31:37 - Shareaza
2006-06-01 à 17:11:30 - Simple Star
2006-05-10 à 05:44:21 - Sonic
2008-05-10 à 05:08:51 - Sony
2008-05-09 à 09:10:50 - Sony Setup
2007-09-23 à 22:02:06 - Steinberg
2006-06-22 à 19:41:01 - Sun
2006-04-29 à 21:05:14 - Symantec
2007-05-06 à 08:17:17 - TaoUSign
2006-06-01 à 21:38:09 - Ulead Systems
2008-04-30 à 09:15:01 - Vso
2006-07-01 à 13:55:12 - wxMozze
+- C:\Documents and Settings\HP_Propri‚taire\Local Settings\Application Data
2006-04-30 à 20:07:16 - Adobe
2006-05-29 à 13:24:23 - Ahead
2007-12-27 à 11:03:32 - Apple
2007-04-20 à 17:52:25 - Apple Computer
2008-06-05 à 18:11:03 - ApplicationHistory
2006-09-16 à 23:23:58 - Google
2007-04-19 à 14:33:33 - Help
2006-05-19 à 19:11:26 - HP
2007-07-09 à 17:37:17 - Identities
2006-05-19 à 19:11:36 - IsolatedStorage
2008-06-04 à 09:23:52 - Microsoft
2006-05-10 à 06:16:36 - MicroVision Applications
2006-09-10 à 14:48:34 - Mozilla
2008-05-27 à 05:49:38 - NOS
2007-08-13 à 15:22:57 - Online_TV
2007-09-12 à 06:41:02 - Pando
2008-05-10 à 05:03:44 - Sony
2008-04-28 à 19:19:47 - WMTools Downloaded Files
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
2007-09-12 à 06:33:34 - {7B279561-FBF9-4C9E-9E3D-B3785DCF04E3}
+- C:\Documents and Settings\Leo mon costaud\Application Data
2008-03-29 à 08:01:37 - Adobe
2007-10-16 à 13:21:43 - Apple Computer
2007-11-24 à 08:29:32 - Google
2008-01-04 à 13:07:49 - HP
2007-09-02 à 08:14:48 - HPQ
2004-11-25 à 03:26:00 - Identities
2007-03-01 à 14:31:33 - Macromedia
2008-04-20 à 09:57:09 - Media Player Classic
2007-11-04 à 16:28:23 - Microsoft
2007-08-19 à 13:34:04 - Mozilla
2008-06-02 à 17:25:33 - MySpace
2007-05-04 à 20:41:08 - Real
2007-12-08 à 09:47:47 - Sonic
2007-07-16 à 19:48:00 - Sun
2005-01-02 à 04:29:22 - Symantec
+- C:\Documents and Settings\Leo mon costaud\Local Settings\Application Data
2007-12-09 à 18:55:45 - Adobe
2008-01-30 à 18:26:45 - Apple
2007-10-16 à 13:21:43 - Apple Computer
2007-05-02 à 16:49:21 - ApplicationHistory
2007-11-24 à 08:29:32 - Google
2007-04-22 à 20:04:31 - HP
2007-03-28 à 17:03:09 - Identities
2007-04-22 à 20:04:51 - IsolatedStorage
2008-05-28 à 16:00:20 - Microsoft
2007-08-19 à 13:34:04 - Mozilla
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
========== Listing du dossier Program Files
+- C:\Program Files
2007-08-27 à 06:50:07 - 3D Flash Animator 4.9.6.5
2007-05-24 à 17:49:37 - a-squared Anti-Malware
2007-05-21 à 14:38:16 - Adobe
2006-05-29 à 06:54:42 - Ahead
2007-12-27 à 11:03:28 - Apple Software Update
2006-10-05 à 06:06:05 - Ashampoo
2007-07-02 à 15:18:37 - Astro
2005-01-02 à 03:52:00 - ATI Technologies
2008-03-03 à 21:40:34 - Audacity
2006-06-25 à 17:38:30 - AviSynth 2.5
2007-11-29 à 08:53:06 - AVS4YOU
2006-04-30 à 15:03:12 - AXEL
2006-04-30 à 13:19:42 - beatsaver
2007-05-21 à 08:38:37 - Casperlab Software
2007-09-09 à 17:12:23 - CDBurnerXP Pro 3
2007-05-20 à 15:36:13 - CoffeeCup Software
2006-05-01 à 10:31:23 - COM One
2004-11-24 à 01:37:34 - ComPlus Applications
2006-04-30 à 15:02:59 - compteur
2007-10-26 à 07:58:56 - Cool MP3 Converter
2006-08-14 à 10:17:52 - DALE SECT BOLT
2006-07-14 à 09:54:36 - DivX
2006-04-30 à 12:20:50 - driver internet
2008-03-01 à 07:40:06 - Ejay
2007-08-09 à 16:48:12 - Elecard
2007-05-21 à 20:26:09 - eMule
2007-07-28 à 05:55:31 - eMule Acceleration Patch
2006-07-13 à 23:16:04 - EO Video
2006-07-01 à 13:53:00 - Evermore
2008-01-04 à 20:45:36 - Fichiers communs
2007-08-20 à 08:41:18 - Foreignword
2007-10-26 à 08:04:53 - Free Audio Pack
2006-04-30 à 08:46:49 - Free.fr
2008-05-25 à 16:07:05 - GameSpy Arcade
2007-11-22 à 20:39:27 - Google
2007-12-21 à 10:43:33 - Hewlett-Packard
2008-04-05 à 18:25:34 - HP
2008-06-14 à 07:07:32 - InstallShield Installation Information
2006-10-10 à 07:00:45 - Intel
2008-06-11 à 08:32:46 - Internet Explorer
2005-01-02 à 04:09:45 - InterVideo
2008-01-04 à 20:53:44 - iPod
2007-10-24 à 19:09:48 - iRiver
2008-01-04 à 20:54:10 - iTunes
2007-07-02 à 15:19:13 - Jasc Software Inc
2008-03-09 à 18:21:33 - Java
2008-04-28 à 13:45:22 - K-Lite Codec Pack
2008-02-26 à 08:05:30 - KaraFun
2006-12-28 à 13:39:52 - KC Softwares
2006-08-16 à 17:50:28 - LafumaUnlimit
2006-08-19 à 16:00:16 - Logitech
2008-06-14 à 21:51:02 - Lopxp
2008-06-09 à 21:15:39 - Malwarebytes' Anti-Malware
2007-05-05 à 10:30:07 - Maxis
2007-07-27 à 18:11:03 - Mediatwins software
2005-01-02 à 03:47:54 - Messenger
2008-06-11 à 21:11:23 - Messenger Plus! Live
2007-11-29 à 06:52:35 - Micro Application
2007-07-24 à 01:00:26 - Microsoft CAPICOM 2.1.0.2
2006-04-29 à 22:02:57 - microsoft frontpage
2007-07-19 à 18:52:35 - Microsoft GIF Animator
2006-04-29 à 22:04:02 - Microsoft Office
2008-05-15 à 20:05:22 - Microsoft Silverlight
2008-05-10 à 04:54:43 - Microsoft SQL Server
2007-12-12 à 12:16:02 - Microsoft SQL Server Compact Edition
2005-01-02 à 04:12:34 - Microsoft Works
2006-06-27 à 09:30:47 - MidiMeow_1_02
2006-06-27 à 09:32:41 - MidiMeow_old_1.01
2007-02-23 à 17:21:21 - mobile PhoneTools
2006-09-10 à 13:49:18 - Morpheus Toolbar
2007-03-21 à 14:46:14 - Movie Maker
2008-06-14 à 21:45:07 - Mozilla Firefox
2007-07-30 à 12:42:14 - MP3 Player Utilities
2007-06-11 à 17:31:51 - MP3 Player Utilities 3.68
2007-06-19 à 21:33:54 - MSN
2004-11-25 à 03:27:30 - MSN Gaming Zone
2007-12-30 à 17:33:23 - MSN Messenger
2008-03-15 à 19:59:29 - MSN Pictures Displayer
2006-10-15 à 01:01:07 - MSXML 4.0
2005-01-02 à 04:15:24 - muvee Technologies
2008-06-05 à 17:11:38 - MySpace
2008-03-03 à 21:45:57 - NCH Software
2007-11-05 à 08:13:57 - NCH Swift Sound
2006-02-01 à 08:02:34 - NetMeeting
2008-05-30 à 22:28:15 - Norton Internet Security
2004-11-25 à 03:27:42 - Online Services
2007-08-13 à 15:26:45 - Online_TV
2007-11-10 à 10:05:06 - OpenOffice.org 2.3
2007-06-13 à 14:44:56 - Outlook Express
2006-10-06 à 07:13:15 - Oxilog
2007-07-13 à 14:16:43 - Philips
2006-07-15 à 10:33:40 - PhotoFiltre
2007-07-22 à 14:55:56 - Pinnacle
2008-05-23 à 05:56:36 - QuickTime
2007-08-14 à 17:42:15 - QuickZip4
