Gors probleme apparement crypt xpack.gen - Page 4

Précédent
  • 1
  • 2
  • 3
  • 4
  1. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    oui envois le rapport stp
    -1
  2. InfernO.vir
     
    ------------------------------------------------------------­-------------------
    KASPERSKY ON-LINE SCANNER REPORT
    Saturday, September 27, 2008 9:40:56 PM
    Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.84.2
    Dernière mise à jour de la base antivirus Kaspersky : 27/09/2008
    Enregistrements dans la base antivirus Kaspersky : 1131382
    ------------------------------------------------------------­-------------------

    Paramètres d'analyse:
    Analyser avec la base antivirus suivante: standard
    Analyser les archives: vrai
    Analyser les bases de messagerie: vrai

    Cible de l'analyse - Poste de travail:
    C:\
    D:\

    Statistiques de l'analyse:
    Total d'objets analysés: 71952
    Nombre de virus trouvés: 1
    Nombre d'objets infectés: 1 / 0
    Nombre d'objets suspects: 0
    Durée de l'analyse: 03:01:09

    Nom de l'objet infecté / Nom du virus / Dernière action
    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Application Data\$_hpcst$.hpc L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Application Data\BitDefender\Desktop\Profiles\asdict.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Application Data\Shareaza\Data\TigerTree.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\Historique\History.IE5\MSHist012008092720080928\ind­ex.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\temp\WCESLog.log L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\temp\~DF3AEC.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\temp\~DF3B06.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat ­L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\sandra aubert\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Program Files\BitDefender\BitDefender 2008\as2core\antispam_sig_14621\aspdict.dat L'objet est verrouillé ignoré
    C:\Program Files\BitDefender\BitDefender 2008\dbokf.db L'objet est verrouillé ignoré
    C:\Program Files\BitDefender\BitDefender 2008\dbokf.db-journal L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{7C613A87-BF99-4606-961B-887F813D12F7}\R­P75\A0007701.sys Infecté : Hoax.Win32.Agent.fu ignoré
    C:\System Volume Information\_restore{7C613A87-BF99-4606-961B-887F813D12F7}\R­P93\change.log L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\hsperfdata_SYSTEM\728 L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\tmp00003b31\tmp00000000 L'objet est verrouillé ignoré
    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

    Analyse terminée.

    Elle a fait la restauration systeme donc celui-ci devrait etre exterminé !
    -1
  3. NENESSE1401 Messages postés 59 Statut Membre
     
    inferno m a dis de faire un combofix voila le rapport

    ComboFix 08-09-27.01 - sandra aubert 2008-09-27 22:16:57.3 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.960 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\sandra aubert\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-08-27 au 2008-09-27 ))))))))))))))))))))))))))))))))))))
    .

