belllangelo

Bonsoir, Je suis actuellement infecté par un virus. Ce virus se caractérise par l'apparition d'un fichier "autorun.inf" sur les clés insérées sur ma machine. Une lecture de ce fichier sous linux m'indiquer que l'autorun concerne un programme nommé Bo3afash.exe. Mes antivirus locaux (symantec, ad-aware) ne trouvent rien. Après maintes recherches, j'ai trouvé un antivirus capable de supprimer l'autorun: le programme "rav", malheureusement dés que l'autorun est supprimé de la clé, il réapparait immédiatement, faisant boucler rav qui détecte, supprime, puis redétecte le virus et ainsi de suite. Je suis allé sur un forum d'aide et l'on m'a conseillé d'utiliser UsbFix. Après avoir collé le rapport de la première recherche (option 1 de UsbFix), on m'a conseillé d'utiliser l'option 2. Voici le rapport obtenu avec l'option 2. Je vous remercie pour l'aide que vous voudrez bien m'apporter. ############################## | UsbFix V6.047 | User : Belllangelo (Administrateurs) # INFO20 Update on 02/11/2009 by Chiquitine29, C_XX & Chimay8 Start at: 12:44:11 | 04/11/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : [email protected] Intel® Pentium® Dual CPU E2180 @ 2.00GHz Microsoft® Windows Vista™ Entreprise (6.0.6001 32-bit) # Service Pack 1 Internet Explorer 8.0.6001.18828 Windows Firewall Status : Enabled AV : Symantec AntiVirus 10.2.0.276 [ (!) Disabled | Updated ] A:\ -> Lecteur de disquettes 3 ½ pouces C:\ -> Disque fixe local # 43,95 Go (1,49 Go free) # NTFS D:\ -> Disque fixe local # 292,97 Go (250,16 Go free) # NTFS E:\ -> Disque CD-ROM F:\ -> Disque amovible # 7,5 Go (3,68 Go free) [KINGSTON] # FAT32 G:\ -> Disque fixe local # 465,65 Go (406 Go free) [CORSICA] # FAT32 H:\ -> Disque amovible I:\ -> Disque fixe local # 7,43 Go (1,67 Go free) [LaCie] # FAT32 ############################## | Processus actifs | C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\LogonUI.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe C:\Windows\System32\svchost.exe D:\Programme\CDBurnerXP\NMSAccessU.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe D:\Programme\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\runonce.exe C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ################## | Fichiers # Dossiers infectieux | F:\autorun.inf -> fichier appelé : "F:\sys/Bo3afash.exe" ( Présent ! ) Non supprimé ! F:\sys/Bo3afash.exe F:\autorun.inf -> fichier appelé : "F:\sys/Bo3afash.exe" ( Présent ! ) Non supprimé ! F:\sys/Bo3afash.exe Supprimé ! F:\autorun.inf ################## | Registre # Clés Run infectieuses | Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr" Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind" Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions" Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions" Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun" ################## | Registre # Mountpoints2 | Supprimé ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command Supprimé ! HKCU\...\Explorer\MountPoints2\{0ad85bcf-b312-11de-b75e-001d7d013a23}\Shell\AutoRun\Command Supprimé ! HKCU\...\Explorer\MountPoints2\{b44b2fe9-b95e-11de-b9f6-001d7d013a23}\Shell\AutoRun\Command ################## | Listing des fichiers présent | [13/10/2008 17:52|--a------|712] C:\.emacs [24/10/2008 13:49|--ahs----|768] C:\5lxfd2m0.sys [18/09/2006 22:43|--a------|24] C:\autoexec.bat [19/01/2008 08:45|-rahs----|333203] C:\bootmgr [10/10/2008 18:33|-ra-s----|8192] C:\BOOTSECT.BAK [18/09/2006 22:43|--a------|10] C:\config.sys [?|?|?] C:\hiberfil.sys [29/10/2008 16:20|-rahs----|0] C:\IO.SYS [29/10/2008 16:20|-rahs----|0] C:\MSDOS.SYS [?|?|?] C:\pagefile.sys [13/11/2008 14:12|--a------|173] C:\pdisdk.log [13/11/2008 14:13|--a------|184] C:\pivot.log [04/11/2009 12:47|--a------|4443] C:\UsbFix.txt [04/11/2009 12:35|--a------|5004] C:\UsbFix1.txt [08/10/2009 15:41|--a------|24417305] D:\NF104-Cours1.zip [10/07/2009 10:00|--a------|29264] D:\signature.jpg [02/11/2009 18:15|--a------|889373] D:\sql.zip [08/10/2009 11:48|--ah-----|4096] F:\._.Trashes [08/10/2009 12:00|--ah-----|6148] F:\.DS_Store [08/10/2009 00:38|--a------|12355472] F:\Cours1_BW.pdf [07/10/2009 18:31|--a------|12459536] F:\Cours1.pdf [07/10/2009 16:57|--a------|24576] F:\PROGRAMME_UENF104.doc [08/10/2009 12:00|--ah-----|82] F:\._PROGRAMME_UENF104.doc [21/03/2009 13:20|--a------|11629568] F:\BG110SURRENALES09final.ppt [11/05/2009 12:36|--a------|322048] F:\seq emibio.xls [25/09/2009 17:19|--a------|1400832] G:\WD.fla [25/09/2009 17:48|--a------|3386] G:\WD.swf [07/02/2007 11:51|--a------|672] G:\page13.htm [06/03/2007 11:04|--a------|706833662] G:\test.cif [05/04/2007 16:06|--a------|27648] G:\Programme_detaille_Formation1.doc [20/06/2007 15:58|--a------|1084597] G:\IMG_0001.jpg [30/10/2007 16:44|--ahs----|5120] G:\Thumbs.db [11/10/2007 16:26|--a------|44316252] G:\BF104_COURS_3.zip [10/12/2007 15:32|--a------|466] G:\Brother MFC-7820N USB.lnk [04/04/2008 11:09|--a------|781525] G:\spdbv.zip [30/08/2005 14:07|--a------|98841699] G:\Adobe Acrobat Writer 5 (Full).exe [21/04/2008 15:16|--a------|14264] G:\cricri.jpg [21/11/2008 13:27|--a------|1367979] G:\[These2008]deaneau_final.pdf [24/11/2008 03:26|--a------|400885760] G:\Mafiosa,le.clan.-Episode.1.DvbRip.la-zz.fr.[emule-island.com].avi [25/11/2008 01:10|--a------|409513984] G:\Mafiosa,le.clan.-Episode.2.DvbRip.la-zz.fr.[emule-island.com].avi [25/11/2008 03:59|--a------|418414592] G:\Mafiosa,le.clan.-Episode.3.DvbRip.la-zz.fr.[emule-island.com].avi [25/11/2008 03:27|--a------|419817472] G:\Mafiosa,le.clan.-Episode.4.DvbRip.la-zz.fr.[emule-island.com].avi [03/03/2009 14:06|--a------|29696] G:\Demande de BR.doc [06/04/2009 11:39|--a------|6703982] I:\Setup_FreeConverter.exe [01/04/2008 14:14|--ah-----|4096] I:\._.Trashes [01/08/2009 11:43|--a------|30780] I:\Serial systran.doc [20/07/2009 16:05|--a------|889362] I:\fondrb1.jpg [14/07/2009 13:59|--a------|25600] I:\PIZZA.doc [20/07/2009 15:53|--a------|1062912] I:\couleurs.doc [28/07/2009 17:24|--a------|12349] I:\La pizza … la scarole de Momon CocoB.docx [07/09/2009 17:15|--a------|1605632] I:\porte-RT.fla [15/10/2009 18:39|--ah-----|12292] I:\.DS_Store [12/09/2009 10:05|--a------|151845] I:\porte-RT.swf [17/10/2008 10:01|--a------|2351120] I:\mbam-setup.exe [20/07/2009 16:25|--a------|30720] I:\font.doc [20/07/2009 16:08|--a------|554753] I:\Peinture_melange.pdf [27/10/2009 23:43|--a------|13062630] I:\bigloo3.2b-2.tar.gz [03/11/2009 10:13|--a------|293] I:\copie-virus.txt [03/11/2009 10:16|--a------|12] I:\virus ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix. # D:\autorun.inf -> Dossier créé par UsbFix. # F:\autorun.inf -> Dossier créé par UsbFix. # G:\autorun.inf -> Dossier créé par UsbFix. # I:\autorun.inf -> Dossier créé par UsbFix. ################## | Suspect | http://www.virustotal.com | ################## | Cracks / Keygens / Serials | ################## | Upload | Veuillez envoyer le fichier : C:\Users\Bellla~1\Desktop\UsbFix_Upload_Me_BIOINFO20.zip : http://forum-aide-contre-virus.be/usbfix/choix_fichier.php Merci pour votre contribution .

J'ai testé le DD sur plusieurs ordi, y compris des portables et le résultat est malheureusement le même. Bell

Bonjour, Ayant initié le sujet, je me permets de répondre à certaines questions posées à mon malheureux collègue : - Le DD fonctionnait très bien sur mon ordi jusqu'à lundi dernier. Il a toujours était reconnu, je n'ai jamais eu de problème d'accession aux données. J'ai un windows xp d'origine avec le pack3. Merci pour aide.

