mlyon

re-bonjour REGIS content de te retrouver et merci pour l'aide 1- rapport de spysweeper 21:51: Traces trouvées : 3 21:51: Analyse complète a terminé. Durée 00:11:38 21:51: Analyse des fichiers terminée, temps passé : 00:10:16 21:51: Avertissement: Unable to sweep compressed file: "c:\found.000\dir0003.chk\a zipper.zip": File not found 21:51: Avertissement: Unable to sweep compressed file: "c:\found.000\dir0000.chk\a zipper.zip": File not found Espace insuffisant pour traiter cette commande 21:50: Avertissement: Unable to sweep compressed file: System Error. Code: 8. 21:50: Avertissement: TCompressedFile.GetStreams(2): Stream read error 21:49: Avertissement: SweepCompressedFiles: Access violation at address 00401D84 in module 'SpySweeper.exe'. Read of address 7E6B000C 21:49: Avertissement: TCompressedFile.GetStreams(2): Stream read error 21:49: Avertissement: TCompressedFile.GetStreams(2): Stream read error 21:49: Avertissement: SweepCompressedFiles: Access violation at address 00401D84 in module 'SpySweeper.exe'. Read of address 7E8C000C 21:49: Avertissement: TCompressedFile.GetStreams(2): Stream read error 21:49: Avertissement: TCompressedFile.GetStreams(2): Stream read error 21:49: Avertissement: SweepDirectories: Cannot find directory "x:". This directory was not added to the list of paths to be scanned. 21:49: Avertissement: SweepDirectories: Cannot find directory "k:". This directory was not added to the list of paths to be scanned. 21:49: Avertissement: SweepDirectories: Cannot find directory "j:". This directory was not added to the list of paths to be scanned. 21:49: Avertissement: SweepDirectories: Cannot find directory "i:". This directory was not added to the list of paths to be scanned. 21:49: Avertissement: SweepDirectories: Cannot find directory "h:". This directory was not added to the list of paths to be scanned. 21:48: Avertissement: SweepDirectories: Cannot find directory "e:". This directory was not added to the list of paths to be scanned. 21:40: Démarrage de l’analyse des fichiers 21:40: Analyse des cookies terminée, temps passé : 00:00:00 21:40: Démarrage de l’analyse des cookies 21:40: Analyse du Registre terminée, temps passé :00:00:07 21:40: HKU\S-1-5-21-777752823-1290906112-38297405-1011\software\microsoft\internet explorer\new windows\allow\ || www.netbios-wait.com (ID = 2126063) 21:40: HKU\S-1-5-21-777752823-1290906112-38297405-1011\software\microsoft\internet explorer\new windows\allow\ || netbios-wait.com (ID = 2126062) 21:40: Trouvé Adware: lopdotcom 21:40: HKLM\software\microsoft\uniqdata\ (ID = 1997747) 21:40: Trouvé Adware: virtumonde 21:40: Démarrage de l’analyse du Registre 21:40: Analyse de la mémoire terminée, temps passé : 00:01:13 21:39: Démarrage de l’analyse de la mémoire 21:39: Analyse lancée avec la version des définitions 927 21:39: Spy Sweeper 5.3.2.2361 démarrée 21:39: | Début de session, vendredi 8 juin 2007 | *************** 21:39: Version du programme : 5.3.2.2361 - Utilise les définitions de logiciels espions 927 21:39: Spy Sweeper 5.3.2.2361 démarrée 21:39: | Début de session, vendredi 8 juin 2007 | *************** 21:27: Version du programme : 5.3.2.2361 - Utilise les définitions de logiciels espions 927 21:26: Spy Sweeper 5.3.2.2361 démarrée 21:26: | Début de session, vendredi 8 juin 2007 | *************** et rapport hisjackthis Logfile of HijackThis v1.99.1 Scan saved at 22:05:39, on 08/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\program files\softwin\bitdefender8\bdnagent.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Belkin\F5D7051\WLService.exe C:\Program Files\Belkin\F5D7051\WLanCfgG.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\LVComsX.exe C:\hisjackthis\MLyon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {28AFF054-2961-4754-83EE-2EA2C2E7368b} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {92A444D2-F945-4dd9-89A1-896A6C2D8D22} - C:\WINDOWS\system32\bxiggjyf.dll O2 - BHO: (no name) - {B4B23BB9-F0CD-4E49-84B6-9AB479E8D322} - (no file) O4 - HKLM\..\Run: [Picasa Media Detector] "C:\Program Files\Picasa2\PicasaMediaDetector.exe" O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bDNewsAgent] "c:\program files\softwin\bitdefender8\bdnagent.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: pmnllki - pmnllki.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing) O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) @+

Bonjour, j'ai fait les manips voici les rapports rapport de VUNDOFIX VundoFix V6.4.2 Checking Java version... Java version is 1.5.0.5 Old versions of java are exploitable and should be removed. Java version is 1.5.0.7 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Java version is 1.5.0.10 Java version is 1.5.0.11 Scan started at 19:01:03 07/06/2007 Listing files found while scanning.... C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\exjuffwu.dll C:\WINDOWS\system32\gebcd.dll C:\WINDOWS\system32\gebyv.dll C:\WINDOWS\system32\ionpxlbm.dll C:\WINDOWS\system32\lhdepmua.dll C:\WINDOWS\system32\mpqss.bak1 C:\WINDOWS\system32\mpqss.bak2 C:\WINDOWS\system32\mpqss.ini C:\WINDOWS\system32\mpqss.ini2 C:\WINDOWS\system32\mpqss.tmp C:\WINDOWS\system32\orutv.ini C:\WINDOWS\system32\padpxuuo.dll C:\WINDOWS\system32\pmnllki.dll C:\WINDOWS\system32\scuguwsq.dll C:\WINDOWS\system32\ssqpm.dll C:\WINDOWS\system32\uwffujxe.ini C:\WINDOWS\system32\vturo.dll C:\WINDOWS\system32\vybeg.ini Beginning removal... Attempting to delete C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\dcbeg.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\exjuffwu.dll C:\WINDOWS\system32\exjuffwu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\gebcd.dll C:\WINDOWS\system32\gebcd.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\gebyv.dll C:\WINDOWS\system32\gebyv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ionpxlbm.dll C:\WINDOWS\system32\ionpxlbm.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\mpqss.bak1 C:\WINDOWS\system32\mpqss.bak1 Has been deleted! Attempting to delete C:\WINDOWS\system32\mpqss.bak2 C:\WINDOWS\system32\mpqss.bak2 Has been deleted! Attempting to delete C:\WINDOWS\system32\mpqss.ini C:\WINDOWS\system32\mpqss.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\mpqss.ini2 C:\WINDOWS\system32\mpqss.ini2 Has been deleted! Attempting to delete C:\WINDOWS\system32\mpqss.tmp C:\WINDOWS\system32\mpqss.tmp Has been deleted! Attempting to delete C:\WINDOWS\system32\orutv.ini C:\WINDOWS\system32\orutv.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\ssqpm.dll C:\WINDOWS\system32\ssqpm.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\uwffujxe.ini C:\WINDOWS\system32\uwffujxe.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\vturo.dll C:\WINDOWS\system32\vturo.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\vybeg.ini C:\WINDOWS\system32\vybeg.ini Has been deleted! Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\ssqpm.dll C:\WINDOWS\system32\ssqpm.dll Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.4.2 Checking Java version... Java version is 1.5.0.5 Old versions of java are exploitable and should be removed. Java version is 1.5.0.7 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Java version is 1.5.0.10 Java version is 1.5.0.11 Scan started at 19:27:26 07/06/2007 Listing files found while scanning.... No infected files were found. Beginning removal... rapport hisjackthis Logfile of HijackThis v1.99.1 Scan saved at 19:20:34, on 08/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Belkin\F5D7051\WLService.exe C:\Program Files\Belkin\F5D7051\WLanCfgG.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\program files\softwin\bitdefender8\bdnagent.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\hisjackthis\MLyon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {28AFF054-2961-4754-83EE-2EA2C2E7368b} - C:\WINDOWS\system32\cylorgcw.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {92A444D2-F945-4dd9-89A1-896A6C2D8D22} - C:\WINDOWS\system32\bxiggjyf.dll O2 - BHO: (no name) - {B4B23BB9-F0CD-4E49-84B6-9AB479E8D322} - C:\WINDOWS\system32\ssqpm.dll (file missing) O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bDNewsAgent] "c:\program files\softwin\bitdefender8\bdnagent.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [j3281830] rundll32 C:\WINDOWS\system32\j3281830.dll sook O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\mbjemrvp.dll",realset O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: pmnllki - pmnllki.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing) O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) rapport de SD FIX SDFix: Version 1.87 Run by Michel - 08/06/2007 - 18:55:42,48 Microsoft Windows XP [version 5.1.2600] Running From: C:\PROGRA~1\sdfix\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files... ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking if ADS is attached to ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service" "C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade" "C:\\WINDOWS\\System32\\dpvsetup.exe"="C:\\WINDOWS\\System32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\WINDOWS\\System32\\rundll32.exe"="C:\\WINDOWS\\System32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application" "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Virtual Skipper 4 Demo\\Vsk4Demo.exe"="C:\\Program Files\\Virtual Skipper 4 Demo\\Vsk4Demo.exe:*:Enabled:Vsk4Demo" "C:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe"="C:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe:*:Enabled:Photo Story 3 for Windows" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\Steam\\steamapps\\djnarco123456\\counter-strike source\\hl2.exe"="C:\\Program Files\\Steam\\steamapps\\djnarco123456\\counter-strike source\\hl2.exe:*:Enabled:hl2" "C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Torrent P2P application" "C:\\Documents and Settings\\Michel\\Bureau\\Alfascript V2.54 Extra\\mirc.exe"="C:\\Documents and Settings\\Michel\\Bureau\\Alfascript V2.54 Extra\\mirc.exe:*:Enabled:mIRC" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\\Program Files\\MSN Messenger\\msrr.exe"="C:\\Program Files\\MSN Messenger\\msrr.exe:*:Disabled:Messenger" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- Listing Files with Hidden Attributes: C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\Documents and Settings\Michel\Application Data\Microsoft\ModŠles\~WRL0001.tmp C:\Documents and Settings\Michel\Local Settings\Application Data\Microsoft\Outlook\~Outlook1.pst.tmp C:\Documents and Settings\Michel\Mes documents\isa\regard concurrence\~WRL0002.tmp C:\Documents and Settings\Michel\Mes documents\isa\regard concurrence\~WRL0005.tmp C:\Documents and Settings\Michel\Mes documents\isa\regard concurrence\~WRL2448.tmp C:\mes_docu\documents de Michel\~WRL0002.tmp Listing User Accounts: comptes d'utilisateurs de \\ACER-9DEB84EBB9 Administrateur ASPNET HelpAssistant Invit‚ Michel SUPPORT_388945a0 La commande s'est termin‚e correctement. Finished

Je n'ai pas été assez patient avec virustotal voici les 2 rapports complets : ************************************************************************************ Complete scanning result of "mbjemrvp.dll", received in VirusTotal at 06.06.2007, 12:40:58 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.31.2 06.05.2007 no virus found AntiVir 7.4.0.32 06.06.2007 TR/Vundo.Gen Authentium 4.93.8 05.23.2007 no virus found Avast 4.7.997.0 06.06.2007 no virus found AVG 7.5.0.467 06.05.2007 no virus found BitDefender 7.2 06.06.2007 no virus found CAT-QuickHeal 9.00 06.05.2007 no virus found ClamAV devel-20070416 06.06.2007 Trojan.Packed-7 DrWeb 4.33 06.06.2007 Trojan.Virtumod eSafe 7.0.15.0 06.05.2007 no virus found eTrust-Vet 30.7.3696 06.06.2007 no virus found Ewido 4.0 06.06.2007 no virus found FileAdvisor 1 06.06.2007 no virus found Fortinet 2.85.0.0 06.06.2007 suspicious F-Prot 4.3.2.48 06.05.2007 no virus found F-Secure 6.70.13030.0 06.05.2007 no virus found Ikarus T3.1.1.8 06.06.2007 no virus found Kaspersky 4.0.2.24 06.06.2007 no virus found McAfee 5046 06.05.2007 no virus found Microsoft 1.2503 06.06.2007 no virus found NOD32v2 2312 06.06.2007 no virus found Norman 5.80.02 06.05.2007 Vundo.gen25 Panda 9.0.0.4 06.06.2007 no virus found Prevx1 V2 06.06.2007 no virus found Sophos 4.18.0 06.01.2007 Virtumundo Sunbelt 2.2.907.0 06.04.2007 VIPRE.Suspicious Symantec 10 06.06.2007 Trojan.Vundo TheHacker 6.1.6.129 06.04.2007 no virus found VBA32 3.12.0 06.06.2007 no virus found VirusBuster 4.3.23:9 06.05.2007 Adware.Vundo.Gen!Pac.14 Webwasher-Gateway 6.0.1 06.06.2007 Trojan.Vundo.Gen Aditional Information File size: 131124 bytes MD5: 8b4a9615f060018d3a8e91a0eb7072d9 SHA1: f3aecea659aa54bef6e77c7cc31c0144d1030c89 Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics. ****************************************************************************************** Complete scanning result of "j3281830.dll", received in VirusTotal at 06.06.2007, 12:54:50 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.31.2 06.05.2007 no virus found AntiVir 7.4.0.32 06.06.2007 TR/Click.Small.MW Authentium 4.93.8 05.23.2007 no virus found Avast 4.7.997.0 06.06.2007 no virus found AVG 7.5.0.467 06.05.2007 Clicker.GBX BitDefender 7.2 06.06.2007 Trojan.Clicker.Small.YB CAT-QuickHeal 9.00 06.05.2007 TrojanClicker.Small.mw ClamAV devel-20070416 06.06.2007 no virus found DrWeb 4.33 06.06.2007 Trojan.Click.2485 eSafe 7.0.15.0 06.05.2007 Win32.Small.mw eTrust-Vet 30.7.3696 06.06.2007 no virus found Ewido 4.0 06.06.2007 Hijacker.Small.mw FileAdvisor 1 06.06.2007 no virus found Fortinet 2.85.0.0 06.06.2007 Adware/Small F-Prot 4.3.2.48 06.05.2007 no virus found F-Secure 6.70.13030.0 06.05.2007 Trojan-Clicker.Win32.Small.mw Ikarus T3.1.1.8 06.06.2007 no virus found Kaspersky 4.0.2.24 06.06.2007 Trojan-Clicker.Win32.Small.mw McAfee 5046 06.05.2007 no virus found Microsoft 1.2503 06.06.2007 no virus found NOD32v2 2312 06.06.2007 no virus found Norman 5.80.02 06.05.2007 no virus found Panda 9.0.0.4 06.06.2007 Suspicious file Prevx1 V2 06.06.2007 Polynomial.Code.Exploit Sophos 4.18.0 06.01.2007 no virus found Sunbelt 2.2.907.0 06.04.2007 no virus found Symantec 10 06.06.2007 no virus found TheHacker 6.1.6.129 06.04.2007 no virus found VBA32 3.12.0 06.06.2007 Trojan-Clicker.Win32.Small.mw VirusBuster 4.3.23:9 06.05.2007 no virus found Webwasher-Gateway 6.0.1 06.06.2007 Trojan.Click.Small.MW Aditional Information File size: 10752 bytes MD5: 6f64522ae031e1ae9c9fcace271b03b2 SHA1: 61ff31b7e2a7ce3c99fcecbc6e04577f8332c53b Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=f13099719855

Bonjour, merci de ton aide tout d'abord le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 11:55:48, on 06/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\program files\softwin\bitdefender8\bdnagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Belkin\F5D7051\WLService.exe C:\Program Files\Belkin\F5D7051\WLanCfgG.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\WINDOWS\system32\LVComsX.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Outlook Express\msimn.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\Michel\Bureau\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\hisjackthis\MLyon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {28AFF054-2961-4754-83EE-2EA2C2E7368b} - C:\WINDOWS\system32\cylorgcw.dll O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\padpxuuo.dll O2 - BHO: (no name) - {719DE6D1-F34B-4113-8BA6-1044293BA795} - C:\WINDOWS\system32\ssqpm.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {BBE38378-23DC-472D-B3FE-3B8C85078327} - C:\WINDOWS\system32\pmnllki.dll O2 - BHO: (no name) - {CD3447D4-CA39-4377-8084-30E86331D74C} - C:\WINDOWS\system32\scuguwsq.dll O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bDNewsAgent] "c:\program files\softwin\bitdefender8\bdnagent.exe" O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\mbjemrvp.dll",realset O4 - HKLM\..\Run: [j3281830] rundll32 C:\WINDOWS\system32\j3281830.dll sook O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: pmnllki - C:\WINDOWS\SYSTEM32\pmnllki.dll O20 - Winlogon Notify: ssqpm - C:\WINDOWS\system32\ssqpm.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing) O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) ensuite l'analyse des fichiers: MBJEMRPV.DLL Service load: 0% 100% File: mbjemrvp.dll Status: INFECTED/MALWARE MD5 8b4a9615f060018d3a8e91a0eb7072d9 Packers detected: VIRTUMONDE, PE_PATCH.UPX, UPX Scanner results Scan taken on 06 Jun 2007 10:05:02 (GMT) A-Squared Found nothing AntiVir Found TR/Vundo.Gen ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found Trojan.Packed-7 Dr.Web Found Trojan.Virtumod F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found Vundo.gen25 Panda Antivirus Found nothing Rising Antivirus Found nothing VirusBuster Found Adware.Vundo.Gen!Pac.14 VBA32 Found nothing j3281830.dll Service load: 0% 100% File: j3281830.dll Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 6f64522ae031e1ae9c9fcace271b03b2 Packers detected: Analyzing... Scanner results Scan taken on 06 Jun 2007 10:10:34 (GMT) A-Squared Found nothing AntiVir Found TR/Click.Small.MW ArcaVir Found Trojan.Clicker.Small.Mw Avast Found nothing AVG Antivirus Found Clicker.GBX BitDefender Found Trojan.Clicker.Small.YB ClamAV Found nothing Dr.Web Found Trojan.Click.2485 F-Prot Antivirus Found nothing F-Secure Anti-Virus Found Trojan-Clicker.Win32.Small.mw Fortinet Found Adware/Small Kaspersky Anti-Virus Found Trojan-Clicker.Win32.Small.mw NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Rising Antivirus Found nothing VirusBuster Found nothing VBA32 Scanning, please wait... maintenant avec virus total j3281830.dll File "j3281830.dll" received on 06.06.2007 at 12:16:48 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated. mbjemrvp.dll