    2008-09-27 18:06 . 2008-09-27 18:06 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2008-09-27 17:19 . 2008-09-27 17:19 <REP> d-------- C:\Program Files\Trend Micro
    2008-09-27 17:18 . 2008-09-27 18:25 <REP> d-------- C:\ToolBar SD
    2008-09-27 17:18 . 2008-09-27 18:23 3,642 --a------ C:\Documents and Settings\Orph.egd
    2008-09-27 00:16 . 2008-09-27 00:17 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Spyware Terminator
    2008-09-27 00:15 . 2008-09-27 00:15 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-09-27 00:14 . 2008-08-20 18:39 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
    2008-09-27 00:14 . 2008-08-20 12:27 <REP> d-------- C:\Documents and Settings\Administrateur\Voisinage r‚seau
    2008-09-27 00:14 . 2005-12-09 08:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-09-27 00:14 . 2008-08-20 18:39 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
    2008-09-27 00:14 . 2008-08-20 18:39 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
    2008-09-27 00:14 . 2008-08-20 18:39 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
    2008-09-27 00:14 . 2008-08-20 18:39 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
    2008-09-27 00:14 . 2008-09-27 00:25 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-09-27 00:14 . 2008-08-20 18:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\toshiba
    2008-09-27 00:14 . 2005-12-09 12:22 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
    2008-09-27 00:14 . 2008-08-20 18:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Sonic
    2008-09-27 00:14 . 2008-09-27 00:14 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-09-26 23:54 . 2008-09-27 12:47 <REP> d-------- C:\Program Files\Navilog1
    2008-09-26 23:43 . 2008-09-26 23:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\sollab
    2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\Lavasoft
    2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\CCleaner
    2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\InterVideo
    2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
    2008-09-26 23:41 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-26 22:38 . 2008-09-26 22:41 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2008-09-26 22:36 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
    2008-09-26 22:34 . 2008-09-26 23:43 <REP> d-------- C:\WINDOWS\Internet Logs
    2008-09-26 22:29 . 2008-09-26 23:43 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-09-26 22:29 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-09-26 22:29 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-09-26 20:16 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-09-26 20:08 . 2008-09-27 11:21 <REP> d-------- C:\Program Files\WinClamAVShield
    2008-09-26 19:51 . 2008-09-27 17:36 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\Spyware Terminator
    2008-09-26 19:51 . 2008-09-26 19:51 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
    2008-09-26 19:50 . 2008-09-26 23:43 <REP> d-------- C:\Program Files\Spyware Terminator
    2008-09-25 19:09 . 2002-08-14 00:08 264,704 --a------ C:\WINDOWS\system32\MaggiUninstall60.exe
    2008-09-25 19:08 . 1999-03-23 09:12 299,520 --a------ C:\WINDOWS\uninst.exe
    2008-09-25 18:54 . 2008-09-26 23:42 <REP> d-------- C:\WINDOWS\system32\Adobe
    2008-09-20 11:47 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-09-20 11:47 . 2008-09-27 17:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-20 10:05 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\BarreConfCMCIC
    2008-09-18 11:26 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\QuickZip4
    2008-09-16 12:22 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\Apple Software Update
    2008-09-16 12:19 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\iTunes
    2008-09-16 12:19 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\iPod
    2008-09-16 12:16 . 2008-09-26 23:41 <REP> d-------- C:\Program Files\QuickTime
    2008-09-16 12:08 . 2008-09-26 23:41 <REP> d-------- C:\Program Files\Bonjour
    2008-09-15 19:30 . 2008-09-15 19:30 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\Malwarebytes
    2008-09-15 19:30 . 2008-09-15 19:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-09-15 17:58 . 1997-01-22 15:34 312,320 --a------ C:\WINDOWS\IsUninst.exe
    2008-09-15 17:58 . 2008-09-25 19:44 491 --a------ C:\WINDOWS\SStylerProDemo.ini
    2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
    2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
    2008-09-05 20:45 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\system32\fr
    2008-09-05 20:45 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\system32\bits
    2008-09-05 20:45 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\l2schemas
    2008-09-05 20:39 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\ServicePackFiles
    2008-09-05 20:23 . 2008-09-05 20:23 <REP> d-------- C:\WINDOWS\EHome
    2008-09-04 19:08 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
    2008-09-04 19:08 . 2004-08-03 22:41 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
    2008-09-04 19:08 . 2004-08-03 22:41 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
    2008-09-04 19:08 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty
    2008-09-04 19:08 . 2004-08-03 22:41 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
    2008-09-04 17:53 . 2008-09-04 17:53 268 --ah----- C:\sqmdata02.sqm
    2008-09-04 17:53 . 2008-09-04 17:53 244 --ah----- C:\sqmnoopt02.sqm
    2008-09-03 23:00 . 2008-09-03 23:00 268 --ah----- C:\sqmdata01.sqm
    2008-09-03 23:00 . 2008-09-03 23:00 244 --ah----- C:\sqmnoopt01.sqm
    2008-09-03 10:41 . 2008-09-03 10:41 <REP> d-------- C:\Program Files\Windows Media Connect 2
    2008-09-03 10:24 . 2008-09-03 10:24 <REP> d-------- C:\WINDOWS\system32\LogFiles
    2008-09-03 10:24 . 2008-09-03 10:33 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
    2008-09-02 10:34 . 2007-11-30 08:45 644,400 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
    2008-09-01 12:25 . 2008-09-01 12:25 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\ArcSoft
    2008-08-30 18:34 . 2008-08-30 18:34 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\Anuman Interactive
    2008-08-30 18:13 . 2004-03-29 15:23 90,112 --a------ C:\WINDOWS\unvise32.exe
    2008-08-30 17:12 . 2008-09-08 19:38 <REP> d-------- C:\Program Files\Fichiers communs\PC SOFT
    2008-08-30 17:12 . 2008-08-30 17:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\magasin
    2008-08-30 09:43 . 2008-08-30 10:29 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\EBP
    2008-08-30 09:16 . 2006-05-10 14:18 1,929,216 --a------ C:\WINDOWS\system32\cdintf250.dll
    2008-08-30 09:13 . 2008-08-30 17:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EBP
    2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe
    2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-27 20:20 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-09-26 21:42 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\muvee Technologies
    2008-09-25 15:07 316 ----a-w C:\Documents and Settings\sandra aubert\Application Data\wklnhst.dat
    2008-09-18 16:39 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-16 10:16 --------- d-----w C:\Program Files\Fichiers communs\Apple
    2008-09-10 18:15 --------- d-----w C:\Program Files\Microsoft Works
    2008-09-05 20:42 --------- d-----w C:\Program Files\MioNet
    2008-09-03 10:35 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\DivX
    2008-09-02 08:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-02 08:34 --------- d-----w C:\Program Files\Google
    2008-08-26 18:02 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-08-26 17:58 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\AdobeUM
    2008-08-21 20:37 --------- d-----w C:\Program Files\MSXML 4.0
    2008-08-21 05:53 --------- d-----w C:\Program Files\Picasa2
    2008-08-20 17:25 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Apple Computer
    2008-08-20 17:10 --------- d-----w C:\Program Files\Services en ligne
    2008-08-20 17:09 --------- d-----w C:\Program Files\Realtek
    2008-08-20 17:07 --------- d-----w C:\Program Files\Microsoft.NET
    2008-08-20 17:07 --------- d-----w C:\Program Files\microsoft frontpage
    2008-08-20 17:07 --------- d-----w C:\Program Files\ltmoh
    2008-08-20 17:00 --------- d-----w C:\Program Files\Fichiers communs\Java
    2008-08-20 16:59 --------- d-----w C:\Program Files\ATI Technologies
    2008-08-20 16:46 --------- d-----w C:\Program Files\DivX
    2008-08-20 16:39 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\toshiba
    2008-08-20 16:39 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Sonic
    2008-08-20 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\SBSI
    2008-08-20 16:09 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
    2008-08-20 15:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-08-20 15:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
    2008-08-20 15:43 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Yahoo!
    2008-08-20 15:28 --------- d-----w C:\Program Files\Microsoft ActiveSync
    2008-08-20 14:17 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-08-20 13:59 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Template
    2008-08-20 12:53 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-08-20 12:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
    2008-08-20 12:22 --------- d-----w C:\Program Files\epson
    2008-08-20 12:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\EPSON
    2008-08-20 11:59 --------- d-----w C:\Program Files\Fichiers communs\Ahead
    2008-08-20 11:59 --------- d-----w C:\Program Files\Ahead
    2008-08-20 11:54 --------- d-----w C:\Program Files\Philips
    2008-08-20 11:52 --------- d-----w C:\Program Files\muvee Technologies
    2008-08-20 11:52 --------- d-----w C:\Program Files\Fichiers communs\muvee Technologies
    2008-08-20 11:51 --------- d-----w C:\Program Files\ArcSoft
    2008-08-20 11:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\muvee Technologies
    2008-08-20 11:48 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\InstallShield
    2008-08-20 11:15 --------- d-----w C:\Program Files\Shareaza
    2008-08-20 11:15 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Shareaza
    2008-08-20 11:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender
    2008-08-20 10:40 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\BitDefender
    2008-08-20 10:39 --------- d-----w C:\Program Files\Fichiers communs\BitDefender
    2008-08-20 10:39 --------- d-----w C:\Program Files\BitDefender
    2008-08-20 10:38 --------- d-----w C:\Program Files\Windows Live
    2008-08-20 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-08-20 10:27 0 --sha-r C:\WINDOWS\system32\drivers\TOSHIBA_Satellite A100_03601-FR_PSAA2E-01700.MRK
    2008-08-20 10:25 17,801 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
    2008-08-20 10:25 --------- d-----w C:\Program Files\Atheros
    2008-08-20 09:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-08-20 09:52 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-08-20 09:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\RoboForm
    2008-08-20 09:38 --------- d-----w C:\Program Files\Siber Systems
    2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 16:50 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
    "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 65536]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 4739072]
    "EPSON Stylus DX6000 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE" [2006-09-22 139264]
    "RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-08-20 160592]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-15 443968]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-13 68856]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
    "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-15 98394]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-15 688218]
    "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2005-05-19 188416]
    "THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2005-12-08 352256]
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]
    "SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 118784]
    "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077328]
    "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-01 122940]
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-09-16 368640]
    "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 40960]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
    "AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
    "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-26 1783808]
    "RTHDCPL"="RTHDCPL.EXE" [2005-11-10 C:\WINDOWS\RTHDCPL.exe]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 C:\WINDOWS\agrsmmsg.exe]
    "TPSMain"="TPSMain.exe" [2005-08-03 C:\WINDOWS\system32\TPSMain.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\Shareaza\\Shareaza.exe"=
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3587:TCP"= 3587:TCP:Groupement homologue Windows
    "3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol)
    "1700:TCP"= 1700:TCP:MioNet Remote Drive Access
    "1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)