Je n'ai pas fait le branchement sur une autre machine, mais je peux tenter de faire cela ce soir. Comme l'alim clignote, je pensais que cela pouvait provenir de l'alim, pour le coup si mon disque est mort, je suis vraiment dans une situation très difficile. Dans ce cas ultime, existe t il un moyen de récupérer les données?

Quand je le branche, il n'apparait pas dans le gestionnaire de disques, j'ai juste la LED du DD qui clignote ainsi que celle de l'alim (qui est fixe avant le branchement).

Bonjour, J'ai un DD externe Lacie qui n'est plus reconnu par windows. Mon ordi tourne avec un windows XP pack3. Voici la doc de mon DD: http://www.lacie.com/download/manual/p3_usb_hd_fr.pdf Particularité: 1/ au lieu d'être fixe, la LED orange du DD clignote. 2/ La LED verte de l'alimentation (ref jta0202y) clignote également (elle devrait être fixe). Si je débranche l'alim du DD, la LED du DD s'éteint (elle ne clignote donc plus): le DD n'étant plus alimenté et la LED de l’alim redevient fixe. J'ai vraiment besoin d'aide, car j'ai beaucoup de documents importants, pour mon travail, sur ce DD. Merci beaucoup pour vos conseils.

Bonsoir, Voici le rapport demandé. A noter que le logiciel ne m'a pas demandé de redémarrer l'ordinateur et m'a fournit directement le fichier de résultats. Pour les cracks je suis le premier furieux, j'ai acheté cette bécane sur Ebay et le vendeur me l'a vendu rempli de programmes, j'ai déjà viré la plupart mais je n'arrive pas à en désinstaller certains! Merci encore pour ton aide. Le rapport: ........................... C:\WINDOWS\System32/drivers\tmcomm.sys -->24/03/2007 10:37:55 C:\WINDOWS\System32/drivers\CO_Mon.sys -->21/03/2007 22:54:12 C:\WINDOWS\System32/drivers\avg7rsxp.sys -->26/02/2007 10:17:27 C:\WINDOWS\System32/drivers\avg7core.sys -->26/02/2007 10:17:26 C:\WINDOWS\System32/drivers\avgtdi.sys -->16/02/2007 22:42:08 C:\WINDOWS\System32/drivers\avg7rsw.sys -->16/02/2007 22:42:05 C:\WINDOWS\System32/drivers\AvgAsCln.sys -->05/09/2006 18:03:16 C:\WINDOWS\System32\perfh00C.dat -->26/03/2007 19:17:03 C:\WINDOWS\System32\perfh009.dat -->26/03/2007 19:17:03 C:\WINDOWS\System32\perfc00C.dat -->26/03/2007 19:17:03 C:\WINDOWS\System32\perfc009.dat -->26/03/2007 19:17:02 C:\WINDOWS\System32\PerfStringBackup.INI -->26/03/2007 19:16:56 C:\WINDOWS\System32\rsapierr.txt -->25/03/2007 10:34:12 C:\WINDOWS\System32\wpa.dbl -->24/03/2007 12:06:21 C:\WINDOWS\System32\asfiles.txt -->21/03/2007 00:44:06 C:\WINDOWS\System32\Uninstall.ico -->21/03/2007 00:40:13 C:\WINDOWS\System32\pavas.ico -->21/03/2007 00:40:13 C:\WINDOWS\System32\Help.ico -->21/03/2007 00:40:13 C:\WINDOWS\System32\d3d9caps.dat -->21/03/2007 00:20:08 C:\WINDOWS\System32\msapp.exe -->12/03/2007 19:31:50 C:\WINDOWS\System32\mmsapp.exe -->12/03/2007 19:31:50 C:\WINDOWS\System32\BASSMOD.dll -->03/03/2007 13:07:38 C:\WINDOWS\System32\FNTCACHE.DAT -->15/11/2006 00:08:39 C:\WINDOWS\System32\asuninst.exe -->02/08/2006 12:39:06 C:\WINDOWS\System32\CmdLineExt.dll -->29/06/2006 22:16:05 C:\WINDOWS\System32\LegitCheckControl.DLL -->17/05/2006 11:23:38 C:\WINDOWS\System32\xposer.cfg -->03/04/2006 11:59:54 C:\WINDOWS\System32\asinst.cfg -->03/04/2006 11:59:16 C:\WINDOWS\System32\jupdate-1.5.0_06-b05.log -->25/03/2006 23:53:29 C:\WINDOWS\System32\fscflist.ini -->17/01/2006 16:58:37 C:\WINDOWS\System32\fscflist.ini.tmp -->17/01/2006 11:14:22 C:\WINDOWS\System32\fscagent.ini -->17/01/2006 10:05:44 C:\WINDOWS.log -->26/03/2007 19:15:21 C:\WINDOWS\ModemLog_Creatix V.9X DSP Data Fax Modem.txt -->26/03/2007 19:14:54 C:\WINDOWS\WindowsUpdate.log -->26/03/2007 19:14:39 C:\WINDOWS\wiadebug.log -->26/03/2007 19:14:30 C:\WINDOWS\wiaservc.log -->26/03/2007 19:14:24 C:\WINDOWS\bootstat.dat -->26/03/2007 19:13:56 C:\WINDOWS\SchedLgU.Txt -->26/03/2007 19:13:04 C:\WINDOWS\setupact.log -->24/03/2007 16:50:41 C:\WINDOWS\ntbtlog.txt -->24/03/2007 16:40:31 C:\WINDOWS\setupapi.log -->23/03/2007 23:51:08 C:\WINDOWS\xpsp1hfm.log -->23/03/2007 07:37:59 C:\WINDOWS\KB824146.log -->23/03/2007 07:37:59 C:\WINDOWS\WINNT32.LOG -->21/03/2007 22:42:28 C:\WINDOWS\win.ini -->21/03/2007 00:43:59 C:\WINDOWS\system.ini -->20/03/2007 00:05:47 C:\WINDOWS\ALCFDRTM.EXE |11/09/2003 17:26:23 C:\WINDOWS\bdoscandel.exe |04/03/2005 14:10:36 C:\WINDOWS\CDILLA10.EXE |12/11/2006 17:26:08 C:\WINDOWS\CDILLA16.EXE |12/11/2006 17:26:08 C:\WINDOWS\CDILLA64.EXE |12/11/2006 17:26:08 C:\WINDOWS\CMIRMDRV.EXE |12/12/2003 14:30:03 C:\WINDOWS\CmiRmRedundDir.exe |12/12/2003 14:30:02 C:\WINDOWS\CMIUninstall.exe |12/12/2003 14:30:02 C:\WINDOWS\eraser.exe |30/09/2004 23:19:55 C:\WINDOWS\InstIt.exe |23/10/2003 17:54:20 C:\WINDOWS\IsUn040c.exe |11/09/2003 15:37:25 C:\WINDOWS\IsUninst.exe |19/07/2004 21:12:14 C:\WINDOWS\mHotkey(2).exe |23/10/2003 17:54:20 C:\WINDOWS\mHotkey.exe |23/10/2003 17:54:20 C:\WINDOWS\PATCH.EXE |18/03/2007 16:17:41 C:\WINDOWS\RmvDir.exe |09/10/2003 13:42:13 C:\WINDOWS\runtsckl.exe |02/11/2005 19:07:12 C:\WINDOWS\SiSUSBrg.exe |12/12/2003 14:26:41 C:\WINDOWS\tsc.exe |18/03/2007 16:19:16 C:\WINDOWS\twunk_16.exe |11/09/2003 15:19:41 C:\WINDOWS\twunk_32.exe |11/09/2003 15:19:41 C:\WINDOWS\unin040c.exe |03/04/2005 14:24:34 C:\WINDOWS\uninst.exe |04/07/2004 17:37:31 C:\WINDOWS\UninstallFirefox.exe |29/11/2004 20:41:56 C:\WINDOWS\UNNeroVision.exe |12/04/2006 20:58:25 C:\WINDOWS\UNNMP.exe |12/04/2006 21:04:40 C:\WINDOWS\unvise32.exe |04/07/2004 19:22:16 C:\WINDOWS\zipinst.exe |09/12/2006 12:25:44 C:\WINDOWS\AUDIO3D.DLL |12/12/2003 14:30:03 C:\WINDOWS\AuHCcup1.dll |23/07/1999 11:53:20 C:\WINDOWS\BPMNT.dll |18/03/2007 16:19:16 C:\WINDOWS\CDILLA05.DLL |12/11/2006 17:26:08 C:\WINDOWS\CDILLA13.DLL |12/11/2006 17:26:08 C:\WINDOWS\CDILLA32.DLL |12/11/2006 17:26:08 C:\WINDOWS\CDILLA40.DLL |12/11/2006 17:26:08 C:\WINDOWS\CMIDS3D.DLL |12/12/2003 14:30:03 C:\WINDOWS\CMIRmDriver.dll |12/12/2003 14:30:02 C:\WINDOWS\CMIRMDRV.DLL |12/12/2003 14:30:03 C:\WINDOWS\cmuda.dll |12/12/2003 14:30:03 C:\WINDOWS\hcextoutput.dll |18/03/2007 16:19:16 C:\WINDOWS\HKNTDLL(2).dll |23/10/2003 17:54:20 C:\WINDOWS\HKNTDLL(3).dll |23/10/2003 17:54:20 C:\WINDOWS\HKNTDLL.dll |23/10/2003 17:54:20 C:\WINDOWS\loadhttp.dll |15/10/2002 15:29:40 C:\WINDOWS\patchw32.dll |14/12/2001 14:34:46 C:\WINDOWS\SIS_LIB.DLL |12/12/2003 14:26:41 C:\WINDOWS\TMUPDATE.DLL |18/03/2007 16:17:42 C:\WINDOWS\twain.dll |11/09/2003 15:19:41 C:\WINDOWS\twain_32.dll |11/09/2003 15:19:41 C:\WINDOWS\UDAPROP.DLL |12/12/2003 14:30:03 C:\WINDOWS\UNZIP.DLL |18/03/2007 16:17:41 C:\WINDOWS\vsapi32.dll |18/03/2007 16:19:16 C:\WINDOWS\system32\append.exe |11/09/2003 15:18:52 C:\WINDOWS\system32\asuninst.exe |21/03/2007 00:40:44 C:\WINDOWS\system32\ati2evxx.exe |12/12/2003 14:22:31 C:\WINDOWS\system32\Ati2mdxx.exe |12/12/2003 14:22:31 C:\WINDOWS\system32\clubbox.exe |11/01/2006 15:58:36 C:\WINDOWS\system32\ClubboxUninstall.exe |10/12/2005 00:07:56 C:\WINDOWS\system32\cmirmdrv.exe |12/12/2003 14:30:02 C:\WINDOWS\system32\debug.exe |11/09/2003 15:18:55 C:\WINDOWS\system32\DivXsm.exe |10/08/2005 00:13:59 C:\WINDOWS\system32\dosx.exe |11/09/2003 15:18:57 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34 C:\WINDOWS\system32\edlin.exe |11/09/2003 15:19:07 C:\WINDOWS\system32\exe2bin.exe |11/09/2003 15:19:07 C:\WINDOWS\system32\fastopen.exe |11/09/2003 15:19:08 C:\WINDOWS\system32\fscagent.exe |16/01/2006 19:43:52 C:\WINDOWS\system32\HPZinw12.exe |27/09/2004 19:57:05 C:\WINDOWS\system32\HPZipm12.exe |27/09/2004 19:57:05 C:\WINDOWS\system32\mem.exe |11/09/2003 15:19:18 C:\WINDOWS\system32\mscdexnt.exe |11/09/2003 15:19:21 C:\WINDOWS\system32\NeroCheck.exe |23/10/2003 17:52:01 C:\WINDOWS\system32\nlsfunc.exe |11/09/2003 15:19:27 C:\WINDOWS\system32\pxcpya64.exe |16/03/2006 23:36:06 C:\WINDOWS\system32\pxhpinst.exe |11/09/2003 17:21:20 C:\WINDOWS\system32\pxinsa64.exe |16/03/2006 23:36:06 C:\WINDOWS\system32\redir.exe |11/09/2003 15:19:34 