File "mbjemrvp.dll" received on 06.06.2007 at 12:15:55 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated. Antivirus Version Update Result AhnLab-V3 2007.5.31.2 06.05.2007 no virus found AntiVir 7.4.0.32 06.06.2007 TR/Vundo.Gen Authentium 4.93.8 05.23.2007 no virus found Avast 4.7.997.0 06.05.2007 no virus found AVG 7.5.0.467 06.05.2007 no virus found BitDefender 7.2 06.06.2007 no virus found CAT-QuickHeal 9.00 06.05.2007 no virus found ClamAV devel-20070416 06.06.2007 Trojan.Packed-7 DrWeb 4.33 06.06.2007 Trojan.Virtumod eSafe 7.0.15.0 06.05.2007 no virus found eTrust-Vet 30.7.3696 06.06.2007 no virus found Ewido 4.0 06.06.2007 no virus found FileAdvisor 1 06.06.2007 no virus found Fortinet 2.85.0.0 06.06.2007 suspicious F-Prot 4.3.2.48 06.05.2007 no virus found Aditional Information File size: 131124 bytes MD5: 8b4a9615f060018d3a8e91a0eb7072d9 SHA1: f3aecea659aa54bef6e77c7cc31c0144d1030c89 Antivirus Version Update Result AhnLab-V3 2007.5.31.2 06.05.2007 no virus found AntiVir 7.4.0.32 06.06.2007 TR/Click.Small.MW Authentium 4.93.8 05.23.2007 no virus found Avast 4.7.997.0 06.05.2007 no virus found AVG 7.5.0.467 06.05.2007 Clicker.GBX BitDefender 7.2 06.06.2007 Trojan.Clicker.Small.YB CAT-QuickHeal 9.00 06.05.2007 TrojanClicker.Small.mw ClamAV devel-20070416 06.06.2007 no virus found DrWeb 4.33 06.06.2007 Trojan.Click.2485 Aditional Information File size: 10752 bytes MD5: 6f64522ae031e1ae9c9fcace271b03b2 SHA1: 61ff31b7e2a7ce3c99fcecbc6e04577f8332c53b

Bonjour à tous, Il semble que mon micro est victime d'un Malware : A l'ouverture de firefox une fenêtre IE7 s'ouvre vers une page inexistante. De plus la navigation est très longue. J'ai passé les prog suivants sans succès : Ad-Aware SE A squared Bit defender Merci de votre aide ci dessous rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 11:07:30, on 06/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\program files\softwin\bitdefender8\bdnagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Belkin\F5D7051\WLService.exe C:\Program Files\Belkin\F5D7051\WLanCfgG.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\WINDOWS\system32\LVComsX.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Outlook Express\msimn.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\Michel\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bDNewsAgent] "c:\program files\softwin\bitdefender8\bdnagent.exe" O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\mbjemrvp.dll",realset O4 - HKLM\..\Run: [j3281830] rundll32 C:\WINDOWS\system32\j3281830.dll sook O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing) O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Un grand merci ; j'ai rapporté l'infectionsur Malware-Complaints.

Voilà le rapport : Incident Status Location Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\c0fpodkq.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\c0fpodkq.default\cookies.txt[.xiti.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Invité\Cookies\invité@xiti[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.xiti.com/] Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.zedo.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.adtech.de/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.overture.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.adviva.net/] Spyware:Cookie/Smartadserver Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.smartadserver.com/] Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.2o7.net/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.advertising.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.atdmt.com/] Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.revenue.net/] Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.apmebf.com/] Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.perf.overture.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.com.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.toplist.cz/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.go.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.burstnet.com/] Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[data.coremetrics.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[stats1.reliablestats.com/] Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.errorsafe.com/] Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.yadro.ru/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.adrevolver.com/] Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.hotlog.ru/] Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\cookies.txt[.trafficmp.com/] Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@888[2].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@ads.pointroll[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@atdmt[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@azjmp[1].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@bluestreak[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@doubleclick[1].txt Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@errorsafe[1].txt Spyware:Cookie/Itrack Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@ilead.itrack[1].txt Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@stats1.reliablestats[1].txt Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@statse.webtrendslive[2].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@weborama[2].txt Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@winantivirus[2].txt Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@www.errorsafe[1].txt Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@www.winantivirus[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Laurette\Cookies\laurette@xiti[1].txt Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[counter.hitslink.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.weborama.fr/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.zedo.com/] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.advertising.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.adtech.de/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.fastclick.net/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.2o7.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.atdmt.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\cookies.txt[.adultfriendfinder.com/] Potentially unwanted tool:Application/PocketKillBox Not disinfected C:\Documents and Settings\Michel\Bureau\KillBox.exe Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Michel\Cookies\michel@adtech[2].txt Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Michel\Cookies\michel@adultfriendfinder[2].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Michel\Cookies\michel@advertising[1].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Michel\Cookies\michel@atdmt[2].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Michel\Cookies\michel@bluestreak[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Michel\Cookies\michel@bs.serving-sys[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Michel\Cookies\michel@doubleclick[1].txt Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Michel\Cookies\michel@fastclick[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Michel\Cookies\michel@serving-sys[2].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Michel\Cookies\michel@weborama[2].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Michel\Cookies\michel@xiti[1].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.overture.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.adtech.de/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.advertising.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.adviva.net/] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.xiti.com/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.2o7.net/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.weborama.fr/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.fastclick.net/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.ads.pointroll.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.atdmt.com/] Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.go.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\cookies.txt[.spylog.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Panpan\Cookies\panpan@ads.pointroll[1].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Panpan\Cookies\panpan@azjmp[1].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Panpan\Cookies\panpan@weborama[2].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Panpan\Cookies\panpan@xiti[1].txt Adware:Adware/Lop Not disinfected C:\Program Files\Softwin\BitDefender8\Quarantine\Surfplus.exe Potentially unwanted tool:Application/Processor Not disinfected C:\RECYCLER\S-1-5-21-777752823-1290906112-38297405-1011\Dc15.zip[Process.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\RECYCLER\S-1-5-21-777752823-1290906112-38297405-1011\Dc9.exe