2005-01-02 à 04:06:21 - Real
2007-07-22 à 14:53:53 - Replay Converter
2008-05-25 à 16:48:14 - Roger Wilco
2007-06-09 à 19:12:42 - Serif
2005-01-02 à 04:25:12 - Services en ligne
2007-05-21 à 20:31:38 - Shareaza
2006-06-01 à 17:11:15 - Simple Star
2008-04-28 à 13:46:19 - SLD Codec Pack
2008-02-09 à 11:31:05 - SM
2006-04-29 à 22:03:48 - Snapshot Viewer
2005-01-02 à 04:08:28 - Sonic
2008-05-16 à 11:03:37 - Sonic Foundry
2008-05-16 à 11:02:30 - Sonic Foundry Setup
2008-05-10 à 04:46:37 - Sony
2008-05-09 à 09:08:49 - Sony Setup
2007-08-16 à 14:04:42 - Spybot - Search & Destroy
2008-06-11 à 06:59:10 - Spyware Doctor
2008-05-10 à 05:04:11 - Steinberg
2008-05-30 à 22:27:25 - Symantec
2006-05-07 à 09:57:49 - The 3DO Company
2008-06-14 à 16:20:38 - Trend Micro
2007-11-03 à 14:00:12 - Ulead Systems
2008-05-10 à 04:56:26 - Uninstall Information
2006-12-07 à 19:50:54 - Vidomi
2007-04-22 à 08:13:56 - VSO
2008-05-10 à 04:49:01 - Vstplugins
2008-01-03 à 07:36:54 - Western Digital Technologies
2007-02-23 à 17:15:00 - WIDCOMM
2008-03-03 à 21:47:59 - Windows Live
2007-11-30 à 06:21:27 - Windows Live Toolbar
2006-06-01 à 17:07:07 - Windows Media Components
2007-02-05 à 10:22:25 - Windows Media Connect 2
2007-02-05 à 10:22:23 - Windows Media Player
2006-02-01 à 08:02:36 - Windows NT
2004-11-24 à 01:37:48 - WindowsUpdate
2007-06-25 à 20:21:26 - WinZip
2004-11-25 à 03:28:02 - xerox
2007-01-31 à 21:54:45 - Xvid
2008-03-03 à 21:50:51 - Yahoo!
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Connexion facile à Internet.job: C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe /remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
HPCeeSchedule.job: C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe HPCeeSchedule (null)
Norton Internet Security - Analyse système complète - HP_Propriétaire.job: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDetect.exe
Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
========== Clés registre
========== Bloqueur popups Internet Explorer
www5.ratp.info
www.solidays.org
www.cinemapassion.com
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\Blue Ref Option That
C:\Program Files\DALE SECT BOLT
+- Registre : Aucune suggestion.
- Fin du rapport -
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2008-05-27 à 05:51:32 - Adobe
2007-12-27 à 11:03:26 - Apple
2006-12-25 à 12:27:31 - Apple Computer
2007-11-29 à 07:02:53 - AVS4YOU
2006-09-10 à 09:21:29 - Blue Ref Option That
2007-02-23 à 17:21:29 - BVRP Software
2006-09-03 à 09:24:45 - Google
2007-12-21 à 12:37:14 - Hewlett-Packard
2005-01-02 à 03:59:06 - HP
2005-01-02 à 04:07:44 - InstallShield
2008-06-09 à 21:15:26 - Malwarebytes
2008-03-26 à 19:40:54 - Messenger Plus!
2008-06-02 à 12:54:11 - Microsoft
2006-11-15 à 08:10:06 - muvee Technologies
2007-11-28 à 23:25:02 - NCH Software
2007-11-05 à 08:20:49 - NCH Swift Sound
2006-05-29 à 05:38:08 - Pinnacle
2006-08-19 à 15:59:51 - QuickTime
2008-02-26 à 08:05:22 - Recisio
2005-01-02 à 03:41:49 - SBSI
2006-04-29 à 22:03:50 - SBT
2005-01-02 à 03:58:30 - Sonic
2008-05-10 à 04:52:05 - Sony
2006-11-12 à 08:25:23 - Spybot - Search & Destroy
2008-06-13 à 19:25:13 - Symantec
2008-06-11 à 06:41:36 - TEMP
2007-11-03 à 14:01:27 - Ulead Systems
2008-02-29 à 19:35:38 - vsosdk
2006-05-06 à 10:36:55 - VUG
2007-12-21 à 12:41:42 - WEBREG
2006-09-01 à 05:32:05 - Windows Genuine Advantage
2006-09-01 à 14:18:06 - Windows Live Toolbar
2007-07-05 à 17:05:45 - WindowsLiveInstaller
2007-07-02 à 15:17:10 - WinZip
2008-05-16 à 18:59:14 - WLInstaller
+- C:\Documents and Settings\Default User\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2004-11-25 à 03:26:00 - Identities
2007-07-05 à 17:05:43 - Microsoft
2005-01-02 à 04:06:37 - Real
2005-01-02 à 04:29:22 - Symantec
+- C:\Documents and Settings\Default User\Local Settings\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2005-01-02 à 03:40:16 - ApplicationHistory
2005-01-02 à 04:17:52 - Microsoft
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
+- C:\Documents and Settings\HP_Propri‚taire\Application Data
2008-03-29 à 07:48:08 - Adobe
2008-05-27 à 05:48:19 - AdobeUM
2007-10-27 à 10:46:04 - Apple Computer
2007-11-29 à 07:02:55 - AVS4YOU
2006-12-25 à 14:37:42 - Blender Foundation
2006-09-10 à 23:00:17 - Google
2006-04-30 à 13:32:46 - Help
2007-01-22 à 15:28:18 - HP
2006-05-01 à 10:39:48 - HPQ
2007-07-09 à 17:37:17 - Identities
2008-05-31 à 06:39:44 - Image Zone Express
2006-05-01 à 11:53:10 - InterVideo
2007-05-21 à 07:14:27 - Jasc
2008-03-03 à 21:54:42 - Lavasoft
2006-05-10 à 05:43:25 - Leadertech
2006-11-13 à 17:46:45 - Macromedia
2008-06-09 à 21:17:07 - Malwarebytes
2007-11-10 à 21:15:15 - Media Player Classic
2007-02-23 à 07:12:49 - Microsoft
2006-04-29 à 21:57:45 - Microsoft Web Folders
2007-08-27 à 06:59:07 - Morpheus Software
2006-09-10 à 14:48:34 - Mozilla
2007-02-01 à 15:43:38 - MSNInstaller
2006-11-15 à 08:10:07 - muvee Technologies
2008-06-02 à 12:54:10 - MySpace
2007-11-05 à 08:13:59 - NCH Swift Sound
2008-05-10 à 05:03:57 - NetMedia Providers
2007-12-21 à 18:46:39 - Printer Info Cache
2008-05-10 à 05:03:57 - Publish Providers
2005-01-02 à 04:06:37 - Real
2007-07-10 à 09:26:51 - RecordPad
2008-03-01 à 07:54:37 - SecuROM
2007-06-09 à 19:16:29 - Serif
2007-05-21 à 20:31:37 - Shareaza
2006-06-01 à 17:11:30 - Simple Star
2006-05-10 à 05:44:21 - Sonic
2008-05-10 à 05:08:51 - Sony
2008-05-09 à 09:10:50 - Sony Setup
2007-09-23 à 22:02:06 - Steinberg
2006-06-22 à 19:41:01 - Sun
2006-04-29 à 21:05:14 - Symantec
2007-05-06 à 08:17:17 - TaoUSign
2006-06-01 à 21:38:09 - Ulead Systems
2008-04-30 à 09:15:01 - Vso
2006-07-01 à 13:55:12 - wxMozze
+- C:\Documents and Settings\HP_Propri‚taire\Local Settings\Application Data
2006-04-30 à 20:07:16 - Adobe
2006-05-29 à 13:24:23 - Ahead
2007-12-27 à 11:03:32 - Apple
2007-04-20 à 17:52:25 - Apple Computer
2008-06-05 à 18:11:03 - ApplicationHistory
2006-09-16 à 23:23:58 - Google
2007-04-19 à 14:33:33 - Help