    R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-09-26 141312]
    R2 MioNet;MioNet Service;C:\Program Files\MioNet\MioNetManager.exe [2005-07-15 139264]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 86792]
    S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan
    p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
    .
    Contenu du dossier 'Tâches planifiées'
    .
    .
    ------- Examen supplémentaire -------
    .
    R0 -: HKCU-Main,Start Page = hxxp://www.orange.fr/
    R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    R0 -: HKCU-Main,Default_Search_URL = hxxp://www.google.com/ie
    R0 -: HKLM-Main,Window Title =
    R1 -: HKCU-Internet Settings,ProxyOverride = *.local
    R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
    O8 -: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 -: Crawler Search - tbr:iemenu
    O8 -: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 -: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 -: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

    O16 -: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
    C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf
    C:\WINDOWS\system32\unicows.dll
    C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-27 22:20:54
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-09-27 22:23:33
    ComboFix-quarantined-files.txt 2008-09-27 20:23:24

    Avant-CF: 62ÿ780ÿ473ÿ344 octets libres
    Après-CF: 62,777,561,088 octets libres

    278 --- E O F --- 2008-09-10 18:19:35
    -1
  4. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    ok...

    télécharge trojan remover à cette adresse, un tuto sera à ta disposition pour savoir l utiliser :

    https://www.androidworld.fr/

    ensuite :

    ▶ Télécharge a-squared free 3.5

    ▶ Un tutoriel est à ta disposition pour bien l utiliser.

    ▶ fais la mise à jour et une analyse complète.

    ▶ poste le rapport stp
    -1
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. NENESSE1401 Messages postés 59 Statut Membre
     
    ok j fais quand meme le bitdefender on line? il telecharge els mise a jour pour le moment
    -1
  7. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    y avait pas besoin de refaire un combofix :s

    et on ne demande pas une désinfection par MP^^

    fais ce que je t ai demandé stp nenesse

    @+
    -1
  8. geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
     
    oui fais tout et postes les rapports stp
    -1
  9. NENESSE1401 Messages postés 59 Statut Membre
     
    ok et si inferno pouvait venir aussi sur ce post comme ca vous pouvais voir tout les deux enfin si c est possible j veux pas abuser des gens non plus
    -1
  10. InfernO.vir
     
    Si! jveux verifier un truc redonne moi le rapport de combo mais a mon adresse email--> nucky-las@voila.fr

    C:\Documents and Settings\sandra aubert\Application Data\wklnhst.dat <--navipromo n'est-ce pas ?
    -1
  11. NENESSE1401 Messages postés 59 Statut Membre
     
    bon le bitdefender on line n a pas pu mettre a jour tout mais ma demande de lancer lescan ce que j ai fais j attend la fin et je post rapport merci
    -1
  12. NENESSE1401 Messages postés 59 Statut Membre
     
    scan bitle scna bitdefender me dis impossible d analyser l ordi je reessaye d installer les mises a jour et de relancer le scan
    -1
  13. NENESSE1401 Messages postés 59 Statut Membre
     
    deuxieme essai meme probleme bitdefender ne peut pas installer mise a jour et pas scanner

    j laisse tomber ou ???
    -1
  14. NENESSE1401 Messages postés 59 Statut Membre
     
    bon pour le moment a squared a detecte 65 truc mais il n a pas encor fini et trojan truc reste à 97% depuis un moment et pour bitdefender on line pas possible a chaque fois il plante
    -1
  15. NENESSE1401 Messages postés 59 Statut Membre
     
    bon voila le rapport de trojan machin

    ***** NORMAL SCAN FOR ACTIVE MALWARE *****
    Trojan Remover Ver 6.7.2.2545. For information, email support@simplysup1.com
    [Unregistered version]
    Scan started at: 22:38:13 27 sept. 2008
    Using Database v7143
    Operating System: Windows XP SP3 [Windows XP Home Edition Service Pack 3 (Build 2600)]
    File System: NTFS
    Data directory: C:\Documents and Settings\sandra aubert\Application Data\Simply Super Software\Trojan Remover\
    Database directory: C:\Program Files\Trojan Remover\
    Logfile directory: C:\Documents and Settings\sandra aubert\Mes documents\Simply Super Software\Trojan Remover Logfiles\
    Program directory: C:\Program Files\Trojan Remover\
    Running with Administrator privileges

    ************************************************************

    ************************************************************
    22:38:13: Scanning ----------WIN.INI-----------
    WIN.INI found in C:\WINDOWS

    ************************************************************
    22:38:13: Scanning --------SYSTEM.INI---------
    SYSTEM.INI found in C:\WINDOWS

    ************************************************************
    22:38:13: ----- SCANNING FOR ROOTKIT SERVICES -----
    No hidden Services were detected.

