Valkyrie

hey bien le pc fonctionne nickel comme avant mon probleme de reboot a chaque connexion internet Merci pour ton aide en tout cas c'etais vraiment sympa et tres bien detaillé

////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\gqwsjdom ******************* Script file located at: \??\C:\WINNT\qxdowwjs.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Driver Jrp12 unloaded successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP12 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP12 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jrp12 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP12 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP12 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP12 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12 Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. Reg Windows Registry Editor Version 5.00 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.2.0 ; Results at 24/03/2007 16:19:45 for strings: ; 'jrp12' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU] "001"="Jrp12.sys" ; End Of The Log...

Avenger ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU Error: could not create zip file. Error code: 0 ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\jaelcyer ******************* Fatal error: integrity of Services key failed verification check! Security may be fatally compromised. Exiting immediately. Could not open script file! Status: 0xc0000034 Abort! Reg Windows Registry Editor Version 5.00 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.2.0 ; Results at 23/03/2007 06:55:34 for strings: ; 'jrp12' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP1200] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP1200] "Service"="Jrp12" "DeviceDesc"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP1200\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12\Enum] "0"="Root\\LEGACY_JRP12" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP1200] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP1200] "Service"="Jrp12" "DeviceDesc"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP1200\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jrp12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jrp12\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP12] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP1200] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP1200] "Service"="Jrp12" "DeviceDesc"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP1200\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12\Enum] "0"="Root\\LEGACY_JRP12" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU] "001"="Jrp12.sys" ; End Of The Log...

Windows Registry Editor Version 5.00 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.2.0 ; Results at 22/03/2007 23:47:58 for strings: ; 'jrp12' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP1200] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP1200] "Service"="Jrp12" "DeviceDesc"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP1200\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_JRP1200\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12] "DisplayName"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Jrp12\Enum] "0"="Root\\LEGACY_JRP12\00" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP1200] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP1200] "Service"="Jrp12" "DeviceDesc"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_JRP1200\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jrp12] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jrp12] "DisplayName"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jrp12\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP12] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP1200] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP1200] "Service"="Jrp12" "DeviceDesc"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP1200\LogConf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_JRP1200\Control] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12] "DisplayName"="Jrp12" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jrp12\Enum] "0"="Root\\LEGACY_JRP12\00" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU] "001"="Jrp12.sys" ; End Of The Log...

je viens de verifier sur Kaspersky et j'ai trouvé ceci supprimé : cheval de Troie Rootkit.Win32.Agent.ea Le fichier: C:\_OTMoveIt\MovedFiles\WINNT\System32\Jrp12.sys

Effectué le jeu. 22/03/2007 à 13:31:31,87. Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Dans la fenetre DOS, cela m'as mis 2 fois: fichier introuvable

Jrp12.sys est introuvable dans C:\WINNT\system32 : / fichiers cachés affiché etc etc c'est louche quand meme que certain fichier present dans un rapport soit invisible dans le dossier