2006-05-19 à 19:11:26 - HP
2007-07-09 à 17:37:17 - Identities
2006-05-19 à 19:11:36 - IsolatedStorage
2008-06-04 à 09:23:52 - Microsoft
2006-05-10 à 06:16:36 - MicroVision Applications
2006-09-10 à 14:48:34 - Mozilla
2008-05-27 à 05:49:38 - NOS
2007-08-13 à 15:22:57 - Online_TV
2007-09-12 à 06:41:02 - Pando
2008-05-10 à 05:03:44 - Sony
2008-04-28 à 19:19:47 - WMTools Downloaded Files
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
2007-09-12 à 06:33:34 - {7B279561-FBF9-4C9E-9E3D-B3785DCF04E3}
+- C:\Documents and Settings\Leo mon costaud\Application Data
2008-03-29 à 08:01:37 - Adobe
2007-10-16 à 13:21:43 - Apple Computer
2007-11-24 à 08:29:32 - Google
2008-01-04 à 13:07:49 - HP
2007-09-02 à 08:14:48 - HPQ
2004-11-25 à 03:26:00 - Identities
2007-03-01 à 14:31:33 - Macromedia
2008-04-20 à 09:57:09 - Media Player Classic
2007-11-04 à 16:28:23 - Microsoft
2007-08-19 à 13:34:04 - Mozilla
2008-06-02 à 17:25:33 - MySpace
2007-05-04 à 20:41:08 - Real
2007-12-08 à 09:47:47 - Sonic
2007-07-16 à 19:48:00 - Sun
2005-01-02 à 04:29:22 - Symantec
+- C:\Documents and Settings\Leo mon costaud\Local Settings\Application Data
2007-12-09 à 18:55:45 - Adobe
2008-01-30 à 18:26:45 - Apple
2007-10-16 à 13:21:43 - Apple Computer
2007-05-02 à 16:49:21 - ApplicationHistory
2007-11-24 à 08:29:32 - Google
2007-04-22 à 20:04:31 - HP
2007-03-28 à 17:03:09 - Identities
2007-04-22 à 20:04:51 - IsolatedStorage
2008-05-28 à 16:00:20 - Microsoft
2007-08-19 à 13:34:04 - Mozilla
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
========== Listing du dossier Program Files
+- C:\Program Files
2007-08-27 à 06:50:07 - 3D Flash Animator 4.9.6.5
2007-05-24 à 17:49:37 - a-squared Anti-Malware
2007-05-21 à 14:38:16 - Adobe
2006-05-29 à 06:54:42 - Ahead
2007-12-27 à 11:03:28 - Apple Software Update
2006-10-05 à 06:06:05 - Ashampoo
2007-07-02 à 15:18:37 - Astro
2005-01-02 à 03:52:00 - ATI Technologies
2008-03-03 à 21:40:34 - Audacity
2006-06-25 à 17:38:30 - AviSynth 2.5
2007-11-29 à 08:53:06 - AVS4YOU
2006-04-30 à 15:03:12 - AXEL
2006-04-30 à 13:19:42 - beatsaver
2007-05-21 à 08:38:37 - Casperlab Software
2007-09-09 à 17:12:23 - CDBurnerXP Pro 3
2007-05-20 à 15:36:13 - CoffeeCup Software
2006-05-01 à 10:31:23 - COM One
2004-11-24 à 01:37:34 - ComPlus Applications
2006-04-30 à 15:02:59 - compteur
2007-10-26 à 07:58:56 - Cool MP3 Converter
2006-08-14 à 10:17:52 - DALE SECT BOLT
2006-07-14 à 09:54:36 - DivX
2006-04-30 à 12:20:50 - driver internet
2008-03-01 à 07:40:06 - Ejay
2007-08-09 à 16:48:12 - Elecard
2007-05-21 à 20:26:09 - eMule
2007-07-28 à 05:55:31 - eMule Acceleration Patch
2006-07-13 à 23:16:04 - EO Video
2006-07-01 à 13:53:00 - Evermore
2008-01-04 à 20:45:36 - Fichiers communs
2007-08-20 à 08:41:18 - Foreignword
2007-10-26 à 08:04:53 - Free Audio Pack
2006-04-30 à 08:46:49 - Free.fr
2008-05-25 à 16:07:05 - GameSpy Arcade
2007-11-22 à 20:39:27 - Google
2007-12-21 à 10:43:33 - Hewlett-Packard
2008-04-05 à 18:25:34 - HP
2008-06-14 à 07:07:32 - InstallShield Installation Information
2006-10-10 à 07:00:45 - Intel
2008-06-11 à 08:32:46 - Internet Explorer
2005-01-02 à 04:09:45 - InterVideo
2008-01-04 à 20:53:44 - iPod
2007-10-24 à 19:09:48 - iRiver
2008-01-04 à 20:54:10 - iTunes
2007-07-02 à 15:19:13 - Jasc Software Inc
2008-03-09 à 18:21:33 - Java
2008-04-28 à 13:45:22 - K-Lite Codec Pack
2008-02-26 à 08:05:30 - KaraFun
2006-12-28 à 13:39:52 - KC Softwares
2006-08-16 à 17:50:28 - LafumaUnlimit
2006-08-19 à 16:00:16 - Logitech
2008-06-14 à 21:51:02 - Lopxp
2008-06-09 à 21:15:39 - Malwarebytes' Anti-Malware
2007-05-05 à 10:30:07 - Maxis
2007-07-27 à 18:11:03 - Mediatwins software
2005-01-02 à 03:47:54 - Messenger
2008-06-11 à 21:11:23 - Messenger Plus! Live
2007-11-29 à 06:52:35 - Micro Application
2007-07-24 à 01:00:26 - Microsoft CAPICOM 2.1.0.2
2006-04-29 à 22:02:57 - microsoft frontpage
2007-07-19 à 18:52:35 - Microsoft GIF Animator
2006-04-29 à 22:04:02 - Microsoft Office
2008-05-15 à 20:05:22 - Microsoft Silverlight
2008-05-10 à 04:54:43 - Microsoft SQL Server
2007-12-12 à 12:16:02 - Microsoft SQL Server Compact Edition
2005-01-02 à 04:12:34 - Microsoft Works
2006-06-27 à 09:30:47 - MidiMeow_1_02
2006-06-27 à 09:32:41 - MidiMeow_old_1.01
2007-02-23 à 17:21:21 - mobile PhoneTools
2006-09-10 à 13:49:18 - Morpheus Toolbar
2007-03-21 à 14:46:14 - Movie Maker
2008-06-14 à 21:45:07 - Mozilla Firefox
2007-07-30 à 12:42:14 - MP3 Player Utilities
2007-06-11 à 17:31:51 - MP3 Player Utilities 3.68
2007-06-19 à 21:33:54 - MSN
2004-11-25 à 03:27:30 - MSN Gaming Zone
2007-12-30 à 17:33:23 - MSN Messenger
2008-03-15 à 19:59:29 - MSN Pictures Displayer
2006-10-15 à 01:01:07 - MSXML 4.0
2005-01-02 à 04:15:24 - muvee Technologies
2008-06-05 à 17:11:38 - MySpace
2008-03-03 à 21:45:57 - NCH Software
2007-11-05 à 08:13:57 - NCH Swift Sound
2006-02-01 à 08:02:34 - NetMeeting
2008-05-30 à 22:28:15 - Norton Internet Security
2004-11-25 à 03:27:42 - Online Services
2007-08-13 à 15:26:45 - Online_TV
2007-11-10 à 10:05:06 - OpenOffice.org 2.3
2007-06-13 à 14:44:56 - Outlook Express
2006-10-06 à 07:13:15 - Oxilog
2007-07-13 à 14:16:43 - Philips
2006-07-15 à 10:33:40 - PhotoFiltre
2007-07-22 à 14:55:56 - Pinnacle
2008-05-23 à 05:56:36 - QuickTime
2007-08-14 à 17:42:15 - QuickZip4
2005-01-02 à 04:06:21 - Real
2007-07-22 à 14:53:53 - Replay Converter
2008-05-25 à 16:48:14 - Roger Wilco
2007-06-09 à 19:12:42 - Serif
2005-01-02 à 04:25:12 - Services en ligne
2007-05-21 à 20:31:38 - Shareaza
2006-06-01 à 17:11:15 - Simple Star
2008-04-28 à 13:46:19 - SLD Codec Pack
2008-02-09 à 11:31:05 - SM
2006-04-29 à 22:03:48 - Snapshot Viewer
2005-01-02 à 04:08:28 - Sonic
2008-05-16 à 11:03:37 - Sonic Foundry
2008-05-16 à 11:02:30 - Sonic Foundry Setup
2008-05-10 à 04:46:37 - Sony
2008-05-09 à 09:08:49 - Sony Setup
2007-08-16 à 14:04:42 - Spybot - Search & Destroy
2008-06-11 à 06:59:10 - Spyware Doctor
2008-05-10 à 05:04:11 - Steinberg
2008-05-30 à 22:27:25 - Symantec