J'ai suivi ta procédure et voilà les 2 rapports : rapport navilog option 1 (analyse) Search Navipromo version 1.0.7 commencé le 17/03/2007 à 12:30:01,21 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Documents and Settings\Michel\Bureau Mise a jour le 12.03.2007 a 18h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** WebMediaPlayer *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer trouvé ! *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\Michel\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html Fichier(s) caché(s) dans C:\WINDOWS\system32 : c:\WINDOWS\system32\jgcxuxuqfb.dat C:\windows\system32\jgcxuxuqfb.exe c:\WINDOWS\system32\jgcxuxuqfb_nav.dat c:\WINDOWS\system32\jgcxuxuqfb_navps.dat Processus caché(s) dans C:\WINDOWS\system32 : C:\windows\system32\jgcxuxuqfb.exe C:\windows\system32\jgcxuxuqfb.exe *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche cles registre *** Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de recherche complémentaire *** (recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * C:\WINDOWS\system32\jgcxuxuqfb.dat trouvé ! ** C:\WINDOWS\system32\jgcxuxuqfb.dat trouvé ! *** **** C:\WINDOWS\system32\jgcxuxuqfb_navps.dat trouvé ! ***** ****** ******* ******** C:\WINDOWS\system32\jgcxuxuqfb.exe trouvé ! *** Analyse Terminé le 17/03/2007 à 12:35:40,71 *** rapport navilog option 2 (nettoyage) Clean Navipromo version 1.0.7 commencé le 17/03/2007 à 12:53:37,92 Fix lancé depuis C:\Documents and Settings\Michel\Bureau Mise a jour le 12.03.2007 a 18h00 by IL-MAFIOSO Executé en mode sans echec Mode suppression par méthode manuelle Nom du fichier saisi : jgcxuxuqfb *** Recherche, Creation backups et suppression *** C:\WINDOWS\system32\jgcxuxuqfb_navup.dat absent ! C:\WINDOWS\system32\jgcxuxuqfb_navtmp.dat absent ! C:\WINDOWS\system32\jgcxuxuqfb_m2s.xml absent ! C:\WINDOWS\system32\jgcxuxuqfb.exe trouvé ! Copie C:\WINDOWS\system32\jgcxuxuqfb.exe réalisé avec succès ! C:\WINDOWS\system32\jgcxuxuqfb.exe supprimé ! C:\WINDOWS\system32\jgcxuxuqfb.dat trouvé ! Copie C:\WINDOWS\system32\jgcxuxuqfb.dat réalisé avec succès ! C:\WINDOWS\system32\jgcxuxuqfb.dat supprimé ! C:\WINDOWS\system32\jgcxuxuqfb_nav.dat trouvé ! Copie C:\WINDOWS\system32\jgcxuxuqfb_nav.dat réalisé avec succès ! C:\WINDOWS\system32\jgcxuxuqfb_nav.dat supprimé ! C:\WINDOWS\system32\jgcxuxuqfb_navps.dat trouvé ! Copie C:\WINDOWS\system32\jgcxuxuqfb_navps.dat réalisé avec succès ! C:\WINDOWS\system32\jgcxuxuqfb_navps.dat supprimé ! C:\WINDOWS\prefetch\jgcxuxuqfb*.pf trouvé ! Copie C:\WINDOWS\prefetch\jgcxuxuqfb*.pf réalisé avec succès ! C:\WINDOWS\prefetch\jgcxuxuqfb*.pf supprimé ! *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer ...suppression... C:\Program Files\WebMediaPlayer supprimé ! *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Suppression dossiers dans C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Application Data *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Administrateur.ACER-9DEB84EBB9\Local Settings\Temp effectué ! *** Sauvegarde du registre vers dossier Backupnavi*** sauvegarde du registre réalisée avec succès ! *** Nettoyage registre *** Nettoyage registre Ok *** Traitement Recherche complémentaire *** 1)Recherche fichiers connus: 2)Recherche et Suppression Heuristique : * ** *** **** ***** ****** ******* ******** *** Nettoyage termine le 17/03/2007 à 12:54:46,95 ***

Effectivement il en manquait un morceau . Désolé! C:\WINDOWS\System32/drivers\AegisP.sys -->09/02/2007 12:23:44 C:\WINDOWS\System32/drivers\pxhelp20.sys -->30/01/2007 06:03:34 C:\WINDOWS\System32/drivers\alcxwdm.sys -->29/12/2006 14:48:06 C:\WINDOWS\System32/drivers\sptd7741.sys -->11/11/2006 12:43:40 C:\WINDOWS\System32/drivers\dtscsi.sys -->30/10/2006 15:07:50 C:\WINDOWS\System32/drivers\sptd.sys -->30/10/2006 14:56:16 C:\WINDOWS\System32/drivers\wpdusb.sys -->18/10/2006 20:00:00 C:\WINDOWS\WindowsUpdate.log -->17/03/2007 09:24:55 C:\WINDOWS\randseed.rnd -->17/03/2007 09:22:35 C:\WINDOWS\setupapi.log -->17/03/2007 09:19:19 C:\WINDOWS\wiadebug.log -->17/03/2007 09:17:34 C:\WINDOWS\wiaservc.log -->17/03/2007 09:17:30 C:\WINDOWS.log -->17/03/2007 09:17:17 C:\WINDOWS\bootstat.dat -->17/03/2007 09:17:09 C:\WINDOWS\SchedLgU.Txt -->17/03/2007 09:16:18 C:\WINDOWS\ODBC.INI -->14/03/2007 11:48:08 C:\WINDOWS\vbaddin.ini -->14/03/2007 11:45:09 C:\WINDOWS\pack.epk -->11/03/2007 18:12:22 C:\WINDOWS\BricoPackUninst.txt -->10/03/2007 09:46:20 C:\WINDOWS\BricoPack Wallpaper.bmp -->10/03/2007 09:45:53 C:\WINDOWS\PackUninst.txt -->10/03/2007 09:27:25 C:\WINDOWS\cdplayer.ini -->07/03/2007 17:53:46 C:\WINDOWS\ALAUNCH.EXE |23/06/2005 01:36:20 C:\WINDOWS\ALCFDRTM.EXE |21/10/2006 12:16:04 C:\WINDOWS\Alcrmv.exe |09/09/2005 16:39:00 C:\WINDOWS\alcupd.exe |12/08/2005 18:40:00 C:\WINDOWS\AMOVE.EXE |24/05/2002 00:34:46 C:\WINDOWS\APANEL.EXE |30/05/2002 22:24:48 C:\WINDOWS\IsUn040c.exe |29/12/2006 16:50:01 C:\WINDOWS\PowerOption.exe |21/10/2006 11:24:06 C:\WINDOWS\soundman.exe |22/09/2005 16:42:00 C:\WINDOWS\twunk_16.exe |05/08/2004 05:00:00 C:\WINDOWS\twunk_32.exe |05/08/2004 05:00:00 C:\WINDOWS\unvise32.exe |16/02/2007 19:16:41 C:\WINDOWS\impborl.dll |06/01/2007 13:45:40 C:\WINDOWS\libeay32.dll |21/10/2006 16:31:34 C:\WINDOWS\PCDLIB32.DLL |21/10/2006 11:25:58 C:\WINDOWS\ssleay32.dll |21/10/2006 16:31:34 C:\WINDOWS\twain.dll |05/08/2004 05:00:00 C:\WINDOWS\twain_32.dll |05/08/2004 05:00:00 C:\WINDOWS\WRUninstall.dll |21/10/2006 16:31:34 C:\WINDOWS\system32\append.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\CapabilityTable.exe |28/09/2005 11:10:42 C:\WINDOWS\system32\ChCfg.exe |15/07/2005 16:48:00 C:\WINDOWS\system32\debug.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |31/01/2007 00:15:10 C:\WINDOWS\system32\DivXsm.exe |31/01/2007 22:27:01 C:\WINDOWS\system32\dosx.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\dvdplay.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\edlin.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\exe2bin.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\fastopen.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\InstMed.exe |21/10/2006 14:24:58 C:\WINDOWS\system32\java.exe |01/03/2007 12:59:38 C:\WINDOWS\system32\javaw.exe |01/03/2007 12:59:39 C:\WINDOWS\system32\javaws.exe |01/03/2007 12:59:39 C:\WINDOWS\system32\jgcxuxuqfb.exe |11/03/2007 18:12:31 C:\WINDOWS\system32\keystone.exe |03/03/2006 10:55:24 C:\WINDOWS\system32\LVCOMSX.EXE |19/07/2005 17:32:18 C:\WINDOWS\system32\MDM(2).EXE |04/09/1998 08:09:08 C:\WINDOWS\system32\mem.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\mscdexnt.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\nlsfunc.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\nvappbar.exe |03/03/2006 10:55:24 C:\WINDOWS\system32\nvcolor.exe |03/03/2006 10:55:24 C:\WINDOWS\system32\nvdspsch.exe |03/03/2006 10:55:26 C:\WINDOWS\system32\nvsvc32.exe |03/03/2006 10:55:26 C:\WINDOWS\system32\nvudisp.exe |21/10/2006 11:18:10 C:\WINDOWS\system32\NVUNINST.EXE |28/09/2005 11:08:08 C:\WINDOWS\system32\nvunrm.exe |28/09/2005 11:08:08 C:\WINDOWS\system32\nvusmb.exe |28/09/2005 11:08:08 C:\WINDOWS\system32\nwiz.exe |03/03/2006 10:55:26 C:\WINDOWS\system32\pxcpya64.exe |17/02/2007 07:46:17 C:\WINDOWS\system32\pxcpyi64.exe |17/02/2007 07:46:17 C:\WINDOWS\system32\pxhpinst.exe |23/12/2006 16:47:59 C:\WINDOWS\system32\pxinsa64.exe |17/02/2007 07:46:17 C:\WINDOWS\system32\pxinsi64.exe |17/02/2007 07:46:17 C:\WINDOWS\system32\redir.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\RTLCPL.exe |22/09/2005 18:28:00 C:\WINDOWS\system32\setver.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\share.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\Uninstall_eRecovery.exe |26/09/2005 16:40:32 C:\WINDOWS\system32\usrmlnka.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\usrprbda.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\usrshuta.exe |05/08/2004 05:00:00 C:\WINDOWS\system32\XMNT2002.exe |16/09/2002 18:09:36 C:\WINDOWS\system32\AegisE5.dll |09/02/2007 12:23:24 C:\WINDOWS\system32\amstream.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\atmfd.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\atmlib.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\bdco1.dll |29/07/2005 17:09:46 C:\WINDOWS\system32\bdco1ins.dll |29/07/2005 17:09:46 C:\WINDOWS\system32\CdRip.dll |20/06/2000 22:01:20 C:\WINDOWS\system32\CmdLineExt.dll |30/10/2006 15:12:22 C:\WINDOWS\system32\compatUI.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\CSH.DLL |10/08/2005 10:16:58 C:\WINDOWS\system32\dgrpsetu.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\dgsetup.