Solisius

Je suis en train de scanner justement XD... Oui, alors en fait, ce que je ne comprend pas, c'est que ça marchais vraiment sans aucun problèmes avant, et mon ordi est tout neuf... Bon, si c'est un porblème hardware : retour SAV et hop !

Salut tout le monde ! Asus A7Sn XP/Vista Pilote XP : http://croftophile.free.fr/index/rubrique-...le-32-os-1.html Voilà mon problème, du jour au lendemain, mon tout neuf ordinateur portable à commencer à avoir des problèmes d'affichage : affiche les couleur n'importe comment, freeze, coupe le jeux, ne sauvegarde aps une partie (c'est pas un problème d'affichage là, mais bon...). Bon alors (étant en double boot XP/Vista). Je me suis dit, on réinstalle XP et on en parle plus, bon ça continue... (Je précise que les pilote graphique ne m'ont jamais posé problème avant...). J'essai sous Vista, même pb, avec récupération des pilotes après un bug de ce type... J'ai réinstaller Vista, en formattant le DD, en branchant mon disque dur externe, j'ai eu tot de suite un message avec : les pilotes graphique ont césséent de fonctionner, ils ont étés récupérés... Donc moi sui ne m'y connait aps bien en sécurité, je me demandais si c'étais aps un horrible virus qui se sauvegarde sur tout les support qu'il peut trouver... Je donne un rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:59:14, on 07/08/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS Live Update\ALU.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Windows\System32\rundll32.exe C:\Program Files\P4P\P4P.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\NB Probe\NBProbe.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Windows\System32\mobsync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ESET Smart Security\egui.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Zshutdown1] c:\preload\patch\sysprep1.cmd O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [NB Probe] C:\Program Files\NB Probe\NBProbe.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET Smart Security\ekrn.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\NB Probe\SPM\spmgr.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe -- End of file - 4362 bytes Voila, merci d'avance pour votre aide ! C'est peut être un problème du Bios aussi, a part ces deux hypothéses je ne vois aps...

Ok super, merci beaucoup c'est génial, je vais regarder tout ça touit à l'heure a+ et encore merci

re! Super merci beaucoup pour ton aide : il semblerait qu'il n'est plus rien Bit Befender n'as rien trouver : //----------------------------------------------------------------- // // Produit BitDefender Antivirus Plus v10 // Produit 10.2 // // Créé le: 13/05/2007 11:27:49 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ D:\ Dossiers : 8310 Fichiers : 651658 Processus Mémoire analysés : 25 Archives : 12480 Fichiers enpaquetés : 71214 Virus trouvés : 0 Fichiers infectés : 0 Processus Mémoire infectés : 0 Fichiers suspects : 0 Alertes : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers déplacés : 0 Erreurs I/O : 30 Temps d'analyse :=01:00:45 Fichiers/seconde :178 Statistiques Spywares Registres analysés : 2250 Registres infectés : 0 Cookies analysés : 0 Cookies infectés : 0 Fichiers spyware infectés : 0 Menaces Spyware détectées : 0 Définitions virus : 553351 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Processus mémoire [X] Analyser les archives [X] Analyser les fichiers enpaquetés [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Mettre en quarantaine [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [X] Mettre en quarantaine [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [ ] Afficher tous les fichiers dans le journal [X] Fichier journal: C:\Documents and Settings\Pitouman\Application Data\BitDefender\Desktop\Profiles\Logs\user_0001\1179048469.log Options d'analyse Spyware [X] Analyse contre les risques non-viraux [ ] Ecarter de l'analyse les dialers et les applications [X] Clés de registres [X] Cookies Maintenant j'espère que l'infection ne va pas revenir, encore merci pour ton aide, vous ête génial sur Zébulon!!!!