C:\WINDOWS\system32\setver.exe |11/09/2003 15:19:36 C:\WINDOWS\system32\share.exe |11/09/2003 15:19:36 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\a3d.dll |12/12/2003 14:30:02 C:\WINDOWS\system32\amshellext.dll |06/11/2005 17:35:07 C:\WINDOWS\system32\amstream.dll |26/01/2006 23:49:21 C:\WINDOWS\system32\ati2dvag.dll |12/12/2003 14:22:31 C:\WINDOWS\system32\ati2evxx.dll |12/12/2003 14:22:31 C:\WINDOWS\system32\ati3d1ag.dll |12/12/2003 14:22:32 C:\WINDOWS\system32\ati3d2ag.dll |12/12/2003 14:22:33 C:\WINDOWS\system32\ati3duag.dll |12/12/2003 14:22:33 C:\WINDOWS\system32\ATIDDC.DLL |12/12/2003 14:22:34 C:\WINDOWS\system32\atiiiexx.dll |12/12/2003 14:22:34 C:\WINDOWS\system32\atioglxx.dll |12/12/2003 14:22:36 C:\WINDOWS\system32\atipdlxx.dll |12/12/2003 14:22:36 C:\WINDOWS\system32\atitvo32.dll |12/12/2003 14:22:36 C:\WINDOWS\system32\ativcoxx.dll |12/12/2003 14:22:36 C:\WINDOWS\system32\atmfd(2).dll |11/09/2003 15:18:52 C:\WINDOWS\system32\atmfd(3).dll |11/09/2003 15:18:52 C:\WINDOWS\system32\atmfd.dll |11/09/2003 15:18:52 C:\WINDOWS\system32\atmlib.dll |11/09/2003 15:18:52 C:\WINDOWS\system32\Audio3D.dll |12/12/2003 14:30:02 C:\WINDOWS\system32\b4alitns.dll |11/09/2003 15:19:15 C:\WINDOWS\system32\BASSMOD.dll |03/03/2007 13:05:19 C:\WINDOWS\system32\CmdLineExt.dll |29/06/2006 22:16:05 C:\WINDOWS\system32\cmirmdrv.dll |12/12/2003 14:30:02 C:\WINDOWS\system32\cmuda.dll |12/12/2003 14:30:03 C:\WINDOWS\system32\compatUI.dll |11/09/2003 15:18:54 C:\WINDOWS\system32\D2HTLS32.DLL |26/09/2004 21:07:05 C:\WINDOWS\system32\dgrpsetu.dll |11/09/2003 16:26:03 C:\WINDOWS\system32\dgsetup.dll |11/09/2003 16:26:03 C:\WINDOWS\system32\DivX.dll |28/09/2005 23:29:12 C:\WINDOWS\system32\divx_xx07.dll |28/09/2005 23:29:10 C:\WINDOWS\system32\divx_xx0c.dll |28/09/2005 23:29:10 C:\WINDOWS\system32\divx_xx11.dll |28/09/2005 23:29:10 C:\WINDOWS\system32\downengine.dll |14/12/2005 11:17:08 C:\WINDOWS\system32\dpl100.dll |27/10/2005 21:37:44 C:\WINDOWS\system32\dpu10.dll |27/10/2005 21:37:43 C:\WINDOWS\system32\dpu11.dll |27/10/2005 21:37:43 C:\WINDOWS\system32\dpuGUI10.dll |27/10/2005 21:37:47 C:\WINDOWS\system32\dpuGUI11.dll |27/10/2005 21:37:44 C:\WINDOWS\system32\dpus11.dll |27/10/2005 21:37:43 C:\WINDOWS\system32\dpv11.dll |27/10/2005 21:37:43 C:\WINDOWS\system32\dtu100.dll |27/10/2005 21:37:43 C:\WINDOWS\system32\DW90USB.DLL |02/11/2006 15:12:15 C:\WINDOWS\system32\encdec.dll |26/11/2002 16:15:52 C:\WINDOWS\system32\EqnClass.Dll |11/09/2003 16:26:03 C:\WINDOWS\system32\hpgwiamd.dll |09/03/2003 06:31:04 C:\WINDOWS\system32\hpotscl.dll |09/03/2003 06:31:04 C:\WINDOWS\system32\hpovst08.dll |09/03/2003 06:31:04 C:\WINDOWS\system32\HPZc3212.dll |09/03/2003 06:30:42 C:\WINDOWS\system32\hpzcoi07.dll |09/03/2003 06:30:52 C:\WINDOWS\system32\hpzcon07.dll |09/03/2003 06:30:50 C:\WINDOWS\system32\HPZidr12.dll |27/09/2004 19:57:05 C:\WINDOWS\system32\HPZipr12.dll |27/09/2004 19:57:05 C:\WINDOWS\system32\HPZipt12.dll |27/09/2004 19:57:06 C:\WINDOWS\system32\HPZisn12.dll |27/09/2004 19:57:06 C:\WINDOWS\system32\hpzsnt07.dll |09/03/2003 06:30:52 C:\WINDOWS\system32\hticons.dll |11/09/2003 15:30:21 C:\WINDOWS\system32\hypertrm.dll |11/09/2003 15:30:21 C:\WINDOWS\system32\iccvid.dll |11/09/2003 15:19:11 C:\WINDOWS\system32\imagr5.dll |23/10/2003 17:52:01 C:\WINDOWS\system32\imagx5.dll |23/10/2003 17:52:01 C:\WINDOWS\system32\ImagX7.dll |12/04/2006 20:57:26 C:\WINDOWS\system32\ImagXpr5.dll |23/10/2003 17:52:01 C:\WINDOWS\system32\ImagXpr7.dll |12/04/2006 20:57:26 C:\WINDOWS\system32\ImagXR7.dll |12/04/2006 20:57:26 C:\WINDOWS\system32\ImagXRA7.dll |12/04/2006 20:57:26 C:\WINDOWS\system32\Inetwh32.dll |12/12/2003 15:49:24 C:\WINDOWS\system32\ioRdyUI.dll |16/07/2002 12:56:49 C:\WINDOWS\system32\ioReady.dll |16/07/2002 12:56:50 C:\WINDOWS\system32\ir32_32.dll |11/09/2003 15:19:13 C:\WINDOWS\system32\ir41_qc.dll |14/11/2002 12:59:36 C:\WINDOWS\system32\ir41_qcx.dll |14/11/2002 12:59:36 C:\WINDOWS\system32\ir50_32.dll |14/11/2002 12:59:38 C:\WINDOWS\system32\ir50_qc.dll |14/11/2002 12:59:38 C:\WINDOWS\system32\ir50_qcx.dll |14/11/2002 12:59:40 C:\WINDOWS\system32\isrdbg32.dll |11/09/2003 15:31:33 C:\WINDOWS\system32\jgaw400.dll |11/09/2003 15:19:14 C:\WINDOWS\system32\jgdw400.dll |11/09/2003 15:19:14 C:\WINDOWS\system32\jgmd400.dll |11/09/2003 15:19:14 C:\WINDOWS\system32\jgpl400.dll |11/09/2003 15:19:14 C:\WINDOWS\system32\jgsd400.dll |11/09/2003 15:19:14 C:\WINDOWS\system32\jgsh400.dll |11/09/2003 15:19:14 C:\WINDOWS\system32\lame_enc.dll |22/07/2006 19:09:13 C:\WINDOWS\system32\LEAD51N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\LFAVI80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfawd11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\LFAWD80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfbmp11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfbmp13n.dll |10/07/2006 21:50:47 C:\WINDOWS\system32\LFBMP80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfcal11n.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFCAL80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfclp11N.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFCMP11n.DLL |07/06/2002 05:02:00 C:\WINDOWS\system32\lfcmp13n.dll |10/07/2006 21:50:47 C:\WINDOWS\system32\LFCMP80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\LFDIC80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfeps11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\LFEPS80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lffax11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lffax13n.dll |10/07/2006 21:51:06 C:\WINDOWS\system32\LFFAX80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lffpx11n.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\lffpx7.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFFPX80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfgif11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfgif13n.dll |10/07/2006 21:50:49 C:\WINDOWS\system32\LFGIF80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfica11n.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFICA80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfimg11n.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFIMG80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfkodak.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFLMA80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\LFLMB80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfmac11n.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFMAC80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfmsp11n.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\LFMSP80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfpcd11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\LFPCD80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfpct11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\LFPCT80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfpcx11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\LFPCX80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\Lfpng11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfpng13n.dll |10/07/2006 21:51:09 C:\WINDOWS\system32\LFPNG80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfpsd11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\LFPSD80N.DLL |26/09/2004 21:07:06 C:\WINDOWS\system32\lfras11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\LFRAS80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\lftga11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\LFTGA80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\lftif11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lftif13n.dll |10/07/2006 21:51:06 C:\WINDOWS\system32\LFTIF80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\lfwfx11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\LFWFX80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\lfwmf11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\LFWMF80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\lfwpg11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\LFWPG80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\libdivx.dll |28/09/2005 20:50:04 C:\WINDOWS\system32\libeay32.dll |10/08/2005 00:13:31 C:\WINDOWS\system32\ltann11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\LTANN80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\ltclr13n.dll |10/07/2006 21:51:06 C:\WINDOWS\system32\LTDIS11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\ltdis13n.dll |10/07/2006 21:50:47 C:\WINDOWS\system32\ltdlg11N.