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\DivX.dll |01/02/2007 05:56:04 C:\WINDOWS\system32\DivXWMPExtType.dll |12/12/2006 17:24:42 C:\WINDOWS\system32\divx_xx07.dll |01/02/2007 05:56:06 C:\WINDOWS\system32\divx_xx0c.dll |01/02/2007 05:56:05 C:\WINDOWS\system32\divx_xx11.dll |01/02/2007 05:56:05 C:\WINDOWS\system32\dpl100.dll |30/01/2007 05:56:56 C:\WINDOWS\system32\dpu10.dll |30/01/2007 05:56:52 C:\WINDOWS\system32\dpu11.dll |30/01/2007 05:56:52 C:\WINDOWS\system32\dpuGUI10.dll |30/01/2007 05:56:54 C:\WINDOWS\system32\dpuGUI11.dll |30/01/2007 05:56:52 C:\WINDOWS\system32\dpus11.dll |30/01/2007 05:56:52 C:\WINDOWS\system32\dpv11.dll |30/01/2007 05:56:52 C:\WINDOWS\system32\dssdata.dll |22/09/2004 08:00:00 C:\WINDOWS\system32\dtu100.dll |30/01/2007 05:56:56 C:\WINDOWS\system32\encdec.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\EntAPI.dll |08/06/2006 20:00:00 C:\WINDOWS\system32\EPPicMgr.dll |18/01/2007 20:24:32 C:\WINDOWS\system32\EpPicPrt.dll |18/01/2007 20:24:32 C:\WINDOWS\system32\EqnClass.Dll |05/08/2004 05:00:00 C:\WINDOWS\system32\E_DCINST.DLL |18/01/2007 20:23:41 C:\WINDOWS\system32\E_FD4BBGE.DLL |18/01/2007 20:23:40 C:\WINDOWS\system32\E_FLBBGE.DLL |18/01/2007 20:23:40 C:\WINDOWS\system32\F5D7051.dll |09/02/2007 12:23:27 C:\WINDOWS\system32\fdco1.dll |29/07/2005 17:09:58 C:\WINDOWS\system32\fdco1ins.dll |29/07/2005 17:09:58 C:\WINDOWS\system32\GTW32N50.dll |09/02/2007 12:23:25 C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38 C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56 C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36 C:\WINDOWS\system32\hticons.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\hypertrm.dll |17/11/2004 18:42:34 C:\WINDOWS\system32\iccvid.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\ir32_32.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\ir41_qc.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\ir41_qcx.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\ir50_32.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\ir50_qc.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\ir50_qcx.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\isrdbg32.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\JAVALE(2).DLL |04/09/1998 08:09:06 C:\WINDOWS\system32\jgaw400.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\jgdw400.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\jgmd400.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\jgpl400.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\jgsd400.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\jgsh400.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\LCamCpl.dll |21/10/2006 14:24:44 C:\WINDOWS\system32\lfbmp12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\LFCMP12n.DLL |21/10/2006 14:24:40 C:\WINDOWS\system32\lffax12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\lftif12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\libdivx.dll |30/01/2007 06:03:26 C:\WINDOWS\system32\LQCUI2.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\LTDIS12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\ltefx12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\ltfil12n.DLL |21/10/2006 14:24:40 C:\WINDOWS\system32\ltimg12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\ltkrn12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\Ltwvc12n.dll |21/10/2006 14:24:40 C:\WINDOWS\system32\lvcodec2.dll |21/10/2006 14:24:54 C:\WINDOWS\system32\lvcoinst.dll |21/10/2006 14:24:54 C:\WINDOWS\system32\LVCOMCX.dll |19/07/2005 17:32:18 C:\WINDOWS\system32\Lvkrn12n.dll |21/10/2006 14:24:44 C:\WINDOWS\system32\LVMAENUM.dll |19/07/2005 17:32:18 C:\WINDOWS\system32\LVUI2.dll |21/10/2006 14:24:54 C:\WINDOWS\system32\LVUI2RC.dll |21/10/2006 14:24:54 C:\WINDOWS\system32\MADLib.dll |20/08/2003 21:12:36 C:\WINDOWS\system32\mdwmdmsp.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\MSDBG(2).DLL |04/09/1998 08:09:08 C:\WINDOWS\system32\msdmo.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\msencode.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\msrecr40(2).dll |05/08/2004 05:00:00 C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 20:46:58 C:\WINDOWS\system32\MSSDM(2).DLL |04/09/1998 08:09:08 C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30 C:\WINDOWS\system32\NexPlayerX.dll |08/06/2005 11:06:34 C:\WINDOWS\system32\NTIBUN4.dll |23/01/2005 12:12:26 C:\WINDOWS\system32\NTICDMK7.dll |23/01/2005 12:11:42 C:\WINDOWS\system32\NTIFCD3.dll |23/01/2005 12:11:42 C:\WINDOWS\system32\NTIMP3.dll |23/01/2005 12:11:42 C:\WINDOWS\system32\NTIMPEG2.dll |23/01/2005 12:11:42 C:\WINDOWS\system32\nv4_disp.dll |03/03/2006 10:55:24 C:\WINDOWS\system32\nvapi.dll |03/03/2006 10:55:24 C:\WINDOWS\system32\nvcod.dll |03/03/2006 10:55:24 C:\WINDOWS\system32\nvcodins.dll |03/03/2006 10:55:24 C:\WINDOWS\system32\nvconrm.dll |29/07/2005 00:25:32 C:\WINDOWS\system32\nvcpl.dll |03/03/2006 10:55:24 C:\WINDOWS\system32\nvhwvid.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nview.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvmccs.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvmccsrs.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvmctray.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvnt4cpl.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvoglnt.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvshell.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvwddi.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvwdmcpl.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\nvwimg.dll |03/03/2006 10:55:26 C:\WINDOWS\system32\OGACheckControl.DLL |23/01/2007 15:15:22 C:\WINDOWS\system32\ogg.dll |19/07/2002 06:34:00 C:\WINDOWS\system32\OUTLWAB(2).DLL |04/02/1999 22:09:58 C:\WINDOWS\system32\Packet.dll |09/05/2006 16:57:30 C:\WINDOWS\system32\paqsp.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 02:53:58 C:\WINDOWS\system32\pdfcmnnt.dll |22/10/2006 18:21:36 C:\WINDOWS\system32\PDM(2).DLL |04/09/1998 08:09:08 C:\WINDOWS\system32\PICEntry.dll |18/01/2007 20:24:32 C:\WINDOWS\system32\PICSDK.dll |18/01/2007 20:24:32 C:\WINDOWS\system32\PICSDK2.dll |18/01/2007 20:24:32 C:\WINDOWS\system32\pncrt.dll |24/01/2007 15:19:34 C:\WINDOWS\system32\pndx5016.dll |24/01/2007 15:19:34 C:\WINDOWS\system32\pndx5032.dll |24/01/2007 15:19:34 C:\WINDOWS\system32\pthreadVC.dll |09/05/2006 17:25:58 C:\WINDOWS\system32\px.dll |23/12/2006 16:47:58 C:\WINDOWS\system32\pxafs.dll |17/02/2007 07:46:17 C:\WINDOWS\system32\pxdrv.dll |23/12/2006 16:47:59 C:\WINDOWS\system32\pxmas.dll |23/12/2006 16:47:58 C:\WINDOWS\system32\pxsfs.dll |17/02/2007 07:46:17 C:\WINDOWS\system32\pxwave.dll |23/12/2006 16:47:59 C:\WINDOWS\system32\QCUI2.dll |21/10/2006 14:24:42 C:\WINDOWS\system32\qedwipes.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\qt-dx331.dll |30/01/2007 06:03:40 C:\WINDOWS\system32\rmoc3260.dll |24/01/2007 15:19:34 C:\WINDOWS\system32\RNBOVDD.DLL |16/02/2007 19:22:29 C:\WINDOWS\system32\RtlCPAPI.dll |16/09/2005 14:14:00 C:\WINDOWS\system32\sbe.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\SCRIPTLE(2).DLL |04/09/1998 08:09:08 C:\WINDOWS\system32\slbcsp.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\slbiop.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\slbrccsp.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\Smackw32.dll |24/10/2006 19:37:06 C:\WINDOWS\system32\SNTI386.DLL |16/02/2007 19:22:29 C:\WINDOWS\system32\spnike.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\sprio600.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\sprio800.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\spxcoins.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\ssldivx.dll |30/01/2007 06:03:26 C:\WINDOWS\system32\tsd32.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrcntra.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrcoina.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrdpa.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrdtea.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrfaxa.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrlbva.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrrtosa.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrsdpia.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrsvpia.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrv42a.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrv80a.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrvoica.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\usrvpa.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\vorbis.dll |19/07/2002 06:34:00 C:\WINDOWS\system32\vorbisenc.dll |19/07/2002 06:35:00 C:\WINDOWS\system32\vorbisfile.dll |19/07/2002 06:35:00 C:\WINDOWS\system32\vp6vfw.dll |04/03/2007 17:35:12 C:\WINDOWS\system32\vxblock.dll |23/12/2006 16:47:59 C:\WINDOWS\system32\WanPacket.dll |09/05/2006 16:57:28 C:\WINDOWS\system32\win87em.dll |05/08/2004 05:00:00 C:\WINDOWS\system32\WNASPI32.DLL |21/05/2001 13:35:20 C:\WINDOWS\system32\wpcap.dll |09/05/2006 17:24:50 C:\WINDOWS\system32\XceedCry.dll |02/02/2003 12:01:34 C:\WINDOWS\system32\XceedSco.dll |19/05/2003 11:37:20 C:\WINDOWS\system32\xcomm.dll |02/06/2005 17:16:50 C:\WINDOWS\system32\xmlgrp32.dll |14/02/2007 08:24:10 C:\WINDOWS\system32\xvidcore.dll |01/11/2006 14:52:38 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est B0A9-8C3C Répertoire de C:\WINDOWS\system 24/12/1998 16:15 345 983 RCDSETUP.EXE 1 fichier(s) 345 983 octets 0 Rép(s) 60 741 701 632 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est B0A9-8C3C Répertoire de C:\WINDOWS\system32 05/08/2004 05:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 60 741 701 632 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est B0A9-8C3C Répertoire de C:\WINDOWS\Downloaded Program Files 16/03/2007 21:17 <REP> . 