tonton_yan
Membres-
Compteur de contenus
7 -
Inscription
-
Dernière visite
Autres informations
-
Mes langues
français
tonton_yan's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
Demande de vérification de mon PC : virus ?
tonton_yan a répondu à un(e) sujet de tonton_yan dans Analyses et éradication malwares
Bonjour, Je ne peux expliquer comment mais je n'ai plus aucuns problemes. J'ai bien supprimé quelques "restes" de programmes, genre gorecord ou winantivir. Je tiens quand même encore à vous dire un grand merci pour votre aide et pour le temps que vous m'avez consacré. -
Demande de vérification de mon PC : virus ?
tonton_yan a répondu à un(e) sujet de tonton_yan dans Analyses et éradication malwares
Bonjour Le scan à été fait et rien n'à été détecté. Voici le rapport: 10/25/06 23:09:16 [info]: BlackLight Engine 1.0.47 initialized 10/25/06 23:09:16 [info]: OS: 5.1 build 2600 (Service Pack 2) 10/25/06 23:09:16 [Note]: 7019 4 10/25/06 23:09:16 [Note]: 7005 0 10/25/06 23:09:20 [Note]: 7006 0 10/25/06 23:09:20 [Note]: 7011 1476 10/25/06 23:09:20 [Note]: 7026 0 10/25/06 23:09:20 [Note]: 7026 0 10/25/06 23:09:30 [Note]: FSRAW library version 1.7.1020 10/25/06 23:16:05 [Note]: 7007 0 -
Demande de vérification de mon PC : virus ?
tonton_yan a répondu à un(e) sujet de tonton_yan dans Analyses et éradication malwares
Voici le nouveau rapport: Logfile of HijackThis v1.99.1 Scan saved at 23:10:35, on 22/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\CyberLink\PowerVCRII\Agent.exe C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Support.com\bin\tgcmd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe C:\WINDOWS\system32\sistray.exe C:\Program Files\UltimateZip 2.7\uzqkst.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\scanner.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://be.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file) O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [Agent] "C:\Program Files\CyberLink\PowerVCRII\Agent.exe" O4 - HKLM\..\Run: [Remote_Agent] "C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\system32\Utility.exe \1008 O4 - HKLM\..\Run: [RAS2000] C:\WINDOWS\system32\Ras2000.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip 2.7\uzqkst.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Photo Express SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O15 - Trusted Zone: http://safety.live.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1152829492609 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Unknown owner - C:\Program Files\Norton Internet Security\ISSVC.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing) -
Demande de vérification de mon PC : virus ?
tonton_yan a répondu à un(e) sujet de tonton_yan dans Analyses et éradication malwares
Bonjour, voici le rapport panda. Mais pour éclairer un peu la situation, voici tout les problèmes que j'ai: Ouvertures de fenêtre pop-up intempestive (ex: winantivirus, doctorweb, sarah freder,...) sous IE mais surtout extinction du PC avec le message suivant "STOP c000021a erreur systeme. Le processus systeme windows logon process s'est terminé de manière inattendue...." puis quand je redemarre le PC, j'ai le message "winlogon.exe a rencontré un problème et a du fermer" et malgré tout les scan et l'éradiction de malware, adware etc, les problemes persistent. J'espere que vous pourrez m'aider a trouver une solide et encore un grand merci pour votre aide Incident Status Location Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.atdmt.com/] Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.advertising.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.questionmarket.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.zedo.com/] Spyware:Cookie/Advalvas Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.www.advalvas.be/] Spyware:Cookie/Advalvas Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.www.advalvas.be/fr/] Spyware:Cookie/Advalvas Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[www.advalvas.be/fr/] Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.atwola.com/] Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.drivecleaner.com/] Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.fe.lea.lycos.fr/] Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.kinghost.com/] Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.stats.drivecleaner.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.toplist.cz/] Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt[.www48.seeq.com/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\yan\Cookies\yan@bluestreak[1].txt Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\yan\Cookies\yan@drivecleaner[1].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\yan\Cookies\yan@metriweb[1].txt Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\yan\Cookies\[email protected][2].txt Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\yan\Cookies\[email protected][2].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\yan\Cookies\yan@xiti[1].txt -
Demande de vérification de mon PC : virus ?