Rapport StartupList report, 21/03/2007, 05:03:19 StartupList version: 1.52.2 Started from : C:\Program Files\HiJackThis\HiJackThis_v2.EXE Detected: Windows 2000 SP4 (WinNT 5.00.2195) Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINNT\System32\smss.exe C:\WINNT\SYSTEM32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HiJackThis\HiJackThis_v2.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Valkyrie1\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINNT\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Synchronization Manager = mobsync.exe /logon WOOWATCH = :C:\PROGRA~1\Wanadoo\watch.exe WOOTASKBARICON = :C:\PROGRA~1\Wanadoo\taskbaricon.exe AVP = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background msn Discovery = "C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe" -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] * StubPath = C:\WINNT\system32\setup\wmpocm.exe /HideWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = "C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigIE [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = "C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigOE [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\mplayer2.inf,PerUserStub.NT [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{6A5110B5-E14B-4268-A065-EF89FF33C325}] * StubPath = regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINNT\system32\Rundll32.exe C:\WINNT\system32\mscories.dll,Install [{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] * StubPath = %SystemRoot%\system32\updcrl.exe -e -u %SystemRoot%\system32\verisignpub1.crl -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINNT\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=MsgPlusLoader.dll -------------------------------------------------- Shell & screensaver key from C:\WINNT\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINNT\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINNT\Explorer\Explorer.exe: not present C:\WINNT\System\Explorer.exe: not present C:\WINNT\System32\Explorer.exe: not present C:\WINNT\Command\Explorer.exe: not present C:\WINNT\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINNT - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - :C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [DirectAnimation Java Classes] CODEBASE = file://C:\WINNT\Java\classes\dajava.cab OSD = C:\WINNT\Downloaded Program Files\DirectAnimation Java Classes.osd [Microsoft XML Parser for Java] CODEBASE = file://C:\WINNT\Java\classes\xmldso.cab OSD = C:\WINNT\Downloaded Program Files\Microsoft XML Parser for Java.osd [{00000161-0000-0010-8000-00AA00389B71}] CODEBASE = http://codecs.microsoft.com/codecs/i386/msaudio.cab [shockwave ActiveX Control] InProcServer32 = C:\WINNT\system32\macromed\director\swdir.dll CODEBASE = http://download.macromedia.com/pub/shockwa...director/sw.cab [Trend Micro ActiveX Scan Agent 6.6] InProcServer32 = C:\WINNT\Downloaded Program Files\Housecall_ActiveX.dll CODEBASE = http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab [{31564D57-0000-0010-8000-00AA00389B71}] CODEBASE = http://codecs.microsoft.com/codecs/i386/wmvax.cab [{32564D57-0000-0010-8000-00AA00389B71}] CODEBASE = http://codecs.microsoft.com/codecs/i386/wmv8ax.cab [F-Secure Online Scanner] InProcServer32 = C:\WINNT\Downloaded Program Files\fscax.dll CODEBASE = http://www.securitoo.com/fra/pages/navol/fscax.cab [ActiveScan Installer Class] InProcServer32 = C:\WINNT\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [{9F1C11AA-197B-4942-BA54-47A8489BB47F}] CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/...8506.7700462963 [shockwave Flash Object] InProcServer32 = C:\WINNT\system32\Macromed\Flash\Flash9b.ocx CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINNT\System32\rnr20.dll NameSpace #2: C:\WINNT\System32\winrnr.dll Protocol #1: C:\Program Files\Spyware Doctor\FilterLSP.dll Protocol #2: C:\Program Files\Spyware Doctor\FilterLSP.dll Protocol #3: C:\Program Files\Spyware Doctor\FilterLSP.dll Protocol #4: C:\Program Files\Fichiers communs\PC Tools\LSP\PCTLsp.dll Protocol #5: C:\Program Files\Fichiers communs\PC Tools\LSP\PCTLsp.dll Protocol #6: C:\Program Files\Fichiers communs\PC Tools\LSP\PCTLsp.dll Protocol #7: C:\WINNT\system32\msafd.dll Protocol #8: C:\WINNT\system32\msafd.dll Protocol #9: C:\WINNT\system32\msafd.dll Protocol #10: C:\WINNT\system32\rsvpsp.dll Protocol #11: C:\WINNT\system32\rsvpsp.dll Protocol #12: C:\WINNT\system32\msafd.dll Protocol #13: C:\WINNT\system32\msafd.dll Protocol #14: C:\WINNT\system32\msafd.dll Protocol #15: C:\WINNT\system32\msafd.dll Protocol #16: C:\WINNT\system32\msafd.dll Protocol #17: C:\WINNT\system32\msafd.dll Protocol #18: C:\WINNT\system32\msafd.dll Protocol #19: C:\WINNT\system32\msafd.dll Protocol #20: C:\WINNT\system32\msafd.dll Protocol #21: C:\WINNT\system32\msafd.dll Protocol #22: C:\WINNT\system32\msafd.dll Protocol #23: C:\WINNT\system32\msafd.dll Protocol #24: C:\WINNT\system32\msafd.dll Protocol #25: C:\WINNT\system32\msafd.dll Protocol #26: C:\WINNT\system32\msafd.dll Protocol #27: C:\WINNT\system32\msafd.dll Protocol #28: C:\WINNT\system32\msafd.dll Protocol #29: C:\WINNT\system32\msafd.dll Protocol #30: C:\WINNT\system32\msafd.dll Protocol #31: C:\Program Files\Fichiers communs\PC Tools\LSP\PCTLsp.dll Protocol #32: C:\Program Files\Spyware Doctor\FilterLSP.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) ADSLAutoconnect: "C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (autostart) SAGEM USB device boot driver: system32\DRIVERS\adslboot.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (autostart) Avertissement: %SystemRoot%\System32\services.exe (autostart) Gestion d'applications: %SystemRoot%\system32\services.exe (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Réseau émulant ATM: System32\DRIVERS\atmlane.sys (manual start) Émulation réseau ATM: System32\DRIVERS\atmlane.sys (manual start) Gestionnaire d'appel ATM: System32\DRIVERS\atmuni.sys (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) Antivirus Filter Driver: \SystemRoot\system32\drivers\av5flt.sys (manual start) Kaspersky Anti-Virus 6.0: "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (autostart) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k BITSgroup (manual start) Explorateur d'ordinateur: %SystemRoot%\System32\services.exe (autostart) Philips Cap713x Video Capture: system32\DRIVERS\Cap713x.sys (manual start) Closed Caption Decoder: system32\drivers\ccdecode.sys (manual start) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: C:\WINNT\System32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (manual start) C-Media PCI Audio Driver (WDM): system32\drivers\cmaudio.sys (manual start) Client DHCP: %SystemRoot%\System32\services.exe (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) D-Link DFE-530TX PCI Fast Ethernet Adapter: System32\DRIVERS\DLKFET.sys (manual start) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (disabled) dmboot: System32\drivers\dmboot.sys (disabled) Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Gestionnaire de disque logique: %SystemRoot%\System32\services.exe (autostart) Synthé logiciel Microsoft DirectMusic (WDM): system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\services.exe (autostart) Plug and Play Support Driver: \??\C:\WINNT\system32\msdrives\driverpp.sys (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINNT\System32\svchost.exe -k netsvcs (manual start) Service de télécopie: %systemroot%\system32\faxsvc.exe (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) France Telecom Routing Table Service: C:\WINNT\System32\FTRTSVC.exe (disabled) Game Port Enumerator: System32\DRIVERS\gameenum.sys (manual start) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Pilote de classe HID Microsoft: System32\DRIVERS\hidusb.sys (autostart) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) Caméra Intel USB Video Camera III: System32\Drivers\Icam3.sys (manual start) File Filter Driver: system32\drivers\ikfileflt.sys (manual start) File Security Driver: system32\drivers\ikfilesec.sys (manual start) System Filter Driver: system32\drivers\iksysflt.sys (manual start) System Security Driver: system32\drivers\iksyssec.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (manual start) IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) Jrp12: \??\C:\WINNT\system32\Jrp12.sys (autostart) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Kl1: system32\drivers\kl1.sys (system) Klif: \??\C:\WINNT\system32\drivers\klif.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\System32\services.exe (autostart) Station de travail: %SystemRoot%\System32\services.exe (autostart) Service d'application d'assistance TCP/IP NetBIOS: %SystemRoot%\System32\services.exe (autostart) Affichage des messages: %SystemRoot%\System32\services.exe (manual start) Partage de Bureau à distance NetMeeting: C:\WINNT\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) BDA MPE Filter: System32\DRIVERS\MPE.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINNT\System32\msdtc.exe (manual start) Windows Installer: C:\WINNT\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) NABTS/FEC VBI Codec: System32\DRIVERS\NABTSFEC.sys (manual start) NBService: C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (disabled) Microsoft TV/Video Connection: System32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès à distance: System32\DRIVERS\ndistapi.sys (manual start) NDIS Protocole mode utilisateur E/S: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès à distance: System32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: System32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (manual start) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (manual start) NetDetect: \SystemRoot\system32\drivers\netdtect.sys (manual start) Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de moniteur réseau: System32\DRIVERS\NMnt.sys (manual start) NPPTNT2: \??\C:\WINNT\system32\npptNT2.sys (system) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start) Médias amovibles: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) nv: system32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (disabled) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Pilote de classe parallèle: System32\DRIVERS\parallel.sys (manual start) Pilote de port parallèle: System32\DRIVERS\parport.sys (system) PCANDIS5 NDIS Protocol Driver: \??\C:\WINNT\system32\PCANDIS5.SYS (manual start) Pilote de bus PCI: System32\DRIVERS\pci.sys (system) PCIIde: System32\DRIVERS\pciide.sys (system) Low level access layer for CD devices: System32\Drivers\Pcouffin.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Agent de stratégie IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) 802.11g USB 2.0 adapter: system32\DRIVERS\PRISMA02.sys (manual start) Emplacement protégé: %SystemRoot%\system32\services.exe (autostart) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) PzWDM: system32\Drivers\PzWDM.sys (system) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) Pilote réseau étendu RAW: System32\DRIVERS\rawwan.sys (autostart) Microsoft Streaming Network Raw Channel Access: system32\drivers\RCA.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Service d'accès à distance au Registre: %SystemRoot%\system32\regsvc.exe (autostart) RioPort.Com Rio500 USB Driver: System32\Drivers\RioUsb.sys (autostart) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe -s (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Prise en charge des cartes à puces: %SystemRoot%\System32\SCardSvr.exe (manual start) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\system32\MSTask.exe (autostart) Spyware Doctor Auxiliary Service: C:\Program Files\Spyware Doctor\svcntaux.exe (manual start) Spyware Doctor Service: C:\Program Files\Spyware Doctor\swdsvc.exe (manual start) Service d'exécution par délégation: %SystemRoot%\system32\services.exe (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) Partage de connexion Internet: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) BDA Slip De-Framer: System32\DRIVERS\SLIP.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) SpoonProxy: "C:\Program Files\SpoonProxy\spserv.exe" (disabled) sptd: System32\Drivers\sptd.sys (system) Srv: System32\DRIVERS\srv.sys (manual start) SAMSUNG Mobile USB Device II 1.0 driver (WDM): system32\DRIVERS\ssm_bus.sys (manual start) SAMSUNG Mobile USB Modem II 1.0 Filter: system32\DRIVERS\ssm_mdfl.sys (manual start) SAMSUNG Mobile USB Modem II 1.0 Drivers: system32\DRIVERS\ssm_mdm.sys (manual start) StarWind iSCSI Service: C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe (disabled) BDA IPSink: System32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) Périphérique audio système Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Telnet: %SystemRoot%\system32\tlntsvr.exe (manual start) tmcomm: \??\C:\WINNT\system32\drivers\tmcomm.sys (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\services.exe (autostart) Pilote de contrôleur hôte universel USB Microsoft: System32\DRIVERS\uhcd.sys (manual start) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start) Pilote de concentrateur standard USB Microsoft: System32\DRIVERS\usbhub.sys (manual start) USB 2.0 Root Hub Support: System32\DRIVERS\usbhub20.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) User Privilege Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Gestionnaire d'utilitaires: %SystemRoot%\System32\UtilMan.exe (manual start) vax347b: system32\DRIVERS\vax347b.sys (system) vax347s: System32\Drivers\vax347s.sys (system) vaxscsi: \SystemRoot\System32\Drivers\vaxscsi.sys (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) SAGEM Virtual Bus ATM driver: system32\DRIVERS\vvbatm.sys (manual start) SAGEM USB VvBus driver: system32\drivers\vvbususb.sys (manual start) Horloge Windows: %SystemRoot%\System32\services.exe (manual start) Pilote ARP IP d'accès à distance: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) Infrastructure de gestion Windows: %SystemRoot%\System32\WBEM\WinMgmt.exe (autostart) Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Extensions du pilote WMI: %SystemRoot%\system32\Services.exe (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (autostart) World Standard Teletext Codec: System32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k wugroup (autostart) Configuration sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: Network.ConnectionTray: C:\WINNT\system32\NETSHELL.dll WebCheck: C:\WINNT\system32\webcheck.dll SysTray: stobject.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 32 776 bytes Report generated in 0,640 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only Merci pour le lien pour réparer windows je vais voir ca meme si ce message d'erreur ne me gene pas trop vu que je ne reboot pas souvent ma machine

Oui ce message au demarrage de windows apparait toujours: Le point d'entrée de procédure WSPstartup est introuvable dans la bibliotheque de liaison dynamique mswsockh.dll" De temps en temps quand je lance un programme il me met ce message mais lance tout de meme le programme. Quand je vais dans le panneau de config, ajout/suppression de programme, et que je veux ajouter ou supprimer des composant windows, cela me met exactement le meme message avec en plus ceci: la bibliothèque du programme d'installation iss.dll n'a pas pu etre chargé ou la fonction OcEntry n'a pas été trouvé, contactez votre administrateur systeme, erreur 0x7f. A mon avis pour remedier a cela il faut installer win 2000 et faire "réparer" mais j'ai peur que cela me supprime toutes mes configs et preferences actuel sur ce profil utilisateur

Alors j'ai bien fait la manip avec SDFIX, il a bien trouver GATES (missing file) il l'a bien effacé, j'ai fait un ti servicefilter et bill.exe n'apparait plus Au niveau du pc tout est niquel, il remarche comme avant, j'avais un ti probleme au niveau de ma connexion qui gelait quand je jouais mais je viens de trouver c'etais dans le gestionnaire de peripherique le modem usb etait coché en autoriser le pc a eteindre le peripherique pour economiser l'energie. La je viens de jouer 2 heures non stop tout remarche bien Encore merci et rien a dire respect pour toutes tes connaissances ca m'a permis d'en apprendre d'avantage Au plaisir