16/03/2007 21:17 <REP> .. 23/01/2005 11:57 65 desktop.ini 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 22/11/2006 23:22 372 736 GAME_UNO1.dll 22/11/2006 20:50 316 GAME_UNO1.INF 25/07/2002 17:05 172 032 isusweb.dll 11/12/2006 16:44 367 LegitCheckControl.inf 29/05/2003 15:00 160 864 messengerstatsclient.dll 23/01/2007 11:32 361 OGAControl.inf 28/08/2006 10:05 227 opuc.inf 09/11/2006 14:36 5 019 swflash.inf 18/10/2006 19:28 461 136 wlscBase.dll 18/10/2006 19:32 320 wlscBase.inf 13 fichier(s) 1 394 627 octets Total des fichiers listés : 13 fichier(s) 1 394 627 octets 2 Rép(s) 60 741 701 632 octets libres Recherche de rootkit! (Merci S!Ri) infection possible Magic.Control : un scan F-Secure BlackLight est recommandé Recherche d'infections connues C:\Program Files\Advert présent! Possible infection : lop.com C:\Program Files\BitDownload présent! Possible infection : lop.com catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... C:\WINDOWS\Prefetch\JGCXUXUQFB.EXE-117EF5BE.pf 40960 bytes C:\WINDOWS\system32\jgcxuxuqfb.dat 12288 bytes C:\WINDOWS\system32\jgcxuxuqfb.exe 327680 bytes C:\WINDOWS\system32\jgcxuxuqfb_nav.dat 217088 bytes C:\WINDOWS\system32\jgcxuxuqfb_navps.dat 4096 bytes scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 5 Liste des programmes installes 7-Zip 4.42 ABBYY FineReader 8.0 Professional Edition Acer eConsole Acer eMode Management Ad-Aware SE Personal Adobe Flash Player 9 ActiveX Adobe Reader 7.0.9 - Français Adobe Shockwave Player AirMAPS Athlon 64 Processor Driver Audio CD Magic 2.0 Bêta Preview AutoUpdate Battlefield 2 Belkin High-Speed Mode Wireless G USB Network Adapter BitDefender 8 Free Edition CCleaner (remove only) Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 Complément Microsoft Enregistrer en tant que PDF pour programmes Microsoft Office 2007 Correctif pour Windows XP (KB893357) Correctif pour Windows XP (KB914440) Correctif Windows XP - KB867282 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893086 DivX Codec DivX Content Uploader DivX Converter DivX Player DivX Web Player eMule EPSON Logiciel imprimante FIFA 07 FreeGo 3 GameSpy Arcade HijackThis 1.99.1 Horse Racing Manager 2 - Demo Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB915800) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) ItsTV 1.0 J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 5 J2SE Runtime Environment 5.0 Update 7 J2SE Runtime Environment 5.0 Update 9 Language pack for Ad-Aware SE Lecteur Windows Media 11 Les Sims 2 Logiciel QuickCam de Logitech Macrogaming SweetIM 2.0 Madden NFL 2004 Internet Demo McAfee VirusScan Enterprise Menus intelligents (Windows Live Toolbar) Messenger Plus! Live & Sponsor (CiD) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Office XP Media Content Microsoft Office XP Professional avec FrontPage Microsoft Sites publics français Microsoft Software Update for Web Folders (French) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB903235) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913433) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB931836) Mozilla Firefox (2.0.0.2) Mozilla Thunderbird (1.5) MSN MSXML 4.0 SP2 (KB927978) Mystery Case Files - Huntsville New York Police Judiciaire NTI CD & DVD-Maker NTI CD & DVD-Maker NVIDIA Drivers Omnis Studio 3.2.1 OpenOffice.org 2.1 PartitionMagic PC Inspector File Recovery PDFCreator PhotoFiltre Studio Photorécit 3 pour Windows Picasa 2 PowerDVD PowerQuest PartitionMagic 8.0 Pro Evolution Soccer 6 Pro Evolution Soccer 6 Programme de gestion Camera de Logitech® QuickTime Alternative 1.76 Real Alternative 1.51 Realtek AC'97 Audio Samsung PC Studio 2.0 PIM & File Manager Security Update for Microsoft .NET Framework 2.0 (KB922770) Security Update pour Microsoft .NET Framework 2.0 (KB917283) Sentinel System Driver Share Accelerator Toolbar SiSoftware Sandra Lite 2007.SP1 (Win64/32/CE) SweetIM For Internet Explorer 3.0b Trophy Bass 2007 Demo Update for Outlook 2007 Junk Email Filter (KB931766) VideoLAN VLC media player 0.8.5-freehd WebFldrs XP WebMediaPlayer Windows Defender Windows Defender Signatures Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Messenger Windows Live OneCare safety scanner Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Toolbar Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 WinPcap 4.0 alpha1 Yahoo! Toolbar Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est B0A9-8C3C Répertoire de C:\Program Files 17/03/2007 09:01 <REP> . 17/03/2007 09:01 <REP> .. 03/11/2006 07:56 <REP> 7-Zip 10/02/2007 09:09 <REP> ABBYY FineReader 8.0 Professional Edition 21/10/2006 11:27 <REP> Acer 23/01/2005 12:10 <REP> Adobe 08/02/2007 13:46 <REP> Adverts 23/01/2005 12:16 <REP> AMD 17/03/2007 09:17 <REP> a-squared Anti-Malware 16/02/2007 19:23 <REP> AtlogMtm 04/03/2007 17:27 <REP> Atom blue 07/03/2007 17:45 <REP> AudioCDMagic 23/01/2005 12:07 <REP> AvRack 14/02/2007 08:30 <REP> Belkin 04/03/2007 17:33 <REP> BitDownload 29/12/2006 17:50 <REP> BoontyGames 18/02/2007 00:37 <REP> Catalencoder 21/10/2006 16:29 <REP> CCleaner 28/10/2006 08:26 <REP> ColiPoste 23/01/2005 11:56 <REP> ComPlus Applications 21/10/2006 15:43 <REP> Corel 23/01/2005 12:13 <REP> CyberLink 15/03/2007 20:27 <REP> DAEMON Tools 29/11/2006 19:38 <REP> Debug second date 29/12/2006 16:51 <REP> DesignSoft 11/02/2007 09:02 <REP> Diver 28/02/2007 14:11 <REP> DivX 07/03/2007 14:06 <REP> EA GAMES 11/02/2007 09:13 <REP> EA SPORTS 17/03/2007 09:18 <REP> eMule 11/02/2007 09:15 <REP> EPSON 11/11/2006 11:05 <REP> Executive Software 18/02/2007 00:55 <REP> ffdshow 23/02/2007 16:33 <REP> Fichiers communs 26/10/2006 22:30 <REP> foxit 02/01/2007 19:33 <REP> FreeAngel 09/02/2007 20:52 <REP> FreeGo 21/10/2006 21:29 <REP> GameSpy Arcade 18/11/2006 16:10 <REP> Google 11/02/2007 09:12 <REP> InterActual 10/03/2007 20:57 <REP> Internet Explorer 10/03/2007 09:11 <REP> Its Label 01/03/2007 12:59 <REP> Java 11/02/2007 09:15 <REP> KONAMI 08/11/2006 10:28 <REP> Lavasoft 21/10/2006 14:24 <REP> Logitech 26/10/2006 22:30 <REP> LSEF7 24/01/2007 15:19 <REP> Media Player Classic 23/01/2005 11:55 <REP> Messenger 13/03/2007 19:57 <REP> Messenger Plus! Live 18/02/2007 21:11 <REP> Micro Application 23/02/2007 16:29 <REP> Microids 18/02/2007 21:03 <REP> microsoft frontpage 14/03/2007 11:42 <REP> Microsoft Office 10/03/2007 18:49 <REP> Microsoft Office 2003 23/02/2007 18:35 <REP> Microsoft Sites publics français 18/02/2007 23:02 <REP> Microsoft Visual Studio 17/02/2007 08:15 <REP> Microsoft Visual Studio 8 18/02/2007 23:02 <REP> Microsoft Visual Studio(2) 17/02/2007 08:11 <REP> Microsoft Works 17/02/2007 08:10 <REP> Microsoft.NET 11/11/2006 17:48 <REP> Movie Maker 14/03/2007 12:12 <REP> Mozilla Firefox 22/02/2007 21:05 <REP> Mozilla Thunderbird 16/02/2007 08:14 <REP> MSBuild 17/02/2007 22:15 <REP> MSECache 23/01/2005 11:55 <REP> MSN 18/02/2007 13:24 <REP> MSN Games 23/01/2005 11:55 <REP> MSN Gaming Zone 13/03/2007 19:57 <REP> MSN Messenger 16/11/2006 20:06 <REP> MSXML 4.0 23/01/2005 11:56 <REP> NetMeeting 21/10/2006 13:58 <REP> Network Associates 11/02/2007 09:14 <REP> NewTech Infosystems 24/02/2007 12:08 <REP> New-York Police Judiciaire 26/10/2006 21:04 <REP> Norton AntiVirus 23/01/2005 11:55 <REP> Online Services 18/02/2007 13:27 <REP> OpenOffice.org 2.1 14/02/2007 14:16 <REP> oS(2) 10/03/2007 20:57 <REP> Outlook Express 15/11/2006 18:17 <REP> PC Inspector File Recovery 22/10/2006 18:21 <REP> PDFCreator 19/11/2006 14:22 <REP> Photo Story 3 for Windows 08/03/2007 17:11 <REP> PhotoFiltre Studio 21/10/2006 14:36 <REP> Picasa2 03/11/2006 08:04 <REP> PowerQuest 06/01/2007 18:13 <REP> QuickTime 24/01/2007 15:19 <REP> QuickTime Alternative 16/02/2007 19:14 <REP> RainingData 14/02/2007 14:16 <REP> RainingData(2) 24/01/2007 15:19 <REP> Real Alternative 24/01/2007 14:58 <REP> Realtek AC97 23/01/2005 12:07 <REP> Realtek Sound Manager 24/01/2007 15:08 <REP> RegCleaner 14/02/2007 08:53 <REP> SafeNet Sentinel 20/12/2006 19:05 <REP> Samsung 23/01/2005 11:57 <REP> Services en ligne 04/11/2006 08:27 <REP> SiSoftware 18/02/2007 23:02 <REP> Snapshot Viewer 07/02/2007 11:53 <REP> Softwin 21/10/2006 16:29 <REP> Spybot - Search & Destroy 11/02/2007 14:27 <REP> Steam 18/02/2007 23:02 <REP> Trophy Bass 2007 Demo 26/10/2006 17:58 <REP> Ubisoft 23/12/2006 18:34 <REP> Unlocker 24/12/2006 10:22 <REP> UxTheme Multipatcher Fr 23/10/2006 18:41 <REP> VideoLAN 16/02/2007 13:37 <REP> virtual dub 11/03/2007 18:12 <REP> WebMediaPlayer 18/02/2007 23:02 <REP> WinAVI MP4 Converter 18/02/2007 12:54 <REP> Windows Defender 25/02/2007 09:00 <REP> Windows Desktop Search 09/12/2006 22:02 <REP> Windows Live Safety Center 11/02/2007 11:56 <REP> Windows Live Toolbar 03/12/2006 09:17 <REP> Windows Media Connect 2 10/03/2007 20:57 <REP> Windows Media Player 23/01/2005 11:55 <REP> Windows NT 09/02/2007 20:52 <REP> WinPcap 23/01/2005 11:58 <REP> xerox 11/02/2007 09:26 <REP> Yahoo! 