tonton_yan a répondu à un(e) sujet de tonton_yan dans Analyses et éradication malwares
voici le rapport diaghelp C:\WINDOWS\System32\wpa.dbl -->18/10/2006 20:41:04 C:\WINDOWS\System32\CONFIG.NT -->16/10/2006 0:09:28 C:\WINDOWS\System32\FNTCACHE.DAT -->14/10/2006 23:00:15 C:\WINDOWS\System32\MRT.exe -->4/10/2006 22:03:45 C:\WINDOWS\System32\Tabctl32.ocx -->22/09/2006 20:33:20 C:\WINDOWS\System32\ReyXp.ocx -->22/09/2006 20:33:20 C:\WINDOWS\System32\COMDLG32.OCX -->22/09/2006 20:33:20 C:\WINDOWS\System32\ff_vfw.dll -->21/09/2006 11:31:24 C:\WINDOWS\System32\msxml3.dll -->13/09/2006 7:03:06 C:\WINDOWS\System32\msxml4.dll -->12/09/2006 17:51:42 C:\WINDOWS\System32\avsda.dll -->7/09/2006 12:56:35 C:\WINDOWS\System32\shdocvw.dll -->4/09/2006 8:12:53 C:\WINDOWS\System32\OAMLogFile.txt -->28/08/2006 16:26:23 C:\WINDOWS\System32\NativeATM.inf -->28/08/2006 15:49:32 C:\WINDOWS\System32\comctl32.dll -->25/08/2006 17:51:14 C:\WINDOWS\System32\fltlib.dll -->21/08/2006 14:26:15 C:\WINDOWS\System32\fltmc.exe -->21/08/2006 11:14:58 C:\WINDOWS\System32\6to4svc.dll -->16/08/2006 13:59:27 C:\WINDOWS\System32\LuResult.txt -->13/08/2006 23:11:34 C:\WINDOWS\System32\TRJ_NTAUTO.TMP -->13/08/2006 16:16:46 C:\WINDOWS\System32\S32EVNT1.DLL -->12/08/2006 1:32:35 C:\WINDOWS\System32\capicom.dll -->3/08/2006 17:29:28 C:\WINDOWS\System32\mshtml.dll -->28/07/2006 13:28:08 C:\WINDOWS\System32\inetcomm.dll -->27/07/2006 15:26:19 C:\WINDOWS\System32\jupdate-1.5.0_06-b05.log -->26/07/2006 9:59:53 C:\WINDOWS\0.log -->18/10/2006 20:40:48 C:\WINDOWS\WindowsUpdate.log -->18/10/2006 20:39:14 C:\WINDOWS\wiaservc.log -->18/10/2006 20:39:04 C:\WINDOWS\bootstat.dat -->18/10/2006 20:38:42 C:\WINDOWS\wiadebug.log -->18/10/2006 20:35:09 C:\WINDOWS\SchedLgU.Txt -->18/10/2006 20:35:09 C:\WINDOWS\win.ini -->18/10/2006 19:47:05 C:\WINDOWS\system.ini -->18/10/2006 19:47:05 C:\WINDOWS\setupapi.log -->18/10/2006 16:31:09 C:\WINDOWS\setupact.log -->18/10/2006 15:05:50 C:\WINDOWS\ntbtlog.txt -->18/10/2006 15:04:42 C:\WINDOWS\SetupADSL.log -->16/10/2006 2:00:56 C:\WINDOWS\mozver.dat -->14/10/2006 23:13:16 C:\WINDOWS\Thumbs.db -->14/10/2006 16:30:42 C:\WINDOWS\nsreg.dat -->14/10/2006 12:58:46 C:\WINDOWS\alcrmv.exe |Realtek Semiconductor Corp. |03/02/2006 21:01:22 C:\WINDOWS\alcupd.exe |Realtek Semiconductor Corp. |03/02/2006 21:01:22 C:\WINDOWS\bitdeins.exe |ABBYY |07/09/1999 18:31:30 C:\WINDOWS\InstFunc.exe |COMPANY |03/02/2006 21:02:13 C:\WINDOWS\IsUn040c.exe |InstallShield Software Corporation |16/08/2004 19:25:14 C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |03/02/2006 21:16:06 C:\WINDOWS\iun6002.exe |Indigo Rose Corporation |04/08/2006 14:48:11 C:\WINDOWS\meta4.exe |COMPANY |13/05/2005 17:12:00 C:\WINDOWS\MOTA113.exe |COMPANY |24/10/2005 11:13:58 C:\WINDOWS\SOUNDMAN.EXE |Realtek Semiconductor Corp. |03/02/2006 21:01:23 C:\WINDOWS\twunk_16.exe |Twain Working Group |16/08/2004 18:41:16 C:\WINDOWS\twunk_32.exe |Twain Working Group |16/08/2004 18:41:16 C:\WINDOWS\x2.64.exe |COMPANY |13/10/2005 21:27:00 C:\WINDOWS\InstFunc.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:13 C:\WINDOWS\twain.dll |Groupe de travail Twain |16/08/2004 18:41:16 C:\WINDOWS\twain_32.dll |Groupe de travail Twain |16/08/2004 18:41:16 C:\WINDOWS\system32\AMELaunchUninst.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\append.exe |COMPANY |16/08/2004 18:39:57 C:\WINDOWS\system32\ChCfg.exe |COMPANY |03/02/2006 21:01:23 C:\WINDOWS\system32\CustomizeNdisParams.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\debug.exe |COMPANY |16/08/2004 18:40:04 C:\WINDOWS\system32\DivXsm.exe |COMPANY |06/01/2006 19:06:34 C:\WINDOWS\system32\dosx.exe |COMPANY |16/08/2004 18:40:08 C:\WINDOWS\system32\dvdplay.exe |COMPANY |23/08/2001 18:47:34 C:\WINDOWS\system32\edlin.exe |COMPANY |16/08/2004 18:40:20 C:\WINDOWS\system32\exe2bin.exe |COMPANY |16/08/2004 18:40:21 C:\WINDOWS\system32\fastopen.exe |COMPANY |16/08/2004 18:40:21 C:\WINDOWS\system32\GainSettings.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\InstallHardware.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |26/07/2006 09:59:54 C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |26/07/2006 09:59:54 C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |26/07/2006 09:59:54 C:\WINDOWS\system32\mem.exe |COMPANY |16/08/2004 18:40:35 C:\WINDOWS\system32\mscdexnt.exe |COMPANY |16/08/2004 18:40:39 C:\WINDOWS\system32\nlsfunc.exe |COMPANY |16/08/2004 18:40:48 C:\WINDOWS\system32\PnpFix.exe |COMPANY |28/08/2006 15:49:31 C:\WINDOWS\system32\pxcpya64.exe |Sonic Solutions |10/03/2006 16:01:28 C:\WINDOWS\system32\pxcpyi64.exe |Sonic Solutions |26/03/2006 16:35:42 C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |10/03/2006 16:01:28 C:\WINDOWS\system32\pxinsa64.exe |Sonic Solutions |10/03/2006 16:01:28 C:\WINDOWS\system32\pxinsi64.exe |Sonic Solutions |26/03/2006 16:35:42 C:\WINDOWS\system32\Ras2000.