    ************************************************************
    22:38:17: Scanning -----WINDOWS REGISTRY-----
    --------------------
    Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    This key's "Shell" value calls the following program(s):
    File: Explorer.exe
    C:\WINDOWS\Explorer.exe
    1037824 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    ----------
    This key's "Userinit" value calls the following program(s):
    File: C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\system32\userinit.exe
    26624 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    ----------
    This key's "System" value appears to be blank
    ----------
    This key's "UIHost" value calls the following program:
    File: logonui.exe
    C:\WINDOWS\system32\logonui.exe
    515584 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    ----------
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    --------------------
    Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Value Name: ATIPTA
    Value Data: "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    344064 bytes
    Created: 09/12/2005
    Modified: 05/08/2005
    Company: ATI Technologies, Inc.
    --------------------
    Value Name: RTHDCPL
    Value Data: RTHDCPL.EXE
    C:\WINDOWS\RTHDCPL.EXE
    15473664 bytes
    Created: 09/12/2005
    Modified: 10/11/2005
    Company: Realtek Semiconductor Corp.
    --------------------
    Value Name: SynTPLpr
    Value Data: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    98394 bytes
    Created: 09/12/2005
    Modified: 15/10/2004
    Company: Synaptics, Inc.
    --------------------
    Value Name: SynTPEnh
    Value Data: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    688218 bytes
    Created: 09/12/2005
    Modified: 15/10/2004
    Company: Synaptics, Inc.
    --------------------
    Value Name: LtMoh
    Value Data: C:\Program Files\ltmoh\Ltmoh.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    188416 bytes
    Created: 09/12/2005
    Modified: 19/05/2005
    Company: Agere Systems
    --------------------
    Value Name: AGRSMMSG
    Value Data: AGRSMMSG.exe
    C:\WINDOWS\AGRSMMSG.exe
    88203 bytes
    Created: 09/12/2005
    Modified: 15/10/2005
    Company: Agere Systems
    --------------------
    Value Name: THotkey
    Value Data: C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    352256 bytes
    Created: 09/12/2005
    Modified: 08/12/2005
    Company: TOSHIBA
    --------------------
    Value Name: Tvs
    Value Data: C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    73728 bytes
    Created: 09/12/2005
    Modified: 30/11/2005
    Company: TOSHIBA Corporation
    --------------------
    Value Name: TPSMain
    Value Data: TPSMain.exe
    C:\WINDOWS\system32\TPSMain.exe
    266240 bytes
    Created: 09/12/2005
    Modified: 03/08/2005
    Company: TOSHIBA Corporation
    --------------------
    Value Name: SmoothView
    Value Data: C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    118784 bytes
    Created: 09/12/2005
    Modified: 17/05/2005
    Company: TOSHIBA Corporation
    --------------------
    Value Name: PadTouch
    Value Data: C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    1077328 bytes
    Created: 09/12/2005
    Modified: 30/08/2005
    Company: TOSHIBA
    --------------------
    Value Name: DLA
    Value Data: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    122940 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    --------------------
    Value Name: BitDefender Antiphishing Helper
    Value Data: "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe
    61440 bytes
    Created: 09/10/2007
    Modified: 09/10/2007
    Company: BitDefender
    --------------------
    Value Name: BDAgent
    Value Data: "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    368640 bytes
    Created: 23/05/2008
    Modified: 16/09/2008
    Company: BitDefender S.R.L.
    --------------------
    Value Name: BigDogPath
    Value Data: C:\WINDOWS\VM_STI.exe Philips SPC 200NC PC Camera
    C:\WINDOWS\VM_STI.exe
    40960 bytes
    Created: 20/08/2008
    Modified: 09/06/2004
    Company: BIGDOG
    --------------------
    Value Name: QuickTime Task
    Value Data: "C:\Program Files\QuickTime\qttask.exe" -atboottime
    C:\Program Files\QuickTime\qttask.exe
    413696 bytes
    Created: 06/09/2008
    Modified: 06/09/2008
    Company: Apple Inc.
    --------------------
    Value Name: AppleSyncNotifier
    Value Data: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    111936 bytes
    Created: 03/09/2008
    Modified: 03/09/2008
    Company: Apple Inc.
    --------------------
    Value Name: iTunesHelper
    Value Data: "C:\Program Files\iTunes\iTunesHelper.exe"
    C:\Program Files\iTunes\iTunesHelper.exe
    289576 bytes
    Created: 10/09/2008
    Modified: 10/09/2008
    Company: Apple Inc.
    --------------------
    Value Name: SpywareTerminator
    Value Data: "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
    C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
    1783808 bytes
    Created: 26/09/2008
    Modified: 26/09/2008
    Company: Crawler.com
    --------------------
    Value Name: TrojanScanner
    Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
    C:\Program Files\Trojan Remover\Trjscan.exe
    922192 bytes
    Created: 27/09/2008
    Modified: 20/09/2008
    Company: Simply Super Software
    --------------------
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
    This Registry Key appears to be empty
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
    This Registry Key appears to be empty
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
    This Registry Key appears to be empty
    --------------------
    Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
    This Registry Key appears to be empty
    --------------------
    Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Value Name: CTFMON.EXE
    Value Data: C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    15360 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    --------------------
    Value Name: TOSCDSPD
    Value Data: C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    65536 bytes
    Created: 09/12/2005
    Modified: 11/04/2005
    Company: TOSHIBA
    --------------------
    Value Name: Shareaza
    Value Data: "C:\Program Files\Shareaza\Shareaza.exe" -tray
    C:\Program Files\Shareaza\Shareaza.exe
    4739072 bytes
    Created: 20/08/2008
    Modified: 01/01/2008
    Company: Shareaza Development Team
    --------------------
    Value Name: EPSON Stylus DX6000 Series
    Value Data: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S2D2.tmp" /EF "HKCU"
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE
    139264 bytes
    Created: 20/08/2008
    Modified: 22/09/2006
    Company: SEIKO EPSON CORPORATION
    --------------------
    Value Name: RoboForm
    Value Data: "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    160592 bytes
    Created: 20/08/2008
    Modified: 20/08/2008
    Company: Siber Systems
    --------------------
    Value Name: H/PC Connection Agent
    Value Data: "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    1289000 bytes
    Created: 13/11/2006
    Modified: 13/11/2006
    Company: Microsoft Corporation
    --------------------
    Value Name: Picasa Media Detector
    Value Data: C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    443968 bytes
    Created: 15/08/2008
    Modified: 15/08/2008
    Company: Google Inc.
    --------------------
    Value Name: swg
    Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    68856 bytes
    Created: 13/09/2008
    Modified: 13/09/2008
    Company: Google Inc.
    --------------------
    Value Name: SpybotSD TeaTimer
    Value Data: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - this entry is globally excluded
    --------------------
    --------------------
    Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty
    --------------------
    Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    This Registry Key appears to be empty
    --------------------
    Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    This Registry Key appears to be empty
    --------------------
    Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
    This Registry Key appears to be empty

    ************************************************************
    22:38:33: Scanning -----SHELLEXECUTEHOOKS-----
    ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
    File: shell32.dll - this file is expected and has been left in place
    ----------

    ************************************************************
    22:38:33: Scanning -----HIDDEN REGISTRY ENTRIES-----
    Taskdir check completed
    ----------
    No Hidden File-loading Registry Entries found
    ----------

    ************************************************************
    22:38:33: Scanning -----ACTIVE SCREENSAVER-----
    No active ScreenSaver found to scan.

    ************************************************************
    22:38:33: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
    Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
    Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
    C:\WINDOWS\INF\wmp11.inf
    2441 bytes
    Created: 03/11/2006
    Modified: 03/11/2006
    Company:
    ----------

    ************************************************************
    22:38:34: Scanning ----- SERVICEDLL REGISTRY KEYS -----
    Key: 6to4
    Path: %SystemRoot%\System32\6to4svc.dll
    C:\WINDOWS\System32\6to4svc.dll
    100352 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    --------------------
    Key: AppMgmt
    %SystemRoot%\System32\appmgmts.dll - file is globally excluded (file cannot be found)
    --------------------
    Key: BITS
    Path: %systemroot%\system32\qmgr.dll
    C:\WINDOWS\system32\qmgr.dll
    409088 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    --------------------
    Key: p2pgasvc
    Path: %SystemRoot%\system32\p2pgasvc.dll
    C:\WINDOWS\system32\p2pgasvc.dll
    105472 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    --------------------
    Key: scan
    Path: C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll
    151552 bytes
    Created: 25/04/2008
    Modified: 10/09/2008
    Company: S.C. BitDefender S.R.L
    --------------------