0 fichier(s) 0 octets 120 Rép(s) 60 740 841 472 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est B0A9-8C3C Répertoire de C:\Program Files\fichiers communs 23/02/2007 16:33 <REP> . 23/02/2007 16:33 <REP> .. 14/02/2007 19:07 <REP> Adobe 26/10/2006 22:23 <REP> Cisco Systems 16/02/2007 10:25 <REP> Designer 18/01/2007 20:28 <REP> InstallShield 21/10/2006 11:24 <REP> Java 21/10/2006 14:24 <REP> Logitech 16/03/2007 19:05 <REP> Microsoft Shared 23/01/2005 11:56 <REP> MSSoap 23/01/2005 12:12 <REP> muvee Technologies 21/10/2006 13:58 <REP> Network Associates 23/01/2005 12:11 <REP> NewTech Infosystems 23/01/2005 11:52 <REP> ODBC 14/02/2007 08:53 <REP> SafeNet Sentinel 23/01/2005 11:56 <REP> Services 07/02/2007 11:53 <REP> Softwin 23/01/2005 11:52 <REP> SpeechEngines 26/10/2006 21:04 <REP> Symantec Shared 18/02/2007 23:01 <REP> System 0 fichier(s) 0 octets 20 Rép(s) 60 740 837 376 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est B0A9-8C3C Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 16/03/2007 19:05 <REP> . 16/03/2007 19:05 <REP> .. 10/03/2007 20:57 <REP> 1033 14/03/2007 11:46 <REP> 1036 26/10/2006 19:49 970 528 MSONSEXT.DLL 26/10/2006 20:12 40 256 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 29/01/2004 15:08 69 632 PKMAXCTL.DLL 29/01/2004 15:08 868 352 PKMCDO.DLL 29/01/2004 15:08 53 248 PKMCORE.DLL 29/01/2004 15:08 102 400 PKMFORMS.DLL 29/01/2004 15:38 634 880 PKMRES.DLL 29/01/2004 15:08 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 29/01/2004 15:08 24 576 PKMTRACE.DLL 29/01/2004 15:08 86 016 PKMWS.DLL 29/01/2004 15:08 237 568 PROMDEMO.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 29/01/2004 15:08 184 320 SECMGR.DLL 29/01/2004 15:08 315 392 VAIDDMGR.DLL 29/01/2004 15:08 32 768 VAIMEM.DLL 19 fichier(s) 4 934 977 octets 4 Rép(s) 60 740 837 376 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est B0A9-8C3C Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 22/08/2006 16:08 98 304 PES6.exe 3 fichier(s) 269 824 octets 0 Rép(s) 60 740 837 376 octets libres c:\Documents and Settings\Laurette\Application Data\Microsoft\Installer\{F6D63A65-BD23-46F3-B9A3-87F442423481}\ARPPRODUCTICON.exe c:\Documents and Settings\Laurette\Bureau\Install_Messenger.exe c:\Documents and Settings\Laurette\Local Settings\Temp\4263.exe c:\Documents and Settings\Laurette\Local Settings\Temp\WindowsUpdateAgent20-x86.exe c:\Documents and Settings\Laurette\Local Settings\Temp\SLF2CFB.tmp\Appartement_3D_2006_Telecharger{75474}.exe c:\Documents and Settings\Laurette\Local Settings\Temporary Internet Files\Content.IE5\6R0OSW6G\emoticones[1].exe c:\Documents and Settings\Laurette\Local Settings\Temporary Internet Files\Content.IE5\GL6BK9YF\WindowsUpdateAgent20-x86[1].exe c:\Documents and Settings\Laurette\Local Settings\Temporary Internet Files\Content.IE5\O5ER4PI3\Install_Messenger[1].exe c:\Documents and Settings\Laurette\Local Settings\Temporary Internet Files\Content.IE5\S1W7R91A\WoW-frFR-Installer-downloader[1].exe c:\Documents and Settings\Laurette\Local Settings\Temporary Internet Files\Content.IE5\V5PJZDUZ\Diner_Dash_Flo_on_the_Go-setup[1].exe c:\Documents and Settings\Laurette\Mes documents\messengerskinner.exe c:\Documents and Settings\Laurette\Mes documents\WoW-2.0.0-frFR-Installer\Installer.exe c:\Documents and Settings\Laurette\Mes documents\WoW-2.0.0-frFR-Installer\DirectX\dxsetup.exe c:\Documents and Settings\Michel\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe c:\Documents and Settings\Michel\Application Data\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe c:\Documents and Settings\Michel\Application Data\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_FineReader.exe c:\Documents and Settings\Michel\Application Data\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_ScreenshotReader.exe c:\Documents and Settings\Michel\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_1773C0A4E004EB4D3ECAE5.exe c:\Documents and Settings\Michel\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_6FEFF9B68218417F98F549.exe c:\Documents and Settings\Michel\Application Data\Microsoft\Installer\{B72B0ECE-F41E-4EC4-AA37-1A00640680BF}\_C96AC1B409367E02762E8D.exe c:\Documents and Settings\Michel\Bureau\HijackThis.exe c:\Documents and Settings\Michel\Bureau\KillBox.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Michel\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Michel\Local Settings\Temp\AutoRun.exe c:\Documents and Settings\Michel\Mes documents\boulot mn\KeyGen Microsoft Office Professionnel 2007.exe c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\INSTALL.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\IE5\FR\DCOM95.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\IE5\FR\IE5COMP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\IE5\FR\IE5SETUP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\IE5\FR\IEAK5.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\IE5\FR\IEAK5CD.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\IE5\FR\VRML2C.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\MSI\INSTMSI.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\MSI\INSTMSIW.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\ARTGALRY\ARTGALRY.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\ARTGALRY\CAG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\DATAMAP\DATAINST.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\DATAMAP\MSMAP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\EQUATION\EQNEDT32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\MSINFO\MSINFO32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\MSINFO\OFFPROV.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\ORGCHART\ORGCHART.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\PHOTOED\PHOTOED.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\ADMCGI\SCRIPTS\FPADMCGI.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\BIN\CFGWIZ.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\BIN\FPREMADM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\BIN\FPSERVER.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\BIN\FPSRVADM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\BIN\HTIMAGE.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\BIN\IMAGEMAP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\BIN\TCPTEST.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\ISAPI\FPCOUNT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\_VTI_BIN\FPCOUNT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\_VTI_BIN\SHTML.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\_VTI_BIN\_VTI_ADM\ADMIN.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\40\_VTI_BIN\_VTI_AUT\AUTHOR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\MSSHARED\WEBSRVEX\FPWEBS\SERVER\VHTTPD32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\OUT40.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\CCMDLIST.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\CNFNOT32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\CWIMPORT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\95\MAPISP32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\95\ML3XEC16.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\95\NEWPROF.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\95\SCANPST.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\NT\MAPISP32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\NT\ML3XEC16.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\NT\NEWPROF.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\COMMON\SYSTEM\MAPI\1036\NT\SCANPST.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\FP98\VER3\BIN\FP98SADM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\FP98\VER3\BIN\FP98SWIN.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\FP98\VER3\BIN\FPSRVADM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\FP98\VER3\BIN\FPSRVWIN.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\BINDER.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\CONVTEXT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\DATCRT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\DLGCANCL.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\EXCEL.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\FINDER.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\FINDFAST.