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\RasXP.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\redir.exe |COMPANY |16/08/2004 18:41:00 C:\WINDOWS\system32\RemDial.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\RemoveElan.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\RenCSA.exe |COMPANY |28/08/2006 15:49:31 C:\WINDOWS\system32\RShort2k.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\RTLCPL.EXE |Realtek Semiconductor Corp. |03/02/2006 21:01:22 C:\WINDOWS\system32\SetIpConfig2000Xp.exe |COMPANY |28/08/2006 15:49:29 C:\WINDOWS\system32\setver.exe |COMPANY |16/08/2004 18:41:03 C:\WINDOWS\system32\share.exe |COMPANY |16/08/2004 18:41:03 C:\WINDOWS\system32\sherlock2.exe |COMPANY |29/11/2004 17:43:20 C:\WINDOWS\system32\sistray.exe |Silicon Integrated Systems Corporation |03/02/2006 21:02:18 C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |23/08/2001 18:47:48 C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |23/08/2001 18:47:48 C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |23/08/2001 18:47:48 C:\WINDOWS\system32\x.264.exe |COMPANY |28/02/2005 13:16:22 C:\WINDOWS\system32\3ivx.dll |3ivx.com |10/03/2006 15:00:47 C:\WINDOWS\system32\3ivxVfWCodec.dll |3ivx.com |10/03/2006 15:00:48 C:\WINDOWS\system32\amstream.dll |COMPANY |16/08/2004 18:39:57 C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |16/08/2004 18:39:57 C:\WINDOWS\system32\atmlib.dll |Adobe Systems |16/08/2004 18:39:57 C:\WINDOWS\system32\avsda.dll |H+BEDV Datentechnik GmbH |17/10/2006 01:59:30 C:\WINDOWS\system32\AVSredirect.dll |COMPANY |14/07/2005 12:31:20 C:\WINDOWS\system32\BASSMOD.dll |COMPANY |25/02/2006 01:46:32 C:\WINDOWS\system32\Borlndmm.dll |Borland International |09/02/1998 04:30:00 C:\WINDOWS\system32\Capi2032.dll |COMPANY |11/07/2000 15:29:04 C:\WINDOWS\system32\compatUI.dll |COMPANY |16/08/2004 18:40:03 C:\WINDOWS\system32\Cp3240mt.dll |Borland International |09/02/1998 04:30:00 C:\WINDOWS\system32\cpuinf32.dll |COMPANY |10/03/2006 15:00:43 C:\WINDOWS\system32\cygwin1.dll |Red Hat |26/06/2005 15:32:28 C:\WINDOWS\system32\cygz.dll |COMPANY |21/06/2005 22:37:42 C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |16/08/2004 18:55:15 C:\WINDOWS\system32\dgsetup.dll |Digi International |16/08/2004 18:55:15 C:\WINDOWS\system32\DivX.dll |DivX, Inc. |06/01/2006 19:06:33 C:\WINDOWS\system32\divxdec_0407.dll |DivXNetworks, Inc. |16/09/2004 22:23:48 C:\WINDOWS\system32\divxdec_040c.dll |DivXNetworks, Inc. |16/09/2004 22:23:48 C:\WINDOWS\system32\divxdec_0411.dll |DivXNetworks, Inc. |22/09/2004 20:35:53 C:\WINDOWS\system32\divx_xx07.dll |DivX, Inc. |06/01/2006 19:05:30 C:\WINDOWS\system32\divx_xx0c.dll |DivX, Inc. |06/01/2006 19:05:29 C:\WINDOWS\system32\divx_xx11.dll |DivX, Inc. |06/01/2006 19:05:29 C:\WINDOWS\system32\dpl100.dll |DivXNetworks |06/01/2006 18:34:58 C:\WINDOWS\system32\dpu10.dll |DivXNetworks |06/01/2006 18:34:57 C:\WINDOWS\system32\dpu11.dll |DivXNetworks |06/01/2006 18:34:57 C:\WINDOWS\system32\dpuGUI10.dll |DivXNetworks |06/01/2006 18:34:58 C:\WINDOWS\system32\dpuGUI11.dll |DivXNetworks |06/01/2006 18:34:58 C:\WINDOWS\system32\dpus10.dll |DivXNetworks |16/09/2004 22:24:25 C:\WINDOWS\system32\dpus11.dll |DivXNetworks |06/01/2006 18:34:57 C:\WINDOWS\system32\dpv10.dll |DivXNetworks |16/09/2004 22:24:25 C:\WINDOWS\system32\dpv11.dll |DivXNetworks |06/01/2006 18:34:57 C:\WINDOWS\system32\dtu100.dll |DivXNetworks |06/01/2006 18:34:58 C:\WINDOWS\system32\emUSD.dll |eMPIA Technology, Inc. |12/02/2006 00:52:31 C:\WINDOWS\system32\emVFW.dll |eMPIA Technology, Inc. |12/02/2006 00:52:31 C:\WINDOWS\system32\encdec.dll |COMPANY |16/08/2004 18:40:21 C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |16/08/2004 18:55:15 C:\WINDOWS\system32\ff_vfw.dll |COMPANY |21/09/2006 11:31:24 C:\WINDOWS\system32\GEARAspi.dll |GEAR Software Inc. |31/05/2005 10:20:36 C:\WINDOWS\system32\HPODXPAT.DLL |Hewlett Packard Company |11/06/2004 13:27:32 C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |16/08/2004 19:03:32 