Voilà j'ai refait ,une analyse DiagHelp : DiagHelp version v1.07.4 - http://www.malekal.com excute le 12/05/2007 à 21:39:10,40 Liste des fichiers modifies/crees dans les 24 dernieres heures... C:\biosinfo C:\Documents and Settings\LocalService C:\Documents and Settings\LocalService\Cookies\index.dat C:\Documents and Settings\LocalService\Local Settings\desktop.ini C:\Documents and Settings\LocalService\NTUSER.DAT C:\Documents and Settings\LocalService\ntuser.dat.LOG C:\Documents and Settings\NetworkService C:\Documents and Settings\NetworkService\Local Settings\desktop.ini C:\Documents and Settings\NetworkService\NTUSER.DAT C:\Documents and Settings\NetworkService\ntuser.dat.LOG C:\Documents and Settings\Pitouman C:\Documents and Settings\Pitouman\.gimp-2.2 C:\Documents and Settings\Pitouman\.gimp-2.2\pluginrc C:\Documents and Settings\Pitouman\.gimp-2.2\themerc C:\Documents and Settings\Pitouman\Bureau C:\Documents and Settings\Pitouman\Bureau\Activescan.txt C:\Documents and Settings\Pitouman\Bureau\catchme.log C:\Documents and Settings\Pitouman\Bureau\DiagHelp C:\Documents and Settings\Pitouman\Bureau\DiagHelp\resultat.txt C:\Documents and Settings\Pitouman\Bureau\DiagHelp(1).zip C:\Documents and Settings\Pitouman\Bureau\Nouveau Document texte.txt C:\Documents and Settings\Pitouman\Bureau\rk.html C:\Documents and Settings\Pitouman\Contacts\DarkTank@hotmail.fr\813C8DD0-9B0E-45C4-BB20-96457327D42F.WindowsLiveContact C:\Documents and Settings\Pitouman\Contacts\DarkTank@hotmail.fr\8601A16D-88C6-408E-9207-8DD88724F198.WindowsLiveContact C:\Documents and Settings\Pitouman\Contacts\DarkTank@hotmail.fr\FF29392C-D585-40C0-91C9-E80877AB2105.WindowsLiveContact C:\Documents and Settings\Pitouman\Cookies C:\Documents and Settings\Pitouman\Cookies\index.dat C:\Documents and Settings\Pitouman\Cookies\pitouman@google[1].txt C:\Documents and Settings\Pitouman\Cookies\pitouman@messenger.msn[1].txt C:\Documents and Settings\Pitouman\Cookies\pitouman@msn[2].txt C:\Documents and Settings\Pitouman\Cookies\pitouman@rad.msn[2].txt C:\Documents and Settings\Pitouman\Cookies\pitouman@www.commentcamarche[1].txt C:\Documents and Settings\Pitouman\Cookies\pitouman@www.pandasoftware[1].txt C:\Documents and Settings\Pitouman\Local Settings\desktop.ini C:\Documents and Settings\Pitouman\Local Settings\Temp C:\Documents and Settings\Pitouman\Local Settings\Temp\F-Secure C:\Documents and Settings\Pitouman\Local Settings\Temp\F-Secure\Anti-Virus C:\Documents and Settings\Pitouman\Local Settings\Temp\GlaukaCommDll.log C:\Documents and Settings\Pitouman\Local Settings\Temp\jusched.log C:\Documents and Settings\Pitouman\Local Settings\Temp\KAV Updater update files C:\Documents and Settings\Pitouman\Local Settings\Temp\LVCOMSX.LOG C:\Documents and Settings\Pitouman\Local Settings\Temp\msohtml C:\Documents and Settings\Pitouman\Local Settings\Temp\msohtml1 C:\Documents and Settings\Pitouman\Local Settings\Temp\msohtml11 C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware1@swdb.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware2@swdb.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware2@swdb.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\axwhite.txt C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\bundle.xml C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\BW_datapak.bif C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\BW_datapak.bis C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\bw_name.html C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\dbindex.cpt C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\FS@swdb.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\info.iad.SWCDB C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\lsdefault.lrd C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\lsnewdef.lrd C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\lsse.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\lsseupdate.log C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Spyware\sites.txt C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@av.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@avpe.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@bleng.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@corp.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@hkeng.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@libra.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@orion.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus1@peg.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@av.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@av.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@avpe.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@avpe.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@bleng.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@bleng.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@corp.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@corp.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@hkeng.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@hkeng.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@libra.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@libra.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@orion.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@orion.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@peg.mf C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus2@peg.ref C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\avp.klb C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\avp.set C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\avp.vnd C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\AVPFPI0.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\avpproxy.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\avp_ext.klb C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\avp_ext.set C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base001.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base001c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base002.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base002c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base003.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base003c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base004.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base004c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base005.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base005c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base006.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base006c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base007.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base007c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base008.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base008c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base009.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base009c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base010.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base010c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base011.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base011c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base012.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base012c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base013.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base013c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base014.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base014c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base015.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base015c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base016.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base017.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base018.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base019.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base020.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base021.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base022.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base023.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base024.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base025.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base026.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base027.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base028.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base029.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base030.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base031.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base032.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base033.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base034.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base035.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base036.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base037.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base038.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base039.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base040.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base041.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base042.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base043.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base044.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base045.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base046.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base047.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base048.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base049.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base050.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base051.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base052.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base053.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base054.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base055.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base056.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base057.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base058.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base059.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base060.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base061.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base062.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base063.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base064.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base065.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base066.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base067.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base068.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base069.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base070.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base071.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base072.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base073.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base074.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base075.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base076.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base077.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base078.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base079.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base080.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base081.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base082.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base083.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base084.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base085.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base086.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base087.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base088.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base089.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base090.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base091.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base092.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base093.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base094.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base095.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base096.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base097.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base098.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base099.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base100.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base101.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base102.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base103.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base104.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base105.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base106.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base107.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base108.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base109.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base110.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base111.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base112.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base113.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base114.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base115.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base116.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base117.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base118.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base119.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base120.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base121.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base122.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base123.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base124.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base125.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base126.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base127.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base128.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base129.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base130.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base131.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base132.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base133.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base134.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base135.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base136.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base137.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\base999.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\BW_datapak.bif C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\BW_datapak.bis C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\bw_name.html C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ca.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\chuka.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\daily-ec.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\daily-ex.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\daily.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\dailyc.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\DFFPI.DLL C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\eicar.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext001.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext001c.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext002.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext003.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext004.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext005.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext006.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext007.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext008.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ext999.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fa.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fa001.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fm4av.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fpinor.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@av.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@avpe.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@bleng.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@hkeng.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@libra.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@ols3bin.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@orion.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@peg.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbl.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbld.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk.sys C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgkiapi.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fshke.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FSHKE.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\FSLFPI.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsmacro.def C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fssc.fsd C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsscript.def C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.pub C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\gen001.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\gen002.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\gen003.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\gen004.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\gen005.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\gen999.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.avmisc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.avpe C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.libradb C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.ols_30_bin C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.ols_30_hkedb C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.ols_30_pegdb C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.ols_bl C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\info.iad.oriondb C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\kernel.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krn001.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krn002.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krn003.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krn004.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krndos.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krnengn.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krnexe.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krnexe32.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krnjava.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krnmacro.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\krnunp.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\lsse.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\mail.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\nvcbin.def C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\nvcmacro.def C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\ocr.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\orion.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\orioneng.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\orionfin.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\perf.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\sae.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\sai.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\smart.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp000.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp001.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp002.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp003.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp004.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp005.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp006.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp007.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp008.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp009.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp010.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp011.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp012.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp013.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp014.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp015.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp016.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp017.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp018.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp019.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp020.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp021.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp022.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp023.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp024.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp025.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp026.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp027.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp028.