sc delete Gates : sc n'est pas reconnu comme une commande interne etc etc Rapport SDFIX SDFix: Version 1.73 Run by Valkyrie1 - mar. 20/03/2007 - 1:46:20,29 Microsoft Windows 2000 [Version 5.00.2195] Running From: C:\Documents and Settings\Valkyrie1\Bureau\Sdfix\SDFix Safe Mode: Checking Services: Name: COM+ Messages EXAMPLE Runtime Path: -e,te-110-12-0000273, \??\C:\WINNT\system32\main.sys \??\C:\WINNT\System32\drivers\runtime.sys COM+ Messages Deleted EXAMPLE Deleted Runtime Deleted Restoring Windows Registry Entries Restoring Default Hosts File Rebooting... Normal Mode: Checking Files: No Trojan Files Found... Folder C:\WINNT\system32\msdrives - Removed ADS Check: C:\WINNT\system32 No streams found. Final Check: Remaining Services: ------------------ Remaining Files: --------------- Checking For Files with Hidden Attributes : C:\Program Files\MessengerDiscovery\dscwpmsg.dll C:\Program Files\MessengerDiscovery\winsock.dll C:\Program Files\MessengerDiscovery\blockUser.exe C:\Program Files\MessengerDiscovery\deleteUser.exe C:\Program Files\MessengerDiscovery\killmd.exe C:\Program Files\MessengerDiscovery\launchDP.exe C:\Program Files\MessengerDiscovery\launchIM.exe C:\Program Files\MessengerDiscovery\prjMassDP.exe C:\Program Files\MessengerDiscovery\shell.exe C:\Program Files\Smart Projects\IsoBuster\Help\AHlp.exe C:\Program Files\Windows Media Player\mplayer2.exe C:\WINNT\inf\msinf.exe C:\WINNT\inf\msn.exe C:\WINNT\inf\nrc.exe C:\WINNT\inf\unregmp2.exe C:\WINNT\inf\wdlt.exe C:\Program Files\GlobalSCAPE\CuteFTPFR\cuteftp.sys C:\WINNT\inf\wbfirdma.sys C:\WINNT\Temp\OLD195.tmp C:\WINNT\Temp\OLD196.tmp C:\WINNT\Temp\OLD29.tmp Finished Rapport HijackThis Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 01:57:56, on 20/03/2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\SYSTEM32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\WINNT\Explorer.EXE C:\WINNT\SYSTEM32\notepad.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HiJackThis\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skyrock.com/rencontres R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - :C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [WOOWATCH] :C:\PROGRA~1\Wanadoo\watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] :C:\PROGRA~1\Wanadoo\taskbaricon.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [msn Discovery] "C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe" O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{311A388A-54EE-4FF4-992D-2B545E86374C}: NameServer = 80.10.246.1 80.10.246.132 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: Avertissement (Alerter) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Gestion d'applications (AppMgmt) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe O23 - Service: Explorateur d'ordinateur (Browser) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Gestionnaire de disque logique (dmserver) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Service de télécopie (Fax) - Unknown owner - C:\WINNT\system32\faxsvc.exe O23 - Service: Serveur (lanmanserver) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Station de travail (lanmanworkstation) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Service d'application d'assistance TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Affichage des messages (Messenger) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINNT\System32\mnmsrvc.exe O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINNT\system32\netdde.exe O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINNT\system32\netdde.exe O23 - Service: Ouverture de session réseau (Netlogon) - Unknown owner - C:\WINNT\System32\lsass.exe O23 - Service: Fournisseur de la prise en charge de sécurité LM NT (NtLmSsp) - Unknown owner - C:\WINNT\System32\lsass.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Agent de stratégie IPSEC (PolicyAgent) - Unknown owner - C:\WINNT\System32\lsass.exe O23 - Service: Emplacement protégé (ProtectedStorage) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Gestionnaire de comptes de sécurité (SamSs) - Unknown owner - C:\WINNT\system32\lsass.exe O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINNT\System32\SCardSvr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINNT\System32\SCardSvr.exe O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINNT\system32\MSTask.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Service d'exécution par délégation (seclogon) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINNT\system32\smlogsvc.exe O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINNT\system32\tlntsvr.exe O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Gestionnaire d'utilitaires (UtilMan) - Unknown owner - C:\WINNT\System32\UtilMan.exe O23 - Service: Horloge Windows (W32Time) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Infrastructure de gestion Windows (WinMgmt) - Unknown owner - C:\WINNT\System32\WBEM\WinMgmt.exe O23 - Service: Extensions du pilote WMI (Wmi) - Unknown owner - C:\WINNT\system32\Services.exe -- End of file - 7231 bytes

Petit probleme, le fichier billg.exe n'est pas present dans : c:\winnt\system32 ni sur mon pc, j'ai afficher les dossier cachés, et les extension inconnues mais ce fichier est introuvable. Pareil pour : C:\WINNT\Downloaded Program Files\startbf2.inf, ce fichier ne se trouve pas sur mon ordinateur : / Oui c'est bien moi qui ai installé spoonproxy pour que le pc du salon puisse avoir internet (depuis plus de deux ans).

Rappports de Service Filter The script did not recognize the services listed below. This does not mean that they are a problem. To copy the entire contents of this document for posting: At the top of this window click "Edit" then "Select All" Next click "Edit" again then "Copy" Now right click in the forum post box then click "Paste" ######################################## ServiceFilter 1.1 by rand1038 Microsoft Windows 2000 Professionnel Version: 5.0.2195 Service Pack 4 mars 19, 2007 23:22:34 ---> Begin Service Listing <--- Unknown Service # 1 Service Name: ADSLAutoconnect Display Name: ADSLAutoconnect Start Mode: Auto Start Name: LocalSystem Description: ADSLAutoconnect... Service Type: Own Process Path: "c:\program files\adsl autoconnect\adsl autoconnect.exe" -z State: Running Process ID: 1052 Started: Vrai Exit Code: 0 Accept Pause: Faux Accept Stop: Vrai Unknown Service # 2 Service Name: AVP Display Name: Kaspersky Anti-Virus 6.0 Start Mode: Auto Start Name: LocalSystem Description: Kaspersky Anti-Virus ... Service Type: Own Process Path: "c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp.exe" -r State: Running Process ID: 604 Started: Vrai Exit Code: 0 Accept Pause: Faux Accept Stop: Faux Unknown Service # 3 Service Name: COM+ Messages Display Name: COM+ Messages Start Mode: Disabled Start Name: LocalSystem Description: COM+ ... Service Type: Own Process Path: -e,te-110-12-0000273, State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 4 Service Name: FTRTSVC Display Name: France Telecom Routing Table Service Start Mode: Disabled Start Name: LocalSystem Description: France Telecom Routing Table ... Service Type: Own Process Path: c:\winnt\system32\ftrtsvc.exe State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 5 Service Name: Gates Display Name: Gates Hell Start Mode: Disabled Start Name: LocalSystem Description: Gates ... Service Type: Own Process Path: c:\winnt\system32\billg.exe State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 6 Service Name: NBService Display Name: NBService Start Mode: Disabled Start Name: LocalSystem Description: NBService... Service Type: Own Process Path: c:\program files\nero\nero 7\nero backitup\nbservice.exe State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 7 Service Name: sdAuxService Display Name: Spyware Doctor Auxiliary Service Start Mode: Manual Start Name: LocalSystem Description: Spyware Doctor Auxiliary ... Service Type: Own Process Path: c:\program files\spyware doctor\svcntaux.exe State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 8 Service Name: sdCoreService Display Name: Spyware Doctor Service Start Mode: Manual Start Name: LocalSystem Description: Spyware Doctor ... Service Type: Own Process Path: c:\program files\spyware doctor\swdsvc.exe State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 9 Service Name: spserv Display Name: SpoonProxy Start Mode: Disabled Start Name: LocalSystem Description: SpoonProxy... Service Type: Own Process Path: "c:\program files\spoonproxy\spserv.exe" State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 10 Service Name: StarWindService Display Name: StarWind iSCSI Service Start Mode: Disabled Start Name: LocalSystem Description: StarWind iSCSI ... Service Type: Own Process Path: c:\program files\alcohol soft\alcohol 52\starwind\starwindservice.exe State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 11 Service Name: usprserv Display Name: User Privilege Service Start Mode: Manual Start Name: LocalSystem Description: User Privilege ... Service Type: Own Process Path: c:\winnt\system32\svchost.exe -k netsvcs State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux ---> End Service Listing <--- There are 69 Win32 services on this machine. 11 were unrecognized. Script Execution Time: 3,25 seconds. Rapport Panda Incident Statut Analyse Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@247realmedia[1].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@adtech[2].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@advertising[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@atdmt[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@bluestreak[1].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@doubleclick[2].txt Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@mediaplex[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@weborama[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Valkyrie1\Cookies\valkyrie1@xiti[1].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Valkyrie1\Local Settings\Temp\Cookies\valkyrie1@advertising[1].txt Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Valkyrie1\Mes documents\Divers\Blague\SmitfraudFix.zip[smitfraudFix/Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Valkyrie1\Mes documents\Divers\SmitfraudFix\Process.exe Outil indésirable:Application/SpoonProxy No Désinfecté C:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\sproxy26.exe Dialer:Dialer.ABR No Désinfecté C:\WINNT\Downloaded Program Files\startbf2.inf Virus:Generic Trojan Désinfecté C:\WINNT\inf\cnb.inf Outil indésirable:Application/HideExec.A No Désinfecté C:\WINNT\inf\nrc.exe Virus:Generic Trojan Désinfecté C:\WINNT\inf\ptf.inf Outil indésirable:Application/Pskill.A No Désinfecté C:\WINNT\inf\wdlt.exe Outil indésirable:Application/PrcView.A No Désinfecté C:\WINNT\system32\Lavan\Libparse.exe Outil indésirable:Application/Psexec.A No Désinfecté C:\WINNT\system32\Lavan\psexec.exe Outil indésirable:Application/ToolWget No Désinfecté C:\WINNT\system32\Lavan\wget.exe Outil indésirable:Application/Processor No Désinfecté C:\WINNT\system32\Process.exe Virus:W32/Oscarbot.FS.worm Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\eraseme_38558.exe Virus Eventuel. No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update00822631.exe Virus Eventuel. No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update21677000.exe Adware:Adware/VideoAccess No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update33674268.exe Virus Eventuel. No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update42851695.exe Adware:Adware/VideoAccess No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update54091001.exe Adware:Adware/VideoAccess No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update62523833.exe Adware:Adware/VideoAccess No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update77526596.exe Virus Eventuel. No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\update80286011.exe Adware:Adware/VideoBox No Désinfecté C:\_OTMoveIt\MovedFiles\WINNT\System32\vidaccess1429.exe Rapport Ot MoveIt C:\WINNT\System32\RunOnce.t__ moved successfully. File/Folder C:\WINNT\System32\RunOnce.tm not found. C:\WINNT\System32\unsvchosts.lzma moved successfully. Created on 03/19/2007 20:12:58