2006-05-07 à 09:57:49 - The 3DO Company
2008-06-14 à 16:20:38 - Trend Micro
2007-11-03 à 14:00:12 - Ulead Systems
2008-05-10 à 04:56:26 - Uninstall Information
2006-12-07 à 19:50:54 - Vidomi
2007-04-22 à 08:13:56 - VSO
2008-05-10 à 04:49:01 - Vstplugins
2008-01-03 à 07:36:54 - Western Digital Technologies
2007-02-23 à 17:15:00 - WIDCOMM
2008-03-03 à 21:47:59 - Windows Live
2007-11-30 à 06:21:27 - Windows Live Toolbar
2006-06-01 à 17:07:07 - Windows Media Components
2007-02-05 à 10:22:25 - Windows Media Connect 2
2007-02-05 à 10:22:23 - Windows Media Player
2006-02-01 à 08:02:36 - Windows NT
2004-11-24 à 01:37:48 - WindowsUpdate
2007-06-25 à 20:21:26 - WinZip
2004-11-25 à 03:28:02 - xerox
2007-01-31 à 21:54:45 - Xvid
2008-03-03 à 21:50:51 - Yahoo!
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Connexion facile à Internet.job: C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe /remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
HPCeeSchedule.job: C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe HPCeeSchedule (null)
Norton Internet Security - Analyse système complète - HP_Propriétaire.job: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDetect.exe
Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
========== Clés registre
========== Bloqueur popups Internet Explorer
www5.ratp.info
www.solidays.org
www.cinemapassion.com
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\Blue Ref Option That
C:\Program Files\DALE SECT BOLT
+- Registre : Aucune suggestion.
- Fin du rapport -
parfait
va dans : Démarrer > Exécuter puis copie/colle la ligne suivante:
"%programfiles%\Lopxp\Lopxp.bat" /Fixme
puis valide, accepte toutes les demandes de suppression et poste le rapport stp
________________
norton etant très moyen :
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
va dans : Démarrer > Exécuter puis copie/colle la ligne suivante:
"%programfiles%\Lopxp\Lopxp.bat" /Fixme
puis valide, accepte toutes les demandes de suppression et poste le rapport stp
________________
norton etant très moyen :
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
Merci,
Alors voici le rapport aprés avoir été sur demarrer/ executer
# Rapport Lopxp fait le 15/06/2008 à 14:29:46
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== FixLog ==========
+- C:\Documents and Settings\All Users\Application Data\Blue Ref Option That
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Program Files\DALE SECT BOLT
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- Fichiers temporaires :
Nettoyage effectué.
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2008-05-27 à 05:51:32 - Adobe
2007-12-27 à 11:03:26 - Apple
2006-12-25 à 12:27:31 - Apple Computer
2007-11-29 à 07:02:53 - AVS4YOU
2007-02-23 à 17:21:29 - BVRP Software
2006-09-03 à 09:24:45 - Google
2007-12-21 à 12:37:14 - Hewlett-Packard
2005-01-02 à 03:59:06 - HP
2005-01-02 à 04:07:44 - InstallShield
2008-06-09 à 21:15:26 - Malwarebytes
2008-03-26 à 19:40:54 - Messenger Plus!
2008-06-02 à 12:54:11 - Microsoft
2006-11-15 à 08:10:06 - muvee Technologies
2007-11-28 à 23:25:02 - NCH Software
2007-11-05 à 08:20:49 - NCH Swift Sound
2006-05-29 à 05:38:08 - Pinnacle
2006-08-19 à 15:59:51 - QuickTime
2008-02-26 à 08:05:22 - Recisio
2005-01-02 à 03:41:49 - SBSI
2006-04-29 à 22:03:50 - SBT
2005-01-02 à 03:58:30 - Sonic
2008-05-10 à 04:52:05 - Sony
2006-11-12 à 08:25:23 - Spybot - Search & Destroy
2008-06-13 à 19:25:13 - Symantec
2008-06-11 à 06:41:36 - TEMP
2007-11-03 à 14:01:27 - Ulead Systems
2008-02-29 à 19:35:38 - vsosdk
2006-05-06 à 10:36:55 - VUG
2007-12-21 à 12:41:42 - WEBREG
2006-09-01 à 05:32:05 - Windows Genuine Advantage
2006-09-01 à 14:18:06 - Windows Live Toolbar
2007-07-05 à 17:05:45 - WindowsLiveInstaller
2007-07-02 à 15:17:10 - WinZip
2008-05-16 à 18:59:14 - WLInstaller
+- C:\Documents and Settings\Default User\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2004-11-25 à 03:26:00 - Identities
2007-07-05 à 17:05:43 - Microsoft
2005-01-02 à 04:06:37 - Real
2005-01-02 à 04:29:22 - Symantec
+- C:\Documents and Settings\Default User\Local Settings\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2005-01-02 à 03:40:16 - ApplicationHistory
2005-01-02 à 04:17:52 - Microsoft
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
+- C:\Documents and Settings\HP_Propri‚taire\Application Data
2008-03-29 à 07:48:08 - Adobe
2008-05-27 à 05:48:19 - AdobeUM
2007-10-27 à 10:46:04 - Apple Computer
2007-11-29 à 07:02:55 - AVS4YOU
2006-12-25 à 14:37:42 - Blender Foundation
2006-09-10 à 23:00:17 - Google
2006-04-30 à 13:32:46 - Help
2007-01-22 à 15:28:18 - HP
2006-05-01 à 10:39:48 - HPQ
2007-07-09 à 17:37:17 - Identities
2008-05-31 à 06:39:44 - Image Zone Express
2006-05-01 à 11:53:10 - InterVideo
2007-05-21 à 07:14:27 - Jasc
2008-03-03 à 21:54:42 - Lavasoft
2006-05-10 à 05:43:25 - Leadertech
2006-11-13 à 17:46:45 - Macromedia
2008-06-09 à 21:17:07 - Malwarebytes
2007-11-10 à 21:15:15 - Media Player Classic
2007-02-23 à 07:12:49 - Microsoft
2006-04-29 à 21:57:45 - Microsoft Web Folders
2007-08-27 à 06:59:07 - Morpheus Software
2006-09-10 à 14:48:34 - Mozilla
2007-02-01 à 15:43:38 - MSNInstaller
2006-11-15 à 08:10:07 - muvee Technologies
2008-06-02 à 12:54:10 - MySpace
2007-11-05 à 08:13:59 - NCH Swift Sound
2008-05-10 à 05:03:57 - NetMedia Providers
2007-12-21 à 18:46:39 - Printer Info Cache
2008-05-10 à 05:03:57 - Publish Providers
2005-01-02 à 04:06:37 - Real
2007-07-10 à 09:26:51 - RecordPad
2008-03-01 à 07:54:37 - SecuROM
2007-06-09 à 19:16:29 - Serif
2007-05-21 à 20:31:37 - Shareaza
2006-06-01 à 17:11:30 - Simple Star
2006-05-10 à 05:44:21 - Sonic
2008-05-10 à 05:08:51 - Sony
2008-05-09 à 09:10:50 - Sony Setup
2007-09-23 à 22:02:06 - Steinberg
2006-06-22 à 19:41:01 - Sun
2006-04-29 à 21:05:14 - Symantec
2007-05-06 à 08:17:17 - TaoUSign
2006-06-01 à 21:38:09 - Ulead Systems
2008-04-30 à 09:15:01 - Vso
2006-07-01 à 13:55:12 - wxMozze