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\ltefx11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\ltefx13n.dll |10/07/2006 21:50:47 C:\WINDOWS\system32\LTEFX80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\ltfil11n.DLL |07/06/2002 05:02:00 C:\WINDOWS\system32\ltfil13n.dll |10/07/2006 21:50:47 C:\WINDOWS\system32\LTFIL80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\ltimg11n.dll |07/06/2002 05:02:02 C:\WINDOWS\system32\ltimg13n.dll |10/07/2006 21:50:47 C:\WINDOWS\system32\LTIMG80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\ltkrn11n.dll |07/06/2002 05:02:02 C:\WINDOWS\system32\ltkrn13n.dll |10/07/2006 21:50:47 C:\WINDOWS\system32\LTKRN80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\ltthk11w.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\lttwn11n.dll |26/09/2004 21:01:20 C:\WINDOWS\system32\LTTWN80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\LTWND80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\Ltwvc11n.dll |07/06/2002 05:02:02 C:\WINDOWS\system32\mciqtz32.dll |26/01/2006 23:49:21 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 19:47:06 C:\WINDOWS\system32\msdmo.dll |12/12/2002 00:14:32 C:\WINDOWS\system32\msencode.dll |11/09/2003 15:19:21 C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 21:46:58 C:\WINDOWS\system32\Msvcrt10.dll |06/02/2005 13:38:39 C:\WINDOWS\system32\NCTAudioFile2.dll |22/07/2006 19:09:13 C:\WINDOWS\system32\NPPLG80N.DLL |26/09/2004 21:07:07 C:\WINDOWS\system32\nv4_disp.dll |09/10/2003 12:02:47 C:\WINDOWS\system32\Oemdspif.dll |12/12/2003 14:22:36 C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |07/06/2002 05:02:02 C:\WINDOWS\system32\PCS7.dll |26/09/2004 21:01:21 C:\WINDOWS\system32\PdfPorts.dll |06/02/2005 13:38:34 C:\WINDOWS\system32\Pdfshell.dll |06/02/2005 13:38:16 C:\WINDOWS\system32\picn20.dll |23/10/2003 17:52:03 C:\WINDOWS\system32\pncrt.dll |12/12/2003 15:49:35 C:\WINDOWS\system32\pndx5016.dll |12/12/2003 15:49:35 C:\WINDOWS\system32\pndx5032.dll |12/12/2003 15:49:35 C:\WINDOWS\system32\psisdecd.dll |26/01/2006 23:49:25 C:\WINDOWS\system32\px.dll |11/09/2003 17:21:20 C:\WINDOWS\system32\pxdrv.dll |11/09/2003 17:21:20 C:\WINDOWS\system32\pxmas.dll |11/09/2003 17:21:20 C:\WINDOWS\system32\pxwave.dll |11/09/2003 17:21:20 C:\WINDOWS\system32\qedwipes.dll |26/01/2006 23:49:22 C:\WINDOWS\system32\qt-dx331.dll |10/08/2005 00:12:28 C:\WINDOWS\system32\ReWire.dll |01/09/2004 15:45:46 C:\WINDOWS\system32\rmoc3260.dll |12/12/2003 15:49:36 C:\WINDOWS\system32\roboex32.dll |12/12/2003 15:49:24 C:\WINDOWS\system32\sbe.dll |26/11/2002 16:15:50 C:\WINDOWS\system32\slbcsp.dll |11/09/2003 15:19:37 C:\WINDOWS\system32\slbiop.dll |11/09/2003 15:19:37 C:\WINDOWS\system32\slbrccsp.dll |11/09/2003 15:19:37 C:\WINDOWS\system32\spnike.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\spxcoins.dll |11/09/2003 16:26:03 C:\WINDOWS\system32\ssldivx.dll |28/09/2005 20:50:03 C:\WINDOWS\system32\ssleay32.dll |10/08/2005 00:13:31 C:\WINDOWS\system32\tsd32.dll |11/09/2003 15:19:41 C:\WINDOWS\system32\TwnLib20.dll |12/04/2006 20:57:25 C:\WINDOWS\system32\TwnLib4.dll |12/04/2006 20:57:27 C:\WINDOWS\system32\udaprop.dll |12/12/2003 14:30:03 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\vidx16.dll |11/09/2003 17:16:29 C:\WINDOWS\system32\VNUSB.dll |02/11/2006 15:12:15 C:\WINDOWS\system32\vxblock.dll |11/09/2003 17:21:20 C:\WINDOWS\system32\win87em.dll |11/09/2003 15:19:44 C:\WINDOWS\system32\ZPORT4AS.dll |21/03/2007 00:40:44 Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est B4A3-65C3 Répertoire de C:\WINDOWS\system32 30/08/2002 14:00 4 096 csrss.exe 1 fichier(s) 4 096 octets 0 Rép(s) 16 256 823 296 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est B4A3-65C3 Répertoire de C:\WINDOWS\Downloaded Program Files 24/03/2007 16:47 <REP> . 24/03/2007 16:47 <REP> .. 24/08/2006 09:28 141 424 asinst.dll 22/08/2006 10:06 537 asinst.inf 13/11/2006 20:48 946 296 asquared.ocx 17/05/2006 15:32 231 072 avsniff.dll 17/05/2006 15:29 878 avsniff.inf 17/05/2006 15:32 198 304 avsniffdlgs.dll 17/05/2006 15:26 537 704 AXXPEE.dll 07/12/2004 16:07 32 bdcore.dll 01/03/2005 14:08 118 784 bdupd.dll 17/05/2006 15:29 241 CabSA.inf 14/03/2007 02:00 2 504 catalog.dat 27/03/2002 14:02 168 014 cssweb.dll 24/04/2003 15:11 259 cssweb.inf 11/09/2003 15:32 65 desktop.ini 14/10/1997 18:52 697 DirectAnimation Java Classes.osd 25/07/2002 18:13 24 576 dwusplay.dll 25/07/2002 18:13 196 608 dwusplay.exe 14/03/2007 02:00 6 899 ecbootil.vxd 17/05/2006 15:26 42 112 ecmldr32.dll 14/03/2007 02:00 272 040 ecmsvr32.dll 25/06/2006 12:50 1 793 erma.inf 01/03/2005 14:08 53 248 ipsupd.dll 16/02/2005 17:15 401 408 isusweb.dll 25/08/2003 18:12 1 096 iuctl.inf 08/08/2006 12:45 576 kavwebscan.inf 16/03/2005 11:34 7 407 lang.ini 13/02/2006 19:03 367 LegitCheckControl.inf 07/12/2004 16:07 32 libfn.dll 14/03/2005 13:38 126 live.ini 20/04/2005 16:21 10 534 mainstrings.txt 30/01/2002 02:00 497 MDM.inf 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 08/10/2004 16:01 372 736 MsnPUpld.dll 17/05/2006 15:28 6 850 navapi.vxd 17/05/2006 15:28 201 896 navapi32.dll 14/03/2007 02:00 124 536 naveng32.dll 14/03/2007 02:00 902 776 navex32a.dll 11/01/2006 16:06 450 NowStarter.inf 22/08/2003 21:10 226 opuc.inf 01/03/2005 11:15 1 246 oscan8.inf 16/03/2005 11:31 475 136 oscan8.ocx 30/06/2005 10:33 244 pestscan.ini 13/09/2005 13:44 479 pestscanx.inf 13/09/2005 13:42 676 864 pestscanx.ocx 31/01/2005 15:11 685 120 ppctl.dll 08/04/2006 10:47 0 ppv5exc.dat 22/09/2004 15:59 110 592 PURen-us.dll 08/04/2006 10:47 <REP> Quarantine 14/12/2003 16:52 4 586 764 QuickTimeInstallCache.qdat 05/03/2003 18:23 524 404 RdxIE.dll 17/05/2006 15:32 161 480 rufsi.dll 14/03/2005 13:58 7 073 scanoptions.tsi 14/03/2007 02:00 97 744 scrauth.dat 22/06/2006 11:41 5 032 swflash.inf 14/03/2007 02:00 11 875 symaveng.cat 14/03/2007 02:00 1 061 symaveng.inf 14/03/2007 02:00 189 234 tcdefs.dat 14/03/2007 02:00 1 382 713 tcscan7.dat 14/03/2007 02:00 340 045 tcscan8.dat 14/03/2007 02:00 786 063 tcscan9.dat 14/03/2007 02:00 453 tinf.dat 14/03/2007 02:00 148 tinfidx.dat 14/03/2007 02:00 1 957 tinfl.dat 14/03/2007 02:00 65 183 tscan1.dat 14/03/2007 02:00 3 113 tscan1hd.dat 14/03/2007 02:00 4 778 v.grd 14/03/2007 02:00 2 261 v.sig 08/04/2006 10:50 0 vete._ll 14/03/2007 02:00 106 244 virscan.inf 14/03/2007 02:00 979 395 virscan1.dat 14/03/2007 02:00 570 306 virscan2.dat 14/03/2007 02:00 147 980 virscan3.dat 14/03/2007 02:00 320 186 virscan4.dat 14/03/2007 02:00 3 559 850 virscan5.dat 14/03/2007 02:00 390 436 virscan6.dat 14/03/2007 02:00 7 399 978 virscan7.dat 14/03/2007 02:00 1 701 653 virscan8.dat 14/03/2007 02:00 4 224 784 virscan9.dat 14/03/2007 02:00 32 virscant.dat 21/03/2007 23:47 2 072 vscanmsx.dat 25/03/2004 10:10 180 282 webscan.dll 11/03/2004 12:41 477 webscan.inf 21/05/2001 19:11 176 WMDL.inf 21/05/2001 15:18 147 456 WMDownload.dll 02/11/2005 19:01 1 777 xscan.inf 02/11/2005 19:07 435 712 xscan53.ocx 12/08/2004 11:48 558 Yahoo! MahJong Solitaire.osd 21/07/2004 16:04 534 Yahoo! Pool 2.osd 14/03/2007 02:00 224 zdone.dat 25/03/2005 17:17 244 ZylomGamesPlayer.inf 89 fichier(s) 35 268 180 octets Répertoire de C:\WINDOWS\Downloaded Program Files\Quarantine 08/04/2006 10:47 <REP> . 