C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |16/08/2004 19:03:05 C:\WINDOWS\system32\i420vfw.dll |www.helixcommunity.org |25/01/2004 00:00:00 C:\WINDOWS\system32\iccvid.dll |Radius Inc. |16/08/2004 18:40:27 C:\WINDOWS\system32\ieencode.dll |COMPANY |16/08/2004 18:40:28 C:\WINDOWS\system32\ir32_32.dll |COMPANY |16/08/2004 18:40:31 C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |16/08/2004 18:41:37 C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |16/08/2004 18:41:37 C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |16/08/2004 18:41:37 C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |16/08/2004 18:41:37 C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |16/08/2004 18:41:37 C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |16/08/2004 19:06:15 C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |16/08/2004 18:40:31 C:\WINDOWS\system32\jgdw400.dll |America Online |16/08/2004 18:40:31 C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |16/08/2004 18:40:31 C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |16/08/2004 18:40:31 C:\WINDOWS\system32\jgsd400.dll |America Online |16/08/2004 18:40:31 C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |16/08/2004 18:40:31 C:\WINDOWS\system32\Lfbmp10n.dll |LEAD Technologies, Inc. |01/12/1998 15:29:18 C:\WINDOWS\system32\lfbmp11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lfcal10n.dll |LEAD Technologies, Inc. |22/09/1998 18:20:58 C:\WINDOWS\system32\Lfcmp10n.dll |LEAD Technologies, Inc. |01/12/1998 15:30:50 C:\WINDOWS\system32\LFCMP11n.DLL |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lfdic10n.dll |LEAD Technologies, Inc. |02/10/1998 20:40:00 C:\WINDOWS\system32\lfeps11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lffax10n.dll |LEAD Technologies, Inc. |30/11/1998 15:21:18 C:\WINDOWS\system32\lffax11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\lfgif11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lfimg10n.dll |LEAD Technologies, Inc. |22/09/1998 18:23:38 C:\WINDOWS\system32\Lflma10n.dll |LEAD Technologies, Inc. |22/09/1998 18:23:46 C:\WINDOWS\system32\Lflmb10n.dll |LEAD Technologies, Inc. |22/09/1998 18:23:54 C:\WINDOWS\system32\Lfmac10n.dll |LEAD Technologies, Inc. |22/09/1998 18:24:02 C:\WINDOWS\system32\lfpcd11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lfpct10n.dll |LEAD Technologies, Inc. |22/09/1998 18:24:16 C:\WINDOWS\system32\Lfpcx10n.dll |LEAD Technologies, Inc. |22/09/1998 18:24:24 C:\WINDOWS\system32\lfpcx11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lfpng11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\lfpsd11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\lftga11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lftif10n.dll |LEAD Technologies, Inc. |01/12/1998 15:30:18 C:\WINDOWS\system32\lftif11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Lfwmf10n.dll |LEAD Technologies, Inc. |02/10/1998 20:40:22 C:\WINDOWS\system32\lfwmf11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\libdivx.dll |The OpenSSL Project, http://www.openssl.org/ |06/01/2006 18:17:35 C:\WINDOWS\system32\Ltdis10n.dll |LEAD Technologies, Inc. |02/10/1998 20:39:28 C:\WINDOWS\system32\LTDIS11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Ltfil10n.dll |LEAD Technologies, Inc. |03/12/1998 13:37:08 C:\WINDOWS\system32\ltfil11n.DLL |LEAD Technologies, Inc. |07/06/2002 01:02:00 C:\WINDOWS\system32\Ltimg10n.dll |LEAD Technologies, Inc. |22/09/1998 18:18:50 C:\WINDOWS\system32\ltimg11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:02 C:\WINDOWS\system32\Ltkrn10n.dll |LEAD Technologies, Inc. |01/12/1998 15:28:06 C:\WINDOWS\system32\ltkrn11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:02 C:\WINDOWS\system32\Ltwrp10n.dll |LEAD Technologies, Inc. |22/11/1998 22:16:02 C:\WINDOWS\system32\Ltwvc11n.dll |LEAD Technologies, Inc. |07/06/2002 01:02:02 C:\WINDOWS\system32\mcdvd_32.dll |MainConcept |16/05/2006 09:21:29 C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |23/08/2001 18:47:06 C:\WINDOWS\system32\msdmo.dll |COMPANY |16/08/2004 18:40:40 C:\WINDOWS\system32\msencode.dll |COMPANY |16/08/2004 18:40:40 C:\WINDOWS\system32\MultLang.dll |COMPANY |24/07/2006 16:14:53 C:\WINDOWS\system32\paqsp.dll |COMPANY |23/08/2001 18:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |Eastman Kodak |07/06/2002 01:02:02 C:\WINDOWS\system32\pncrt.dll |Real Networks, Inc |18/03/2006 01:21:29 C:\WINDOWS\system32\pndx5016.dll |RealNetworks, Inc. |03/02/2006 21:11:31 