+- C:\Documents and Settings\HP_Propri‚taire\Local Settings\Application Data
2006-04-30 à 20:07:16 - Adobe
2006-05-29 à 13:24:23 - Ahead
2007-12-27 à 11:03:32 - Apple
2007-04-20 à 17:52:25 - Apple Computer
2008-06-05 à 18:11:03 - ApplicationHistory
2006-09-16 à 23:23:58 - Google
2007-04-19 à 14:33:33 - Help
2006-05-19 à 19:11:26 - HP
2007-07-09 à 17:37:17 - Identities
2006-05-19 à 19:11:36 - IsolatedStorage
2008-06-04 à 09:23:52 - Microsoft
2006-05-10 à 06:16:36 - MicroVision Applications
2006-09-10 à 14:48:34 - Mozilla
2008-05-27 à 05:49:38 - NOS
2007-08-13 à 15:22:57 - Online_TV
2007-09-12 à 06:41:02 - Pando
2008-05-10 à 05:03:44 - Sony
2008-04-28 à 19:19:47 - WMTools Downloaded Files
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
2007-09-12 à 06:33:34 - {7B279561-FBF9-4C9E-9E3D-B3785DCF04E3}
========== Listing du dossier Program Files
+- C:\Program Files
2007-08-27 à 06:50:07 - 3D Flash Animator 4.9.6.5
2007-05-24 à 17:49:37 - a-squared Anti-Malware
2007-05-21 à 14:38:16 - Adobe
2006-05-29 à 06:54:42 - Ahead
2007-12-27 à 11:03:28 - Apple Software Update
2006-10-05 à 06:06:05 - Ashampoo
2007-07-02 à 15:18:37 - Astro
2005-01-02 à 03:52:00 - ATI Technologies
2008-03-03 à 21:40:34 - Audacity
2006-06-25 à 17:38:30 - AviSynth 2.5
2007-11-29 à 08:53:06 - AVS4YOU
2006-04-30 à 15:03:12 - AXEL
2006-04-30 à 13:19:42 - beatsaver
2007-05-21 à 08:38:37 - Casperlab Software
2007-09-09 à 17:12:23 - CDBurnerXP Pro 3
2007-05-20 à 15:36:13 - CoffeeCup Software
2006-05-01 à 10:31:23 - COM One
2004-11-24 à 01:37:34 - ComPlus Applications
2006-04-30 à 15:02:59 - compteur
2007-10-26 à 07:58:56 - Cool MP3 Converter
2006-07-14 à 09:54:36 - DivX
2006-04-30 à 12:20:50 - driver internet
2008-03-01 à 07:40:06 - Ejay
2007-08-09 à 16:48:12 - Elecard
2007-05-21 à 20:26:09 - eMule
2007-07-28 à 05:55:31 - eMule Acceleration Patch
2006-07-13 à 23:16:04 - EO Video
2006-07-01 à 13:53:00 - Evermore
2008-01-04 à 20:45:36 - Fichiers communs
2007-08-20 à 08:41:18 - Foreignword
2007-10-26 à 08:04:53 - Free Audio Pack
2006-04-30 à 08:46:49 - Free.fr
2008-05-25 à 16:07:05 - GameSpy Arcade
2007-11-22 à 20:39:27 - Google
2007-12-21 à 10:43:33 - Hewlett-Packard
2008-04-05 à 18:25:34 - HP
2008-06-14 à 07:07:32 - InstallShield Installation Information
2006-10-10 à 07:00:45 - Intel
2008-06-11 à 08:32:46 - Internet Explorer
2005-01-02 à 04:09:45 - InterVideo
2008-01-04 à 20:53:44 - iPod
2007-10-24 à 19:09:48 - iRiver
2008-01-04 à 20:54:10 - iTunes
2007-07-02 à 15:19:13 - Jasc Software Inc
2008-03-09 à 18:21:33 - Java
2008-04-28 à 13:45:22 - K-Lite Codec Pack
2008-02-26 à 08:05:30 - KaraFun
2006-12-28 à 13:39:52 - KC Softwares
2006-08-16 à 17:50:28 - LafumaUnlimit
2006-08-19 à 16:00:16 - Logitech
2008-06-15 à 12:30:25 - Lopxp
2008-06-09 à 21:15:39 - Malwarebytes' Anti-Malware
2007-05-05 à 10:30:07 - Maxis
2007-07-27 à 18:11:03 - Mediatwins software
2005-01-02 à 03:47:54 - Messenger
2008-06-11 à 21:11:23 - Messenger Plus! Live
2007-11-29 à 06:52:35 - Micro Application
2007-07-24 à 01:00:26 - Microsoft CAPICOM 2.1.0.2
2006-04-29 à 22:02:57 - microsoft frontpage
2007-07-19 à 18:52:35 - Microsoft GIF Animator
2006-04-29 à 22:04:02 - Microsoft Office
2008-05-15 à 20:05:22 - Microsoft Silverlight
2008-05-10 à 04:54:43 - Microsoft SQL Server
2007-12-12 à 12:16:02 - Microsoft SQL Server Compact Edition
2005-01-02 à 04:12:34 - Microsoft Works
2006-06-27 à 09:30:47 - MidiMeow_1_02
2006-06-27 à 09:32:41 - MidiMeow_old_1.01
2007-02-23 à 17:21:21 - mobile PhoneTools
2006-09-10 à 13:49:18 - Morpheus Toolbar
2007-03-21 à 14:46:14 - Movie Maker
2008-06-15 à 10:49:11 - Mozilla Firefox
2007-07-30 à 12:42:14 - MP3 Player Utilities
2007-06-11 à 17:31:51 - MP3 Player Utilities 3.68
2007-06-19 à 21:33:54 - MSN
2004-11-25 à 03:27:30 - MSN Gaming Zone
2007-12-30 à 17:33:23 - MSN Messenger
2008-03-15 à 19:59:29 - MSN Pictures Displayer
2006-10-15 à 01:01:07 - MSXML 4.0
2005-01-02 à 04:15:24 - muvee Technologies
2008-06-05 à 17:11:38 - MySpace
2008-03-03 à 21:45:57 - NCH Software
2007-11-05 à 08:13:57 - NCH Swift Sound
2006-02-01 à 08:02:34 - NetMeeting
2008-05-30 à 22:28:15 - Norton Internet Security
2004-11-25 à 03:27:42 - Online Services
2007-08-13 à 15:26:45 - Online_TV
2007-11-10 à 10:05:06 - OpenOffice.org 2.3
2007-06-13 à 14:44:56 - Outlook Express
2006-10-06 à 07:13:15 - Oxilog
2007-07-13 à 14:16:43 - Philips
2006-07-15 à 10:33:40 - PhotoFiltre
2007-07-22 à 14:55:56 - Pinnacle
2008-05-23 à 05:56:36 - QuickTime
2007-08-14 à 17:42:15 - QuickZip4
2005-01-02 à 04:06:21 - Real
2007-07-22 à 14:53:53 - Replay Converter
2008-05-25 à 16:48:14 - Roger Wilco
2007-06-09 à 19:12:42 - Serif
2005-01-02 à 04:25:12 - Services en ligne
2007-05-21 à 20:31:38 - Shareaza
2006-06-01 à 17:11:15 - Simple Star
2008-04-28 à 13:46:19 - SLD Codec Pack
2008-02-09 à 11:31:05 - SM
2006-04-29 à 22:03:48 - Snapshot Viewer
2005-01-02 à 04:08:28 - Sonic
2008-05-16 à 11:03:37 - Sonic Foundry
2008-05-16 à 11:02:30 - Sonic Foundry Setup
2008-05-10 à 04:46:37 - Sony
2008-05-09 à 09:08:49 - Sony Setup
2007-08-16 à 14:04:42 - Spybot - Search & Destroy
2008-06-11 à 06:59:10 - Spyware Doctor
2008-05-10 à 05:04:11 - Steinberg
2008-05-30 à 22:27:25 - Symantec
2006-05-07 à 09:57:49 - The 3DO Company
2008-06-14 à 16:20:38 - Trend Micro
2007-11-03 à 14:00:12 - Ulead Systems
2008-05-10 à 04:56:26 - Uninstall Information
2006-12-07 à 19:50:54 - Vidomi
2007-04-22 à 08:13:56 - VSO
2008-05-10 à 04:49:01 - Vstplugins
2008-01-03 à 07:36:54 - Western Digital Technologies
2007-02-23 à 17:15:00 - WIDCOMM
2008-03-03 à 21:47:59 - Windows Live
2007-11-30 à 06:21:27 - Windows Live Toolbar
2006-06-01 à 17:07:07 - Windows Media Components
2007-02-05 à 10:22:25 - Windows Media Connect 2
2007-02-05 à 10:22:23 - Windows Media Player
2006-02-01 à 08:02:36 - Windows NT
2004-11-24 à 01:37:48 - WindowsUpdate
2007-06-25 à 20:21:26 - WinZip
2004-11-25 à 03:28:02 - xerox
2007-01-31 à 21:54:45 - Xvid
2008-03-03 à 21:50:51 - Yahoo!