08/04/2006 10:47 <REP> .. 08/04/2006 10:47 32 ppqdb.dat 08/04/2006 10:47 32 ppqsdb.dat 2 fichier(s) 64 octets Total des fichiers listés : 91 fichier(s) 35 268 244 octets 5 Rép(s) 16 256 819 200 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes Able2Extract v4.0 AC3Filter (remove only) Active Disk Ad-Aware SE Personal Adobe Acrobat 4.0 Adobe Acrobat 5.0 Adobe Audition 1.0 Adobe Bridge 1.0 Adobe Common File Installer Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Flash Player 9 ActiveX Adobe Help Center 1.0 Adobe ImageStyler 1.0 Adobe Photoshop 7.0.1 Adobe Photoshop CS2 Adobe Photoshop CS2 Adobe Reader 7.0.8 - Français Adobe Shockwave Player Adobe Stock Photos 1.0 Adobe® Photoshop® Album Edition Découverte 3.0 Alice ADSL - Installation principale Archiveur WinRAR ATI - Utilitaire de désinstallation du logiciel ATI Control Panel ATI Display Driver AutoUpdate AVG Anti-Spyware 7.5 Azureus Bigloo 2.6e for Win32 (build 2) C-Dilla Licence Management System C-Media 3D Audio CA eTrust Antivirus CA Licensing CCleaner (remove only) Clubbox ÆÄÀÏÀü¼Û°ü¸®ÀÚ Command On Demand for Command Software Correctif pour le Lecteur Windows Media [Voir wm828026 pour plus d'informations] Correctif Windows XP - KB820291 Correctif Windows XP - KB821253 Correctif Windows XP - KB821557 Correctif Windows XP - KB822603 Correctif Windows XP - KB823182 Correctif Windows XP - KB823559 Correctif Windows XP - KB823980 Correctif Windows XP - KB824105 Correctif Windows XP - KB824141 Correctif Windows XP - KB824146 Correctif Windows XP - KB825119 Correctif Windows XP - KB826942 Correctif Windows XP - KB828035 Correctif Windows XP - KB828741 Correctif Windows XP - KB833987 Correctif Windows XP - KB835732 Correctif Windows XP - KB837001 Correctif Windows XP - KB839645 Correctif Windows XP - KB840315 Correctif Windows XP - KB840374 Correctif Windows XP - KB841873 Correctif Windows XP - KB842773 Correctif Windows XP - KB883357 Correctif Windows XP (SP2) Q322011 Correctif Windows XP (SP2) Q327979 Correctif Windows XP (SP2) Q328310 Correctif Windows XP (SP2) Q329170 Correctif Windows XP (SP2) Q329441 Correctif Windows XP (SP2) Q331695 Correctif Windows XP (SP2) Q331953 Correctif Windows XP (SP2) Q810565 Correctif Windows XP (SP2) Q810577 Correctif Windows XP (SP2) Q810833 Correctif Windows XP (SP2) Q811493 Correctif Windows XP (SP2) Q814033 Correctif Windows XP (SP2) Q814995 Correctif Windows XP (SP2) Q815021 Correctif Windows XP (SP2) Q817606 DawnOfWar DawnOfWar Disque de souvenirs HP DivX DivX Player Drivers Comtrend CT-600 DVD Decrypter (Remove Only) eMule eTrust Antivirus Registration Exact Audio Copy 0.95b4 Exomatiks 1.6.1 Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP FileZilla (remove only) Free Mp3 Wma Converter V 1.5.1 Freedom Force Vs The 3rd Reich FTP Expert 2 HijackThis 1.99.1 hp psc 1200 series Internet Explorer Q867801 J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 5 J2SE Runtime Environment 5.0 Update 6 Jasc Paint Shop Pro 8 Judge Dredd - Dredd vs Death Kaspersky Online Scanner Lecteur Windows Media 10 LeechFTP Les Sims Deluxe LightScribe 1.4.124.1 Macromedia Dreamweaver 8 Macromedia Dreamweaver MX Macromedia Extension Manager Macromedia Extension Manager Macromedia Flash 8 Macromedia Flash 8 Video Encoder Macromedia Flash MX 2004 Macromedia Flash Player 8 Macromedia Flash Player 8 Plugin Medal of Honor Allied Assault Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft Data Access Components KB870669 Microsoft Office 2000 Professional Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) Microsoft Works 7.0 Miniature Painting (remove only) Mozilla Firefox (1.0) MP3 Converter 3.05 Multimedia Keyboard Driver Ver1.0 (KB-0108) MySQL Server 4.1 Nero Suite Olympus Digital Wave Player OmniPage Pro 12.0 OpenOffice.org 2.0 Outlook Express Q823353 Package du correctif Windows XP [voir Q329048 pour plus de détails] Package du correctif Windows XP [voir Q329115 pour plus de détails] Package du correctif Windows XP [voir Q329390 pour plus de détails] Package du correctif Windows XP [voir Q329834 pour plus de détails] Paint Shop Pro 7 Panda ActiveScan PCStitch 7 Photo et imagerie HP 2.0 - All-in-One Photo et imagerie HP 2.0 - All-in-One Pilote Photo et imagerie HP 2.0 - hp psc 1200 series pocket PhoneTools PowerDVD QuickTime QuickTime RealOne Player Save Flash 3.0 ScanSoft OmniPage 15.0 ScanSoft RealSpeak Shockwave SimCity 2000® Collection CD SiS 900 PCI Fast Ethernet Adapter Driver Sony ACID Pro 5.0 Sothink SWF Decompiler Spelling Dictionaries For Adobe Reader Package Spybot - Search & Destroy 1.4 StarStrider 2.5 StartupRun Stitch 2000 Super Point de Croix Time Adjuster v2.9 (STANDARD) Tumblebugs Deluxe Uniblue Registry Booster Uniblue SpeedUpMyPC Utilitaire de sauvegarde Windows VD Codec Pack 1.8 Viewpoint Media Player Visionneuse Journal Windows Microsoft WebFldrs XP Winamp (remove only) Windows Installer 3.0 (KB884016) Windows Media Format Runtime Windows XP Hotfix (SP2) [see KB810243 for more information] WinZip XEmacs Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est B4A3-65C3 Répertoire de C:\Program Files 24/03/2007 16:47 <REP> . 24/03/2007 16:47 <REP> .. 23/12/2006 01:18 <REP> 4Musics MP3 to WAV Converter 10/12/2005 17:54 <REP> AC3Filter 09/01/2005 19:19 <REP> Accelrys 05/11/2006 15:28 <REP> Adobe 12/04/2006 21:04 <REP> Ahead 17/02/2007 13:15 <REP> Alice_Triway_WiFi 12/12/2003 14:31 <REP> ATI Technologies 24/02/2007 19:21 <REP> Azureus 19/01/2005 11:43 <REP> Bigloo 16/02/2007 00:40 <REP> BitComet 09/10/2003 13:42 <REP> CA 16/12/2006 12:25 <REP> CCleaner 12/12/2003 14:30 <REP> C-Media 3D Audio 14/04/2005 12:50 <REP> Common Files 11/09/2003 15:31 <REP> ComPlus Applications 12/12/2003 14:35 <REP> CyberLink 12/07/2005 23:13 <REP> cygwin 10/06/2006 01:37 <REP> DComSoft 10/12/2005 17:50 <REP> DivX 30/01/2005 18:05 <REP> DVD Decrypter 14/05/2006 16:43 <REP> EA GAMES 17/03/2007 20:52 <REP> eMule 08/11/2006 21:22 <REP> Exact Audio Copy 23/10/2003 19:06 <REP> Excid.com Aps 10/06/2006 11:32 <REP> Exomatiks 1.6 23/07/2006 10:51 <REP> FFVTTR 24/10/2006 23:34 <REP> Fichiers communs 01/06/2005 23:43 <REP> FileZilla 02/07/2006 20:41 <REP> Fluid 16/12/2006 12:25 <REP> Free Audio Pack 28/08/2004 20:01 <REP> GameSpy Arcade 19/03/2007 23:52 <REP> Google 24/03/2007 16:26 <REP> Grisoft 17/01/2005 21:30 <REP> Grisoft(2) 26/09/2004 17:37 <REP> Hewlett-Packard 08/12/2003 17:24 <REP> HighMAT CD Writing Wizard 26/09/2004 21:05 <REP> ILSOFT 17/01/2005 21:06 812 INSTALL.LOG 22/03/2007 00:56 <REP> Internet Explorer 01/11/2006 23:40 <REP> Investintech.com Inc 21/07/2004 20:04 <REP> Iomega 23/07/2006 12:17 <REP> Irrational Games 04/05/2006 20:25 <REP> Jasc Software Inc 25/03/2006 23:52 <REP> Java 14/07/2005 17:42 <REP> justDo Software 05/02/2005 12:47 <REP> Kaspersky Lab 19/03/2007 22:31 <REP> Lavasoft 27/10/2004 00:08 <REP> LeechFTP 17/05/2006 19:43 <REP> Macromedia 15/02/2007 23:19 <REP> Maxis 07/07/2005 08:00 <REP> Messenger 26/09/2004 21:06 <REP> Micro Application 04/07/2004 13:09 <REP> microsoft frontpage 04/07/2004 13:09 <REP> Microsoft Office 14/04/2005 12:50 <REP> Microsoft Référence 16/12/2006 12:47 <REP> Microsoft SQL Server 07/07/2005 08:00 <REP> Microsoft Works 26/03/2006 17:00 <REP> Miniature Painting 07/07/2005 08:00 <REP> Movie Maker 29/11/2004 20:44 <REP> Mozilla Firefox 24/03/2007 16:45 <REP> MP3 Converter 23/07/2006 10:33 <REP> MPDemo 11/09/2003 15:30 <REP> MSN 11/09/2003 15:30 <REP> MSN Gaming Zone 26/02/2007 20:29 <REP> MultiProxy 27/06/2005 18:02 <REP> MySQL 17/01/2005 21:31 <REP> NetMeeting 12/12/2003 15:49 <REP> Nullsoft 17/05/2005 10:34 <REP> Oberon Media 12/12/2003 17:53 <REP> OfficeUpdate11 02/11/2006 15:12 <REP> Olympus 29/10/2006 18:24 <REP> OpenOffice.org 2.0 17/01/2005 21:31 <REP> Outlook Express 