Bonjour je viens de faire un test de connexion sur mon pc et tout marche nickel!!! Je n'ai plus l'ecran bleu, un grand respect et merci a toi Charles ingals franchement bravo Bonne continuation a vous les gars vous etes super

Rapport Hijackthis Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 03:31:02, on 19/03/2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\SYSTEM32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\PROGRA~1\Wanadoo\taskbaricon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\HiJackThis\HiJackThis_v2.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - :C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab O20 - Winlogon Notify: partnershipreg - C:\Documents and Settings\All Users\Documents\Settings\partnership.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll O23 - Service: Avertissement (Alerter) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Gestion d'applications (AppMgmt) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Explorateur d'ordinateur (Browser) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Gestionnaire de disque logique (dmserver) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Service de télécopie (Fax) - Unknown owner - C:\WINNT\system32\faxsvc.exe O23 - Service: Serveur (lanmanserver) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Station de travail (lanmanworkstation) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Service d'application d'assistance TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Affichage des messages (Messenger) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINNT\System32\mnmsrvc.exe O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINNT\system32\netdde.exe O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINNT\system32\netdde.exe O23 - Service: Ouverture de session réseau (Netlogon) - Unknown owner - C:\WINNT\System32\lsass.exe O23 - Service: Fournisseur de la prise en charge de sécurité LM NT (NtLmSsp) - Unknown owner - C:\WINNT\System32\lsass.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Agent de stratégie IPSEC (PolicyAgent) - Unknown owner - C:\WINNT\System32\lsass.exe O23 - Service: Emplacement protégé (ProtectedStorage) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Gestionnaire de comptes de sécurité (SamSs) - Unknown owner - C:\WINNT\system32\lsass.exe O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINNT\System32\SCardSvr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINNT\System32\SCardSvr.exe O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINNT\system32\MSTask.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Service d'exécution par délégation (seclogon) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINNT\system32\smlogsvc.exe O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINNT\system32\tlntsvr.exe O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\WINNT\system32\services.exe O23 - Service: Gestionnaire d'utilitaires (UtilMan) - Unknown owner - C:\WINNT\System32\UtilMan.exe O23 - Service: Horloge Windows (W32Time) - Unknown owner - C:\WINNT\System32\services.exe O23 - Service: Infrastructure de gestion Windows (WinMgmt) - Unknown owner - C:\WINNT\System32\WBEM\WinMgmt.exe O23 - Service: Extensions du pilote WMI (Wmi) - Unknown owner - C:\WINNT\system32\Services.exe -- End of file - 6352 bytes Rapport Avg As --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 03:24:08 19/03/2007 + Résultat de l'analyse: HKU\.DEFAULT\Software\Internet Security -> Adware.IntCodec : Aucune action entreprise. HKLM\SOFTWARE\IST -> Adware.ISTBar : Aucune action entreprise. [240] C:\Documents and Settings\All Users\Documents\Settings\partnership.dll -> Proxy.Xorpix.ar : Aucune action entreprise. Fin du rapport Rapport OTMoveIt nom du fichier: 03192007_020537 C:\WINNT\eraseme_38558.exe moved successfully. C:\WINNT\System32\kr_done1 moved successfully. C:\WINNT\System32\Jrp12.sys moved successfully. C:\WINNT\System32\RunOnce2.t__ moved successfully. C:\WINNT\System32\vidaccess1429.exe moved successfully. C:\WINNT\System32\vcodec.exe moved successfully. C:\WINNT\System32\update77526596.exe moved successfully. C:\WINNT\System32\update00822631.exe moved successfully. C:\WINNT\System32\update62523833.exe moved successfully. C:\WINNT\System32\update21677000.exe moved successfully. C:\WINNT\System32\update54091001.exe moved successfully. C:\WINNT\System32\update80286011.exe moved successfully. C:\WINNT\System32\update33674268.exe moved successfully. C:\WINNT\System32\update42851695.exe moved successfully. DllUnregisterServer procedure not found in C:\WINNT\System32\vduvw.dll C:\WINNT\System32\vduvw.dll NOT unregistered. C:\WINNT\System32\vduvw.dll moved successfully. C:\WINNT\System32\1_exception.nls moved successfully. C:\WINNT\System32\RunOnce2.tm_ moved successfully. Created on 03/19/2007 02:05:37 Rapport DiagHelp C:\WINNT\System32/drivers\sptd9149.sys -->19/03/2007 00:52:52 C:\WINNT\System32/drivers\iksysflt.sys -->25/02/2007 23:45:42 C:\WINNT\System32/drivers\kcom.sys -->23/02/2007 07:13:52 C:\WINNT\System32/drivers\iksyssec.sys -->23/02/2007 00:09:54 C:\WINNT\System32/drivers\ikfilesec.sys -->19/02/2007 18:13:38 C:\WINNT\System32/drivers\ikfileflt.sys -->19/02/2007 18:13:34 C:\WINNT\System32/drivers\AvgAsCln.sys -->05/09/2006 17:03:16 C:\WINNT\System32\tmp.txt -->19/03/2007 01:21:56 C:\WINNT\System32\tmp.reg -->19/03/2007 01:21:56 C:\WINNT\System32\Perflib_Perfdata_234.dat -->18/03/2007 20:07:44 C:\WINNT\System32\iklog.log -->18/03/2007 16:45:23 C:\WINNT\System32\spupdw2k.log -->18/03/2007 05:48:59 C:\WINNT\System32\nvapps.xml -->18/03/2007 03:07:47 C:\WINNT\System32\dfrg.msc -->17/03/2007 20:04:47 C:\WINNT\System32\mswsock.dll -->17/03/2007 18:02:20 C:\WINNT\System32\ikhcore.log -->07/02/2007 17:26:40 C:\WINNT\System32\Perflib_Perfdata_844.dat -->06/02/2007 19:12:17 C:\WINNT\System32\Perflib_Perfdata_814.dat -->06/02/2007 07:13:09 C:\WINNT\System32\RunOnce.t__ -->30/01/2007 07:10:52 C:\WINNT\System32\RunOnce.tm_ -->30/01/2007 07:10:52 C:\WINNT\System32\Perflib_Perfdata_398.dat -->22/01/2007 03:24:02 C:\WINNT\System32\unsvchosts.lzma -->03/01/2007 07:22:01 C:\WINNT\System32\Perflib_Perfdata_ec0.dat -->03/01/2007 07:17:23 C:\WINNT\System32\Perflib_Perfdata_12e4.dat -->03/01/2007 07:09:30 C:\WINNT\System32\svchost.exe -->03/01/2007 07:03:23 C:\WINNT\System32\swxcacls.exe -->01/12/2006 05:20:34 C:\WINNT\System32\Perflib_Perfdata_334.dat -->26/11/2006 16:11:53 C:\WINNT\System32\Perflib_Perfdata_348.dat -->25/11/2006 03:14:34 C:\WINNT\System32\Perflib_Perfdata_34c.dat -->14/11/2006 05:16:46 C:\WINNT\System32\NeroBurnRights.cpl -->08/11/2006 17:40:10 C:\WINNT\System32\MsgPlusLoader.dll -->30/09/2006 13:32:52 C:\WINNT\System32\FNTCACHE.DAT -->05/09/2006 11:43:44 C:\WINNT\WindowsUpdate.log -->19/03/2007 03:27:33 C:\WINNT\ntbtlog.txt -->19/03/2007 03:25:30 C:\WINNT\SchedLgU.Txt -->19/03/2007 02:10:42 C:\WINNT\ShellIconCache -->19/03/2007 02:10:38 C:\WINNT\winamp.ini -->19/03/2007 02:10:23 C:\WINNT\setupapi.log -->18/03/2007 16:55:19 C:\WINNT\SAGEM.log -->18/03/2007 16:52:19 C:\WINNT\NeroDigital.ini -->18/03/2007 06:40:03 C:\WINNT\spupdsvc.log -->18/03/2007 05:48:59 C:\WINNT\win.ini -->18/03/2007 04:16:03 C:\WINNT\system.ini -->18/03/2007 04:16:03 C:\WINNT\ACD Wallpaper.bmp -->18/03/2007 03:51:58 C:\WINNT\svcpack.log -->18/03/2007 01:39:02 C:\WINNT\msmqprop.log -->18/03/2007 01:37:37 C:\WINNT\sptsupd.log -->18/03/2007 01:37:35 C:\WINNT\alcrmv.exe |19/09/2005 16:48:07 C:\WINNT\alcupd.exe |19/09/2005 16:48:07 C:\WINNT\cmuninst.exe |11/07/2002 10:24:50 C:\WINNT\InZU31.exe |18/08/2005 02:35:34 C:\WINNT\IsUn040c.exe |02/07/2005 16:27:12 C:\WINNT\IsUninst.exe |07/07/2005 20:02:16 C:\WINNT\mixer.exe |15/10/2002 17:00:20 C:\WINNT\PATCH.EXE |07/06/2005 13:51:46 C:\WINNT\runtsckl.exe |09/06/2004 15:56:06 C:\WINNT\soundman.exe |19/09/2005 