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Connexion facile à Internet.job: C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe /remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
HPCeeSchedule.job: C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe HPCeeSchedule (null)
Norton Internet Security - Analyse système complète - HP_Propriétaire.job: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDetect.exe
Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
========== Clés registre
========== Bloqueur popups Internet Explorer
www5.ratp.info
www.solidays.org
www.cinemapassion.com
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Dossiers\Fichiers : Aucune suggestion.
+- Registre : Aucune suggestion.
- Fin du rapport -
Je te fais suivre un 2 eme rapport aprés avoir essayé l'un des anti virus que tu me conseilles
Alors voici le rapport aprés avoir été sur demarrer/ executer
# Rapport Lopxp fait le 15/06/2008 à 14:29:46
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== FixLog ==========
+- C:\Documents and Settings\All Users\Application Data\Blue Ref Option That
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Program Files\DALE SECT BOLT
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- Fichiers temporaires :
Nettoyage effectué.
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2008-05-27 à 05:51:32 - Adobe
2007-12-27 à 11:03:26 - Apple
2006-12-25 à 12:27:31 - Apple Computer
2007-11-29 à 07:02:53 - AVS4YOU
2007-02-23 à 17:21:29 - BVRP Software
2006-09-03 à 09:24:45 - Google
2007-12-21 à 12:37:14 - Hewlett-Packard
2005-01-02 à 03:59:06 - HP
2005-01-02 à 04:07:44 - InstallShield
2008-06-09 à 21:15:26 - Malwarebytes
2008-03-26 à 19:40:54 - Messenger Plus!
2008-06-02 à 12:54:11 - Microsoft
2006-11-15 à 08:10:06 - muvee Technologies
2007-11-28 à 23:25:02 - NCH Software
2007-11-05 à 08:20:49 - NCH Swift Sound
2006-05-29 à 05:38:08 - Pinnacle
2006-08-19 à 15:59:51 - QuickTime
2008-02-26 à 08:05:22 - Recisio
2005-01-02 à 03:41:49 - SBSI
2006-04-29 à 22:03:50 - SBT
2005-01-02 à 03:58:30 - Sonic
2008-05-10 à 04:52:05 - Sony
2006-11-12 à 08:25:23 - Spybot - Search & Destroy
2008-06-13 à 19:25:13 - Symantec
2008-06-11 à 06:41:36 - TEMP
2007-11-03 à 14:01:27 - Ulead Systems
2008-02-29 à 19:35:38 - vsosdk
2006-05-06 à 10:36:55 - VUG
2007-12-21 à 12:41:42 - WEBREG
2006-09-01 à 05:32:05 - Windows Genuine Advantage
2006-09-01 à 14:18:06 - Windows Live Toolbar
2007-07-05 à 17:05:45 - WindowsLiveInstaller
2007-07-02 à 15:17:10 - WinZip
2008-05-16 à 18:59:14 - WLInstaller
+- C:\Documents and Settings\Default User\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2004-11-25 à 03:26:00 - Identities
2007-07-05 à 17:05:43 - Microsoft
2005-01-02 à 04:06:37 - Real
2005-01-02 à 04:29:22 - Symantec
+- C:\Documents and Settings\Default User\Local Settings\Application Data
2007-11-20 à 20:35:23 - Apple Computer
2005-01-02 à 03:40:16 - ApplicationHistory
2005-01-02 à 04:17:52 - Microsoft
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
+- C:\Documents and Settings\HP_Propri‚taire\Application Data
2008-03-29 à 07:48:08 - Adobe
2008-05-27 à 05:48:19 - AdobeUM
2007-10-27 à 10:46:04 - Apple Computer
2007-11-29 à 07:02:55 - AVS4YOU
2006-12-25 à 14:37:42 - Blender Foundation
2006-09-10 à 23:00:17 - Google
2006-04-30 à 13:32:46 - Help
2007-01-22 à 15:28:18 - HP
2006-05-01 à 10:39:48 - HPQ
2007-07-09 à 17:37:17 - Identities
2008-05-31 à 06:39:44 - Image Zone Express
2006-05-01 à 11:53:10 - InterVideo
2007-05-21 à 07:14:27 - Jasc
2008-03-03 à 21:54:42 - Lavasoft
2006-05-10 à 05:43:25 - Leadertech
2006-11-13 à 17:46:45 - Macromedia
2008-06-09 à 21:17:07 - Malwarebytes
2007-11-10 à 21:15:15 - Media Player Classic
2007-02-23 à 07:12:49 - Microsoft
2006-04-29 à 21:57:45 - Microsoft Web Folders
2007-08-27 à 06:59:07 - Morpheus Software
2006-09-10 à 14:48:34 - Mozilla
2007-02-01 à 15:43:38 - MSNInstaller
2006-11-15 à 08:10:07 - muvee Technologies
2008-06-02 à 12:54:10 - MySpace
2007-11-05 à 08:13:59 - NCH Swift Sound
2008-05-10 à 05:03:57 - NetMedia Providers
2007-12-21 à 18:46:39 - Printer Info Cache
2008-05-10 à 05:03:57 - Publish Providers
2005-01-02 à 04:06:37 - Real
2007-07-10 à 09:26:51 - RecordPad
2008-03-01 à 07:54:37 - SecuROM
2007-06-09 à 19:16:29 - Serif
2007-05-21 à 20:31:37 - Shareaza
2006-06-01 à 17:11:30 - Simple Star
2006-05-10 à 05:44:21 - Sonic
2008-05-10 à 05:08:51 - Sony
2008-05-09 à 09:10:50 - Sony Setup
2007-09-23 à 22:02:06 - Steinberg
2006-06-22 à 19:41:01 - Sun
2006-04-29 à 21:05:14 - Symantec
2007-05-06 à 08:17:17 - TaoUSign
2006-06-01 à 21:38:09 - Ulead Systems
2008-04-30 à 09:15:01 - Vso
2006-07-01 à 13:55:12 - wxMozze
+- C:\Documents and Settings\HP_Propri‚taire\Local Settings\Application Data
2006-04-30 à 20:07:16 - Adobe
2006-05-29 à 13:24:23 - Ahead
2007-12-27 à 11:03:32 - Apple
2007-04-20 à 17:52:25 - Apple Computer
2008-06-05 à 18:11:03 - ApplicationHistory
2006-09-16 à 23:23:58 - Google
2007-04-19 à 14:33:33 - Help
2006-05-19 à 19:11:26 - HP
2007-07-09 à 17:37:17 - Identities
2006-05-19 à 19:11:36 - IsolatedStorage
2008-06-04 à 09:23:52 - Microsoft
2006-05-10 à 06:16:36 - MicroVision Applications
2006-09-10 à 14:48:34 - Mozilla
2008-05-27 à 05:49:38 - NOS
2007-08-13 à 15:22:57 - Online_TV
2007-09-12 à 06:41:02 - Pando
2008-05-10 à 05:03:44 - Sony