12/04/2006 20:31 <REP> PDG 3 11/03/2006 01:42 <REP> QuickTime 17/01/2005 21:12 <REP> Radio Fr Solo 12/12/2003 15:49 <REP> Real 28/08/2006 18:31 <REP> Save Flash 07/11/2006 00:10 <REP> ScanSoft 11/09/2003 15:31 <REP> Services en ligne 12/12/2003 15:48 <REP> SiSLan 16/12/2006 12:37 <REP> Sony 16/12/2006 12:36 <REP> Sony Setup 05/01/2006 23:49 <REP> SourceTec 18/03/2007 01:36 <REP> Spybot - Search & Destroy 27/01/2006 00:30 <REP> StarStrider 2 16/12/2006 12:25 <REP> StartupRun 23/07/2006 12:21 <REP> THQ 11/12/2005 02:41 <REP> TimeAdjuster 15/11/2004 21:48 <REP> Tiscali ADSL 23/03/2007 23:32 <REP> Uniblue 12/07/2005 23:12 <REP> var 10/12/2005 17:40 <REP> VDCodecPack1.8 16/07/2005 19:33 <REP> Visicom Media 16/07/2005 22:00 <REP> Vivendi 16/12/2006 13:28 <REP> Vstplugins 17/03/2006 00:37 <REP> Winamp 17/01/2005 21:12 <REP> Winamp3 11/09/2003 17:14 <REP> Windows Journal Viewer 12/12/2005 23:37 <REP> Windows Media Player 17/01/2005 21:31 <REP> Windows NT 15/03/2005 00:14 <REP> WinRAR 21/07/2004 20:09 <REP> WinRar v2.80 vf 08/10/2004 10:07 <REP> WinZip 07/07/2005 08:00 <REP> XEmacs 11/09/2003 15:33 <REP> xerox 10/06/2006 11:37 <REP> Zylom Games 1 fichier(s) 812 octets 108 Rép(s) 16 256 937 984 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est B4A3-65C3 Répertoire de C:\Program Files\fichiers communs 24/10/2006 23:34 <REP> . 24/10/2006 23:34 <REP> .. 16/05/2006 23:19 <REP> Adobe 16/05/2006 23:17 <REP> Adobe Systems Shared 23/10/2003 17:52 <REP> Ahead 12/12/2003 15:49 <REP> aol 04/07/2004 13:11 <REP> Designer 27/01/2006 00:08 <REP> DirectX 26/09/2004 17:24 <REP> Hewlett-Packard 07/11/2006 00:13 <REP> InstallShield 24/12/2004 13:29 <REP> Java 15/01/2005 15:57 <REP> Kaspersky Lab 24/10/2006 23:34 <REP> L&H Shared 29/11/2006 01:16 <REP> LightScribe 17/05/2006 19:41 <REP> Macromedia 29/12/2005 21:45 <REP> Macromedia Shared 08/09/2004 20:38 <REP> Microsoft Shared 11/09/2003 15:31 <REP> MSSoap 06/04/2006 22:53 <REP> Nero 11/09/2003 16:26 <REP> ODBC 12/12/2003 17:42 <REP> Real 07/11/2006 00:13 <REP> ScanSoft Shared 11/09/2003 15:31 <REP> Services 05/01/2006 22:23 <REP> SourceTec 11/09/2003 16:26 <REP> SpeechEngines 23/07/2006 10:43 <REP> SWF Studio 17/01/2005 21:31 <REP> System 11/07/2004 17:09 <REP> Vbox 12/12/2003 17:42 <REP> xing shared 0 fichier(s) 0 octets 29 Rép(s) 16 256 933 888 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est B4A3-65C3 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 04/07/2004 13:11 <REP> . 04/07/2004 13:11 <REP> .. 18/05/2001 17:57 561 209 MSONSEXT.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 18/03/1999 07:37 593 977 RAGENT.DLL 4 fichier(s) 1 405 156 octets 2 Rép(s) 16 256 933 888 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est B4A3-65C3 Répertoire de C:\Program Files\common files 14/04/2005 12:50 <REP> . 14/04/2005 12:50 <REP> .. 14/04/2005 12:50 <REP> Microsoft Shared 08/09/2004 20:38 <REP> System 0 fichier(s) 0 octets 4 Rép(s) 16 256 933 888 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est B4A3-65C3 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 16 256 933 888 octets libres c:\Documents and Settings\Administrateur.COZZANO.001\.housecall6.6\getMac.exe c:\Documents and Settings\Administrateur.COZZANO.001\.housecall6.6\patch.exe c:\Documents and Settings\Administrateur.COZZANO.001\.housecall6.6\tsc.exe c:\Documents and Settings\Administrateur.COZZANO.001\Local Settings\Temporary Internet Files\Content.IE5\R1K8D1X8\speedupmypc3plb[1].exe c:\Documents and Settings\Administrateur.COZZANO.001\Local Settings\Temporary Internet Files\Content.IE5\R1K8D1X8\thankyou[1].exe c:\Documents and Settings\Administrateur.COZZANO.001\Local Settings\Temporary Internet Files\Content.IE5\R1K8D1X8\thankyou[2].exe c:\Documents and Settings\Administrateur.COZZANO.001\Local Settings\Temporary Internet Files\Content.IE5\ZWG9CKEM\registryboostersite[1].exe c:\Documents and Settings\Administrateur.COZZANO.001\Local Settings\Temporary Internet Files\Content.IE5\ZWG9CKEM\thankyou[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\FU2EWFGL\fi_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\FU2EWFGL\ii_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\FU2EWFGL\iv_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GPUB8LEN\fi_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GPUB8LEN\fi_nt86[3].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GPUB8LEN\ii_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GPUB8LEN\ii_nt86[2].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GPUB8LEN\iv_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OTAZSDEF\fi_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OTAZSDEF\fv_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\RTV70F9X\ii_nt86[2].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\RTV70F9X\iv_nt86[1].exe c:\Documents and Settings\utilisateur 1\.housecall6.6\getMac.exe c:\Documents and Settings\utilisateur 1\.housecall6.6\patch.exe c:\Documents and Settings\utilisateur 1\.housecall6.6\tsc.exe c:\Documents and Settings\utilisateur 1\Application Data\Adobe\Acrobat\7.0\Updater\Acrd705SD.exe c:\Documents and Settings\utilisateur 1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_2213260d.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_301cbdb.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_4e45323b.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_56ae732.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_63cb6bfc.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_6b8930a.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_6e5d1ad4.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{0E9053ED-435E-4052-A49F-9CEAD751304A}\_7f967ff5.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{B9F502E2-3599-4819-B646-ABAE7E51DE62}\ARPPRODUCTICON.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{B9F502E2-3599-4819-B646-ABAE7E51DE62}\ffvt3r.exe_2C6B6407B64D460DB7CB613DBC255936.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{B9F502E2-3599-4819-B646-ABAE7E51DE62}\ffvt3r.exe1_884A491C5B7A4170A19FB6607EBD606A.exe c:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Installer\{B9F502E2-3599-4819-B646-ABAE7E51DE62}\Uninstall_Freedom_Fo_B9F502E235994819B646ABAE7E51DE62.exe c:\Documents and Settings\utilisateur 1\Bureau\clean\clean\pskill.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\utilisateur 1\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\Administrateur.COZZANO.001\Application Data\Macromedia\Dreamweaver 8\Configuration\Flash Player\FlashPlayerW.dll c:\Documents and Settings\All Users\Application Data\Adobe\atmosphere.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\astropop\fr-FR\astropop.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\bejeweled2\fr-FR\Bejeweled2.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Caramba\fr-FR\Caramba.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Caramba\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chuzzle\fr-FR\Chuzzle.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\FeedingFrenzy\fr-FR\FeedingFrenzy.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\heavyweapon\fr-FR\HeavyWeapon.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\insaniquarium\fr-FR\insaniquarium.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PastimePuzzles\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PastimePuzzles\fr-FR\PastimePuzzles.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PharaohsSolitaire\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PharaohsSolitaire\fr-FR\PharaohsSolitaire.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\pixelus\fr-FR\Pixelus.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PopcapExtension\PopcapExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\SproutExtension\SproutExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Zuma\fr-FR\zuma.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\utilisateur 1\Application Data\Adobe\atmosphere.dll c:\Documents and Settings\utilisateur 1\Application Data\Identities\{00013KEU-UKQE-K6V0-QFBF-21L0MSNVAVVA}\xmlparse.dll c:\Documents and Settings\utilisateur 1\Application Data\Identities\{00013KEU-UKQE-K6V0-QFBF-21L0MSNVAVVH}\xmlparse.dll c:\Documents and Settings\utilisateur 1\Application Data\Macromedia\Dreamweaver 8\Configuration\Flash Player\FlashPlayerW.dll c:\Documents and Settings\utilisateur 1\Application Data\Macromedia\Dreamweaver MX\Configuration\Flash Player\FlashPlayerW.dll c:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Macromedia\Flash 8\en\Configuration\External Libraries\FLfile.dll c:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\authplay.dll c:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\AI_EPS_PDF_Import.dll c:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\AIImport.dll c:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\FhDbRdr.dll c:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\Fireworks Library.dll