16:48:45 C:\WINNT\sxstall2.exe |28/03/2002 03:26:00 C:\WINNT\tsc.exe |15/12/2005 07:42:37 C:\WINNT\twunk_16.exe |16/12/1999 01:00:00 C:\WINNT\twunk_32.exe |16/12/1999 01:00:00 C:\WINNT\UNNeroBackItUp.exe |14/07/2006 16:29:44 C:\WINNT\UNNeroMediaHome.exe |14/07/2006 16:29:44 C:\WINNT\UNNeroShowTime.exe |14/07/2006 16:29:44 C:\WINNT\UNNeroVision.exe |14/07/2006 16:29:44 C:\WINNT\UNRecode.exe |14/07/2006 16:29:44 C:\WINNT\W2KSetup.exe |05/06/2005 14:20:34 C:\WINNT\War3Unin.exe |23/06/2006 00:05:42 C:\WINNT\_MSRSTRT.EXE |07/02/2006 06:53:42 C:\WINNT\AuHCcup1.dll |23/07/1999 10:53:20 C:\WINNT\BPMNT.dll |07/06/2005 15:16:39 C:\WINNT\hcextoutput.dll |15/12/2005 07:42:37 C:\WINNT\libeay32.dll |15/12/2005 08:04:41 C:\WINNT\loadhttp.dll |15/10/2002 13:29:40 C:\WINNT\ssleay32.dll |15/12/2005 08:04:41 C:\WINNT\TMUPDATE.DLL |07/06/2005 13:51:46 C:\WINNT\twain.dll |16/12/1999 01:00:00 C:\WINNT\twain_32.dll |16/12/1999 01:00:00 C:\WINNT\UNZIP.DLL |07/06/2005 13:51:46 C:\WINNT\vsapi32.dll |07/06/2005 15:16:39 C:\WINNT\WRUninstall.dll |15/12/2005 08:04:41 C:\WINNT\system32\append.exe |16/12/1999 01:00:00 C:\WINNT\system32\asuninst.exe |15/12/2005 06:45:58 C:\WINNT\system32\ChCfg.exe |19/09/2005 16:48:45 C:\WINNT\system32\CoreAAC-uninstall.exe |18/07/2005 04:34:12 C:\WINNT\system32\debug.exe |16/12/1999 01:00:00 C:\WINNT\system32\dfrgfat.exe |04/06/2005 03:24:48 C:\WINNT\system32\dfrgntfs.exe |04/06/2005 03:24:48 C:\WINNT\system32\DivXCodecUpdateChecker.exe |10/04/2006 19:37:10 C:\WINNT\system32\DivXsm.exe |18/04/2006 23:30:13 C:\WINNT\system32\dmadmin.exe |04/06/2005 03:24:54 C:\WINNT\system32\dmremote.exe |04/06/2005 03:24:55 C:\WINNT\system32\dosx.exe |16/12/1999 01:00:00 C:\WINNT\system32\dumphive.exe |18/03/2007 01:03:53 C:\WINNT\system32\dvdplay.exe |15/12/1999 00:30:38 C:\WINNT\system32\edlin.exe |16/12/1999 01:00:00 C:\WINNT\system32\exe2bin.exe |16/12/1999 01:00:00 C:\WINNT\system32\fastopen.exe |16/12/1999 01:00:00 C:\WINNT\system32\FTRTSVC.exe |26/09/2005 22:13:19 C:\WINNT\system32\GkSui18.EXE |02/07/2005 16:21:06 C:\WINNT\system32\keystone.exe |09/03/2006 14:29:00 C:\WINNT\system32\mem.exe |16/12/1999 01:00:00 C:\WINNT\system32\mscdexnt.exe |16/12/1999 01:00:00 C:\WINNT\system32\msswchx.exe |04/06/2005 03:33:45 C:\WINNT\system32\nlsfunc.exe |16/12/1999 01:00:00 C:\WINNT\system32\nvappbar.exe |09/03/2006 14:29:00 C:\WINNT\system32\nvcolor.exe |09/03/2006 14:29:00 C:\WINNT\system32\nvdspsch.exe |09/03/2006 14:29:00 C:\WINNT\system32\nvsvc32.exe |09/03/2006 14:29:00 C:\WINNT\system32\nvudisp.exe |04/06/2005 03:18:44 C:\WINNT\system32\NVUNINST.EXE |01/12/2005 03:31:15 C:\WINNT\system32\nw16.exe |16/12/1999 01:00:00 C:\WINNT\system32\nwiz.exe |09/03/2006 14:29:00 C:\WINNT\system32\Process.exe |15/12/2005 09:06:16 C:\WINNT\system32\PSEXESVC.EXE |20/02/2006 22:32:08 C:\WINNT\system32\pxcpya64.exe |05/06/2005 14:30:00 C:\WINNT\system32\pxcpyi64.exe |05/06/2005 14:30:00 C:\WINNT\system32\pxhpinst.exe |05/06/2005 14:30:00 C:\WINNT\system32\pxinsa64.exe |05/06/2005 14:30:00 C:\WINNT\system32\pxinsi64.exe |05/06/2005 14:30:00 C:\WINNT\system32\redir.exe |16/12/1999 01:00:00 C:\WINNT\system32\remfast1000.exe |18/03/2007 16:46:39 C:\WINNT\system32\RTLCPL.exe |19/09/2005 16:48:45 C:\WINNT\system32\setver.exe |16/12/1999 01:00:00 C:\WINNT\system32\share.exe |16/12/1999 01:00:00 C:\WINNT\system32\SpoonUninstall.exe |02/07/2005 16:23:05 C:\WINNT\system32\SrchSTS.exe |18/03/2007 01:03:53 C:\WINNT\system32\swreg.exe |18/03/2007 01:03:53 C:\WINNT\system32\swsc.exe |18/03/2007 01:03:53 C:\WINNT\system32\swxcacls.exe |18/03/2007 01:03:53 C:\WINNT\system32\vwipxspx.exe |16/12/1999 01:00:00 C:\WINNT\system32\3ivx.dll |06/06/2006 00:53:40 C:\WINNT\system32\3ivxVfWCodec.dll |06/06/2006 00:53:41 C:\WINNT\system32\a3d.dll |23/11/2001 11:08:20 C:\WINNT\system32\amshellext.dll |24/06/2005 22:45:20 C:\WINNT\system32\amstream.dll |04/02/2006 17:36:27 C:\WINNT\system32\atmfd.dll |04/06/2005 03:24:04 C:\WINNT\system32\atmlib.dll |04/06/2005 03:24:04 C:\WINNT\system32\Audio3D.dll |23/11/2001 11:08:20 C:\WINNT\system32\avisynth.dll |01/09/2004 15:49:56 C:\WINNT\system32\BASSMOD.dll |14/12/2005 19:32:30 C:\WINNT\system32\cdral.dll |26/09/2005 22:13:04 C:\WINNT\system32\cdrtc.dll |26/09/2005 22:13:04 C:\WINNT\system32\CmdLineExt.dll |08/05/2006 13:43:48 C:\WINNT\system32\cmnprop.dll |09/10/2002 08:38:24 C:\WINNT\system32\cof1000loader.dll |18/03/2007 16:46:39 C:\WINNT\system32\covvbatm.dll |18/03/2007 16:46:39 C:\WINNT\system32\covvbususb.dll |18/03/2007 16:46:39 C:\WINNT\system32\cpuinf32.dll |05/06/2005 05:34:45 C:\WINNT\system32\devil.dll |23/02/2004 14:41:30 C:\WINNT\system32\dfrgres.dll |16/12/1999 01:00:00 C:\WINNT\system32\dfrgsnap.dll |04/06/2005 03:24:48 C:\WINNT\system32\dfrgui.dll |16/12/1999 01:00:00 C:\WINNT\system32\dgrpsetu.dll |04/06/2005 02:47:24 C:\WINNT\system32\dgsetup.dll |04/06/2005 02:47:24 C:\WINNT\system32\divx.dll |06/06/2006 23:49:54 C:\WINNT\system32\DivXWMPExtType.dll |22/03/2006 01:38:42 C:\WINNT\system32\divx_xx07.dll |19/04/2006 21:09:19 C:\WINNT\system32\divx_xx0c.dll |19/04/2006 21:09:18 C:\WINNT\system32\divx_xx11.dll |19/04/2006 21:09:18 C:\WINNT\system32\dmconfig.dll |04/06/2005 03:24:55 C:\WINNT\system32\dmintf.dll |04/06/2005 03:24:55 C:\WINNT\system32\dmserver.dll |04/06/2005 03:24:55 C:\WINNT\system32\dmutil.dll |04/06/2005 03:24:55 C:\WINNT\system32\dpl100.dll |18/04/2006 23:30:26 C:\WINNT\system32\dpu10.dll |18/04/2006 23:30:26 C:\WINNT\system32\dpu11.dll |18/04/2006 23:30:26 C:\WINNT\system32\dpuGUI10.dll |18/04/2006 23:30:28 C:\WINNT\system32\dpuGUI11.dll |18/04/2006 23:30:26 C:\WINNT\system32\dpus10.dll |06/06/2006 23:52:09 C:\WINNT\system32\dpus11.dll |18/04/2006 23:30:26 C:\WINNT\system32\dpv10.dll |06/06/2006 23:52:10 C:\WINNT\system32\dpv11.dll |18/04/2006 23:30:26 C:\WINNT\system32\dtu100.dll |18/04/2006 23:30:26 C:\WINNT\system32\DVDProX2.dll |02/06/2004 01:24:40 C:\WINNT\system32\efsadu.dll |16/12/1999 01:00:00 C:\WINNT\system32\EqnClass.Dll |04/06/2005 02:47:23 C:\WINNT\system32\ff_kernelDeint.dll |09/09/2005 11:06:30 C:\WINNT\system32\ff_liba52.dll |09/09/2005 10:45:59 C:\WINNT\system32\ff_libdts.dll |09/09/2005 10:46:03 C:\WINNT\system32\ff_libfaad2.dll |09/09/2005 12:21:58 C:\WINNT\system32\ff_libmad.dll |09/09/2005 10:46:07 C:\WINNT\system32\ff_realaac.dll |09/09/2005 10:54:07 C:\WINNT\system32\ff_samplerate.dll |09/09/2005 10:46:08 C:\WINNT\system32\ff_theora.dll |09/09/2005 10:46:16 C:\WINNT\system32\ff_tremor.dll |09/09/2005 10:46:18 C:\WINNT\system32\ff_unrar.dll |09/09/2005 10:46:27 C:\WINNT\system32\ff_vfw.dll |09/09/2005 11:08:44 C:\WINNT\system32\ff_wmv9.dll |09/09/2005 10:46:59 C:\WINNT\system32\ff_x264.dll |09/09/2005 10:54:53 C:\WINNT\system32\freeimage.dll |07/06/2006 17:54:03 C:\WINNT\system32\fun_avcodec.dll |28/09/2006 10:56:01 C:\WINNT\system32\fun_mp4_dec.dll |28/09/2006 10:56:01 C:\WINNT\system32\fun_mp4_enc.dll |28/09/2006 10:56:02 C:\WINNT\system32\HHActiveX.dll |20/03/2002 21:01:58 C:\WINNT\system32\HTICONS.DLL |04/06/2005 03:26:28 C:\WINNT\system32\hypertrm.dll |04/06/2005 13:52:37 C:\WINNT\system32\Icam3com.dll |04/06/2005 03:19:39 C:\WINNT\system32\Icam3EXT.dll |04/06/2005 03:19:39 C:\WINNT\system32\iccvid.dll |16/12/1999 01:00:00 C:\WINNT\system32\IfHelper.dll |26/09/2005 22:13:19 C:\WINNT\system32\imagX7.dll |26/07/2004 16:16:10 C:\WINNT\system32\imagXpr7.dll |26/07/2004 16:16:10 C:\WINNT\system32\imagXR7.dll |26/07/2004 16:16:10 C:\WINNT\system32\imagXRA7.dll |26/07/2004 16:16:10 C:\WINNT\system32\imgcmn.dll |04/06/2005 02:53:31 C:\WINNT\system32\imgshl.dll |04/06/2005 02:53:31 C:\WINNT\system32\IN_SPC.DLL |09/12/2005 16:47:26 C:\WINNT\system32\ir32_32.dll |16/12/1999 01:00:00 C:\WINNT\system32\ir41_qc.dll |16/12/1999 01:00:00 C:\WINNT\system32\ir41_qcx.dll |16/12/1999 01:00:00 C:\WINNT\system32\ir50_32.dll |16/12/1999 01:00:00 C:\WINNT\system32\ir50_qc.dll |16/12/1999 01:00:00 C:\WINNT\system32\ir50_qcx.dll |16/12/1999 01:00:00 C:\WINNT\system32\iyuv_32.dll |27/12/2006 05:54:53 C:\WINNT\system32\jpeg1x32.dll |04/06/2005 02:53:31 C:\WINNT\system32\jpeg2x32.dll |04/06/2005 02:53:31 C:\WINNT\system32\lame_enc.dll |23/07/2005 14:16:50 C:\WINNT\system32\lfbmp11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lfbmp13n.dll |07/10/2005 14:02:38 C:\WINNT\system32\LFCMP11n.DLL |24/07/2002 19:27:18 C:\WINNT\system32\lfcmp13n.dll |07/10/2005 14:02:38 C:\WINNT\system32\lfeps11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lffax11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lfgif11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lfgif13n.dll |07/10/2005 14:02:41 C:\WINNT\system32\lfpcd11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lfpcx11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\Lfpng11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lfpng13n.dll |07/10/2005 14:02:45 C:\WINNT\system32\lfpsd11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lfpsd13n.dll |07/10/2005 14:03:06 C:\WINNT\system32\lftga11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lftif11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\lfwmf11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\libavcodec.dll |09/09/2005 12:20:28 C:\WINNT\system32\libdivx.dll |18/04/2006 23:31:12 C:\WINNT\system32\libeay32.dll |28/04/2005 05:22:34 C:\WINNT\system32\libmpeg2_ff.dll |09/09/2005 12:20:44 C:\WINNT\system32\libmplayer.dll |09/09/2005 12:18:01 C:\WINNT\system32\libmySQL.dll |16/02/2006 02:16:54 C:\WINNT\system32\libpostproc.dll |17/06/2002 08:04:53 C:\WINNT\system32\LTDIS11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\ltdis13n.dll |07/10/2005 14:02:38 C:\WINNT\system32\ltefx13n.dll |07/10/2005 14:02:38 C:\WINNT\system32\ltfil11n.DLL |24/07/2002 19:27:18 C:\WINNT\system32\ltfil13n.dll |07/10/2005 14:02:38 C:\WINNT\system32\ltimg11n.dll |24/07/2002 19:27:18 C:\WINNT\system32\ltimg13n.dll |07/10/2005 14:02:38 C:\WINNT\system32\ltkrn11n.dll |24/07/2002 19:27:20 C:\WINNT\system32\ltkrn13n.dll |07/10/2005 14:02:38 C:\WINNT\system32\Ltwvc11n.dll |24/07/2002 19:27:20 C:\WINNT\system32\mciqtz32.dll |04/02/2006 17:36:27 C:\WINNT\system32\MCISPCDLG.DLL |09/12/2005 16:47:26 C:\WINNT\system32\msdmo.dll |04/02/2006 17:36:27 C:\WINNT\system32\msencode.dll |30/08/2002 18:24:06 C:\WINNT\system32\MsgPlusLoader.dll |06/02/2007 20:31:47 C:\WINNT\system32\msswch.dll |04/06/2005 03:33:45 C:\WINNT\system32\msvcp61.dll |06/04/2004 19:32:46 C:\WINNT\system32\NCTAudioArrayProcessingEx.dll |06/06/2006 23:52:13 C:\WINNT\system32\NCTAudioCompress2.dll |06/06/2006 23:52:13 C:\WINNT\system32\NCTAudioCompressEx.dll |06/06/2006 23:52:14 C:\WINNT\system32\NCTAudioFile2.dll |06/06/2006 23:52:14 C:\WINNT\system32\NCTAudioPlayer2.dll |06/06/2006 23:52:15 C:\WINNT\system32\NCTAudioTransform2.dll |06/06/2006 23:52:05 C:\WINNT\system32\NCTAVIFile.dll |06/06/2006 23:52:05 C:\WINNT\system32\NCTImageFile.dll |06/06/2006 23:52:04 C:\WINNT\system32\NCTMPEGFile.dll |06/06/2006 23:52:04 C:\WINNT\system32\NCTQuickTimeFile.dll |06/06/2006 23:52:03 C:\WINNT\system32\NCTRMFile.dll |06/06/2006 23:52:03 C:\WINNT\system32\NCTVideoCapture.dll |06/06/2006 23:52:03 C:\WINNT\system32\NCTVideoCompress.dll |06/06/2006 23:52:02 C:\WINNT\system32\NCTVideoDxPlayer.dll |06/06/2006 23:52:02 C:\WINNT\system32\NCTVideoFile.dll |06/06/2006 23:52:02 C:\WINNT\system32\NCTVideoPlayer.dll |06/06/2006 23:52:02 C:\WINNT\system32\NCTVideoTransform.dll |06/06/2006 23:52:01 C:\WINNT\system32\NCTVideoView.dll |06/06/2006 23:52:01 C:\WINNT\system32\NCTWMVFile.dll |06/06/2006 23:52:01 C:\WINNT\system32\NeroCo.dll |16/02/2005 14:18:04 C:\WINNT\system32\nv4_disp.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvapi.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvcod.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvcodins.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvcpl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvhwvid.dll |09/03/2006 14:29:00 C:\WINNT\system32\nview.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvmccs.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvmccsrs.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvmctray.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvnt4cpl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvoglnt.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsar.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrscs.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsda.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsde.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsel.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrseng.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrses.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsesm.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsfi.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsfr.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrshe.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrshu.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsit.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsja.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsko.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsnl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsno.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrspl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrspt.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsptb.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrsru.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrssk.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrssl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrssv.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrstr.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrszhc.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvrszht.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvshell.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwddi.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwdmcpl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwimg.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsar.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrscs.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsda.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsde.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsel.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrseng.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrses.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsesm.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsfi.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsfr.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrshe.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrshu.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsit.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsja.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsko.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsnl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsno.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrspl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrspt.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsptb.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrsru.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrssk.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrssl.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrssv.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrstr.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrszhc.dll |09/03/2006 14:29:00 C:\WINNT\system32\nvwrszht.dll |09/03/2006 14:29:00 C:\WINNT\system32\oieng400.dll |04/06/2005 03:36:05 C:\WINNT\system32\oiprt400.dll |04/06/2005 02:53:31 C:\WINNT\system32\oislb400.dll |04/06/2005 02:53:32 C:\WINNT\system32\oissq400.dll |04/06/2005 02:53:32 C:\WINNT\system32\oitwa400.dll |04/06/2005 02:53:32 C:\WINNT\system32\oiui400.dll |04/06/2005 02:53:31 C:\WINNT\system32\OUT_WAVE.DLL |09/12/2005 16:47:26 C:\WINNT\system32\PCDLIB32.DLL |24/07/2002 19:27:20 C:\WINNT\system32\pdbrowse.dll |26/09/2005 22:13:01 C:\WINNT\system32\pncrt.dll |07/08/2005 15:49:45 C:\WINNT\system32\pndx5016.dll |07/08/2005 15:49:46 C:\WINNT\system32\pndx5032.dll |07/08/2005 15:49:46 C:\WINNT\system32\Prop713x.dll |14/07/2005 11:43:06 C:\WINNT\system32\PSIKey.dll |06/06/2006 23:52:11 C:\WINNT\system32\psisdecd.dll |04/02/2006 17:36:28 C:\WINNT\system32\px.dll |05/06/2005 14:29:59 C:\WINNT\system32\pxdrv.dll |05/06/2005 14:30:00 C:\WINNT\system32\pxmas.dll |05/06/2005 14:29:59 C:\WINNT\system32\pxsfs.dll |07/07/2005 18:01:39 C:\WINNT\system32\pxwave.dll |05/06/2005 14:29:59 C:\WINNT\system32\pxwma.dll |05/06/2005 14:30:00 C:\WINNT\system32\qcut.dll |16/12/1999 01:00:00 C:\WINNT\system32\qedwipes.dll |04/02/2006 17:36:27 C:\WINNT\system32\qt-dx331.dll |18/04/2006 23:30:56 C:\WINNT\system32\qt-mt331.dll |06/06/2006 23:52:10 C:\WINNT\system32\RioMSCPS.dll |26/08/2004 18:44:48 C:\WINNT\system32\RIOWMSP.DLL |07/07/2005 20:07:18 C:\WINNT\system32\rmoc3260.dll |07/08/2005 15:49:46 C:\WINNT\system32\RtlCPAPI.dll |19/09/2005 16:48:45 C:\WINNT\system32\Scale_en.dll |04/06/2005 03:19:39 C:\WINNT\system32\SierraNW.dll |16/02/2006 01:19:19 C:\WINNT\system32\SNWValid.dll |16/02/2006 01:19:19 C:\WINNT\system32\SPC700EMU.DLL |09/12/2005 16:47:26 C:\WINNT\system32\spxcoins.dll |04/06/2005 02:47:24 C:\WINNT\system32\ssldivx.dll |18/04/2006 23:31:12 C:\WINNT\system32\ssleay32.dll |28/04/2005 05:22:34 C:\WINNT\system32\SSubTmr6.dll |07/06/2006 17:54:03 C:\WINNT\system32\tifflt.dll |04/06/2005 02:53:32 C:\WINNT\system32\TomsMoComp_ff.dll |09/09/2005 10:54:01 C:\WINNT\system32\TrackerNET.dll |16/02/2006 02:16:54 C:\WINNT\system32\tsbyuv.dll |27/12/2006 05:54:54 C:\WINNT\system32\tsd32.dll |16/12/1999 01:00:00 C:\WINNT\system32\TwnLib4.dll |09/07/2004 08:43:56 C:\WINNT\system32\unacev2.dll |08/04/2006 19:10:45 C:\WINNT\system32\unrar.dll |06/06/2006 00:53:44 C:\WINNT\system32\unrar3.dll |08/04/2006 19:10:45 C:\WINNT\system32\VBMP3.dll |02/07/2005 16:21:06 C:\WINNT\system32\vbwFunctionsVB6.dll |19/10/2003 14:51:16 C:\WINNT\system32\vbXML.dll |15/05/2004 20:28:26 C:\WINNT\system32\vbXMLRPC.dll |15/05/2004 20:29:00 C:\WINNT\system32\vct3216.dll |26/09/2005 22:13:06 C:\WINNT\system32\vxblock.dll |05/06/2005 14:30:00 C:\WINNT\system32\W32N50.dll |26/09/2005 21:22:32 C:\WINNT\system32\wbhelp2.dll |16/02/2006 18:33:44 C:\WINNT\system32\wbsys.dll |07/06/2006 23:19:35 C:\WINNT\system32\win87em.dll |16/12/1999 01:00:00 C:\WINNT\system32\wmpcd.dll |26/09/2005 22:13:01 C:\WINNT\system32\wmpcore.dll |17/09/2003 17:13:54 C:\WINNT\system32\wmplenc.dll |26/09/2005 22:13:00 C:\WINNT\system32\wmpui.dll |26/09/2005 22:13:01 C:\WINNT\system32\WNASPI32.DLL |06/06/2006 23:51:58 C:\WINNT\system32\WooDial2000.dll |04/06/2005 02:05:08 C:\WINNT\system32\x264vfw.dll |17/09/2005 03:16:26 C:\WINNT\system32\xcomm.dll |02/10/2003 11:15:34 C:\WINNT\system32\xcommsvr.dll |01/10/2001 14:08:08 C:\WINNT\system32\xgate.dll |29/08/2001 06:37:12 C:\WINNT\system32\xiffr3_0.dll |04/06/2005 02:53:32 C:\WINNT\system32\xvid.dll |16/02/2003 21:55:13 C:\WINNT\system32\xvidcore.dll |06/06/2006 00:53:40 C:\WINNT\system32\xvidvfw.dll |06/06/2006 00:53:39 C:\WINNT\system32\zlibwapi.dll |06/06/2006 22:41:46 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\WINNT\system 17/07/2002 15:22 4 672 WOWPOST.EXE 1 fichier(s) 4 672 octets 0 Rép(s) 4 258 291 712 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\WINNT\system32 19/06/2003 20:05 5 392 CSRSS.EXE 1 fichier(s) 5 392 octets 0 Rép(s) 4 258 291 712 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\WINNT\Downloaded Program Files 17/03/2007 16:51 <DIR> . 17/03/2007 16:51 <DIR> .. 06/12/2005 17:38 65 desktop.ini 14/10/1997 17:52 697 DirectAnimation Java Classes.osd 02/03/2006 14:40 1 271 erma.inf 28/12/2004 16:14 652 736 fscax.dll 25/08/2003 17:12 1 096 iuctl.inf 20/01/2000 14:25 1 162 Microsoft XML Parser for Java.osd 18/11/1999 12:49 992 msaudio.inf 15/10/2004 06:59 110 592 PURfr-xx.dll 21/08/2006 21:46 148 startbf2.inf 09/11/2006 14:36 5 019 swflash.inf 02/03/2001 12:43 2 132 wmv8ax.inf 01/05/2000 18:06 1 988 wmvax.inf 12 fichier(s) 777 898 octets Total des fichiers listés : 12 fichier(s) 777 898 octets 2 Rép(s) 4 258 291 712 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\Program Files 19/03/2007 01:01 <DIR> . 19/03/2007 01:01 <DIR> .. 21/09/2005 20:45 <DIR> 7-Zip 14/03/2006 16:46 <DIR> ABC 18/07/2005 04:34 <DIR> AC3Filter 12/10/2005 19:20 <DIR> ACD Systems 26/09/2005 22:13 <DIR> Adaptec 26/10/2005 05:19 <DIR> Adobe 29/12/2006 21:00 <DIR> ADS Tech 27/06/2006 11:30 <DIR> ADSL Autoconnect 07/08/2005 15:00 <DIR> afreeCodecVT 28/04/2006 19:44 <DIR> Ahead 22/12/2006 06:59 <DIR> Alcohol Soft 11/06/2006 12:36 <DIR> AviSynth 2.5 30/11/2005 21:16 <DIR> Azureus 01/12/2005 02:07 <DIR> CCleaner 07/05/2006 12:22 <DIR> CDBurnerXP Pro 3 05/06/2005 14:20 <DIR> C-Media 14/05/2006 22:09 <DIR> Codemasters 27/06/2005 13:17 <DIR> Common Files 04/06/2005 01:54 <DIR> ComPlus Applications 03/06/2006 19:24 <DIR> DAP 12/12/2005 17:35 <DIR> directx 14/07/2005 05:45 <DIR> Divers X 27/04/2006 19:22 <DIR> DivX 27/04/2006 21:08 <DIR> DivXCodec 25/01/2006 18:15 <DIR> Eltima Software 14/03/2007 04:53 <DIR> eMule 18/03/2007 02:39 <DIR> Fichiers communs 07/02/2006 06:54 <DIR> GetRight 01/02/2006 17:19 <DIR> GlobalSCAPE 07/06/2006 17:56 <DIR> Glyph 07/07/2005 14:53 <DIR> GoldWave 25/11/2006 03:13 <DIR> Google 18/03/2007 19:37 <DIR> Grisoft 19/03/2007 03:31 <DIR> HiJackThis 26/10/2005 03:32 <DIR> IDM Computer Solutions 16/01/2006 07:00 <DIR> IGN 02/07/2005 16:22 <DIR> Illustrate 15/12/2005 06:24 <DIR> InterMute 04/02/2006 17:35 <DIR> Internet Explorer 09/07/2005 00:15 <DIR> Jasc Software Inc 01/02/2007 16:49 <DIR> Kazaa 22/12/2005 01:12 <DIR> Kazaa Lite Resurrection 06/06/2006 00:53 <DIR> K-Lite Codec Pack 03/06/2006 00:38 <DIR> KXploit Tool 12/04/2006 23:04 <DIR> LastChaos 26/04/2006 19:47 <DIR> Lavalys 04/06/2005 13:25 <DIR> Lavasoft 25/11/2005 18:15 <DIR> Macromedia 06/06/2006 00:41 <DIR> Magicbit 06/06/2006 00:34 <DIR> Matroska Pack 17/09/2005 03:55 <DIR> Media Player Classic 02/11/2005 15:54 <DIR> Messenger 17/03/2007 16:45 <DIR> MessengerDiscovery 30/09/2006 13:32 <DIR> MessengerPlus! 3 04/06/2005 01:56 <DIR> microsoft frontpage 09/12/2005 00:58 <DIR> Microsoft Picture It! 7 15/11/2005 06:28 <DIR> mIRC 31/01/2007 06:36 <DIR> Mozilla Firefox 01/09/2006 20:52 <DIR> MSN Messenger 11/07/2005 13:52 <DIR> Musicmatch 01/01/2007 07:15 <DIR> Nero 06/12/2005 17:56 <DIR> NetMeeting 18/03/2007 01:20 <DIR> Outlook Express 16/01/2007 21:45 <DIR> PeDevice 26/10/2005 04:38 <DIR> Photoshop CS 01/07/2005 22:43 <DIR> Plus! 11/06/2006 12:36 <DIR> pspvideo9 21/07/2006 22:36 <DIR> QuickTime 06/06/2006 23:16 <DIR> RaPiZ PSP Software 14/11/2005 07:14 <DIR> Raxco 07/08/2005 15:49 <DIR> Real Alternative 19/09/2005 16:48 <DIR> Realtek AC97 18/03/2007 01:02 <DIR> RegCleaner 07/07/2005 21:19 <DIR> Rio 07/07/2005 18:32 <DIR> RioPort 28/09/2006 10:49 <DIR> Samsung 04/06/2005 11:02 <DIR> Smart Projects 27/06/2005 22:36 <DIR> SpoonProxy 18/03/2007 06:09 <DIR> Spyware Doctor 27/02/2006 06:32 <DIR> Steam 09/12/2005 16:47 <DIR> Super Jukebox 01/02/2006 05:52 <DIR> SWiSHmax 06/10/2006 12:50 <DIR> Teamspeak2_RC2 23/03/2006 05:11 <DIR> TimeAdjuster 08/04/2006 13:29 <DIR> Traction Software 08/04/2006 19:10 <DIR> TUGZip 21/08/2005 01:02 <DIR> UTCacheCleaner3 14/07/2005 21:17 <DIR> Ventrilo 15/02/2007 06:15 <DIR> VideoLAN 18/03/2007 21:33 <DIR> Wanadoo 21/12/2006 04:04 <DIR> Warcraft III 17/05/2006 02:15 <DIR> WC3Banlist 17/05/2006 02:15 <DIR> Webroot 04/06/2005 10:17 <DIR> WinAce 06/03/2007 12:45 <DIR> Winamp 06/12/2005 18:00 <DIR> Windows Media Player 04/06/2005 03:40 <DIR> Windows NT 07/02/2006 13:42 <DIR> WinRAR 07/03/2007 16:45 <DIR> World of Warcraft 16/01/2007 21:40 <DIR> WowCartographe 17/09/2005 03:16 <DIR> x264 27/04/2006 21:08 <DIR> XviD 0 fichier(s) 0 octets 104 Rép(s) 4 258 078 720 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\Program Files\fichiers communs 18/03/2007 02:39 <DIR> . 