2008-04-28 à 19:19:47 - WMTools Downloaded Files
2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050}
2007-09-12 à 06:33:34 - {7B279561-FBF9-4C9E-9E3D-B3785DCF04E3}
========== Listing du dossier Program Files
+- C:\Program Files
2007-08-27 à 06:50:07 - 3D Flash Animator 4.9.6.5
2007-05-24 à 17:49:37 - a-squared Anti-Malware
2007-05-21 à 14:38:16 - Adobe
2006-05-29 à 06:54:42 - Ahead
2007-12-27 à 11:03:28 - Apple Software Update
2006-10-05 à 06:06:05 - Ashampoo
2007-07-02 à 15:18:37 - Astro
2005-01-02 à 03:52:00 - ATI Technologies
2008-03-03 à 21:40:34 - Audacity
2006-06-25 à 17:38:30 - AviSynth 2.5
2007-11-29 à 08:53:06 - AVS4YOU
2006-04-30 à 15:03:12 - AXEL
2006-04-30 à 13:19:42 - beatsaver
2007-05-21 à 08:38:37 - Casperlab Software
2007-09-09 à 17:12:23 - CDBurnerXP Pro 3
2007-05-20 à 15:36:13 - CoffeeCup Software
2006-05-01 à 10:31:23 - COM One
2004-11-24 à 01:37:34 - ComPlus Applications
2006-04-30 à 15:02:59 - compteur
2007-10-26 à 07:58:56 - Cool MP3 Converter
2006-07-14 à 09:54:36 - DivX
2006-04-30 à 12:20:50 - driver internet
2008-03-01 à 07:40:06 - Ejay
2007-08-09 à 16:48:12 - Elecard
2007-05-21 à 20:26:09 - eMule
2007-07-28 à 05:55:31 - eMule Acceleration Patch
2006-07-13 à 23:16:04 - EO Video
2006-07-01 à 13:53:00 - Evermore
2008-01-04 à 20:45:36 - Fichiers communs
2007-08-20 à 08:41:18 - Foreignword
2007-10-26 à 08:04:53 - Free Audio Pack
2006-04-30 à 08:46:49 - Free.fr
2008-05-25 à 16:07:05 - GameSpy Arcade
2007-11-22 à 20:39:27 - Google
2007-12-21 à 10:43:33 - Hewlett-Packard
2008-04-05 à 18:25:34 - HP
2008-06-14 à 07:07:32 - InstallShield Installation Information
2006-10-10 à 07:00:45 - Intel
2008-06-11 à 08:32:46 - Internet Explorer
2005-01-02 à 04:09:45 - InterVideo
2008-01-04 à 20:53:44 - iPod
2007-10-24 à 19:09:48 - iRiver
2008-01-04 à 20:54:10 - iTunes
2007-07-02 à 15:19:13 - Jasc Software Inc
2008-03-09 à 18:21:33 - Java
2008-04-28 à 13:45:22 - K-Lite Codec Pack
2008-02-26 à 08:05:30 - KaraFun
2006-12-28 à 13:39:52 - KC Softwares
2006-08-16 à 17:50:28 - LafumaUnlimit
2006-08-19 à 16:00:16 - Logitech
2008-06-15 à 12:30:25 - Lopxp
2008-06-09 à 21:15:39 - Malwarebytes' Anti-Malware
2007-05-05 à 10:30:07 - Maxis
2007-07-27 à 18:11:03 - Mediatwins software
2005-01-02 à 03:47:54 - Messenger
2008-06-11 à 21:11:23 - Messenger Plus! Live
2007-11-29 à 06:52:35 - Micro Application
2007-07-24 à 01:00:26 - Microsoft CAPICOM 2.1.0.2
2006-04-29 à 22:02:57 - microsoft frontpage
2007-07-19 à 18:52:35 - Microsoft GIF Animator
2006-04-29 à 22:04:02 - Microsoft Office
2008-05-15 à 20:05:22 - Microsoft Silverlight
2008-05-10 à 04:54:43 - Microsoft SQL Server
2007-12-12 à 12:16:02 - Microsoft SQL Server Compact Edition
2005-01-02 à 04:12:34 - Microsoft Works
2006-06-27 à 09:30:47 - MidiMeow_1_02
2006-06-27 à 09:32:41 - MidiMeow_old_1.01
2007-02-23 à 17:21:21 - mobile PhoneTools
2006-09-10 à 13:49:18 - Morpheus Toolbar
2007-03-21 à 14:46:14 - Movie Maker
2008-06-15 à 10:49:11 - Mozilla Firefox
2007-07-30 à 12:42:14 - MP3 Player Utilities
2007-06-11 à 17:31:51 - MP3 Player Utilities 3.68
2007-06-19 à 21:33:54 - MSN
2004-11-25 à 03:27:30 - MSN Gaming Zone
2007-12-30 à 17:33:23 - MSN Messenger
2008-03-15 à 19:59:29 - MSN Pictures Displayer
2006-10-15 à 01:01:07 - MSXML 4.0
2005-01-02 à 04:15:24 - muvee Technologies
2008-06-05 à 17:11:38 - MySpace
2008-03-03 à 21:45:57 - NCH Software
2007-11-05 à 08:13:57 - NCH Swift Sound
2006-02-01 à 08:02:34 - NetMeeting
2008-05-30 à 22:28:15 - Norton Internet Security
2004-11-25 à 03:27:42 - Online Services
2007-08-13 à 15:26:45 - Online_TV
2007-11-10 à 10:05:06 - OpenOffice.org 2.3
2007-06-13 à 14:44:56 - Outlook Express
2006-10-06 à 07:13:15 - Oxilog
2007-07-13 à 14:16:43 - Philips
2006-07-15 à 10:33:40 - PhotoFiltre
2007-07-22 à 14:55:56 - Pinnacle
2008-05-23 à 05:56:36 - QuickTime
2007-08-14 à 17:42:15 - QuickZip4
2005-01-02 à 04:06:21 - Real
2007-07-22 à 14:53:53 - Replay Converter
2008-05-25 à 16:48:14 - Roger Wilco
2007-06-09 à 19:12:42 - Serif
2005-01-02 à 04:25:12 - Services en ligne
2007-05-21 à 20:31:38 - Shareaza
2006-06-01 à 17:11:15 - Simple Star
2008-04-28 à 13:46:19 - SLD Codec Pack
2008-02-09 à 11:31:05 - SM
2006-04-29 à 22:03:48 - Snapshot Viewer
2005-01-02 à 04:08:28 - Sonic
2008-05-16 à 11:03:37 - Sonic Foundry
2008-05-16 à 11:02:30 - Sonic Foundry Setup
2008-05-10 à 04:46:37 - Sony
2008-05-09 à 09:08:49 - Sony Setup
2007-08-16 à 14:04:42 - Spybot - Search & Destroy
2008-06-11 à 06:59:10 - Spyware Doctor
2008-05-10 à 05:04:11 - Steinberg
2008-05-30 à 22:27:25 - Symantec
2006-05-07 à 09:57:49 - The 3DO Company
2008-06-14 à 16:20:38 - Trend Micro
2007-11-03 à 14:00:12 - Ulead Systems
2008-05-10 à 04:56:26 - Uninstall Information
2006-12-07 à 19:50:54 - Vidomi
2007-04-22 à 08:13:56 - VSO
2008-05-10 à 04:49:01 - Vstplugins
2008-01-03 à 07:36:54 - Western Digital Technologies
2007-02-23 à 17:15:00 - WIDCOMM
2008-03-03 à 21:47:59 - Windows Live
2007-11-30 à 06:21:27 - Windows Live Toolbar
2006-06-01 à 17:07:07 - Windows Media Components
2007-02-05 à 10:22:25 - Windows Media Connect 2
2007-02-05 à 10:22:23 - Windows Media Player
2006-02-01 à 08:02:36 - Windows NT
2004-11-24 à 01:37:48 - WindowsUpdate
2007-06-25 à 20:21:26 - WinZip
2004-11-25 à 03:28:02 - xerox
2007-01-31 à 21:54:45 - Xvid
2008-03-03 à 21:50:51 - Yahoo!