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\FRONTPG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\GRAPH9.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MAKECERT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSACCESS.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSACNV30.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSIMPORT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSO7FTP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSO7FTPA.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSO7FTPS.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSOHTMED.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\MSQRY32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\NSREX.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\OFFCLN9.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\ORG11SVR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\ORG21SVR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\OSA9.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\OTUNEUP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\OUTLOOK.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\POWERPNT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\REXPROXY.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\RXCBPRXY.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\SELFCERT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\SETLANG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\VTIDISC.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\VTIFORM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\VTIPRES.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\WAVTOASF.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\WEBPUB.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\WINWORD.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\MSOFFICE.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\MSOHELP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\NFCLEAN.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\OLFMOD32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\OLFSETUP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\OLFSNT40.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\PROJWIZ.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\SCHDPL32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\WFXMSRVR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\1036\WRKGADM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\FORMS\1036\REGCFG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\MSOFFICE\OFFICE\XLATORS\PPVIEW32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\SNAPVIEW\SNAPVIEW.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\PFILES\VSTUDIO\COMMON\IDE\IDE98\MSE.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SP\DCOM\DCOM95.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\BCP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\CMDWRAP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\CNFGSVR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\DCOMSCM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\DISTRIB.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\DTSRUN.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\DTSWIZ.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\LOGREAD.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\ODBCCMPT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\OSQL.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\REBUILDM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\REGREBLD.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\REPLMERG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\SCM.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\SNAPSHOT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\SQLAGENT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\SQLMANGR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\SQLSERVR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\SVRNETCN.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\BINN\VSWITCH.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\OTHER\DTCSETUP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\SETUP\_ISDEL.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\SETUP\MSETUP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\SETUP\SETUPSQL.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\SETUP\SQLSTP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\SYSTEM\CLICONFG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SQL\X86\SYSTEM\REGSVR32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEM\CLICONFG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEM\EXTRACT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEM\IMMC.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEM\ODBCAD32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEM95\AWSNTO32.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEM95\FIXMAPI.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEM95\VIEWERS\QUIKVIEW.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEMNT\FIXMAPI.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\SYSTEMNT\VIEWERS\QUIKVIEW.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\WINDOWS\HH.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\O9PRMCD01\WINDOWS\MSAGENT\AGENTSVR.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\EXTRACT.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\INSTALL.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\OEMSETUP.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\SCANDISK.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\SCANPROG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\SCANREG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\SMARTDRV.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\SUCATREG.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\WB16OFF.EXE c:\Documents and Settings\Michel\Mes documents\boulot mn\Nouveau dossier\WIN98\XMSMMGR.EXE c:\Documents and Settings\Michel\Mes documents\racine de F\PES6.exe c:\Documents and Settings\Michel\Mes documents\sauvegarde picasa\PicasaRestore.exe c:\Documents and Settings\michelOmnis\omnis.exe c:\Documents and Settings\michelOmnis\datafile\odbc\omodbcin.exe c:\Documents and Settings\michelOmnis\studio\charmap.exe c:\Documents and Settings\michelOmnis\webclient\client\omwebie.exe c:\Documents and Settings\michelOmnis\webclient\client\omwebns.exe c:\Documents and Settings\michelOmnis\webclient\client\ie\Omupdate.exe c:\Documents and Settings\michelOmnis\webclient\client\netscape\omupdate.exe c:\Documents and Settings\michelOmnis\webclient\server\omnis nt service\ntserv.exe c:\Documents and Settings\michelOmnis\webclient\server\webserver\Omnislsp.exe c:\Documents and Settings\michelOmnis\webclient\server\webserver\CGI\nph-omniscgi.exe c:\Documents and Settings\michelOmnis\xcomp\java\JIKES.EXE c:\Documents and Settings\Panpan\Bureau\AirMAPS_v5.71_install.exe c:\Documents and Settings\Panpan\Bureau\Madden_NFL_2004_Demo_jouable.exe c:\Documents and Settings\Panpan\Bureau\PES6.exe c:\Documents and Settings\Panpan\Bureau\SteamInstall.exe c:\Documents and Settings\Panpan\Local Settings\Temp\AutoRun.exe c:\Documents and Settings\Panpan\Local Settings\Temp\7zO52.tmp\NBALive2003_Demo_English.exe c:\Documents and Settings\Panpan\Local Settings\Temp\7zO53.tmp\NBALive2003_Demo_English.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Default\MpEngine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{6AFFEDBB-F1E1-4FE7-A5F6-269A7BA8D8A5}\mpengine.dll c:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\c0fpodkq.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\c0fpodkq.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\Laurette\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\Laurette\Application Data\Mozilla\Firefox\Profiles\b1dud9yd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\9ko6nc02.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\Panpan\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\Panpan\Application Data\Mozilla\Firefox\Profiles\7t5f1785.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll

bjr, je suis frequemment dirigé vers des sites publicitaires en utilisant firefox , ci dessous rapport HijackThis. Merci pour votre assistance Logfile of HijackThis v1.99.1 Scan saved at 09:36:15, on 17/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Belkin\F5D7051\WLService.exe C:\Program Files\Belkin\F5D7051\WLanCfgG.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Softwin\BitDefender8\bdnagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe C:\Documents and Settings\Michel\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [EPSON Stylus D78 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\WINDOWS\TEMP\E_S7C.tmp" /EF "HKLM" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer O4 - HKLM\..\Run: [bDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing) O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)