Bonsoir, Merci beaucoup pour ce protocole. J'ai suivi à la lettre les recommandations et voici les différents rapports: ......................................................... Rapport clean: Script execute en mode sans echec Rapport clean par Malekal_morte - http://www.malekal.com Option 2, executee le 24/03/2007 a 15:43:31,59 Microsoft Windows XP [version 5.1.2600] *** Suppression de fichiers sur C: tentative de suppression de C:\unwise.exe *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 tentative de suppression de C:\WINDOWS\system32\RICHTX.DEP tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" tentative de suppression de "C:\Program Files\Viewpoint\" *** Suppression des clefs du registre effectuee.. *** Fin du rapport ! ......................................................... Rapport AVG: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - A V G A n t i - S p y w a r e - R a p p o r t d ' a n a l y s e - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + C r é é à : 1 9 : 2 1 : 3 8 2 4 / 0 3 / 2 0 0 7 + R é s u l t a t d e l ' a n a l y s e : C : \ W I N D O W S \ s y s t e m 3 2 \ s u p p o r t . e x e - > B a c k d o o r . L a n a F T P . j : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ 2 4 7 r e a l m e d i a [ 1 ] . t x t - > T r a c k i n g C o o k i e . 2 4 7 r e a l m e d i a : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ 2 4 7 r e a l m e d i a [ 1 ] . t x t - > T r a c k i n g C o o k i e . 2 4 7 r e a l m e d i a : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ 1 2 2 . 2 o 7 [ 2 ] . t x t - > T r a c k i n g C o o k i e . 2 o 7 : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ p a y p a l . 1 1 2 . 2 o 7 [ 1 ] . t x t - > T r a c k i n g C o o k i e . 2 o 7 : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ a d t e c h [ 2 ] . t x t - > T r a c k i n g C o o k i e . A d t e c h : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ a d v e r t i s i n g [ 2 ] . t x t - > T r a c k i n g C o o k i e . A d v e r t i s i n g : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ a t d m t [ 2 ] . t x t - > T r a c k i n g C o o k i e . A t d m t : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ b l u e s t r e a k [ 1 ] . t x t - > T r a c k i n g C o o k i e . B l u e s t r e a k : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ c o m [ 1 ] . t x t - > T r a c k i n g C o o k i e . C o m : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ f l 0 1 . c t 2 . c o m c l i c k [ 1 ] . t x t - > T r a c k i n g C o o k i e . C o m c l i c k : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ d a t a . c o r e m e t r i c s [ 1 ] . t x t - > T r a c k i n g C o o k i e . C o r e m e t r i c s : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ c p v f e e d [ 2 ] . t x t - > T r a c k i n g C o o k i e . C p v f e e d : N e t t o y é . : m o z i l l a . 9 : C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ A p p l i c a t i o n D a t a \ M o z i l l a \ F i r e f o x \ P r o f i l e s \ 9 6 5 1 i x m 1 . d e f a u l t \ c o o k i e s . t x t - > T r a c k i n g C o o k i e . D o u b l e c l i c k : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ d o u b l e c l i c k [ 2 ] . t x t - > T r a c k i n g C o o k i e . D o u b l e c l i c k : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ e s t a t [ 1 ] . t x t - > T r a c k i n g C o o k i e . E s t a t : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ e s t a t [ 1 ] . t x t - > T r a c k i n g C o o k i e . E s t a t : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ f a s t c l i c k [ 2 ] . t x t - > T r a c k i n g C o o k i e . F a s t c l i c k : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ e h g - y o u t u b e . h i t b o x [ 2 ] . t x t - > T r a c k i n g C o o k i e . H i t b o x : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ h i t b o x [ 1 ] . t x t - > T r a c k i n g C o o k i e . H i t b o x : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ i d o t [ 1 ] . t x t - > T r a c k i n g C o o k i e . I d o t : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ m e d i a p l e x [ 2 ] . t x t - > T r a c k i n g C o o k i e . M e d i a p l e x : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ s s l - h i n t s . n e t f l a m e [ 2 ] . t x t - > T r a c k i n g C o o k i e . N e t f l a m e : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ s s l - h i n t s . n e t f l a m e [ 1 ] . t x t - > T r a c k i n g C o o k i e . N e t f l a m e : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ o v e r t u r e [ 1 ] . t x t - > T r a c k i n g C o o k i e . O v e r t u r e : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ o v e r t u r e [ 1 ] . t x t - > T r a c k i n g C o o k i e . O v e r t u r e : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ w w w . p a y p a l [ 1 ] . t x t - > T r a c k i n g C o o k i e . P a y p a l : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ a d s . p o i n t r o l l [ 2 ] . t x t - > T r a c k i n g C o o k i e . P o i n t r o l l : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ w w w . s m a r t a d s e r v e r [ 1 ] . t x t - > T r a c k i n g C o o k i e . S m a r t a d s e r v e r : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ w w w . s m a r t a d s e r v e r [ 1 ] . t x t - > T r a c k i n g C o o k i e . S m a r t a d s e r v e r : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ t o p l i s t [ 1 ] . t x t - > T r a c k i n g C o o k i e . T o p l i s t : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ t r a d e d o u b l e r [ 1 ] . t x t - > T r a c k i n g C o o k i e . T r a d e d o u b l e r : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ t r i b a l f u s i o n [ 1 ] . t x t - > T r a c k i n g C o o k i e . T r i b a l f u s i o n : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ w e b o r a m a [ 2 ] . t x t - > T r a c k i n g C o o k i e . W e b o r a m a : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ m . w e b t r e n d s [ 2 ] . t x t - > T r a c k i n g C o o k i e . W e b t r e n d s : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ m . w e b t r e n d s [ 1 ] . t x t - > T r a c k i n g C o o k i e . W e b t r e n d s : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ s t a t s e . w e b t r e n d s l i v e [ 2 ] . t x t - > T r a c k i n g C o o k i e . W e b t r e n d s l i v e : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ u t i l i s a t e u r 1 \ C o o k i e s \ u t i l i s a t e u r 1 @ y a d r o [ 1 ] . t x t - > T r a c k i n g C o o k i e . Y a d r o : N e t t o y é . C : \ D o c u m e n t s a n d S e t t i n g s \ A d m i n i s t r a t e u r . C O Z Z A N O . 