    ************************************************************
    22:38:37: Scanning ----- SERVICES REGISTRY KEYS -----
    Key: ACS
    ImagePath: C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\acs.exe
    36864 bytes
    Created: 20/08/2008
    Modified: 08/07/2005
    Company:
    ----------
    Key: AegisP
    ImagePath: system32\DRIVERS\AegisP.sys
    C:\WINDOWS\system32\DRIVERS\AegisP.sys
    17801 bytes
    Created: 20/08/2008
    Modified: 20/08/2008
    Company: Meetinghouse Data Communications
    ----------
    Key: Apple Mobile Device
    ImagePath: "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    116040 bytes
    Created: 10/09/2008
    Modified: 10/09/2008
    Company: Apple Inc.
    ----------
    Key: AR5211
    ImagePath: system32\DRIVERS\ar5211.sys
    C:\WINDOWS\system32\DRIVERS\ar5211.sys
    468736 bytes
    Created: 09/12/2005
    Modified: 12/09/2005
    Company: Atheros Communications, Inc.
    ----------
    Key: aspnet_state
    ImagePath: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
    32768 bytes
    Created: 15/07/2004
    Modified: 15/07/2004
    Company: Microsoft Corporation
    ----------
    Key: Bdfndisf
    ImagePath: system32\DRIVERS\bdfndisf.sys
    C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
    86792 bytes
    Created: 02/06/2008
    Modified: 02/06/2008
    Company: BitDefender SRL
    ----------
    Key: bdfsfltr
    ImagePath: system32\drivers\bdfsfltr.sys
    C:\WINDOWS\system32\drivers\bdfsfltr.sys
    196368 bytes
    Created: 07/01/2008
    Modified: 07/01/2008
    Company: BitDefender S.R.L. Bucharest, ROMANIA
    ----------
    Key: bdftdif
    ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
    156688 bytes
    Created: 25/01/2008
    Modified: 25/01/2008
    Company: BitDefender SRL
    ----------
    Key: BDSelfPr
    ImagePath: \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
    C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
    8320 bytes
    Created: 16/01/2008
    Modified: 16/01/2008
    Company: BitDefender S.R.L.
    ----------
    Key: Bonjour Service
    ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe"
    C:\Program Files\Bonjour\mDNSResponder.exe
    238888 bytes
    Created: 29/08/2008
    Modified: 29/08/2008
    Company: Apple Inc.
    ----------
    Key: CFSvcs
    ImagePath: C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    40960 bytes
    Created: 09/12/2005
    Modified: 18/01/2005
    Company: TOSHIBA CORPORATION
    ----------
    Key: DLABOIOM
    ImagePath: System32\DLA\DLABOIOM.SYS
    C:\WINDOWS\System32\DLA\DLABOIOM.SYS
    25628 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: DLACDBHM
    ImagePath: System32\Drivers\DLACDBHM.SYS
    C:\WINDOWS\System32\Drivers\DLACDBHM.SYS
    5628 bytes
    Created: 09/12/2005
    Modified: 07/07/2005
    Company: Sonic Solutions
    ----------
    Key: DLADResN
    ImagePath: System32\DLA\DLADResN.SYS
    C:\WINDOWS\System32\DLA\DLADResN.SYS
    2496 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: DLAIFS_M
    ImagePath: System32\DLA\DLAIFS_M.SYS
    C:\WINDOWS\System32\DLA\DLAIFS_M.SYS
    86524 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: DLAOPIOM
    ImagePath: System32\DLA\DLAOPIOM.SYS
    C:\WINDOWS\System32\DLA\DLAOPIOM.SYS
    14684 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: DLAPoolM
    ImagePath: System32\DLA\DLAPoolM.SYS
    C:\WINDOWS\System32\DLA\DLAPoolM.SYS
    6364 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: DLARTL_N
    ImagePath: System32\Drivers\DLARTL_N.SYS
    C:\WINDOWS\System32\Drivers\DLARTL_N.SYS
    22684 bytes
    Created: 09/12/2005
    Modified: 07/07/2005
    Company: Sonic Solutions
    ----------
    Key: DLAUDFAM
    ImagePath: System32\DLA\DLAUDFAM.SYS
    C:\WINDOWS\System32\DLA\DLAUDFAM.SYS
    92700 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: DLAUDF_M
    ImagePath: System32\DLA\DLAUDF_M.SYS
    C:\WINDOWS\System32\DLA\DLAUDF_M.SYS
    87004 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: DRVMCDB
    ImagePath: System32\Drivers\DRVMCDB.SYS
    C:\WINDOWS\System32\Drivers\DRVMCDB.SYS
    88704 bytes
    Created: 09/12/2005
    Modified: 28/07/2005
    Company: Sonic Solutions
    ----------
    Key: DRVNDDM
    ImagePath: System32\Drivers\DRVNDDM.SYS
    C:\WINDOWS\System32\Drivers\DRVNDDM.SYS
    40544 bytes
    Created: 09/12/2005
    Modified: 07/07/2005
    Company: Sonic Solutions
    ----------
    Key: gusvc
    ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    138168 bytes
    Created: 21/08/2008
    Modified: 21/08/2008
    Company: Google
    ----------
    Key: HDAudBus
    ImagePath: system32\DRIVERS\HDAudBus.sys
    C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    144384 bytes
    Created: 07/01/2005
    Modified: 13/04/2008
    Company: Windows (R) Server 2003 DDK provider
    ----------
    Key: ImapiService
    ImagePath: %systemroot%\system32\imapi.exe
    C:\WINDOWS\system32\imapi.exe
    150528 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    ----------
    Key: IntcAzAudAddService
    ImagePath: system32\drivers\RtkHDAud.sys
    C:\WINDOWS\system32\drivers\RtkHDAud.sys
    4064256 bytes
    Created: 09/12/2005
    Modified: 11/11/2005
    Company: Realtek Semiconductor Corp.
    ----------
    Key: Iviaspi
    ImagePath: system32\drivers\iviaspi.sys
    C:\WINDOWS\system32\drivers\iviaspi.sys
    21060 bytes
    Created: 09/12/2005
    Modified: 11/09/2003
    Company: InterVideo, Inc.
    ----------
    Key: LIVESRV
    ImagePath: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    1155072 bytes
    Created: 30/04/2008
    Modified: 30/04/2008
    Company: BitDefender SRL
    ----------
    Key: MioNet
    ImagePath: "C:\Program Files\MioNet\MioNetManager.exe" -s "C:\Program Files\MioNet\wrapper.conf"
    C:\Program Files\MioNet\MioNetManager.exe
    -R- 139264 bytes
    Created: 15/07/2005
    Modified: 15/07/2005
    Company:
    ----------
    Key: Netdevio
    ImagePath: system32\DRIVERS\netdevio.sys
    C:\WINDOWS\system32\DRIVERS\netdevio.sys
    12032 bytes
    Created: 09/12/2005
    Modified: 29/01/2003
    Company: TOSHIBA Corporation.
    ----------
    Key: ose
    ImagePath: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
    C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
    89136 bytes
    Created: 28/07/2003
    Modified: 28/07/2003
    Company: Microsoft Corporation
    ----------
    Key: Pfc
    ImagePath: system32\drivers\pfc.sys
    C:\WINDOWS\system32\drivers\pfc.sys
    10368 bytes
    Created: 09/12/2005
    Modified: 19/09/2003
    Company: Padus, Inc.
    ----------
    Key: Profos
    ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys
    12800 bytes
    Created: 12/07/2007
    Modified: 12/07/2007
    Company:
    ----------
    Key: RTL8023xp
    ImagePath: system32\DRIVERS\Rtlnicxp.sys
    C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
    74496 bytes
    Created: 09/12/2005
    Modified: 04/03/2005
    Company: Realtek Semiconductor Corporation
    ----------
    Key: sp_rsdrv2
    ImagePath: \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
    C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
    141312 bytes
    Created: 26/09/2008
    Modified: 26/09/2008
    Company:
    ----------
    Key: sp_rssrv
    ImagePath: "C:\Program Files\Spyware Terminator\sp_rsser.exe"
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    570880 bytes
    Created: 26/09/2008
    Modified: 26/09/2008
    Company: Crawler.com
    ----------
    Key: SwPrv
    ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{0EB74963-BA23-477D-B8F5-8947340A9836}
    C:\WINDOWS\system32\dllhost.exe
    5120 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    ----------
    Key: SynTP
    ImagePath: system32\DRIVERS\SynTP.sys
    C:\WINDOWS\system32\DRIVERS\SynTP.sys
    185728 bytes
    Created: 09/12/2005
    Modified: 15/10/2004
    Company: Synaptics, Inc.
    ----------
    Key: TAPPSRV
    ImagePath: "C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe"
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    35328 bytes
    Created: 09/12/2005
    Modified: 10/08/2005
    Company: TOSHIBA Corp.
    ----------
    Key: Tcpip6
    ImagePath: system32\DRIVERS\tcpip6.sys
    C:\WINDOWS\system32\DRIVERS\tcpip6.sys
    225856 bytes
    Created: 09/12/2005
    Modified: 20/06/2008
    Company: Microsoft Corporation
    ----------
    Key: Trufos
    ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys
    36736 bytes
    Created: 10/07/2007
    Modified: 10/07/2007
    Company:
    ----------
    Key: TVALD
    ImagePath: system32\DRIVERS\NBSMI.sys
    C:\WINDOWS\system32\DRIVERS\NBSMI.sys
    6144 bytes
    Created: 09/12/2005
    Modified: 20/10/2005
    Company: Toshiba Corporation
    ----------
    Key: Tvs
    ImagePath: system32\DRIVERS\Tvs.sys
    C:\WINDOWS\system32\DRIVERS\Tvs.sys
    43392 bytes
    Created: 09/12/2005
    Modified: 30/11/2005
    Company: TOSHIBA Corporation
    ----------
    Key: usb_rndisx
    ImagePath: system32\DRIVERS\usb8023x.sys
    C:\WINDOWS\system32\DRIVERS\usb8023x.sys
    12800 bytes
    Created: 20/08/2008
    Modified: 21/10/2005
    Company: Microsoft Corporation
    ----------
    Key: usnjsvc
    ImagePath: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    98328 bytes
    Created: 18/10/2007
    Modified: 18/10/2007
    Company: Microsoft Corporation
    ----------
    Key: VSSERV
    ImagePath: "C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    1261568 bytes
    Created: 25/04/2008
    Modified: 15/09/2008
    Company: BitDefender S.R.L.
    ----------
    Key: WLSetupSvc
    ImagePath: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
    C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    266240 bytes
    Created: 25/10/2007
    Modified: 25/10/2007
    Company: Microsoft Corporation
    ----------
    Key: XCOMM
    ImagePath: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    86016 bytes
    Created: 27/11/2007
    Modified: 27/11/2007
    Company: BitDefender
    ----------

    ************************************************************
    22:39:06: Scanning -----VXD ENTRIES-----

    ************************************************************
    22:39:06: Scanning ----- WINLOGON\NOTIFY DLLS -----

    ************************************************************
    22:39:07: Scanning ----- CONTEXTMENUHANDLERS -----
    Key: EPPShellEx
    CLSID: {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78}
    Path: C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll
    C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll
    69632 bytes
    Created: 20/08/2008
    Modified: 13/04/2006
    Company: SEIKO EPSON CORPORATION
    ----------
    Key: ShellExtension
    CLSID: [empty]
    ----------
    Key: SPTContMenu
    CLSID: {BD88A479-9623-4897-8546-BC62B9628F44}
    Path: C:\Program Files\Spyware Terminator\sptcontmenu.dll
    C:\Program Files\Spyware Terminator\sptcontmenu.dll
    164352 bytes
    Created: 26/09/2008
    Modified: 26/09/2008
    Company: Crawler.com
    ----------
    Key: {D653647D-D607-4df6-A5B8-48D2BA195F7B}
    Path: C:\Program Files\BitDefender\BitDefender 2008\bdshelxt.dll
    C:\Program Files\BitDefender\BitDefender 2008\bdshelxt.dll
    155648 bytes
    Created: 14/12/2007
    Modified: 14/12/2007
    Company: BitDefender S.R.L
    ----------

    ************************************************************
    22:39:08: Scanning ----- FOLDER\COLUMNHANDLERS -----

    ************************************************************
    22:39:08: Scanning ----- BROWSER HELPER OBJECTS -----
    Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    BHO: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    59032 bytes
    Created: 18/12/2006
    Modified: 18/12/2006
    Company: Adobe Systems Incorporated
    ----------
    Key: {53707962-6F74-2D53-2644-206D7942484F}
    BHO: C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    1562448 bytes
    Created: 20/09/2008
    Modified: 07/07/2008
    Company: Safer Networking Limited
    ----------
    Key: {5CA3D70E-1895-11CF-8E15-001234567890}
    BHO: C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    110652 bytes
    Created: 09/12/2005
    Modified: 01/08/2005
    Company: Sonic Solutions
    ----------
    Key: {724d43a9-0d85-11d4-9908-00400523e39a}
    BHO: C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    5751624 bytes
    Created: 20/08/2008
    Modified: 20/08/2008
    Company: Siber Systems Inc.
    ----------
    Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
    BHO: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    328752 bytes
    Created: 20/09/2007
    Modified: 20/09/2007
    Company: Microsoft Corporation
    ----------
    Key: {988B07F5-7392-455A-8A1F-64935CB8B6ED}
    BHO: C:\Program Files\BarreConfCMCIC\TAPBar.dll
    C:\Program Files\BarreConfCMCIC\TAPBar.dll
    225280 bytes
    Created: 14/09/2007
    Modified: 14/09/2007
    Company: Euro-Information
    ----------
    Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
    BHO: c:\program files\google\googletoolbar2.dll
    c:\program files\google\googletoolbar2.dll
    -R- 2436160 bytes
    Created: 21/08/2008
    Modified: 19/01/2007
    Company: Google Inc.
    ----------
    Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    BHO: C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    737776 bytes
    Created: 13/09/2008
    Modified: 13/09/2008
    Company: Google Inc.
    ----------
    Key: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}
    BHO: C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    368640 bytes
    Created: 20/08/2008
    Modified: 21/02/2005
    Company: SEIKO EPSON CORPORATION
    ----------

    ************************************************************
    22:39:10: Scanning ----- SHELLSERVICEOBJECTS -----
    Key: SysTray
    CLSID: {35CEC8A3-2BE6-11D2-8773-92E220524153}
    Path: %systemroot%\system32\stobject.dll
    C:\WINDOWS\system32\stobject.dll
    122368 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    ----------
    Key: UPnPMonitor
    CLSID: {e57ce738-33e8-4c51-8354-bb4de9d215d1}
    Path: C:\WINDOWS\system32\upnpui.dll
    C:\WINDOWS\system32\upnpui.dll
    240128 bytes
    Created: 09/12/2005
    Modified: 14/04/2008
    Company: Microsoft Corporation
    ----------
    Key: WPDShServiceObj
    CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
    Path: C:\WINDOWS\system32\WPDShServiceObj.dll
    C:\WINDOWS\system32\WPDShServiceObj.dll
    133632 bytes
    Created: 18/10/2006
    Modified: 18/10/2006
    Company: Microsoft Corporation
    ----------

    ************************************************************
    22:39:11: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

    ************************************************************
    22:39:11: Scanning ----- IMAGEFILE DEBUGGERS -----
    No "Debugger" entries found.

    ************************************************************
    22:39:11: Scanning ----- APPINIT_DLLS -----
    The AppInit_DLLs value is blank

    ************************************************************
    22:39:11: Scanning ----- SECURITY PROVIDER DLLS -----

    ************************************************************
    22:39:12: Scanning ------ COMMON STARTUP GROUP ------
    [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
    The Common Startup Group attempts to load the following file(s) at boot time:
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
    -HS- 84 bytes
    Created: 09/12/2005
    Modified: 09/12/2005
    Company:
    --------------------

    ************************************************************
    No User Startup Groups were located to check

    ************************************************************
    22:39:12: Scanning ----- SCHEDULED TASKS -----
    Taskname: AppleSoftwareUpdate.job
    File: C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    566592 bytes
    Created: 30/07/2008
    Modified: 30/07/2008
    Company: Apple Inc.
    Parameters: -task
    Next Run Time: 29/09/2008 12:36:00
    Status: La tâche est prête à s'exécuter à l'heure prévue
    Creator: SYSTEM
    Comments: [blank]
    ----------
    Taskname: Symantec NetDetect.job
    File: C:\Program Files\Symantec\LiveUpdate\NDetect.exe
    Parameters: [blank]
    Next Run Time: 27/09/2008 22:44:00
    Status: La tâche n'a pas encore été exécutée
    Creator: SYSTEM
    Comments: Symantec NetDetect
    C:\Program Files\Symantec\LiveUpdate\NDetect.exe [file not found to scan]
    ----------

    ************************************************************
    22:39:12: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

    ************************************************************
    22:39:12: ----- ADDITIONAL CHECKS -----
    PE386 rootkit checks completed
    ----------
    Winlogon registry rootkit checks completed
    ----------
    Heuristic checks for hidden files/drivers completed
    ----------
    Layered Service Provider entries checks completed
    ----------
    Windows Explorer Policies checks completed
    ----------
    Desktop Wallpaper: C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    13102134 bytes
    Created: 20/08/2008
    Modified: 23/09/2008
    Company:
    ----------
    Web Desktop Wallpaper: %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    13102134 bytes
    Created: 20/08/2008
    Modified: 23/09/2008
    Company:
    ----------
    Additional checks completed

    ************************************************************
    22:39:18: Scanning ----- RUNNING PROCESSES -----

    C:\WINDOWS\System32\smss.exe
    --------------------
    C:\WINDOWS\system32\csrss.exe
    --------------------
    C:\WINDOWS\system32\winlogon.exe
    --------------------
    C:\WINDOWS\system32\services.exe
    --------------------
    C:\WINDOWS\system32\lsass.exe
    --------------------
    C:\WINDOWS\system32\Ati2evxx.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe - file already scanned
    --------------------
    C:\WINDOWS\System32\svchost.exe - file already scanned
    --------------------
    C:\WINDOWS\system32\svchost.exe - file already scanned
    --------------------
    C:\WINDOWS\system32\svchost.exe - file already scanned
    --------------------
    C:\WINDOWS\system32\Ati2evxx.exe
    --------------------
    C:\WINDOWS\system32\spoolsv.exe
    --------------------
    C:\WINDOWS\system32\acs.exe - file already scanned
    --------------------
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - file already scanned
    --------------------
    C:\Program Files\Bonjour\mDNSResponder.exe - file already scanned
    --------------------
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - file already scanned
    --------------------
    C:\Program Files\MioNet\MioNetManager.exe - file already scanned
    --------------------
    C:\WINDOWS\system32\tcpsvcs.exe
    --------------------
    C:\Program Files\Spyware Terminator\sp_rsser.exe - file already scanned
    --------------------
    C:\Program Files\MioNet\jvm\bin\MioNet.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe - file already scanned
    --------------------
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe - file already scanned
    --------------------
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe - file already scanned
    --------------------
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe - file already scanned
    --------------------
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe - file already scanned
    --------------------
    C:\WINDOWS\System32\svchost.exe - file already scanned
    --------------------
    C:\WINDOWS\System32\alg.exe
    --------------------
    C:\WINDOWS\system32\wscntfy.exe
    --------------------
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe - file already scanned
    --------------------
    C:\WINDOWS\RTHDCPL.EXE - file already scanned
    --------------------
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe - file already scanned
    --------------------
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - file already scanned
    --------------------
    C:\Program Files\ltmoh\Ltmoh.exe - file already scanned
    --------------------
    C:\WINDOWS\AGRSMMSG.exe - file already scanned
    --------------------
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe - file already scanned
    --------------------
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe - file already scanned
    --------------------
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe - file already scanned
    --------------------
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe - file already scanned
    --------------------
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE - file already scanned
    --------------------
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe - file already scanned
    --------------------
    C:\WINDOWS\VM_STI.exe - file already scanned
    --------------------
    C:\Program Files\iTunes\iTunesHelper.exe - file already scanned
    --------------------
    C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe - file already scanned
    --------------------
    C:\WINDOWS\system32\ctfmon.exe - file already scanned
    --------------------
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe - file already scanned
    --------------------
    C:\Program Files\Shareaza\Shareaza.exe - file already scanned
    --------------------
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe - file already scanned
    --------------------
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe - file already scanned
    --------------------
    C:\Program Files\Picasa2\PicasaMediaDetector.exe - file already scanned
    --------------------
    C:\WINDOWS\system32\TPSBattM.exe
    --------------------
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    --------------------
    C:\Program Files\iPod\bin\iPodService.exe
    --------------------
    C:\WINDOWS\explorer.exe - file already scanned
    --------------------
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    --------------------
    C:\Program Files\internet explorer\iexplore.exe
    --------------------
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    --------------------
    C:\Documents and Settings\sandra aubert\Application Data\Simply Super Software\Trojan Remover\cos57.exe
    FileSize: 2552384
    [This is a Trojan Remover component]
    --------------------
    --------------------
    C:\Documents and Settings\sandra aubert\Bureau\a2FreeSetup.exe
    --------------------