C:\WINDOWS\system32\pndx5032.dll |RealNetworks, Inc. |03/02/2006 21:11:31 C:\WINDOWS\system32\property.dll |COMPANY |01/01/1980 01:00:00 C:\WINDOWS\system32\PS1MiniDrv.dll |Mustek Systems Inc. |08/04/2006 13:48:30 C:\WINDOWS\system32\PSIKey.dll |Protexis Inc. |16/09/2004 22:23:53 C:\WINDOWS\system32\Px.dll |Sonic Solutions |19/10/2004 17:56:36 C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |06/05/2005 02:01:00 C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |19/10/2004 17:55:44 C:\WINDOWS\system32\PxWave.dll |Sonic Solutions |19/10/2004 17:55:16 C:\WINDOWS\system32\PXWMA.dll |Sonic Solutions |25/03/2004 11:30:40 C:\WINDOWS\system32\qedwipes.dll |COMPANY |16/08/2004 18:40:58 C:\WINDOWS\system32\qt-dx331.dll |COMPANY |06/01/2006 18:34:58 C:\WINDOWS\system32\qt-mt331.dll |COMPANY |16/09/2004 22:24:26 C:\WINDOWS\system32\rmoc3260.dll |RealNetworks, Inc. |03/02/2006 21:11:34 C:\WINDOWS\system32\RtlCPAPI.dll |COMPANY |03/02/2006 21:01:23 C:\WINDOWS\system32\S32EVNT1.DLL |Symantec Corporation |12/08/2006 01:11:09 C:\WINDOWS\system32\sbe.dll |COMPANY |16/08/2004 18:41:02 C:\WINDOWS\system32\SiSApCom.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:35 C:\WINDOWS\system32\SiSBase.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:14 C:\WINDOWS\system32\sisgl.dll |Silicon Integrated Systems Corporation |01/01/1980 01:00:00 C:\WINDOWS\system32\sisgrv.dll |Silicon Integrated Systems Corporation |01/01/1980 01:00:00 C:\WINDOWS\system32\SiSHook.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:35 C:\WINDOWS\system32\SiSInst.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:14 C:\WINDOWS\system32\SiSParse.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:14 C:\WINDOWS\system32\SiSPInst.dll |Silicon Integrated Systems Corporation |01/01/1980 01:00:00 C:\WINDOWS\system32\SiSPower.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:14 C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |16/08/2004 18:41:05 C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |16/08/2004 18:41:05 C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |16/08/2004 18:41:05 C:\WINDOWS\system32\Smab.dll |http://mediainfo.sourceforge.net |27/04/2006 10:24:24 C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |23/08/2001 18:47:18 C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |16/08/2004 18:55:15 C:\WINDOWS\system32\ssldivx.dll |The OpenSSL Project, http://www.openssl.org/ |06/01/2006 18:17:35 C:\WINDOWS\system32\SymNeti.dll |Symantec Corporation |05/04/2005 11:17:04 C:\WINDOWS\system32\SymRedir.dll |Symantec Corporation |05/04/2005 11:17:04 C:\WINDOWS\system32\tsd32.dll |COMPANY |16/08/2004 18:41:16 C:\WINDOWS\system32\TVMode.dll |Silicon Integrated Systems Corporation |03/02/2006 21:02:35 C:\WINDOWS\system32\TWAIN32d.dll |COMPANY |14/09/1998 21:43:16 C:\WINDOWS\system32\umloader.dll |Sonic Solutions |07/01/2004 02:01:00 C:\WINDOWS\system32\unrar.dll |COMPANY |10/03/2006 15:00:51 C:\WINDOWS\system32\unzip32.dll |Info-ZIP |15/02/2006 02:15:03 C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20 C:\WINDOWS\system32\vp31vfw.dll |On2.com |10/03/2006 15:00:48 C:\WINDOWS\system32\vp6vfw.dll |On2.com |10/03/2006 15:00:48 C:\WINDOWS\system32\vp7vfw.dll |On2.com |10/03/2006 15:00:48 C:\WINDOWS\system32\VXBLOCK.dll |Sonic Solutions |20/05/2004 02:00:00 C:\WINDOWS\system32\win87em.dll |COMPANY |16/08/2004 18:41:22 C:\WINDOWS\system32\x264vfw.dll |COMPANY |10/03/2006 15:00:48 C:\WINDOWS\system32\yv12vfw.dll |www.helixcommunity.org |25/01/2004 00:00:00 C:\WINDOWS\system32\_psisdecd.dll |COMPANY |03/02/2006 21:09:42 Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 640A-4D4D Répertoire de C:\WINDOWS\system32 05/08/2004 15:00 6.144 csrss.exe 1 fichier(s) 6.144 octets 0 Rép(s) 113.313.873.920 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 640A-4D4D Répertoire de C:\WINDOWS\Downloaded Program Files 18/10/2006 16:31 <REP> . 18/10/2006 16:31 <REP> .. 