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp029.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp030.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp031.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp032.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp033.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp034.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp035.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp036.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp037.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\unp038.avc C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\verdicts.ini C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\client.state C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\infopak.zip C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\ols.xml C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\ols_report.html C:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\segrules.dat C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76E7.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76E8.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76EC.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76F0.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76F4.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76F8.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76FC.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR76FD.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR7707.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR7708.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR770D.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR7710.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR7714.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR7719.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\TFR771C.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\~DF1815.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\~DF182A.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\~DFBD04.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\~DFBD29.tmp C:\Documents and Settings\Pitouman\Mes documents\Mes dossiers de partage.lnk C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007 C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\christophecassar@hotmail.com.html C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\Images C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\Images\MsgPlus_Img0683.png C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\Images\MsgPlus_Img1570.png C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\Images\MsgPlus_Img1582.png C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\Images\MsgPlus_Img2595.png C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\Images\MsgPlus_Img3599.png C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation\mai 2007\louloulabrue@hotmail.fr.html C:\Documents and Settings\Pitouman\NTUSER.DAT C:\Documents and Settings\Pitouman\ntuser.ini C:\pagefile.sys C:\Program Files\a-squared Free C:\Program Files\Adobe Reader 8.0\Reader C:\Program Files\AVG Anti-Spyware 7.5 C:\Program Files\AVG Anti-Spyware 7.5\logfile.txt C:\Program Files\BitDefender 10 C:\Program Files\BitDefender 10\as2himgdb.dat C:\Program Files\BitDefender 10\as2sign.slf C:\Program Files\BitDefender 10\as2urldbi.dat C:\Program Files\BitDefender 10\asstat.ini C:\Program Files\BitDefender 10\bpfcr.ini C:\Program Files\BitDefender 10\running.xml C:\Program Files\BitDefender 10\status.ini C:\Program Files\Fichiers communs\Ahead\Lib C:\Program Files\Fichiers communs\logishrd\LComMgr C:\Program Files\Fichiers communs\logishrd\LQCVFX C:\Program Files\Fichiers communs\logishrd\LVMVFM C:\Program Files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.log C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator C:\Program Files\Fichiers communs\Softwin\BitDefender Local Manager C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\ceva_vfs.cvd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\cran.ivd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\emalware.i14 C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\e_spyw.i04 C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\mdx_97.ivd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\sdx.ivd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\update.txt C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\plugins.htm C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\live.ini C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.log C:\Program Files\Free Download Manager C:\Program Files\Free Download Manager\Firefox\extension\components C:\Program Files\HijackThis C:\Program Files\HijackThis\hijackthis.log C:\Program Files\Internet Explorer C:\Program Files\Java\jre1.6.0_01\bin C:\Program Files\Messenger Plus! Live C:\Program Files\Mozilla Firefox C:\Program Files\Mozilla Firefox\components C:\Program Files\Mozilla Firefox\extensions C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components C:\Program Files\Mozilla Firefox\plugins C:\Program Files\Mozilla Firefox\updates C:\Program Files\Mozilla Thunderbird C:\Program Files\MSN Messenger C:\Program Files\MSN Messenger\ErrorResponse.xml C:\Program Files\Nero\Nero 7\InCD C:\Program Files\Nero\Nero 7\InCD\Error.log C:\Program Files\Nero\Nero 7\InCD\SrvError.Log C:\Program Files\Nero\Nero 7\Nero BackItUp C:\Program Files\Office\OFFICE11 C:\Program Files\Outlook Express C:\Program Files\PowerDVD C:\Program Files\QuickCam 10 C:\Program Files\Spybot - Search & Destroy C:\Program Files\Spybot - Search & Destroy\Includes C:\Program Files\Spybot - Search & Destroy\Updates C:\Program Files\Spybot - Search & Destroy\Updates\downloaded.ini C:\Program Files\Spybot - Search & Destroy\Updates\online.ini C:\Program Files\Spyware Terminator C:\Program Files\Spyware Terminator\history.txt C:\Program Files\Spyware Terminator\languages C:\Program Files\Spyware Terminator\languages\czech.cab C:\Program Files\Spyware Terminator\languages\czech.inf C:\Program Files\Spyware Terminator\languages\english.cab C:\Program Files\Spyware Terminator\languages\english.inf C:\Program Files\Spyware Terminator\languages\french.cab C:\Program Files\Spyware Terminator\languages\french.inf C:\Program Files\Spyware Terminator\languages\german.cab C:\Program Files\Spyware Terminator\languages\german.inf C:\Program Files\Spyware Terminator\languages\hungarian.cab C:\Program Files\Spyware Terminator\languages\hungarian.inf C:\Program Files\Spyware Terminator\languages\italiano.cab C:\Program Files\Spyware Terminator\languages\italiano.inf C:\Program Files\Spyware Terminator\languages\korean.cab C:\Program Files\Spyware Terminator\languages\korean.inf C:\Program Files\Spyware Terminator\languages\polish.cab C:\Program Files\Spyware Terminator\languages\polish.inf C:\Program Files\Spyware Terminator\languages\portuguese.cab C:\Program Files\Spyware Terminator\languages\portuguese.inf C:\Program Files\Spyware Terminator\languages\serbian.cab C:\Program Files\Spyware Terminator\languages\serbian.inf C:\Program Files\Spyware Terminator\languages\spanish.cab C:\Program Files\Spyware Terminator\languages\spanish.inf C:\Program Files\Spyware Terminator\languages\turkish.cab C:\Program Files\Spyware Terminator\languages\turkish.inf C:\Program Files\Spyware Terminator\report.txt C:\Program Files\Spyware Terminator\sptcontmenu.dll C:\Program Files\Unlocker C:\Program Files\WinRAR C:\sqmdata00.sqm C:\sqmnoopt00.sqm C:\WINDOWS C:\WINDOWS\AppPatch C:\WINDOWS\bootstat.dat C:\WINDOWS\Debug C:\WINDOWS\Debug\PASSWD.LOG C:\WINDOWS\Downloaded Program Files C:\WINDOWS\NeroDigital.ini C:\WINDOWS\pavsig.txt C:\WINDOWS\pchealth\helpctr\binaries C:\WINDOWS\pchealth\helpctr\DataColl C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_496.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_498.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_500.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_502.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_504.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_506.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_507.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_508.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_510.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_512.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_514.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_516.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_517.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_518.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_520.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_522.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_523.xml C:\WINDOWS\pchealth\helpctr\DataColl\CollectedData_524.xml C:\WINDOWS\pchealth\helpctr\DataColl\history_db.xml C:\WINDOWS\QTFont.qfn C:\WINDOWS\SchedLgU.Txt C:\WINDOWS\setupapi.log C:\WINDOWS\system32 C:\WINDOWS\system32\ActiveScan C:\WINDOWS\system32\ActiveScan\Panda ActiveScanPSK_NAMES C:\WINDOWS\system32\ActiveScan\Panda ActiveScanPSK_NAMES2 C:\WINDOWS\system32\ActiveScan\pav.sig C:\WINDOWS\system32\bdss.log C:\WINDOWS\system32\CatRoot2 C:\WINDOWS\system32\CatRoot2\dberr.txt C:\WINDOWS\system32\CatRoot2\edb.chk C:\WINDOWS\system32\CatRoot2\edb.log C:\WINDOWS\system32\CatRoot2\tmp.edb C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb C:\WINDOWS\system32\drivers C:\WINDOWS\system32\Help.ico C:\WINDOWS\system32\Macromed\Flash C:\WINDOWS\system32\mui0C C:\WINDOWS\system32\nvapps.xml C:\WINDOWS\system32\pavas.ico C:\WINDOWS\system32\spool\prtprocs\w32x86 C:\WINDOWS\system32\Uninstall.ico C:\WINDOWS\system32\wpa.dbl C:\WINDOWS\Tasks\SA.DAT C:\WINDOWS\Temp C:\WINDOWS\Temp\ASHeuristic C:\WINDOWS\Temp\kds.xml C:\WINDOWS\Temp\tmp00000a74\tmp00000000 C:\WINDOWS\Temp\WGANotify.settings C:\WINDOWS\wiadebug.log C:\WINDOWS\wiaservc.log C:\WINDOWS\win.ini C:\WINDOWS\WindowsUpdate.log Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\CO_Mon.sys -->07/05/2007 21:52:08 C:\WINDOWS\System32/drivers\sp_rsdrv2.sys -->03/05/2007 12:26:23 C:\WINDOWS\System32/drivers\lirsgt.sys -->30/04/2007 19:31:51 C:\WINDOWS\System32/drivers\atksgt.sys -->30/04/2007 19:31:51 C:\WINDOWS\System32/drivers\ntfs.sys -->09/02/2007 13:10:35 C:\WINDOWS\System32/drivers\LVPr2Mon.sys -->06/02/2007 17:45:04 C:\WINDOWS\System32/drivers\LVMVdrv.sys -->06/02/2007 17:44:36 C:\WINDOWS\System32\bdod.bin -->12/05/2007 21:42:47 C:\WINDOWS\System32\bdss.log -->12/05/2007 21:27:39 C:\WINDOWS\System32\Uninstall.ico -->12/05/2007 18:09:16 C:\WINDOWS\System32\pavas.ico -->12/05/2007 18:09:16 C:\WINDOWS\System32\Help.ico -->12/05/2007 18:09:16 C:\WINDOWS\System32\wpa.dbl -->12/05/2007 15:12:16 C:\WINDOWS\System32\nvapps.xml -->12/05/2007 15:11:46 C:\WINDOWS\System32\CmdLineExt03.dll -->10/05/2007 20:24:58 C:\WINDOWS\System32\FNTCACHE.DAT -->08/05/2007 17:06:56 C:\WINDOWS\System32\tmp.txt -->08/05/2007 14:05:32 C:\WINDOWS\System32\tmp.reg -->08/05/2007 14:05:32 C:\WINDOWS\System32\pgdfgsvc.exe -->07/05/2007 20:01:46 C:\WINDOWS\System32\asfiles.txt -->01/05/2007 01:40:03 C:\WINDOWS\System32\MRT.exe -->27/04/2007 22:45:12 C:\WINDOWS\System32\lvcoinst.log -->27/04/2007 13:37:25 C:\WINDOWS\System32\BASSMOD.dll -->18/04/2007 19:37:11 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->13/04/2007 23:17:02 C:\WINDOWS\System32\msinet.ocx -->12/04/2007 23:48:28 C:\WINDOWS\System32\comdlg32.ocx -->12/04/2007 23:48:28 C:\WINDOWS\System32\SIntfNT.dll -->12/04/2007 22:25:00 C:\WINDOWS\System32\SIntf32.dll -->12/04/2007 22:25:00 C:\WINDOWS\System32\SIntf16.dll -->12/04/2007 22:25:00 C:\WINDOWS\System32\Chip.dll -->12/04/2007 01:50:51 C:\WINDOWS\System32\nscompat.tlb -->11/04/2007 22:24:20 C:\WINDOWS\System32\amcompat.tlb -->11/04/2007 22:24:20 C:\WINDOWS\win.ini -->12/05/2007 21:27:17 C:\WINDOWS\QTFont.qfn -->12/05/2007 19:55:56 C:\WINDOWS\pavsig.txt -->12/05/2007 18:09:22 C:\WINDOWS\setupapi.log -->12/05/2007 16:45:39 C:\WINDOWS\NeroDigital.ini -->12/05/2007 15:13:22 C:\WINDOWS\WindowsUpdate.log -->12/05/2007 15:11:54 C:\WINDOWS\wiaservc.log -->12/05/2007 15:11:54 C:\WINDOWS\wiadebug.log -->12/05/2007 15:11:53 C:\WINDOWS\bootstat.dat -->12/05/2007 15:11:38 C:\WINDOWS\SchedLgU.Txt -->12/05/2007 15:10:42 C:\WINDOWS\TSC.INI -->11/05/2007 19:00:30 C:\WINDOWS\tsc.ptn -->11/05/2007 18:07:22 C:\WINDOWS\vsapi32.dll -->11/05/2007 18:07:21 C:\WINDOWS\tsc.exe -->11/05/2007 18:07:21 C:\WINDOWS\hcextoutput.dll -->11/05/2007 18:07:21 Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\WINDOWS\system32 02/03/2006 14:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 13 377 060 864 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\WINDOWS\Downloaded Program Files 12/05/2007 18:24 <REP> . 12/05/2007 18:24 <REP> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 17/05/2006 14:32 231 072 avsniff.dll 17/05/2006 14:29 878 avsniff.inf 17/05/2006 14:32 198 304 avsniffdlgs.dll 17/05/2006 14:26 537 704 AXXPEE.dll 28/03/2007 10:06 541 ca.pub 17/05/2006 14:29 241 CabSA.inf 02/05/2007 01:00 2 504 catalog.dat 07/05/2007 16:38 500 120 daas_s.dll 11/04/2007 18:04 65 desktop.ini 02/05/2007 01:00 6 899 ecbootil.vxd 17/05/2006 14:26 42 112 ecmldr32.dll 02/05/2007 01:00 271 992 ecmsvr32.dll 07/05/2007 16:39 192 920 fsauc.dll 07/05/2007 16:39 254 360 fscax.dll 13/04/2007 15:52 482 fscax.inf 08/08/2006 11:45 576 kavwebscan.inf 17/05/2006 14:28 6 850 navapi.vxd 17/05/2006 14:28 201 896 navapi32.dll 02/05/2007 01:00 120 440 naveng32.dll 02/05/2007 01:00 902 776 navex32a.dll 17/05/2006 14:32 161 480 rufsi.dll 02/05/2007 01:00 97 744 scrauth.dat 26/03/2007 16:46 5 085 swflash.inf 02/05/2007 01:00 11 875 symaveng.cat 02/05/2007 01:00 1 061 symaveng.inf 02/05/2007 01:00 190 702 tcdefs.dat 02/05/2007 01:00 1 480 739 tcscan7.dat 02/05/2007 01:00 349 736 tcscan8.dat 02/05/2007 01:00 830 478 tcscan9.dat 02/05/2007 01:00 453 tinf.dat 02/05/2007 01:00 148 tinfidx.dat 02/05/2007 01:00 1 957 tinfl.dat 02/05/2007 01:00 66 363 tscan1.dat 02/05/2007 01:00 3 113 tscan1hd.dat 02/05/2007 01:00 4 778 v.grd 02/05/2007 01:00 2 261 v.sig 02/05/2007 01:00 106 244 virscan.inf 02/05/2007 01:00 982 800 virscan1.dat 02/05/2007 01:00 570 636 virscan2.dat 02/05/2007 01:00 149 096 virscan3.dat 02/05/2007 01:00 320 253 virscan4.dat 02/05/2007 01:00 3 748 071 virscan5.dat 02/05/2007 01:00 390 742 virscan6.dat 02/05/2007 01:00 8 419 678 virscan7.dat 02/05/2007 01:00 1 730 898 virscan8.dat 02/05/2007 01:00 4 424 061 virscan9.dat 02/05/2007 01:00 32 virscant.dat 02/11/2005 18:01 1 777 xscan.inf 02/11/2005 18:07 435 712 xscan53.ocx 02/05/2007 01:00 224 zdone.dat 52 fichier(s) 28 102 890 octets Total des fichiers listés : 52 fichier(s) 28 102 890 octets 2 Rép(s) 13 377 056 768 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-12 21:46:32 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes a-squared Free 2.1 Ad-Aware SE Personal Adobe Flash Player ActiveX Adobe Reader 8 - Français Anno 1701 Archiveur WinRAR AVG Anti-Spyware 7.5 BitDefender Antivirus Plus v10 BitSpirit v3.2.2.122 Stable CCleaner (remove only) Diablo II Empire Earth II eMule FairUse Wizard 2 FastStone Image Viewer 2.8 (French) FLV Player Free Download Manager 2.1 Gimp pour Windows HijackThis 1.99.1 Java SE Runtime Environment 6 Update 1 jv16 PowerTools 1.3 Kaspersky Online Scanner Language pack for Ad-Aware SE Lecteur Windows Media 10 Logitech QuickCam Media Player Classic fr Messenger Plus! Live Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.0 French Language Pack Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour pour Windows XP (KB911164) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 Mozilla Firefox (2.0.0.3) Mozilla Thunderbird (2.0.0.0) Mp3tag v2.37a MSNdecrypter 2.0 MSXML 4.0 SP2 (KB927978) MSXML 6.0 Parser Nero 7 Ultra Edition Notepad++ NVIDIA Drivers Oblivion Oblivion - Construction Set Oblivion mod manager 0.9.15 Panda ActiveScan PowerDVD QuickTime Alternative 1.78 Real Alternative 1.52 Realtek High Definition Audio Driver RivaTuner v2.0 RC 16.2 Security Update for Microsoft .NET Framework 2.0 (KB917283) Security Update pour Microsoft .NET Framework 2.0 (KB922770) Spybot - Search & Destroy 1.4 Spyware Terminator Unlocker 1.8.5 UxTheme Multipatcher Fr Wacky Races WebFldrs XP Winamp Alternative 1.1 Windows Communication Foundation Windows Communication Foundation Language Pack - FRA Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 7 Windows Live Messenger Windows Media Format Runtime Windows Presentation Foundation Windows Presentation Foundation Language Pack (FRA) Windows Workflow Foundation Windows Workflow Foundation FR Language Pack XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\Program Files 11/05/2007 16:54 <REP> . 11/05/2007 16:54 <REP> .. 02/05/2007 18:03 <REP> Ad-Aware SE Personal 27/04/2007 21:30 <REP> Adobe 16/04/2007 23:03 <REP> Adobe Reader 8.0 12/05/2007 18:16 <REP> a-squared Free 12/05/2007 18:16 <REP> AVG Anti-Spyware 7.5 12/05/2007 21:27 <REP> BitDefender 10 12/04/2007 21:21 <REP> BitSpirit 28/04/2007 21:41 <REP> CCleaner 11/04/2007 18:02 <REP> ComPlus Applications 27/04/2007 21:29 <REP> Emoticon 11/05/2007 13:31 <REP> eMule 11/05/2007 17:35 <REP> FairUse Wizard 2 11/04/2007 23:54 <REP> FastStone Image Viewer 28/04/2007 12:14 <REP> Fichiers communs 12/04/2007 23:50 <REP> FLV Player 12/05/2007 18:19 <REP> Free Download Manager 05/05/2007 19:28 <REP> Gimp Mode 12/05/2007 12:04 <REP> HijackThis 11/04/2007 18:28 <REP> Intel 12/05/2007 18:19 <REP> Internet Explorer 13/04/2007 23:17 <REP> Java 12/04/2007 20:03 <REP> jv16 PowerTools 11/04/2007 20:48 <REP> Logitech 05/05/2007 22:08 <REP> Media Player Classic 12/04/2007 21:21 <REP> Messenger 12/05/2007 18:20 <REP> Messenger Plus! Live 11/04/2007 18:05 <REP> microsoft frontpage 11/04/2007 23:26 <REP> Microsoft.NET 11/04/2007 18:02 <REP> Movie Maker 12/05/2007 18:20 <REP> Mozilla Firefox 12/05/2007 18:21 <REP> Mozilla Thunderbird 17/04/2007 23:34 <REP> Mp3tag 11/04/2007 22:01 <REP> MSBuild 11/04/2007 18:01 <REP> MSN 11/04/2007 18:01 <REP> MSN Gaming Zone 12/05/2007 18:21 <REP> MSN Messenger 17/04/2007 19:53 <REP> MSNdecrypter 2.0 11/04/2007 21:21 <REP> MSXML 4.0 11/05/2007 13:07 <REP> MSXML 6.0 28/04/2007 12:14 <REP> Nero 11/04/2007 18:03 <REP> NetMeeting 01/05/2007 17:49 <REP> Notepad++ 28/04/2007 01:44 <REP> OCCT 11/04/2007 23:27 <REP> Office 11/04/2007 18:01 <REP> Online Services 12/05/2007 18:23 <REP> Outlook Express 06/05/2007 15:27 <REP> PageDefrag 16/04/2007 00:15 <REP> Paint Shop Pro 8 12/05/2007 18:23 <REP> PowerDVD 12/05/2007 18:23 <REP> QuickCam 10 13/04/2007 14:01 <REP> QuickTime Alternative 13/04/2007 13:56 <REP> Real Alternative 11/04/2007 18:16 <REP> Realtek 11/04/2007 21:58 <REP> Reference Assemblies 12/04/2007 16:09 <REP> RegCleaner 22/04/2007 16:23 <REP> ResHack 11/04/2007 18:42 <REP> RivaTuner v2.0 RC 16.2 11/04/2007 18:03 <REP> Services en ligne 12/05/2007 18:24 <REP> Spybot - Search & Destroy 12/05/2007 18:24 <REP> Spyware Terminator 12/05/2007 18:24 <REP> Unlocker 18/04/2007 19:52 <REP> UxTheme Multipatcher Fr 13/04/2007 14:01 <REP> Winamp Alternative 11/04/2007 22:24 <REP> Windows Media Player 11/04/2007 18:01 <REP> Windows NT 12/05/2007 18:24 <REP> WinRAR 11/04/2007 18:05 <REP> xerox 0 fichier(s) 0 octets 69 Rép(s) 13 376 544 768 octets libres Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\Program Files\fichiers communs 28/04/2007 12:14 <REP> . 28/04/2007 12:14 <REP> .. 16/04/2007 23:03 <REP> Adobe 28/04/2007 12:16 <REP> Ahead 11/04/2007 23:27 <REP> DESIGNER 12/04/2007 22:38 <REP> InstallShield 13/04/2007 23:16 <REP> Java 27/04/2007 21:29 <REP> logishrd 11/04/2007 23:27 <REP> Microsoft Shared 11/04/2007 18:03 <REP> MSSoap 11/04/2007 19:49 <REP> ODBC 11/04/2007 18:03 <REP> Services 11/04/2007 20:29 <REP> Softwin 11/04/2007 19:49 <REP> SpeechEngines 11/04/2007 21:20 <REP> System 0 fichier(s) 0 octets 15 Rép(s) 13 376 540 672 octets libres Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 11/04/2007 23:27 <REP> . 11/04/2007 23:27 <REP> .. 11/04/2007 23:27 <REP> 1033 11/04/2007 23:27 <REP> 1036 11/07/2003 10:15 1 292 872 MSONSEXT.DLL 15/07/2003 06:52 35 896 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 13 376 540 672 octets libres Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\ 08/05/2007 11:48 68 096 diff.exe 08/05/2007 11:48 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 13 376 540 672 octets libres c:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe c:\Documents and Settings\Pitouman\Application Data\Free Download Manager\Update\fdminst.exe c:\Documents and Settings\Pitouman\Bureau\avgas-setup-7.5.0.50.exe c:\Documents and Settings\Pitouman\Bureau\BitSpirit 3.2.2.122.exe c:\Documents and Settings\Pitouman\Bureau\ccleaner_ccleaner_1.38.435_francais_14492.exe c:\Documents and Settings\Pitouman\Bureau\CleanMessenger(MsnTrucAstuce.fr).exe c:\Documents and Settings\Pitouman\Bureau\FastStoneViewer-2.8-Colok-fr.exe c:\Documents and Settings\Pitouman\Bureau\FirefoxGoogleToolbarSetup.exe c:\Documents and Settings\Pitouman\Bureau\FLVplayer_v0.0.5.exe c:\Documents and Settings\Pitouman\Bureau\jv16pt_setup1.3.0.195.exe c:\Documents and Settings\Pitouman\Bureau\MsgPlusLive-420.exe c:\Documents and Settings\Pitouman\Bureau\patch.exe c:\Documents and Settings\Pitouman\Bureau\RegCleaner.exe c:\Documents and Settings\Pitouman\Bureau\spybotsd14.exe c:\Documents and Settings\Pitouman\Bureau\unlocker1.8.5.exe c:\Documents and Settings\Pitouman\Bureau\Windows Média Player 10.exe c:\Documents and Settings\Pitouman\Bureau\windows-live-messenger_windows_live_messenger_8.1.0178.00_francais_19367.exe c:\Documents and Settings\Pitouman\Bureau\WinRAR 3.62.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe c:\Documents and Settings\Pitouman\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\MMSEF.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll Voilà encore merci pour ton aide