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Connexion facile à Internet.job: C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe /remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
HPCeeSchedule.job: C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe HPCeeSchedule (null)
Norton Internet Security - Analyse système complète - HP_Propriétaire.job: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDetect.exe
Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
========== Clés registre
========== Bloqueur popups Internet Explorer
www5.ratp.info
www.solidays.org
www.cinemapassion.com
PopupMgr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Dossiers\Fichiers : Aucune suggestion.
+- Registre : Aucune suggestion.
- Fin du rapport -
Je te fais suivre un 2 eme rapport aprés avoir essayé l'un des anti virus que tu me conseilles
BitDefender Log File !!!!!
Product : BitDefender Total Security 2008
Version : BitDefender UIScanner v.11
Log date : 18:13:58 15/06/2008
Log path : C:\Documents and Settings\HP_Propriétaire\Application Data\BitDefender\Desktop\Profiles\Logs\manual_scan\1213546438_1_02.xml
Scan Paths:Path0000: C:\
Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : No
Target selection options:Scan registry keys : No
Scan cookies : No
Scan boot sectors : No
Scan memory processes : No
Scan archives : No
Scan runtime packers : No
Scan emails : No
Scan all files : No
Heuristic Scan : No
Scanned extensions :
Excluded extensions :
Target ProcessingDefault action for infected objects : None
Default action for suspicious objects : None
Default action for hidden objects : None
Scan engines summaryNumber of virus signatures : 1260901
Archive plugins : 42
Email plugins : 6
Scan plugins : 12
Archive plugins : 42
System plugins : 4
Unpack plugins : 7
Overall scan summaryScanned items : 427216
Infected items : 7
Suspicious items : 0
Resolved items : 7
Individual viruses found : 6
Scanned directories : 14762
Scanned boot sectors : 0
Scanned archives : 10867
Input-output errors : 41284
Scan time : 00:02:00:56
Files per second : 58
Scanned processes summaryScanned : 0
Infected : 0
Scanned registry keys summaryScanned : 0
Infected : 0
Scanned cookies summaryScanned : 0
Infected : 0
Remaining issues:Object Name Threat Name Final Status
Resolved issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP360\A0103719.exe Adware.NewDotNet.BK Deleted
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP360\A0103720.exe Adware.NewDotNet.BK Deleted
C:\Program Files\Mozilla Firefox\extensions\{C7E0B063-1DC2-4DD0-A502-1D67957B9ADE}\chrome\onestep.jar=]content/onestep.js Adware.OneStep.D Deleted
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP366\A0119011.dll Adware.Smartshopper.B Deleted
C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll Adware.Softomate.BL Deleted
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP367\A0123063.exe Spyware.Hidewindow.A Deleted
C:\Program Files\MP3 Player Utilities 3.68\DelDrv.exe Trojan.Delall.Q Deleted
Objects that were not scanned:Object Name Reason Final Status
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]bar/History/search2 Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]bar/Settings/s_pid.dat Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch14.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch16.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch16.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch17.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch17.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch18.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch18.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch19.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch19.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch20.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch20.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch21.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch21.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch22.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch22.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch6.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip=]install.rdf Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet1.zip=]NDNuninstall6_38.exe Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet14.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet16.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet16.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet17.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet17.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet18.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet18.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet19.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet19.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet20.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet20.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet21.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet21.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet22.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet22.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet23.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet23.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet24.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet24.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet25.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet25.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet26.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet26.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet27.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet27.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet28.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet28.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet29.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet29.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet30.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet30.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet31.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet31.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet32.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet32.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet33.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet33.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet34.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet34.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet35.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet35.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet36.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet36.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet37.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet37.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet38.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet39.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet39.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet40.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet40.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet41.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet41.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet42.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet42.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet43.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet43.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet44.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet44.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]readme.html Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]uninstall6_38.exe Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]uninstall7_22.exe Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip=]WhiteList.xip Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip=]Config.xml Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport6.zip=]sbRecovery.reg Password-Protected No action was possible
Product : BitDefender Total Security 2008
Version : BitDefender UIScanner v.11
Log date : 18:13:58 15/06/2008
Log path : C:\Documents and Settings\HP_Propriétaire\Application Data\BitDefender\Desktop\Profiles\Logs\manual_scan\1213546438_1_02.xml
Scan Paths:Path0000: C:\
Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : No
Target selection options:Scan registry keys : No
Scan cookies : No
Scan boot sectors : No
Scan memory processes : No
Scan archives : No
Scan runtime packers : No
Scan emails : No
Scan all files : No
Heuristic Scan : No
Scanned extensions :
Excluded extensions :
Target ProcessingDefault action for infected objects : None
Default action for suspicious objects : None
Default action for hidden objects : None
Scan engines summaryNumber of virus signatures : 1260901
Archive plugins : 42
Email plugins : 6
Scan plugins : 12
Archive plugins : 42
System plugins : 4
Unpack plugins : 7
Overall scan summaryScanned items : 427216
Infected items : 7
Suspicious items : 0
Resolved items : 7
Individual viruses found : 6
Scanned directories : 14762
Scanned boot sectors : 0
Scanned archives : 10867
Input-output errors : 41284
Scan time : 00:02:00:56
Files per second : 58
Scanned processes summaryScanned : 0
Infected : 0
Scanned registry keys summaryScanned : 0
Infected : 0
Scanned cookies summaryScanned : 0
Infected : 0
Remaining issues:Object Name Threat Name Final Status
Resolved issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP360\A0103719.exe Adware.NewDotNet.BK Deleted
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP360\A0103720.exe Adware.NewDotNet.BK Deleted
C:\Program Files\Mozilla Firefox\extensions\{C7E0B063-1DC2-4DD0-A502-1D67957B9ADE}\chrome\onestep.jar=]content/onestep.js Adware.OneStep.D Deleted
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP366\A0119011.dll Adware.Smartshopper.B Deleted
C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll Adware.Softomate.BL Deleted
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP367\A0123063.exe Spyware.Hidewindow.A Deleted
C:\Program Files\MP3 Player Utilities 3.68\DelDrv.exe Trojan.Delall.Q Deleted
Objects that were not scanned:Object Name Reason Final Status
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]bar/History/search2 Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]bar/Settings/s_pid.dat Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch14.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch16.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch16.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch17.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch17.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch18.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch18.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch19.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch19.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch20.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch20.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch21.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch21.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch22.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch22.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch6.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip=]install.rdf Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet1.zip=]NDNuninstall6_38.exe Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet14.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet16.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet16.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet17.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet17.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet18.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet18.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet19.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet19.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet20.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet20.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet21.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet21.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet22.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet22.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet23.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet23.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet24.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet24.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet25.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet25.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet26.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet26.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet27.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet27.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet28.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet28.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet29.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet29.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet30.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet30.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet31.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet31.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet32.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet32.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet33.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet33.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet34.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet34.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet35.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet35.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet36.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet36.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet37.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet37.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet38.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet39.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet39.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet40.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet40.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet41.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet41.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet42.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet42.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet43.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet43.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet44.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet44.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]newdotnet7_22.dll Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]readme.html Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]uninstall6_38.exe Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]uninstall7_22.exe Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip=]WhiteList.xip Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip=]Config.xml Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport6.zip=]sbRecovery.reg Password-Protected No action was possible
vire ce qui est en quarantaine (sauvegarde ) dans spybot
__________
si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans puis réactive là : https://www.informatruc.com
_____________
recolle un rapport hijakchits et dis tes soucis
__________
si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans puis réactive là : https://www.informatruc.com
_____________
recolle un rapport hijakchits et dis tes soucis