16/08/2004 19:08 65 desktop.ini 08/08/2006 11:45 576 kavwebscan.inf 13/02/2006 19:03 367 LegitCheckControl.inf 26/05/2005 04:19 293 muweb.inf 03/06/2002 17:53 144 QTPlugin.inf 11/09/2006 10:37 7.491.496 WebCleaner.dll 11/09/2006 11:38 318 WebCleaner.inf 27/07/2006 16:33 452.920 wlscBase.dll 27/07/2006 16:40 319 wlscBase.inf 9 fichier(s) 7.946.498 octets Total des fichiers listés : 9 fichier(s) 7.946.498 octets 2 Rép(s) 113.313.873.920 octets libres Liste des programmes installes ABBYY FineReader 4.0 Sprint AC-3 ACM Decompressor Ad-Aware SE Personal Adobe Acrobat 4.0 Adobe Reader 7.0.8 - Français Adobe Shockwave Player AOL Security Toolbar AutoUpdate Avira AntiVir PersonalEdition Classic BearPaw 1200CU v1.3 Belgacom Genius CD Jaquette 5.0 ConvertXtoDVD 2.0.13 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 Crush'Em 2.0 DivX DivX Player DVD Shrink 3.2 eMule ewido anti-spyware 4.0 Exact Audio Copy 0.95b4 Hercules Smart TV USB2 Drivers HijackThis 1.99.1 HP Image Zone Express HP Software Update iTunes iTunes J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_05 K-Lite Codec Pack 2.70 Full Kaspersky Online Scanner Lecteur Windows Media 10 Macromedia Shockwave Player MediaCoder 0.5.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft Office Standard Edition 2003 Microsoft Works Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mozilla Firefox (1.5) MSN MSN Messenger 7.5 MSXML 4.0 SP2 (KB925672) Music Manager Plug&Play ADSL Modem Driver Suite PowerVCR II Puzzl'Em 1.0 Beta2 QuickTime QuickTime RealPlayer Realtek AC'97 Audio SiS VGA Utilities Sonic MyDVD Sonic RecordNow! Spybot - Search & Destroy 1.4 StationRipper 2.33B SUPER © Version 2006.19 (FIX) Super Collapse! III Switch Uninstall Symantec Network Drivers Update TES Construction Set Tetris Ulead Photo Express 3.0 SE UltimateZip 2.7 WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Live Safety Scanner Windows Media Format Runtime Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 640A-4D4D Répertoire de C:\Program Files 18/10/2006 14:57 <REP> . 18/10/2006 14:57 <REP> .. 10/04/2006 22:51 <REP> ABBYY FineReader 4.0 Sprint 09/04/2006 00:19 <REP> Adobe 13/08/2006 23:20 <REP> Alwil Software 17/10/2006 01:59 <REP> AntiVir PersonalEdition Classic 17/10/2006 01:37 <REP> AOL Security Toolbar 16/05/2006 15:19 <REP> AviSynth 2.5 09/04/2006 00:17 <REP> BearPaw 1200CU 16/08/2004 19:05 <REP> ComPlus Applications 01/03/2006 17:10 <REP> CyberLink 16/05/2006 09:42 <REP> DivX 01/04/2006 00:23 <REP> DVD Shrink 07/10/2006 15:49 <REP> eMule 16/05/2006 15:19 <REP> eRightSoft 18/10/2006 14:58 <REP> ewido anti-spyware 4.0 04/08/2006 07:40 <REP> Exact Audio Copy 16/10/2006 02:14 <REP> Fichiers communs 16/10/2006 02:00 <REP> Google 08/04/2006 23:42 <REP> Hercules 10/04/2006 23:41 <REP> Hewlett-Packard 18/10/2006 17:20 <REP> HijackThis 10/04/2006 23:42 <REP> HP 09/08/2006 23:54 <REP> Internet Explorer 29/07/2006 12:06 <REP> iPod 29/07/2006 12:06 <REP> iTunes 26/07/2006 09:59 <REP> Java 10/03/2006 15:00 <REP> K-Lite Codec Pack 12/08/2006 01:04 <REP> Lavasoft 17/10/2006 15:21 <REP> MediaCoder 16/08/2004 19:03 <REP> Messenger 16/08/2004 19:11 <REP> microsoft frontpage 03/02/2006 21:20 <REP> Microsoft Office 03/02/2006 21:18 <REP> Microsoft Works 03/02/2006 21:19 <REP> Microsoft.NET 16/08/2004 19:06 <REP> Movie Maker 19/10/2006 01:10 <REP> Mozilla Firefox 17/02/2006 01:33 <REP> MSN 16/08/2004 19:03 <REP> MSN Gaming Zone 31/03/2006 08:42 <REP> MSN Messenger 06/03/2006 17:44 <REP> Music Manager 28/07/2006 00:43 <REP> NCH Swift Sound 16/08/2004 19:06 <REP> NetMeeting 16/10/2006 02:00 <REP> Norton AntiVirus 16/08/2004 19:03 <REP> Online Services 18/04/2006 15:41 <REP> Outlook Express 17/07/2006 09:02 <REP> QuickTime 10/03/2006 01:47 <REP> Ratajik Software 03/02/2006 21:01 <REP> Realtek AC97 03/02/2006 21:01 <REP> Realtek Sound Manager 16/08/2004 19:07 <REP> Services en ligne 03/02/2006 21:21 <REP> Sonic 14/10/2006 13:02 <REP> Spybot - Search & Destroy 12/07/2006 15:05 <REP> support.com 09/04/2006 00:01 <REP> Temp 16/08/2006 13:46 <REP> Tetris 08/04/2006 17:06 <REP> Ulead Systems 05/02/2006 23:06 <REP> UltimateZip 2.7 10/03/2006 15:56 <REP> VideoLAN 22/06/2006 00:38 <REP> vso 25/07/2006 09:25 <REP> WebMediaPlayer 15/10/2006 23:28 <REP> Windows Live Safety Center 16/02/2006 02:41 <REP> Windows Media Player 16/08/2004 19:03 <REP> Windows NT 16/08/2004 19:11 <REP> xerox 0 fichier(s) 0 octets 65 Rép(s) 113.313.808.384 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 640A-4D4D Répertoire de C:\Program Files\fichiers communs 16/10/2006 02:14 <REP> . 16/10/2006 02:14 <REP> .. 09/04/2006 00:19 <REP> Adobe 16/05/2006 09:36 <REP> AVSMedia 03/02/2006 21:20 <REP> DESIGNER 10/04/2006 23:42 <REP> HP 21/05/2006 23:44 <REP> InstallShield 03/02/2006 21:04 <REP> Java 14/07/2006 00:38 <REP> Microsoft Shared 16/08/2004 19:06 <REP> MSSoap 16/08/2004 18:57 <REP> ODBC 04/08/2006 14:12 <REP> Real 16/08/2004 19:06 <REP> Services 03/02/2006 21:21 <REP> Sonic Shared 16/08/2004 18:56 <REP> SpeechEngines 03/02/2006 21:10 <REP> SureThing Shared 16/10/2006 02:00 <REP> Symantec Shared 18/04/2006 15:41 <REP> System 18/03/2006 01:21 <REP> xing shared 0 fichier(s) 0 octets 19 Rép(s) 113.313.808.384 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 640A-4D4D Répertoire de C:\Program Files\fichiers communs 16/10/2006 02:14 <REP> . 