18/03/2007 02:39 <DIR> .. 12/10/2005 19:20 <DIR> ACD Systems 26/10/2005 05:19 <DIR> Adobe 01/01/2007 07:21 <DIR> Ahead 21/08/2006 13:10 <DIR> Blizzard Entertainment 29/06/2005 20:41 <DIR> InstallShield 25/11/2005 18:12 <DIR> Macromedia 09/12/2005 00:58 <DIR> Microsoft Shared 04/06/2005 02:47 <DIR> ODBC 18/03/2007 02:39 <DIR> PC Tools 06/12/2005 17:33 <DIR> Services 10/06/2005 20:39 <DIR> Softwin 06/12/2005 17:55 <DIR> System 21/06/2005 10:56 <DIR> Vbox 22/12/2006 06:58 <DIR> Wise Installation Wizard 18/03/2007 06:33 <DIR> {E44493FA-0682-1036-0325-030515200021} 0 fichier(s) 0 octets 17 Rép(s) 4 258 136 064 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 04/06/2005 03:39 <DIR> . 04/06/2005 03:39 <DIR> .. 03/11/1999 23:38 561 210 MSONSEXT.DLL 03/06/1999 18:09 122 937 MSOWS409.DLL 13/08/1999 09:09 127 032 MSOWS40c.DLL 3 fichier(s) 811 179 octets 2 Rép(s) 4 258 136 064 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\Program Files\common files 27/06/2005 13:17 <DIR> . 27/06/2005 13:17 <DIR> .. 27/06/2005 22:36 <DIR> ikmz 04/06/2005 13:54 <DIR> System 0 fichier(s) 0 octets 4 Rép(s) 4 258 136 064 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est E444-93FA Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 4 258 136 064 octets libres c:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\patch_pers_5.0.372_375_to_5.0.376.exe c:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\patch_pers_5.0.372_to_5.0.375.exe c:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\patch_pers_5.0.383_384_to_5.0.385.exe c:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\patch_pers_5.0.388_390_to_5.0.391.exe c:\Documents and Settings\All Users\Documents\beyoncee.exe c:\Documents and Settings\All Users\Documents\moonshine.exe c:\Documents and Settings\Valkyrie1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\Valkyrie1\Application Data\Microsoft\Installer\{434C733C-27FA-423E-8CDC-F72B55631BA5}\RiotaxiIconA.exe c:\Documents and Settings\Valkyrie1\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe c:\Documents and Settings\Valkyrie1\Application Data\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe c:\Documents and Settings\Valkyrie1\Application Data\Microsoft\Installer\{A44721BB-80BE-45A0-8679-F71E94400CAC}\IconA44721BB.exe c:\Documents and Settings\Valkyrie1\Application Data\Microsoft\Installer\{A44721BB-80BE-45A0-8679-F71E94400CAC}\IconA44721BB1.exe c:\Documents and Settings\Valkyrie1\Bureau\ATF-Cleaner.exe c:\Documents and Settings\Valkyrie1\Bureau\kav6.0.2.614.fr.21257.exe c:\Documents and Settings\Valkyrie1\Bureau\OTMoveIt.exe c:\Documents and Settings\Valkyrie1\Bureau\converter cps2\romcnv_cps2.exe c:\Documents and Settings\Valkyrie1\Bureau\converter neo\romcnv_mvs.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Valkyrie1\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Valkyrie1\Bureau\ePSXe\ePSXe.exe c:\Documents and Settings\Valkyrie1\Bureau\ePSXe\ePSXeCutor.exe c:\Documents and Settings\Valkyrie1\Bureau\ePSXe\GZIP.EXE c:\Documents and Settings\Valkyrie1\Bureau\ePSXe\SaveStateTool.exe c:\Documents and Settings\Valkyrie1\Bureau\ePSXe\UNWISE.EXE c:\Documents and Settings\Valkyrie1\Bureau\ePSXe\memcards\SaveStateTool.exe c:\Documents and Settings\Valkyrie1\Bureau\Pop\Popstation Improved 0.2.exe c:\Documents and Settings\Valkyrie1\Bureau\Pop\Fichiers\Iso.exe c:\Documents and Settings\Valkyrie1\Bureau\Pop\Fichiers\Popstation\PSX2PSP.exe c:\Documents and Settings\Valkyrie1\Bureau\Pop\Fichiers\Popstation\Files\popstation.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\swxcacls.exe c:\Documents and Settings\Valkyrie1\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\Valkyrie1\Mes documents\Backup MSN\MSNBackup.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\BleuMountain Ripper.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\MODPLUG.EXE c:\Documents and Settings\Valkyrie1\Mes documents\Divers\UMODExtractor.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\W3XNameSpooferPro11800.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\Blague\procexp.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\Blague\strun.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\codecdivx\CodecPack30.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\codecdivx\DivXPro505GAINBundle.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\codecdivx\klcodec205f.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\codecdivx\XviD_Install.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\codecdivx\XviD-04102002-1.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\codecdivx\XviD-12032002-1.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\SmitfraudFix\Process.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\SmitfraudFix\Reboot.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\SmitfraudFix\reg.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\Virtual Dub\auxsetup.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\Virtual Dub\vdub.exe c:\Documents and Settings\Valkyrie1\Mes documents\Divers\Virtual Dub\VirtualDub.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\mame32k.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\noclose.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\upx.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\Kawaks\Winkawaks.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\mame 32k 0.90\MAME32k 0.90.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\Megadrive\gens.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\Nouveau dossier\WinKawaks.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\Snes\Snes9K.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\Snes\zsnesw.exe c:\Documents and Settings\Valkyrie1\Mes documents\Emulateur\Snes 9x\Snes9K.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files10125a_RioSupport_All.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\Azureus_2.3.0.6_Win32.setup_2.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\Cosmos.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\cupidooo.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\eMule0.46b_Installer.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\ftpexpert2.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\gwave426.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\HappyDays.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\INSTALL_MSN_MESSENGER_NT.EXE c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\Install003.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\kazaa_lite_210_kpp_edition_.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\nocd-TFT-1.14b.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\sproxy26.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\TFT_1.20d_No-CD_Setup.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\tigeraqua.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\ventrilo-2.2.0-Windows-i386.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\Macromedia Flash Professional 8 Francais avec serial by The Pirate\Flash8-fr.exe c:\Documents and Settings\Valkyrie1\Mes documents\My Received Files\Macromedia Flash Professional 8 Francais avec serial by The Pirate\Studio 8 Keygen.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll c:\Documents and Settings\Valkyrie1\Local Settings\Application Data\Macromedia\Flash 8\fr\Configuration\External Libraries\FLfile.dll