0 0 1 \ C o o k i e s \ a d m i n i s t r a t e u r @ a d . y i e l d m a n a g e r [ 2 ] . t x t - > T r a c k i n g C o o k i e . Y i e l d m a n a g e r : N e t t o y é . F i n d u r a p p o r t ......................................................... Rapport kaspersky: Sunday, March 25, 2007 12:50:45 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 24/03/2007 Kaspersky Anti-Virus database records: 269275 Scan Settings Scan using the following antivirus database standard Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics Total number of scanned objects 167659 Number of viruses found 2 Number of infected objects 4 / 0 Number of suspicious objects 8 Duration of the scan process 04:52:44 Infected Object Name Virus Name Last Action C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\utilisateur 1\Cookies\index.dat Object is locked skipped C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\utilisateur 1\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\utilisateur 1\Local Settings\Historique\History.IE5\MSHist012007032420070325\index.dat Object is locked skipped C:\Documents and Settings\utilisateur 1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\utilisateur 1\ntuser.dat Object is locked skipped C:\Documents and Settings\utilisateur 1\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\utilisateur 1\UserData\index.dat Object is locked skipped C:\Program Files\CA\eTrust Antivirus\DB\rtmaster.dbf Object is locked skipped C:\Program Files\CA\eTrust Antivirus\DB\rtmaster.ntx Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{88714686-DC26-49C4-A809-5AD6669CB3D1}\RP975\A0189687.exe/data.rar/support.exe Infected: Backdoor.Win32.LanaFTP.j skipped C:\System Volume Information\_restore{88714686-DC26-49C4-A809-5AD6669CB3D1}\RP975\A0189687.exe/data.rar Infected: Backdoor.Win32.LanaFTP.j skipped C:\System Volume Information\_restore{88714686-DC26-49C4-A809-5AD6669CB3D1}\RP975\A0189687.exe RarSFX: infected - 2 skipped C:\System Volume Information\_restore{88714686-DC26-49C4-A809-5AD6669CB3D1}\RP975\A0190906.exe Infected: Backdoor.Win32.LanaFTP.j skipped C:\System Volume Information\_restore{88714686-DC26-49C4-A809-5AD6669CB3D1}\RP975\change.log Object is locked skipped C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB826942$\ndis.sys Object is locked skipped C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys Object is locked skipped C:\WINDOWS\$NtUninstallKB826942$\netshell.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB826942$\wzcsapi.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB826942$\wzcsvc.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\dao360.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\msexcl40.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\msjet40.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\msjetol1.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\msjetoledb40.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\msjtes40.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\mspbde40.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\msrepl40.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\mstext40.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB829558$\msxbde40.dll Object is locked skipped C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx Object is locked skipped C:\WINDOWS\$NtUninstallQ828026$\wmp.dll Object is locked skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{73554AFB-9C6C-4886-AE6B-01167A9596DF}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\archives\dreamweaver6\Patch_Dreamweaver MX6vf.zip/Patch_Dreamweaver MX6vf.exe Suspicious: Password-protected-EXE skipped D:\archives\dreamweaver6\Patch_Dreamweaver MX6vf.zip ZIP: suspicious - 1 skipped D:\archives\PSP8\crackPSPro810.zip/crackPSPro810.exe Suspicious: Password-protected-EXE skipped D:\archives\PSP8\crackPSPro810.zip ZIP: suspicious - 1 skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped D:\System Volume Information\_restore{88714686-DC26-49C4-A809-5AD6669CB3D1}\RP975\change.log Object is locked skipped H:\Archives\dreamweaver6\Patch_Dreamweaver MX6vf.zip/Patch_Dreamweaver MX6vf.exe Suspicious: Password-protected-EXE skipped H:\Archives\dreamweaver6\Patch_Dreamweaver MX6vf.zip ZIP: suspicious - 1 skipped H:\Archives\PSP8\crackPSPro810.zip/crackPSPro810.exe Suspicious: Password-protected-EXE skipped H:\Archives\PSP8\crackPSPro810.zip ZIP: suspicious - 1 skipped Scan process completed. ......................................................... log HiJackThis: Logfile of HijackThis v1.99.1 Scan saved at 00:37:41, on 25/03/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\Program Files\CA\eTrust Antivirus\InoTask.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Iomega\AutoDisk\ADUserMon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\HJT\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.auchan.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - Startup: desktop(2).ini O4 - Global Startup: desktop(2).ini O4 - Global Startup: desktop(3).ini O4 - Global Startup: desktop(4).ini O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.auchan.fr/ O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/12f7817c9c76667a9b15/...RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200306...meInstaller.exe O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylomgames.com/activex/zylomgamesplayer.cab O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.freedom.net/viruscenter/onlinev...cabs/cssweb.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe .........................................................

Bonjour à tous, Depuis quelques temps mon ordinateur présente une utilisation en mémoire vive anormale. Depuis une semaine, les choses se sont considérablement dégradées: à l'ouverture de ma session j'ai 100% d'utilisation de mémoire vive et au moindre clic j'ai le cpu à 100% également! Impossible donc d'utiliser ma session habituelle. Seule solution, le mode sans échec. A partir du mode sans echec j'ai lancé plusieurs antivirus online. Un antivirus en ligne "Trend Micro scan" a identifié un virus nommé : BKDR_LANAFTP.J et me propose de suprimer le programme "service.exe" de windows (le processus service.exe apparait dans ma liste de processus dans ma session utilisateur). Avant de faire une manip malheureuse que je viens vous demander conseil. Voici mon rapport HijackThis- ................................................................................ Logfile of HijackThis v1.99.1 Scan saved at 13:12:21, on 24/03/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\Program Files\CA\eTrust Antivirus\InoTask.exe C:\PROGRA~1\CA\SHARED~1\SCANEN~1\InoDist.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\wuauclt.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Iomega\AutoDisk\ADUserMon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\HJT\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.auchan.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [system] C:\WINDOWS\System32\support.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - Startup: desktop(2).ini O4 - Global Startup: desktop(2).ini O4 - Global Startup: desktop(3).ini O4 - Global Startup: desktop(4).ini O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.auchan.fr/ O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/12f7817c9c76667a9b15/...RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200306...meInstaller.exe O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylomgames.com/activex/zylomgamesplayer.cab O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.freedom.net/viruscenter/onlinev...cabs/cssweb.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe ................................................................................ Merci pour votre aide Belllangelo