Oui : les clin d'oeil de Windows Live Messenger (l'ancien MSN), les petite animation que tu peut envoyer à tes contact... Sinon Spybot me détecte DoubleClick et HitBox qui revienne à chaques fois que je scan avec ce dernier... DoubleClick pourait t-il être la cause de mon C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\cookies.txt qui revien à chaque fois que je le supprime ?

Ok merci beaucoup pour ton aide, c'est génial !!!

Bonjour Setra Tu as poster dans la catégorie : Quelques infections typiques, il fallait poster dans Analyse rapports HijackThis, Eradication malwares, voilà donc il faudrait que tu recré un message dans la bonne sesson et qu'un modérateur(trice) supprime celui là...

Re! Voilà le port de panda : Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\cookies.txt[.xiti.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\cookies.txt[.bluestreak.com/] Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe Outil indésirable:Application/Processor No Désinfecté D:\Sauvegarde\SmitfraudFix.zip[smitfraudFix/Process.exe] Virus:Trj/Shutdown.Z Désinfecté D:\Sauvegarde\SmitfraudFix.zip[smitfraudFix/restart.exe] Outil indésirable:Application/Processor No Désinfecté D:\Téléchargement\SDFix.exe[sDFix\apps\Process.exe] PS : Le fait de supprimer le dossier C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Messenger\DarkTank@hotmail.fr m'as enlever mes Clin d'oeil sur WLM... Est-ce que je peut les réinstaller ?

Ok merci encore de ton aide, voilà le rapport : KASPERSKY ON-LINE SCANNER REPORT Saturday, May 12, 2007 5:53:48 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 12/05/2007 Enregistrements dans la base antivirus Kaspersky : 318120 Paramètres d'analyse Analyser avec la base antivirus suivante étendue Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ Statistiques de l'analyse Total d'objets analysés 100344 Nombre de virus trouvés 5 Nombre d'objets infectés 36 / 0 Nombre d'objets suspects 0 Durée de l'analyse 01:10:17 Nom de l'objet infecté Nom du virus Dernière action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Bitdefender\Desktop\Profiles\asdict.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\cert8.db L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\formhistory.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\history.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\key3.db L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\parent.lock L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\search.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\urlclassifier2.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Historique\History.IE5\MSHist012007051220070513\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Temp\Free Download Manager\tic35.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Temp\Free Download Manager\tic67F.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Pitouman\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Program Files\BitDefender 10\aspdict.dat L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{044BE665-E2E9-400F-B090-4666775E8B07}\RP61\A0013551.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré C:\System Volume Information\_restore{044BE665-E2E9-400F-B090-4666775E8B07}\RP70\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\EventCache\{ED038FDD-A581-405D-9976-69F9F965F7A3}.bin L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\bdss.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\Temp\tmp000024aa\tmp00000000 L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0004/Cabs.w1.cab/HyperbarSS1.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0004/Cabs.w1.cab/HyperbarSS2.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0004/Cabs.w1.cab/HyperbarSS3.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0004/Cabs.w1.cab/Hyperbar.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0004/Cabs.w1.cab Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0004 Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0005/Cabs.w1.cab/HyperbarSS3.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0005/Cabs.w1.cab/Hyperbar.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0005/Cabs.w1.cab Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe/data0005 Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.exe NSIS: infecté - 10 ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0004/Cabs.w1.cab/HyperbarSS1.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0004/Cabs.w1.cab/HyperbarSS2.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0004/Cabs.w1.cab/HyperbarSS3.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0004/Cabs.w1.cab/Hyperbar.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0004/Cabs.w1.cab Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0004 Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0005/Cabs.w1.cab/HyperbarSS3.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0005/Cabs.w1.cab/Hyperbar.dll Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0005/Cabs.w1.cab Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe/data0005 Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip/warezp2p.exe Infecté : not-a-virus:AdWare.Win32.HyperBar ignoré D:\A garder\Logiciel Diverse\Internet\Limewire\warezp2p.zip ZIP: infecté - 11 ignoré D:\A garder\Logiciel Diverse\Utilitaires\Divers\Babylon\BabylonUpDate\babylon-update.exe/cd_install_167.exe/cd_clint.dll Infecté : not-a-virus:AdWare.Win32.Cydoor ignoré D:\A garder\Logiciel Diverse\Utilitaires\Divers\Babylon\BabylonUpDate\babylon-update.exe/cd_install_167.exe/cd_load.exe Infecté : not-a-virus:AdWare.Win32.Cydoor ignoré D:\A garder\Logiciel Diverse\Utilitaires\Divers\Babylon\BabylonUpDate\babylon-update.exe/cd_install_167.exe Infecté : not-a-virus:AdWare.Win32.Cydoor ignoré D:\A garder\Logiciel Diverse\Utilitaires\Divers\Babylon\BabylonUpDate\babylon-update.exe ZIP: infecté - 3 ignoré D:\Sauvegarde\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infecté : not-a-virus:RiskTool.Win32.Reboot.f ignoré D:\Sauvegarde\SmitfraudFix.zip ZIP: infecté - 1 ignoré D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré D:\System Volume Information\_restore{044BE665-E2E9-400F-B090-4666775E8B07}\RP70\change.log L'objet est verrouillé ignoré D:\Téléchargement\LogMeIn.exe/data.rar/LogMeIn.msi/data.cab/LMIinit.dll Infecté : not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a ignoré D:\Téléchargement\LogMeIn.exe/data.rar/LogMeIn.msi/data.cab/ramaint.exe Infecté : not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a ignoré D:\Téléchargement\LogMeIn.exe/data.rar/LogMeIn.msi/data.cab Infecté : not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a ignoré D:\Téléchargement\LogMeIn.exe/data.rar/LogMeIn.msi Infecté : not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a ignoré D:\Téléchargement\LogMeIn.exe/data.rar Infecté : not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.a ignoré D:\Téléchargement\LogMeIn.exe RarSFX: infecté - 5 ignoré Analyse terminée.

Ok, j'ai déjà installer celui là : http://webscanner.kaspersky.fr/kavwebscan.html Celui-ci est en français... Je le fait avec lequel ? En tout cas merci beaucoup pour ton aide

Voilà donc j'ai suprimer le fichier (en le metant en quanrentaine avec BitDefender puis en le suppriment) Et voici le scan de pgdfgsvc.exe Online malware scan : Scan taken on 12 May 2007 13:54:51 (GMT) A-Squared Found nothing AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Rising Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing VirusTotal : Complete scanning result of "pgdfgsvc.exe", received in VirusTotal at 05.12.2007, 15:55:46 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.10.0 05.11.2007 no virus found AntiVir 7.4.0.15 05.12.2007 no virus found Authentium 4.93.8 05.11.2007 no virus found Avast 4.7.997.0 05.11.2007 no virus found AVG 7.5.0.467 05.11.2007 no virus found BitDefender 7.2 05.12.2007 no virus found CAT-QuickHeal 9.00 05.12.2007 no virus found ClamAV devel-20070416 05.12.2007 no virus found DrWeb 4.33 05.12.2007 no virus found eSafe 7.0.15.0 05.10.2007 no virus found eTrust-Vet 30.7.3628 05.11.2007 no virus found Ewido 4.0 05.12.2007 no virus found FileAdvisor 1 05.12.2007 No threat detected Fortinet 2.85.0.0 05.12.2007 no virus found F-Prot 4.3.2.48 05.11.2007 no virus found F-Secure 6.70.13030.0 05.11.2007 no virus found Ikarus T3.1.1.7 05.12.2007 no virus found Kaspersky 4.0.2.24 05.12.2007 no virus found McAfee 5029 05.11.2007 no virus found Microsoft 1.2503 05.12.2007 no virus found NOD32v2 2262 05.12.2007 no virus found Norman 5.80.02 05.11.2007 no virus found Panda 9.0.0.4 05.12.2007 no virus found Prevx1 V2 05.12.2007 no virus found Sophos 4.17.0 05.11.2007 no virus found Sunbelt 2.2.907.0 05.12.2007 no virus found Symantec 10 05.12.2007 no virus found TheHacker 6.1.6.114 05.12.2007 no virus found VBA32 3.12.0 05.11.2007 no virus found VirusBuster 4.3.7:9 05.11.2007 no virus found Webwasher-Gateway 6.0.1 05.12.2007 no virus found Aditional Information File size: 25992 bytes MD5: 8cf7c3ae5f358e75eb273af06e8f78ca SHA1: 14494f20f373167e9c946297ac420497a9b38c68 Bit9 info: http://fileadvisor.bit9.com/services/extin...b273af06e8f78ca

Le problème d'affichage s'est résolu en rebootant et pour la supprétion manuel je l'ai déja fait avec unlocker mais le fichier infecter revien...

Oui j'ai passer un coup de ATF et BitDefender donne toujours le même rapport //----------------------------------------------------------------- // // Produit BitDefender Antivirus Plus v10 // Produit 10.2 // // Créé le: 12/05/2007 14:48:53 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ D:\ Dossiers : 953 Fichiers : 32794 Processus Mémoire analysés : 24 Archives : 2051 Fichiers enpaquetés : 2786 Virus trouvés : 0 Fichiers infectés : 0 Processus Mémoire infectés : 0 Fichiers suspects : 1 Alertes : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers déplacés : 0 Erreurs I/O : 19 Temps d'analyse :=00:05:03 Fichiers/seconde :108 Statistiques Spywares Registres analysés : 2255 Registres infectés : 0 Cookies analysés : 1 Cookies infectés : 0 Fichiers spyware infectés : 0 Menaces Spyware détectées : 0 Définitions virus : 28716 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Processus mémoire [X] Analyser les archives [X] Analyser les fichiers enpaquetés [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Mettre en quarantaine [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [X] Mettre en quarantaine [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [ ] Afficher tous les fichiers dans le journal [X] Fichier journal: C:\Documents and Settings\Pitouman\Application Data\BitDefender\Desktop\Profiles\Logs\user_0001\1178974133.log Options d'analyse Spyware [X] Analyse contre les risques non-viraux [ ] Ecarter de l'analyse les dialers et les applications [X] Clés de registres [X] Cookies Résumé: C:\Documents and Settings\Pitouman\Local Settings\Temp\V444FHa01060 Suspect: Exploit.Iframe.Vulnerability Encore merci !!! PS : le site de Zébulon à changer chez moi : le fond bleu à disparut et les icones ne sont plus à leurs places...

C'est un fichier mais il n'as pas d'extention... Et lorsque je le poste à Virus total il répond ça : 0 bytes size received / Se ha recibido un archivo vacio Online malware scan dit : The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file Voila, encore merci pour ta rapidité !!!

Re, merci pour ta rapidité !!! Voici le rapport de Bitdefender, je l'ai arêter en cours de route lorsqu'il as repérer Iframe... //----------------------------------------------------------------- // // Produit BitDefender Antivirus Plus v10 // Produit 10.2 // // Créé le: 12/05/2007 13:34:32 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ D:\ Dossiers : 3788 Fichiers : 259700 Processus Mémoire analysés : 24 Archives : 3108 Fichiers enpaquetés : 30504 Virus trouvés : 0 Fichiers infectés : 0 Processus Mémoire infectés : 0 Fichiers suspects : 1 Alertes : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers déplacés : 0 Erreurs I/O : 31 Temps d'analyse :=00:20:42 Fichiers/seconde :209 Statistiques Spywares Registres analysés : 2250 Registres infectés : 0 Cookies analysés : 1 Cookies infectés : 0 Fichiers spyware infectés : 0 Menaces Spyware détectées : 0 Définitions virus : 31866644 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Processus mémoire [X] Analyser les archives [X] Analyser les fichiers enpaquetés [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Mettre en quarantaine [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [X] Mettre en quarantaine [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [ ] Afficher tous les fichiers dans le journal [X] Fichier journal: C:\Documents and Settings\Pitouman\Application Data\BitDefender\Desktop\Profiles\Logs\user_0001\1178969672.log Options d'analyse Spyware [X] Analyse contre les risques non-viraux [ ] Ecarter de l'analyse les dialers et les applications [X] Clés de registres [X] Cookies Résumé: C:\Documents and Settings\Pitouman\Local Settings\Temp\V444FHa01060 Suspect: Exploit.Iframe.Vulnerability

Bonjours à tous, Voila depuis quelques temps BitDefender me détecte le virus suivant : Exploit.Iframe.Vulnérability, il n'arive pas à le supprimer et losque je supprime le fichier avec Unlocker il revien... J'ai fait les mise à jours avec Windows Update (je n'était pas à jour malgrès les mise à jours automatique activé...) et j'ai scanner avec cette addresse http://secunia.com/software_inspector/ , il me dit que tout est bon mais BitDefender me détecte toujours le virus.... Voilà, je poster le rapport HiJackThis et DiagHelp : Logfile of HijackThis v1.99.1 Scan saved at 12:04:20, on 12/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SkyTel.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\BITDEF~1\bdmcon.exe C:\Program Files\BitDefender 10\bdagent.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe C:\Program Files\QuickCam 10\QuickCam10.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe c:\program files\a-squared free\a2service.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender 10\vsserv.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - -Manquant O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: -Sans nom - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender 10\bdagent.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\QuickCam 10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe Reader 8.0\Reader\reader_sl.exe O8 - Extra du menu contextuel E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra du menu contextuel Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra du menu contextuel Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra du menu contextuel Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra du menu contextuel Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Bouton Extra: -Sans nom - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Outil Extra du menu : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Bouton Extra: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL O9 - Bouton Extra: -Sans nom - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Outil Extra du menu : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Bouton Extra: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Outil Extra du menu : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender 10\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) DiagHelp version v1.07.4 - http://www.malekal.com excute le 12/05/2007 à 12:19:13,00 Liste des fichiers modifies/crees dans les 24 dernieres heures... C:\biosinfo C:\Documents and Settings\LocalService\Cookies\index.dat C:\Documents and Settings\LocalService\Local Settings\desktop.ini C:\Documents and Settings\LocalService\NTUSER.DAT C:\Documents and Settings\LocalService\ntuser.dat.LOG C:\Documents and Settings\NetworkService\Local Settings\desktop.ini C:\Documents and Settings\NetworkService\NTUSER.DAT C:\Documents and Settings\NetworkService\ntuser.dat.LOG C:\Documents and Settings\Pitouman C:\Documents and Settings\Pitouman\Bureau C:\Documents and Settings\Pitouman\Bureau\catchme.log C:\Documents and Settings\Pitouman\Bureau\DiagHelp C:\Documents and Settings\Pitouman\Bureau\DiagHelp\resultat.txt C:\Documents and Settings\Pitouman\Bureau\DiagHelp(1).zip C:\Documents and Settings\Pitouman\Bureau\FairUse Wizard 2.lnk C:\Documents and Settings\Pitouman\Cookies C:\Documents and Settings\Pitouman\Cookies\index.dat C:\Documents and Settings\Pitouman\Cookies\pitouman@google[1].txt C:\Documents and Settings\Pitouman\Local Settings\desktop.ini C:\Documents and Settings\Pitouman\Local Settings\Temp C:\Documents and Settings\Pitouman\Local Settings\Temp\jusched.log C:\Documents and Settings\Pitouman\Local Settings\Temp\LVCOMSX.LOG C:\Documents and Settings\Pitouman\Local Settings\Temp\subC.tmp C:\Documents and Settings\Pitouman\Local Settings\Temp\V444FHa01060 C:\Documents and Settings\Pitouman\Menu Démarrer\Programmes C:\Documents and Settings\Pitouman\Menu Démarrer\Programmes\FairUse Wizard 2 C:\Documents and Settings\Pitouman\Menu Démarrer\Programmes\FairUse Wizard 2\FairUse Wizard 2.lnk C:\Documents and Settings\Pitouman\Mes documents\Mes dossiers de partage.lnk C:\Documents and Settings\Pitouman\Mes documents\Mes Historiques de Conversation C:\Documents and Settings\Pitouman\NTUSER.DAT C:\Documents and Settings\Pitouman\ntuser.dat.LOG C:\Documents and Settings\Pitouman\ntuser.ini C:\Documents and Settings\Pitouman\UserData\index.dat C:\pagefile.sys C:\Program Files C:\Program Files\BitDefender 10 C:\Program Files\BitDefender 10\as2himgdb.dat C:\Program Files\BitDefender 10\as2sign.slf C:\Program Files\BitDefender 10\as2urldbi.dat C:\Program Files\BitDefender 10\asstat.ini C:\Program Files\BitDefender 10\status.ini C:\Program Files\eMule C:\Program Files\eMule\config C:\Program Files\eMule\config\AC_BootstrapIPs.dat C:\Program Files\eMule\config\AC_ServerMetURLs.dat C:\Program Files\eMule\config\cancelled.met C:\Program Files\eMule\config\clients.met C:\Program Files\eMule\config\emfriends.met C:\Program Files\eMule\config\known2_64.met C:\Program Files\eMule\config\preferences.dat C:\Program Files\eMule\config\preferences.ini C:\Program Files\eMule\config\server.met C:\Program Files\eMule\config\shareddir.dat C:\Program Files\eMule\config\statistics.ini C:\Program Files\eMule\downloads.txt C:\Program Files\FairUse Wizard 2 C:\Program Files\FairUse Wizard 2\FairUse.ini C:\Program Files\FairUse Wizard 2\fairuse.log C:\Program Files\FairUse Wizard 2\Lang C:\Program Files\FairUse Wizard 2\Thumbs.db C:\Program Files\FairUse Wizard 2\UnInstall_14333.txt C:\Program Files\FairUse Wizard 2\VDubMod C:\Program Files\FairUse Wizard 2\VDubMod\aviproxy C:\Program Files\FairUse Wizard 2\VDubMod\help C:\Program Files\FairUse Wizard 2\VDubMod\help\pics C:\Program Files\FairUse Wizard 2\VDubMod\plugins C:\Program Files\FairUse Wizard 2\VDubMod\template C:\Program Files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.log C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator C:\Program Files\Fichiers communs\Softwin\BitDefender Local Manager C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\aspy_emu.cvd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\ceva_vfs.cvd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\cran.ivd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\emalware.i14 C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\e_spyw.i03 C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\e_spyw.i04 C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\mdx_97.ivd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\sdx.ivd C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\Plugins\update.txt C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\plugins.htm C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\live.ini C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.log C:\Program Files\HijackThis C:\Program Files\HijackThis\hijackthis.log C:\Program Files\jv16 PowerTools\Backups C:\Program Files\jv16 PowerTools\Backups�0EAA C:\Program Files\jv16 PowerTools\Backups�0EAA\entries.reg C:\Program Files\jv16 PowerTools\Backups�0EAA\Index.dat C:\Program Files\jv16 PowerTools\Temp C:\Program Files\Mozilla Firefox C:\Program Files\Mozilla Firefox\updates C:\Program Files\MSN Messenger\ErrorResponse.xml C:\Program Files\MSXML 6.0 C:\Program Files\MSXML 6.0\EULA C:\Program Files\Nero\Nero 7\InCD\Error.log C:\Program Files\Nero\Nero 7\InCD\SrvError.Log C:\Program Files\Spyware Terminator C:\Program Files\Spyware Terminator\history.txt C:\Program Files\Spyware Terminator\languages C:\Program Files\Spyware Terminator\languages\czech.cab C:\Program Files\Spyware Terminator\languages\czech.inf C:\Program Files\Spyware Terminator\languages\english.cab C:\Program Files\Spyware Terminator\languages\english.inf C:\Program Files\Spyware Terminator\languages\french.cab C:\Program Files\Spyware Terminator\languages\french.inf C:\Program Files\Spyware Terminator\languages\german.cab C:\Program Files\Spyware Terminator\languages\german.inf C:\Program Files\Spyware Terminator\languages\hungarian.cab C:\Program Files\Spyware Terminator\languages\hungarian.inf C:\Program Files\Spyware Terminator\languages\italiano.cab C:\Program Files\Spyware Terminator\languages\italiano.inf C:\Program Files\Spyware Terminator\languages\korean.cab C:\Program Files\Spyware Terminator\languages\korean.inf C:\Program Files\Spyware Terminator\languages\polish.cab C:\Program Files\Spyware Terminator\languages\polish.inf C:\Program Files\Spyware Terminator\languages\portuguese.cab C:\Program Files\Spyware Terminator\languages\portuguese.inf C:\Program Files\Spyware Terminator\languages\serbian.cab C:\Program Files\Spyware Terminator\languages\serbian.inf C:\Program Files\Spyware Terminator\languages\spanish.cab C:\Program Files\Spyware Terminator\languages\spanish.inf C:\Program Files\Spyware Terminator\languages\turkish.cab C:\Program Files\Spyware Terminator\languages\turkish.inf C:\Program Files\Spyware Terminator\report.txt C:\Program Files\Spyware Terminator\sptcontmenu.dll C:\Program Files\Spyware Terminator\sptcontmenu.dll.old C:\WINDOWS C:\WINDOWS\AU_Backup\1\27 C:\WINDOWS\AU_Backup\1\27\backup.001 C:\WINDOWS\AU_Backup\1\27\backup.002 C:\WINDOWS\AU_Backup\1\27\backup.003 C:\WINDOWS\AU_Backup\1\27\backup.004 C:\WINDOWS\AU_Backup\2\4 C:\WINDOWS\AU_Backup\2\4\backup.000 C:\WINDOWS\AU_Backup\2\4\backup.001 C:\WINDOWS\AU_Backup\AuBackup.ini C:\WINDOWS\AU_Log\TmuDump.txt C:\WINDOWS\AU_Temp C:\WINDOWS\AU_Temp\1 C:\WINDOWS\AU_Temp\1\27 C:\WINDOWS\AU_Temp\2 C:\WINDOWS\AU_Temp\2\4 C:\WINDOWS\AU_Temp\3 C:\WINDOWS\AU_Temp\3\4 C:\WINDOWS\AU_Temp\3\4\lpt$vpn.463 C:\WINDOWS\AU_Temp\AuPatch.ini C:\WINDOWS\AU_Temp\AuResult.ini C:\WINDOWS\AU_Temp\AU_Down C:\WINDOWS\AU_Temp\AU_Down\engine C:\WINDOWS\AU_Temp\AU_Down\engine\engv83_nt386.zip C:\WINDOWS\AU_Temp\AU_Down\pattern C:\WINDOWS\AU_Temp\AU_Down\pattern\v_457.463 C:\WINDOWS\AU_Temp\AU_Down\product C:\WINDOWS\AU_Temp\AU_Down\product\auhccup1.zip C:\WINDOWS\AU_Temp\AU_Down\product\hctsc.zip C:\WINDOWS\AU_Temp\server.ini C:\WINDOWS\bootstat.dat C:\WINDOWS\BPMNT.dll C:\WINDOWS\Debug C:\WINDOWS\Debug\PASSWD.LOG C:\WINDOWS\GetServer.ini C:\WINDOWS\hcextoutput.dll C:\WINDOWS\inf C:\WINDOWS\LPT$VPN.463 C:\WINDOWS\pavsig.txt C:\WINDOWS\report C:\WINDOWS\report\20070511.log C:\WINDOWS\SchedLgU.Txt C:\WINDOWS\system32 C:\WINDOWS\system32\ActiveScan C:\WINDOWS\system32\ActiveScan\pav.sig C:\WINDOWS\system32\bdss.log C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp C:\WINDOWS\system32\CatRoot2 C:\WINDOWS\system32\CatRoot2\dberr.txt C:\WINDOWS\system32\CatRoot2\edb.chk C:\WINDOWS\system32\CatRoot2\edb.log C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp C:\WINDOWS\system32\Help.ico C:\WINDOWS\system32\nvapps.xml C:\WINDOWS\system32\pavas.ico C:\WINDOWS\system32\Uninstall.ico C:\WINDOWS\system32\wpa.dbl C:\WINDOWS\Tasks\SA.DAT C:\WINDOWS\Temp C:\WINDOWS\Temp\kds.xml C:\WINDOWS\Temp\tmp000062fd\tmp00000000 C:\WINDOWS\Temp\WGANotify.settings C:\WINDOWS\tsc.exe C:\WINDOWS\TSC.INI C:\WINDOWS\tsc.ptn C:\WINDOWS\VPTNFILE.463 C:\WINDOWS\vsapi32.dll C:\WINDOWS\wiadebug.log C:\WINDOWS\wiaservc.log C:\WINDOWS\win.ini C:\WINDOWS\WindowsUpdate.log C:\xscan.txt Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\CO_Mon.sys -->07/05/2007 21:52:08 C:\WINDOWS\System32/drivers\sp_rsdrv2.sys -->03/05/2007 12:26:23 C:\WINDOWS\System32/drivers\lirsgt.sys -->30/04/2007 19:31:51 C:\WINDOWS\System32/drivers\atksgt.sys -->30/04/2007 19:31:51 C:\WINDOWS\System32/drivers\ntfs.sys -->09/02/2007 13:10:35 C:\WINDOWS\System32/drivers\LVPr2Mon.sys -->06/02/2007 17:45:04 C:\WINDOWS\System32/drivers\LVMVdrv.sys -->06/02/2007 17:44:36 C:\WINDOWS\System32\bdod.bin -->12/05/2007 12:19:28 C:\WINDOWS\System32\bdss.log -->12/05/2007 12:14:22 C:\WINDOWS\System32\wpa.dbl -->12/05/2007 11:58:53 C:\WINDOWS\System32\nvapps.xml -->12/05/2007 11:58:23 C:\WINDOWS\System32\Uninstall.ico -->11/05/2007 18:14:07 C:\WINDOWS\System32\pavas.ico -->11/05/2007 18:14:06 C:\WINDOWS\System32\Help.ico -->11/05/2007 18:14:06 C:\WINDOWS\System32\CmdLineExt03.dll -->10/05/2007 20:24:58 C:\WINDOWS\System32\FNTCACHE.DAT -->08/05/2007 17:06:56 C:\WINDOWS\System32\tmp.txt -->08/05/2007 14:05:32 C:\WINDOWS\System32\tmp.reg -->08/05/2007 14:05:32 C:\WINDOWS\System32\pgdfgsvc.exe -->07/05/2007 20:01:46 C:\WINDOWS\System32\asfiles.txt -->01/05/2007 01:40:03 C:\WINDOWS\System32\MRT.exe -->27/04/2007 22:45:12 C:\WINDOWS\System32\lvcoinst.log -->27/04/2007 13:37:25 C:\WINDOWS\System32\BASSMOD.dll -->18/04/2007 19:37:11 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->13/04/2007 23:17:02 C:\WINDOWS\System32\msinet.ocx -->12/04/2007 23:48:28 C:\WINDOWS\System32\comdlg32.ocx -->12/04/2007 23:48:28 C:\WINDOWS\System32\SIntfNT.dll -->12/04/2007 22:25:00 C:\WINDOWS\System32\SIntf32.dll -->12/04/2007 22:25:00 C:\WINDOWS\System32\SIntf16.dll -->12/04/2007 22:25:00 C:\WINDOWS\System32\Chip.dll -->12/04/2007 01:50:51 C:\WINDOWS\System32\nscompat.tlb -->11/04/2007 22:24:20 C:\WINDOWS\System32\amcompat.tlb -->11/04/2007 22:24:20 C:\WINDOWS\win.ini -->12/05/2007 12:13:36 C:\WINDOWS\WindowsUpdate.log -->12/05/2007 11:58:32 C:\WINDOWS\wiadebug.log -->12/05/2007 11:58:32 C:\WINDOWS\wiaservc.log -->12/05/2007 11:58:30 C:\WINDOWS\bootstat.dat -->12/05/2007 11:58:16 C:\WINDOWS\SchedLgU.Txt -->11/05/2007 19:00:53 C:\WINDOWS\TSC.INI -->11/05/2007 19:00:30 C:\WINDOWS\pavsig.txt -->11/05/2007 18:14:58 C:\WINDOWS\tsc.ptn -->11/05/2007 18:07:22 C:\WINDOWS\vsapi32.dll -->11/05/2007 18:07:21 C:\WINDOWS\tsc.exe -->11/05/2007 18:07:21 C:\WINDOWS\hcextoutput.dll -->11/05/2007 18:07:21 C:\WINDOWS\VPTNFILE.463 -->11/05/2007 18:07:20 C:\WINDOWS\LPT$VPN.463 -->11/05/2007 18:07:20 C:\WINDOWS\BPMNT.dll -->11/05/2007 18:07:20 Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\WINDOWS\system32 02/03/2006 14:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 13 397 499 904 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\WINDOWS\Downloaded Program Files 07/05/2007 21:51 <REP> . 07/05/2007 21:51 <REP> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 17/05/2006 14:32 231 072 avsniff.dll 17/05/2006 14:29 878 avsniff.inf 17/05/2006 14:32 198 304 avsniffdlgs.dll 17/05/2006 14:26 537 704 AXXPEE.dll 17/05/2006 14:29 241 CabSA.inf 02/05/2007 01:00 2 504 catalog.dat 11/04/2007 18:04 65 desktop.ini 02/05/2007 01:00 6 899 ecbootil.vxd 17/05/2006 14:26 42 112 ecmldr32.dll 02/05/2007 01:00 271 992 ecmsvr32.dll 08/08/2006 11:45 576 kavwebscan.inf 17/05/2006 14:28 6 850 navapi.vxd 17/05/2006 14:28 201 896 navapi32.dll 02/05/2007 01:00 120 440 naveng32.dll 02/05/2007 01:00 902 776 navex32a.dll 17/05/2006 14:32 161 480 rufsi.dll 02/05/2007 01:00 97 744 scrauth.dat 26/03/2007 16:46 5 085 swflash.inf 02/05/2007 01:00 11 875 symaveng.cat 02/05/2007 01:00 1 061 symaveng.inf 02/05/2007 01:00 190 702 tcdefs.dat 02/05/2007 01:00 1 480 739 tcscan7.dat 02/05/2007 01:00 349 736 tcscan8.dat 02/05/2007 01:00 830 478 tcscan9.dat 02/05/2007 01:00 453 tinf.dat 02/05/2007 01:00 148 tinfidx.dat 02/05/2007 01:00 1 957 tinfl.dat 02/05/2007 01:00 66 363 tscan1.dat 02/05/2007 01:00 3 113 tscan1hd.dat 02/05/2007 01:00 4 778 v.grd 02/05/2007 01:00 2 261 v.sig 02/05/2007 01:00 106 244 virscan.inf 02/05/2007 01:00 982 800 virscan1.dat 02/05/2007 01:00 570 636 virscan2.dat 02/05/2007 01:00 149 096 virscan3.dat 02/05/2007 01:00 320 253 virscan4.dat 02/05/2007 01:00 3 748 071 virscan5.dat 02/05/2007 01:00 390 742 virscan6.dat 02/05/2007 01:00 8 419 678 virscan7.dat 02/05/2007 01:00 1 730 898 virscan8.dat 02/05/2007 01:00 4 424 061 virscan9.dat 02/05/2007 01:00 32 virscant.dat 02/11/2005 18:01 1 777 xscan.inf 02/11/2005 18:07 435 712 xscan53.ocx 02/05/2007 01:00 224 zdone.dat 47 fichier(s) 27 154 467 octets Total des fichiers listés : 47 fichier(s) 27 154 467 octets 2 Rép(s) 13 397 499 904 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-12 12:23:35 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Messenger\DarkTank@hotmail.fr\SharingMetadata\bigouba@hotmail.fr\DFSR\Staging\CS{953EDA57-AE04-DA4C-5E46-E526CFA37A2A}1\12-{953EDA57-AE04-DA4C-5E46-E526CFA37A2A}-v1-{B4F5D3D8-49F3-4FAF-928D-C9A00A439E48}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Messenger\DarkTank@hotmail.fr\SharingMetadata\bigouba@hotmail.fr\DFSR\Staging\CS{953EDA57-AE04-DA4C-5E46-E526CFA37A2A}\31\431-{8D58F70F-27FC-4B3D-A044-90F00C75F154}-v431-{8D58F70F-27FC-4B3D-A044-90F00C75F154}-v431-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1784 bytes hidden from API C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Messenger\DarkTank@hotmail.fr\SharingMetadata\gcassar64@hotmail.com\DFSR\Staging\CS{2DF65D97-1706-EFE7-F664-FEFA8CA0C2A1}1\10-{2DF65D97-1706-EFE7-F664-FEFA8CA0C2A1}-v1-{B4F5D3D8-49F3-4FAF-928D-C9A00A439E48}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\Pitouman\Local Settings\Application Data\Microsoft\Messenger\DarkTank@hotmail.fr\SharingMetadata\sbcyz@aol.com\DFSR\Staging\CS{BB19752D-F7EB-E5C7-5D4F-5286D88277FF}1\11-{BB19752D-F7EB-E5C7-5D4F-5286D88277FF}-v1-{B4F5D3D8-49F3-4FAF-928D-C9A00A439E48}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 4 Liste des programmes installes a-squared Free 2.1 Ad-Aware SE Personal Adobe Flash Player ActiveX Adobe Reader 8 - Français Anno 1701 Archiveur WinRAR AVG Anti-Spyware 7.5 BitDefender Antivirus Plus v10 BitSpirit v3.2.2.122 Stable CCleaner (remove only) Diablo II Empire Earth II eMule FairUse Wizard 2 FastStone Image Viewer 2.8 (French) FLV Player Free Download Manager 2.1 Gimp pour Windows HijackThis 1.99.1 Java SE Runtime Environment 6 Update 1 jv16 PowerTools 1.3 Kaspersky Online Scanner Language pack for Ad-Aware SE Lecteur Windows Media 10 Logitech QuickCam Media Player Classic fr Messenger Plus! Live Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.0 French Language Pack Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour pour Windows XP (KB911164) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 Mozilla Firefox (2.0.0.3) Mozilla Thunderbird (2.0.0.0) Mp3tag v2.37a MSNdecrypter 2.0 MSXML 4.0 SP2 (KB927978) MSXML 6.0 Parser Nero 7 Ultra Edition Notepad++ NVIDIA Drivers Oblivion Oblivion - Construction Set Oblivion mod manager 0.9.15 Panda ActiveScan PowerDVD QuickTime Alternative 1.78 Real Alternative 1.52 Realtek High Definition Audio Driver RivaTuner v2.0 RC 16.2 Security Update for Microsoft .NET Framework 2.0 (KB917283) Security Update pour Microsoft .NET Framework 2.0 (KB922770) Spybot - Search & Destroy 1.4 Spyware Terminator Unlocker 1.8.5 UxTheme Multipatcher Fr Wacky Races WebFldrs XP Winamp Alternative 1.1 Windows Communication Foundation Windows Communication Foundation Language Pack - FRA Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 7 Windows Live Messenger Windows Media Format Runtime Windows Presentation Foundation Windows Presentation Foundation Language Pack (FRA) Windows Workflow Foundation Windows Workflow Foundation FR Language Pack XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\Program Files 11/05/2007 16:54 <REP> . 11/05/2007 16:54 <REP> .. 02/05/2007 18:03 <REP> Ad-Aware SE Personal 27/04/2007 21:30 <REP> Adobe 16/04/2007 23:03 <REP> Adobe Reader 8.0 09/05/2007 18:31 <REP> a-squared Free 09/05/2007 18:50 <REP> AVG Anti-Spyware 7.5 12/05/2007 12:14 <REP> BitDefender 10 12/04/2007 21:21 <REP> BitSpirit 28/04/2007 21:41 <REP> CCleaner 11/04/2007 18:02 <REP> ComPlus Applications 27/04/2007 21:29 <REP> Emoticon 11/05/2007 13:31 <REP> eMule 11/05/2007 17:35 <REP> FairUse Wizard 2 11/04/2007 23:54 <REP> FastStone Image Viewer 28/04/2007 12:14 <REP> Fichiers communs 12/04/2007 23:50 <REP> FLV Player 01/05/2007 17:46 <REP> Free Download Manager 05/05/2007 19:28 <REP> Gimp Mode 12/05/2007 12:04 <REP> HijackThis 11/04/2007 18:28 <REP> Intel 09/05/2007 18:58 <REP> Internet Explorer 13/04/2007 23:17 <REP> Java 12/04/2007 20:03 <REP> jv16 PowerTools 11/04/2007 20:48 <REP> Logitech 05/05/2007 22:08 <REP> Media Player Classic 12/04/2007 21:21 <REP> Messenger 01/05/2007 17:47 <REP> Messenger Plus! Live 11/04/2007 18:05 <REP> microsoft frontpage 11/04/2007 23:26 <REP> Microsoft.NET 11/04/2007 18:02 <REP> Movie Maker 12/05/2007 11:59 <REP> Mozilla Firefox 01/05/2007 17:48 <REP> Mozilla Thunderbird 17/04/2007 23:34 <REP> Mp3tag 11/04/2007 22:01 <REP> MSBuild 11/04/2007 18:01 <REP> MSN 11/04/2007 18:01 <REP> MSN Gaming Zone 01/05/2007 17:48 <REP> MSN Messenger 17/04/2007 19:53 <REP> MSNdecrypter 2.0 11/04/2007 21:21 <REP> MSXML 4.0 11/05/2007 13:07 <REP> MSXML 6.0 28/04/2007 12:14 <REP> Nero 11/04/2007 18:03 <REP> NetMeeting 01/05/2007 17:49 <REP> Notepad++ 28/04/2007 01:44 <REP> OCCT 11/04/2007 23:27 <REP> Office 11/04/2007 18:01 <REP> Online Services 01/05/2007 17:50 <REP> Outlook Express 06/05/2007 15:27 <REP> PageDefrag 16/04/2007 00:15 <REP> Paint Shop Pro 8 01/05/2007 17:50 <REP> PowerDVD 01/05/2007 17:50 <REP> QuickCam 10 13/04/2007 14:01 <REP> QuickTime Alternative 13/04/2007 13:56 <REP> Real Alternative 11/04/2007 18:16 <REP> Realtek 11/04/2007 21:58 <REP> Reference Assemblies 12/04/2007 16:09 <REP> RegCleaner 22/04/2007 16:23 <REP> ResHack 11/04/2007 18:42 <REP> RivaTuner v2.0 RC 16.2 11/04/2007 18:03 <REP> Services en ligne 08/05/2007 13:48 <REP> Spybot - Search & Destroy 12/05/2007 12:03 <REP> Spyware Terminator 01/05/2007 17:51 <REP> Unlocker 18/04/2007 19:52 <REP> UxTheme Multipatcher Fr 13/04/2007 14:01 <REP> Winamp Alternative 11/04/2007 22:24 <REP> Windows Media Player 11/04/2007 18:01 <REP> Windows NT 01/05/2007 17:51 <REP> WinRAR 11/04/2007 18:05 <REP> xerox 0 fichier(s) 0 octets 69 Rép(s) 13 397 250 048 octets libres Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\Program Files\fichiers communs 28/04/2007 12:14 <REP> . 28/04/2007 12:14 <REP> .. 16/04/2007 23:03 <REP> Adobe 28/04/2007 12:16 <REP> Ahead 11/04/2007 23:27 <REP> DESIGNER 12/04/2007 22:38 <REP> InstallShield 13/04/2007 23:16 <REP> Java 27/04/2007 21:29 <REP> logishrd 11/04/2007 23:27 <REP> Microsoft Shared 11/04/2007 18:03 <REP> MSSoap 11/04/2007 19:49 <REP> ODBC 11/04/2007 18:03 <REP> Services 11/04/2007 20:29 <REP> Softwin 11/04/2007 19:49 <REP> SpeechEngines 11/04/2007 21:20 <REP> System 0 fichier(s) 0 octets 15 Rép(s) 13 397 245 952 octets libres Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 11/04/2007 23:27 <REP> . 11/04/2007 23:27 <REP> .. 11/04/2007 23:27 <REP> 1033 11/04/2007 23:27 <REP> 1036 11/07/2003 10:15 1 292 872 MSONSEXT.DLL 15/07/2003 06:52 35 896 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 13 397 245 952 octets libres Le volume dans le lecteur C s'appelle Windob Le numéro de série du volume est 8484-11D8 Répertoire de C:\ 08/05/2007 11:48 68 096 diff.exe 08/05/2007 11:48 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 13 397 245 952 octets libres c:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe c:\Documents and Settings\Pitouman\Application Data\Free Download Manager\Update\fdminst.exe c:\Documents and Settings\Pitouman\Bureau\avgas-setup-7.5.0.50.exe c:\Documents and Settings\Pitouman\Bureau\BitSpirit 3.2.2.122.exe c:\Documents and Settings\Pitouman\Bureau\ccleaner_ccleaner_1.38.435_francais_14492.exe c:\Documents and Settings\Pitouman\Bureau\CleanMessenger(MsnTrucAstuce.fr).exe c:\Documents and Settings\Pitouman\Bureau\FastStoneViewer-2.8-Colok-fr.exe c:\Documents and Settings\Pitouman\Bureau\FirefoxGoogleToolbarSetup.exe c:\Documents and Settings\Pitouman\Bureau\FLVplayer_v0.0.5.exe c:\Documents and Settings\Pitouman\Bureau\jv16pt_setup1.3.0.195.exe c:\Documents and Settings\Pitouman\Bureau\MsgPlusLive-420.exe c:\Documents and Settings\Pitouman\Bureau\patch.exe c:\Documents and Settings\Pitouman\Bureau\RegCleaner.exe c:\Documents and Settings\Pitouman\Bureau\spybotsd14.exe c:\Documents and Settings\Pitouman\Bureau\unlocker1.8.5.exe c:\Documents and Settings\Pitouman\Bureau\Windows Média Player 10.exe c:\Documents and Settings\Pitouman\Bureau\windows-live-messenger_windows_live_messenger_8.1.0178.00_francais_19367.exe c:\Documents and Settings\Pitouman\Bureau\WinRAR 3.62.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Pitouman\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\MMSEF.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Pitouman\Application Data\Mozilla\Firefox\Profiles\hy11yau7.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll Merci beaucoup d'avance pour votre aide.

Re! Bon il se sont mis à jour, Spyware Terminator il y as quelque temps et AVG il s'est mis à jours aujoud'hui, juste losque mes 30 jours étant terminer Merci beacoup pour tout ton aide c'est génial

Edit : double post sans faire exprès....

Merci :P Sinon j'ai installer Spyware Terminator mais il ne veut pas me faire les mise à jours, il fait comme AVG... J'ai déja un Firewall, celui de BitDefender, est-il utile d'activer la protection en temps réél de Spyware Terminator ?

Cool, encore merci :P Avec ça je suis presque blinder... Je vais regarder ça attentivement, merci beaucoup

Oui c'est ce que je voulais dire, analyse gratuite... A, récemment trois fichiers se sont ajouter dans C : diff.exe, grep.exe, reboot.cmd. Sont t-il dangereux ? Peuvent t-il être supprimer ? Merci encore à toi pour ton aide, c'est super !!!! :P :P :P :P

Bin il n'y en as plus... Grace à Panda j'ai enlever quelque Virus, ce devait être ça... Pour AVG je vois de le log "application start was blocked because of several instances" c'est en en effet le serveur apparement Merci beaucoup pour ton aide !!! Dernière question, Secuser est-il un bon Anti-virus gratuit ?

Je tien aussi à dire que j'ai un petit problème avec AVG Anti-spyware : il ne veut pas se metre à jour, il fait : "téléchargement des updates" et la barre n'avance jamais...

Voila j'ai fait comme tu le disait, en téléchargant laversion Anglaise... Rapport clean par Malekal_morte - http://www.malekal.com Script execute en mode sans echec 02/05/2007 a 12:39:59,75 Microsoft Windows XP [version 5.1.2600] *** Suppression des fichiers dans C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 tentative de suppression de C:\WINDOWS\system32\bdod.bin tentative de suppression de C:\WINDOWS\system32\winsys.exe *** Suppression des fichiers dans C:\Program Files *** Suppression des clefs du registre effectuee.. *** Fin du rapport ! HookMAp.dll Complete scanning result of "HookMAp.dll", received in VirusTotal at 05.02.2007, 12:48:53 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.2.0 05.02.2007 no virus found AntiVir 7.4.0.15 05.02.2007 no virus found Authentium 4.93.8 05.02.2007 no virus found Avast 4.7.997.0 05.01.2007 no virus found AVG 7.5.0.467 05.01.2007 no virus found BitDefender 7.2 05.02.2007 no virus found CAT-QuickHeal 9.00 04.30.2007 no virus found ClamAV devel-20070416 05.02.2007 no virus found DrWeb 4.33 05.02.2007 no virus found eSafe 7.0.15.0 05.01.2007 no virus found eTrust-Vet 30.7.3611 05.02.2007 no virus found Ewido 4.0 05.02.2007 no virus found FileAdvisor 1 05.02.2007 no virus found Fortinet 2.85.0.0 05.02.2007 no virus found F-Prot 4.3.2.48 04.30.2007 no virus found F-Secure 6.70.13030.0 05.02.2007 no virus found Ikarus T3.1.1.5 05.02.2007 no virus found Kaspersky 4.0.2.24 05.02.2007 no virus found McAfee 5021 05.01.2007 no virus found Microsoft 1.2405 05.02.2007 no virus found NOD32v2 2233 05.01.2007 no virus found Norman 5.80.02 05.01.2007 no virus found Panda 9.0.0.4 05.01.2007 no virus found Prevx1 V2 05.02.2007 no virus found Sophos 4.17.0 05.01.2007 no virus found Sunbelt 2.2.907.0 05.01.2007 no virus found Symantec 10 05.02.2007 no virus found TheHacker 6.1.6.104 04.15.2007 no virus found VBA32 3.11.4 05.02.2007 no virus found VirusBuster 4.3.7:9 05.01.2007 no virus found Webwasher-Gateway 6.0.1 05.02.2007 no virus found Aditional Information File size: 253952 bytes MD5: 9129dd7bcb21f0325ed1bb90129d26a3 SHA1: 85a004c9a003fb812b086f2e0faf23a79ae66812 HookShield.dll Complete scanning result of "HookShield.dll", received in VirusTotal at 05.02.2007, 13:01:03 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.2.0 05.02.2007 no virus found AntiVir 7.4.0.15 05.02.2007 no virus found Authentium 4.93.8 05.02.2007 no virus found Avast 4.7.997.0 05.01.2007 no virus found AVG 7.5.0.467 05.01.2007 no virus found BitDefender 7.2 05.02.2007 no virus found CAT-QuickHeal 9.00 04.30.2007 no virus found ClamAV devel-20070416 05.02.2007 no virus found DrWeb 4.33 05.02.2007 no virus found eSafe 7.0.15.0 05.01.2007 no virus found eTrust-Vet 30.7.3611 05.02.2007 no virus found Ewido 4.0 05.02.2007 no virus found FileAdvisor 1 05.02.2007 no virus found Fortinet 2.85.0.0 05.02.2007 no virus found F-Prot 4.3.2.48 04.30.2007 no virus found F-Secure 6.70.13030.0 05.02.2007 no virus found Ikarus T3.1.1.5 05.02.2007 no virus found Kaspersky 4.0.2.24 05.02.2007 no virus found McAfee 5021 05.01.2007 no virus found Microsoft 1.2405 05.02.2007 no virus found NOD32v2 2233 05.01.2007 no virus found Norman 5.80.02 05.01.2007 no virus found Panda 9.0.0.4 05.01.2007 no virus found Prevx1 V2 05.02.2007 no virus found Sophos 4.17.0 05.01.2007 no virus found Sunbelt 2.2.907.0 05.01.2007 no virus found Symantec 10 05.02.2007 no virus found TheHacker 6.1.6.104 04.15.2007 no virus found VBA32 3.11.4 05.02.2007 no virus found VirusBuster 4.3.7:9 05.01.2007 no virus found Webwasher-Gateway 6.0.1 05.02.2007 no virus found Aditional Information File size: 262144 bytes MD5: 4df4a631d1ef9d80016f6279019e2c49 SHA1: 5e9611900f858eea4b26ef6a10cbb4024c4558e0 HijackThis : StartupList report, 02/05/2007, 13:13:20 StartupList version: 1.52.2 Started from : D:\Téléchargement\hijackthis_hijackthis_1.99.1_anglais_17891.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16414) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SkyTel.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\BITDEF~1\bdmcon.exe C:\Program Files\BitDefender 10\bdagent.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe C:\Program Files\QuickCam 10\QuickCam10.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\BitDefender 10\vsserv.exe D:\Téléchargement\hijackthis_hijackthis_1.99.1_anglais_17891.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Pitouman\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe Reader 8.0\Reader\AdobeCollabSync.exe Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe Reader 8.0\Reader\reader_sl.exe Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run SkyTel = SkyTel.EXE RTHDCPL = RTHDCPL.EXE Alcmtr = ALCMTR.EXE NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup nwiz = nwiz.exe /install SW20 = C:\WINDOWS\system32\sw20.exe SW24 = C:\WINDOWS\system32\sw24.exe NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit BDMCon = C:\PROGRA~1\BITDEF~1\bdmcon.exe BDAgent = "C:\Program Files\BitDefender 10\bdagent.exe" LogitechCommunicationsManager = "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" LVCOMSX = "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe" LogitechQuickCamRibbon = "C:\Program Files\QuickCam 10\QuickCam10.exe" /hide UnlockerAssistant = "C:\Program Files\Unlocker\UnlockerAssistant.exe" RemoteControl = "C:\Program Files\PowerDVD\PDVDServ.exe" SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" NeroFilterCheck = C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe InCD = C:\Program Files\Nero\Nero 7\InCD\InCD.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background ccleaner = "C:\Program Files\CCleaner\ccleaner.exe" /AUTO Free Download Manager = C:\Program Files\Free Download Manager\fdm.exe -autorun BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" SpybotSD TeaTimer = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=sockspy.dll -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\Free Download Manager\iefdmcks.dll - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [CKAVWebScan Object] InProcServer32 = C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll CODEBASE = http://webscanner.kaspersky.fr/kavwebscan_unicode.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Service d'état ASP.NET: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) atksgt: system32\DRIVERS\atksgt.sys (autostart) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) AVG Anti-Spyware Driver: \??\C:\Program Files\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) bdfdll: \??\C:\Program Files\BitDefender 10\bdfdll.sys (manual start) BDFSDRV: \??\C:\Program Files\BitDefender 10\bdfsdrv.sys (manual start) bdpredir: \??\C:\Program Files\BitDefender 10\bdpredir.sys (system) BDRSDRV: \??\C:\Program Files\BitDefender 10\bdrsdrv.sys (autostart) BitDefender Scan Server: "C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (autostart) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Windows Presentation Foundation Font Cache 3.0.0.0: C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (manual start) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) GMSIPCI: \??\E:\INSTALL\GMSIPCI.SYS (manual start) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) Windows CardSpace: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (manual start) InCD File System: system32\drivers\InCDFs.sys (disabled) InCDPass: system32\drivers\InCDPass.sys (system) InCD Reader: system32\drivers\InCDRm.sys (system) InCD Helper: C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (autostart) Service for Realtek HD Audio (WDM): system32\drivers\RtkHDAud.sys (manual start) Pilote de processeur Intel: system32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: system32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) lirsgt: system32\DRIVERS\lirsgt.sys (autostart) BitDefender Desktop Update Service: "C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Logitech AEC Driver: system32\DRIVERS\LVcKap.sys (manual start) Logitech Machine Vision Engine Loader: system32\DRIVERS\LVMVDrv.sys (manual start) Logitech LVPr2Mon Driver: system32\DRIVERS\LVPr2Mon.sys (manual start) Process Monitor: c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (autostart) LVSrvLauncher: C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (autostart) Logitech USB Monitor Filter: system32\DRIVERS\LVUSBSta.sys (manual start) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) NBService: C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Net.Tcp Port Sharing Service: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) nv: system32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Pilote de port parallèle: system32\DRIVERS\parport.sys (manual start) Pilote de bus PCI: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) Logitech QuickCam IM(PID_PEPI): system32\DRIVERS\LV302V32.SYS (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Profos: \??\C:\Program Files\BitDefender 10\profos.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) RivaTuner32: \??\C:\Program Files\RivaTuner v2.0 RC 16.2\RivaTuner32.sys (manual start) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver: system32\DRIVERS\Rtnicxp.sys (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: system32\DRIVERS\serenum.sys (manual start) Pilote de port série: system32\DRIVERS\serial.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{35EA8233-9389-4A7C-98DD-852CFD9D7725} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Trufos: \??\C:\Program Files\BitDefender 10\trufos.sys (manual start) Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote USB audio (WDM): system32\drivers\usbaudio.sys (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Pilote de concentrateur standard USB Microsoft: system32\DRIVERS\usbhub.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) BitDefender Virus Shield: "C:\Program Files\BitDefender 10\vsserv.exe" /service (autostart) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) WpdUsb: System32\Drivers\wpdusb.sys (manual start) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) BitDefender Communicator: "C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\DOCUME~1\Pitouman\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\Pitouman\Cookies\index.dat -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 36 594 bytes Report generated in 0,125 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only