16/10/2006 02:14 <REP> .. 09/04/2006 00:19 <REP> Adobe 16/05/2006 09:36 <REP> AVSMedia 03/02/2006 21:20 <REP> DESIGNER 10/04/2006 23:42 <REP> HP 21/05/2006 23:44 <REP> InstallShield 03/02/2006 21:04 <REP> Java 14/07/2006 00:38 <REP> Microsoft Shared 16/08/2004 19:06 <REP> MSSoap 16/08/2004 18:57 <REP> ODBC 04/08/2006 14:12 <REP> Real 16/08/2004 19:06 <REP> Services 03/02/2006 21:21 <REP> Sonic Shared 16/08/2004 18:56 <REP> SpeechEngines 03/02/2006 21:10 <REP> SureThing Shared 16/10/2006 02:00 <REP> Symantec Shared 18/04/2006 15:41 <REP> System 18/03/2006 01:21 <REP> xing shared 0 fichier(s) 0 octets 19 Rép(s) 113.313.808.384 octets libres c:\Documents and Settings\yan\Application Data\Image Zone Express\HPSoftwareUpdate.exe c:\Documents and Settings\yan\Bureau\ewido-setup_4.0.0.172a.exe c:\Documents and Settings\yan\Bureau\clean\pskill.exe c:\Documents and Settings\yan\Bureau\diaghelp\blbetac.exe c:\Documents and Settings\yan\Bureau\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\yan\Bureau\diaghelp\Fport.exe c:\Documents and Settings\yan\Bureau\diaghelp\grep.exe c:\Documents and Settings\yan\Bureau\diaghelp\LFiles.exe c:\Documents and Settings\yan\Bureau\diaghelp\LISTDLLS.exe c:\Documents and Settings\yan\Bureau\diaghelp\pslist.exe c:\Documents and Settings\yan\Bureau\diaghelp\streams.exe c:\Documents and Settings\yan\Local Settings\Temp\A~NSISu_.exe c:\Documents and Settings\yan\Local Settings\Temp\LUInit.exe c:\Documents and Settings\yan\Local Settings\Temp\MediaCoder-0.5.1-pre9a.exe c:\Documents and Settings\yan\Local Settings\Temp\VcClnUp0.exe c:\Documents and Settings\yan\Local Settings\Temp\gis13207\GoogleUpdater.exe c:\Documents and Settings\yan\Local Settings\Temp\gis1b124c\GoogleUpdater.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\blbetac.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\Fport.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\grep.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\LFiles.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\LISTDLLS.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\pslist.exe c:\Documents and Settings\yan\Mes documents\DiagHelp\diaghelp\streams.exe c:\Documents and Settings\yan\Mes documents\Mes fichiers reçus\jppsetup.exe c:\Documents and Settings\yan\Mes documents\Mes fichiers reçus\tetris.exe c:\Documents and Settings\yan\Mes documents\Mes fichiers reçus\puzzle\ChrisPuzzle.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\K-Lite Codec Pack Full 2.70 [Par Ratiatum.com].exe c:\Documents and Settings\yan\Mes documents\Mes programmes\rmxeasy.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\SMTUSB2_C001.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\StationRipperInst.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\SUDOKU_INSTALL.EXE c:\Documents and Settings\yan\Mes documents\Mes programmes\convertisseur Audio-Video\eac-0.95b4.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\convertisseur Audio-Video\SUPERsetup.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\convertisseur Audio-Video\switchsetup.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\convertisseur Audio-Video\VSO(X_TO_DVD)\VSO.2.0.13.128\vsoConvertXtoDVD2_setup.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\convertisseur Audio-Video\VSO(X_TO_DVD)\VSO.2.0.13.128\Crack-FFF\Crack.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\lame\lame.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\mp3directcut\mp3DirectCut.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\securité-PC\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\securité-PC\Avast!AntiVirus_francais.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\securité-PC\spybotsd14.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\virtualdub\AuxSetup.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\virtualdub\VirtualDubfr.exe c:\Documents and Settings\yan\Mes documents\Mes programmes\virtualdub\VirtualDubMod.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\yan\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll -
Demande de vérification de mon PC : virus ?