    ************************************************************
    23:13:40: Checking AUTOEXEC.BAT file
    AUTOEXEC.BAT found in C:\
    No malicious entries were found in the AUTOEXEC.BAT file

    ************************************************************
    23:13:40: Checking AUTOEXEC.NT file
    AUTOEXEC.NT found in C:\WINDOWS\system32
    No malicious entries were found in the AUTOEXEC.NT file

    ************************************************************
    23:13:40: Checking HOSTS file
    No malicious entries were found in the HOSTS file

    ************************************************************
    ------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
    HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
    https://www.msn.com/fr-fr/
    HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
    %SystemRoot%\system32\blank.htm
    HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
    https://www.msn.com/fr-fr/?ocid=iehp
    HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
    HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
    HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
    https://www.orange.fr/portail
    HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
    C:\WINDOWS\system32\blank.htm
    HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
    http://www.google.com/toolbar/ie8/sidebar.html

    ************************************************************
    === NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
    Scan completed at: 23:13:41 27 sept. 2008
    Total Scan time: 00:35:27
    ************************************************************
    -1
  16. NENESSE1401 Messages postés 59 Statut Membre
     
    je vous remercie deja et vous souhaite une bonne nuit je reviendrai demain un petit peu pour voir si vous avez repondu sinon je serai encor la dans la semaine des lundi matin

    bon dimanche au cas ou j attend la fin de a suqared et je poste le rapport apres ca je vais me coucher donc a demain ou lundi
    -1
  17. NENESSE1401 Messages postés 59 Statut Membre
     
    voila le rapport a squared

    Version - a-squared Free 3.5
    Dernière mise à jour : 27/09/2008 22:42:48

    Paramètres des balayages :

    Éléments : Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
    Balaye dans les archives : Marche
    Analyse heuristique : Marche
    Balayage ADS : Marche

    Lancement du balayage : 27/09/2008 22:44:47

    Key: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\software\kazaa détectés : Trace.Registry.KaZaA
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\software\microsoft\windows\currentversion\run --> shareaza détectés : Trace.Registry.Shareaza
    c:\documents and settings\sandra aubert\application data\shareaza détectés : Trace.Directory.Shareaza Lite
    c:\documents and settings\sandra aubert\application data\shareaza\collections détectés : Trace.Directory.Shareaza Lite
    c:\documents and settings\sandra aubert\application data\shareaza\data détectés : Trace.Directory.Shareaza Lite
    c:\documents and settings\sandra aubert\application data\shareaza\torrents détectés : Trace.Directory.Shareaza Lite
    c:\documents and settings\sandra aubert\application data\shareaza\data\library1.dat détectés : Trace.File.Shareaza Lite
    c:\documents and settings\sandra aubert\application data\shareaza\data\tigertree.dat détectés : Trace.File.Shareaza Lite
    c:\documents and settings\sandra aubert\application data\shareaza\data\uploadqueues.dat détectés : Trace.File.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_CLASSES_ROOT\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> CollectionPath détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> CompletePath détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> IncompletePath détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> TorrentPath détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Plugins --> {2EE9D739-7726-41cf-8F18-4B1B8763BC63} détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Plugins --> {9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646} détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> FirstRun détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> GUIMode détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> Language détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> RatesInBytes détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> Running détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> VerboseMode détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Skins --> ShareazaOS\ShareazaOS.xml détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\VersionCheck --> NextCheck détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Windows --> CMainWnd.ShowCmd détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Windows --> CRemoteWnd.ShowCmd détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza --> Path détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza --> UserPath détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Mike`s Simple Scopes détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Sonique Wrapper détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> WMP Wrapper détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .avi détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .div détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mp3 détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpeg détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpg détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\General --> Shareaza Image Viewer détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .avi détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpeg détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpg détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpeg détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpg détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .png détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\LibraryBuilder --> .sks détectés : Trace.Registry.Shareaza Lite
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\MediaPlayer --> Default détectés : Trace.Registry.Shareaza Lite
    C:\Documents and Settings\sandra aubert\Cookies\sandra_aubert@commentcamarche[1].txt détectés : Trace.TrackingCookie
    C:\Documents and Settings\sandra aubert\Cookies\sandra_aubert@smartadserver[1].txt détectés : Trace.TrackingCookie
    C:\Documents and Settings\sandra aubert\Cookies\sandra_aubert@specificclick[2].txt détectés : Trace.TrackingCookie
    C:\Program Files\Navilog1\Process.exe détectés : Riskware.RiskTool.Win32.Processor.20

    Analysé

    Fichiers : 72192
    Traces : 437248
    Cookies : 47
    Processus : 61

    Trouvé

    Fichiers : 1
    Traces : 62
    Cookies : 3
    Processus : 0
    Clés de Registre : 0

    Fin du balayage : 28/09/2008 00:35:12
    Durée du balayage : 1:50:25

    a tte
    -1
  18. NENESSE1401 Messages postés 59 Statut Membre
     
    je ne sais pas ou j en suis vous etes toujours la???

    j ai lance un trendsecure scan gratuit et il a commence le scan il a deja vu un spyware, mon ordi marche encor au ralenti egalement
    -1
  19. NENESSE1401 Messages postés 59 Statut Membre
     
    resolu!!!!
    -1
  20. NENESSE1401 Messages postés 59 Statut Membre
     
    je suis la ...
    -2
Précédent
  • 1
  • 2
  • 3
  • 4