tonton_yan a répondu à un(e) sujet de tonton_yan dans Analyses et éradication malwares
Merci pour la réponse Voici tous les rapports: rapport kaspersky: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Wednesday, October 18, 2006 5:17:32 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 18/10/2006 Kaspersky Anti-Virus database records: 219307 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 41137 Number of viruses found: 0 Number of infected objects: 0 / 0 Number of suspicious objects: 0 Duration of the scan process: 00:42:58 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Support.com\profiles\yan\triggers.log Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\yan\Cookies\index.dat Object is locked skipped C:\Documents and Settings\yan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\yan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\yan\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\yan\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\yan\NTUSER.DAT Object is locked skipped C:\Documents and Settings\yan\ntuser.dat.LOG Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db Object is locked skipped C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP1\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. rapport ewido: --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 16:17:35 18/10/2006 + Scan result: HKU\S-1-5-21-2175951055-555616576-3065953327-1006\Software\Prodiff\rmxnavigator\shopping\\sh163 -> Adware.Locators : Cleaned with backup (quarantined). :mozilla.152:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.153:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.154:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined). :mozilla.174:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.175:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.176:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.181:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.182:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.222:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.321:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.482:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\yan\Cookies\yan@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\yan\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). C:\Documents and Settings\yan\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.283:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.284:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.114:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.115:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined). :mozilla.113:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.6:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.170:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.326:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). :mozilla.327:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). :mozilla.328:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). :mozilla.329:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). :mozilla.330:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined). :mozilla.332:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined). :mozilla.333:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined). :mozilla.393:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.394:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.395:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined). :mozilla.108:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). :mozilla.381:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined). :mozilla.198:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.199:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.200:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.201:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.249:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.250:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.251:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.252:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.253:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.254:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.255:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.256:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.257:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.258:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined). :mozilla.208:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.662:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined). :mozilla.539:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). :mozilla.540:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). :mozilla.541:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined). :mozilla.433:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined). :mozilla.565:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.566:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.567:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined). :mozilla.497:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined). :mozilla.574:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.575:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.576:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.577:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.578:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined). :mozilla.520:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined). :mozilla.100:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.101:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.102:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.98:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.99:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.341:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.342:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.343:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.344:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.345:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.346:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.347:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.348:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.349:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.350:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.351:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.352:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined). :mozilla.240:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.241:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.310:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.311:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.413:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined). :mozilla.103:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.104:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.105:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.106:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.107:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Documents and Settings\yan\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.232:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). :mozilla.233:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). :mozilla.234:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined). :mozilla.70:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). C:\Documents and Settings\yan\Cookies\yan@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.51:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.59:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.60:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.61:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.338:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Xhit : Cleaned with backup (quarantined). :mozilla.339:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Xhit : Cleaned with backup (quarantined). :mozilla.712:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Xxxcounter : Cleaned with backup (quarantined). :mozilla.713:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Xxxcounter : Cleaned with backup (quarantined). :mozilla.279:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.280:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.718:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.719:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). :mozilla.720:C:\Documents and Settings\yan\Application Data\Mozilla\Firefox\Profiles\mhzz3520.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined). ::Report end Rapport clean: Script clean par Malekal_morte - http://www.malekal.com Microsoft Windows XP [version 5.1.2600] Script execute en mode sans echec *** Suppression de fichiers sur C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 *** Suppression des clefs du registre effectuee.. et le nouveau log: Logfile of HijackThis v1.99.1 Scan saved at 17:20:16, on 18/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\Explorer.EXE c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\CyberLink\PowerVCRII\Agent.exe C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Support.com\bin\tgcmd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe C:\WINDOWS\system32\sistray.exe C:\Program Files\UltimateZip 2.7\uzqkst.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://be.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: XBTP06568 - {311F9DE8-6126-4eee-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [Agent] "C:\Program Files\CyberLink\PowerVCRII\Agent.exe" O4 - HKLM\..\Run: [Remote_Agent] "C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\system32\Utility.exe \1008 O4 - HKLM\..\Run: [RAS2000] C:\WINDOWS\system32\Ras2000.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip 2.7\uzqkst.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Photo Express SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O15 - Trusted Zone: http://safety.live.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1152829492609 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Unknown owner - C:\Program Files\Norton Internet Security\ISSVC.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe et encore un grand merci pour votre aide précieuse -
Demande de vérification de mon PC : virus ?
tonton_yan a posté un sujet dans Analyses et éradication malwares
Bonjour, Apres des prises de tête pas possible pour garder un PC qui tourne correctement, je m'en remet a vous pour me dire ce qui cloche avec ma "bête" alors déja un grand merci a qui pourrat m'aider a analyser ce rapport et bravo pour ce site quui est tres clair pour un néophite dans mon genre. Logfile of HijackThis v1.99.1 Scan saved at 1:34:13, on 17/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\CyberLink\PowerVCRII\Agent.exe C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Support.com\bin\tgcmd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe C:\WINDOWS\system32\sistray.exe C:\Program Files\UltimateZip 2.7\uzqkst.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://be.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr.htm R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: XBTP06568 - {311F9DE8-6126-4eee-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [Agent] "C:\Program Files\CyberLink\PowerVCRII\Agent.exe" O4 - HKLM\..\Run: [Remote_Agent] "C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\system32\Utility.exe \1008 O4 - HKLM\..\Run: [RAS2000] C:\WINDOWS\system32\Ras2000.exe O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip 2.7\uzqkst.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Photo Express SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O15 - Trusted Zone: http://safety.live.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1152829492609 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Unknown owner - C:\Program Files\Norton Internet Security\ISSVC.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe