soptiti

hello ! j'ai fais l'analyse et il n'y a aucun port ouvert sur ma machine (youpi !! ). En ce qui concerne processguard, je suis inacapable de te donner la version installée (je m'en souviens plus...) ; je suis passé par le panneau de configuration pour la désinstallation, menu ajouter/supprimer un programme, puis par ccleaner car il y avait toujours l'icone dans la barre d'outil. En plus j'aimerais le réinstaller car ton argument sur le fait qu'il a bloqué le rootkit m'a plus que convaincu de son utilité... merci encore pour tes réponses précises...a+

salut Charles ! Cette fois je pense avoir fait les choses correctement ; voici ce que tu m'as demandé : FPort v2.0 - TCP/IP Process to Port Mapper Copyright 2000 by Foundstone, Inc. http://www.foundstone.com Pid Process Port Proto Path 276 -> 1026 TCP 904 -> 135 TCP 2672 CLI -> 1036 TCP C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE 4 System -> 139 TCP 4 System -> 445 TCP 4008 cli -> 1044 TCP C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 4028 cli -> 1046 TCP C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 2904 iexplore -> 1238 TCP C:\Program Files\Internet Explorer\iexplore.exe 276 -> 1058 UDP 904 -> 445 UDP 2672 CLI -> 1112 UDP C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE 4 System -> 1027 UDP 0 System -> 137 UDP 0 System -> 138 UDP 0 System -> 1900 UDP 4028 cli -> 1195 UDP C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 4008 cli -> 123 UDP C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 2904 iexplore -> 123 UDP C:\Program Files\Internet Explorer\iexplore.exe PsList 1.26 - Process Information Lister Copyright © 1999-2004 Mark Russinovich Sysinternals - www.sysinternals.com Process information for MYLASTCHANCE: Name Pid Pri Thd Hnd VM WS Priv Idle 0 0 1 0 0 16 0 System 4 8 69 1554 880 240 0 SMSS 540 11 3 21 3828 696 164 CSRSS 588 13 12 561 67464 6640 1892 WINLOGON 624 13 22 444 53084 11900 6436 SERVICES 668 9 16 313 38512 10508 2216 SVCHOST 240 8 6 137 38004 10656 2604 ALG 276 8 6 105 33592 9292 1260 WDFMGR 380 8 4 64 15480 4244 1648 ATI2EVXX 828 8 4 84 22924 7008 960 SVCHOST 840 8 16 209 62916 11824 3244 SVCHOST 904 8 9 313 36496 10192 1908 SVCHOST 972 8 69 1551 107608 31472 16748 SVCHOST 1024 8 6 83 31600 9352 1404 SVCHOST 1160 8 16 213 40084 10728 1880 VSMON 1192 8 23 396 91100 26472 19652 SPOOLSV 1712 8 12 127 47396 11284 3312 SCHEDUL2 1804 8 4 51 19296 4784 616 GUARD 1836 8 8 71 46304 18204 25688 AVGAMSVR 1856 8 11 203 51912 492 3380 AVGUPSVC 1908 8 4 99 37628 7100 1900 FTRTSVC 2028 8 2 27 15876 4172 608 LSASS 680 9 16 320 40740 1956 2516 ATI2EVXX 1128 8 8 105 30256 7320 1108 EXPLORER 1412 8 18 551 99996 36316 23420 DUMeter 2396 8 2 108 41432 12180 1936 TrueImageMonitor 2464 8 2 58 30416 7236 952 SCHEDHLP 2532 8 1 34 16364 4956 524 realsched 2572 8 5 110 38464 188 1100 SOUNDMAN 2636 8 2 58 39152 8720 2028 ZLCLIENT 2684 8 6 93 52768 11148 4984 AVGCC 2708 8 7 206 54020 760 3276 MMKEYBD 2844 8 3 78 38488 10436 2976 SFAgent 2852 8 10 318 72020 20348 9748 IEXPLORE 2904 8 20 819 168612 3256 42332 AVGAS 3236 8 15 149 90228 15232 35264 jusched 3296 8 1 41 31468 8876 956 CTFMON 3312 8 1 123 39384 10052 1096 CMD 4068 8 1 20 14536 1948 1616 pslist 3152 13 2 83 18432 1880 884 CLI 2672 8 15 392 154348 11020 27568 CLI 4008 8 13 263 131140 5288 18340 CLI 4028 8 13 261 154708 11792 21452 ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ EXPLORER.EXE pid: 1412 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll 0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll 0x77f40000 0x76000 6.00.2900.2995 C:\WINDOWS\system32\SHLWAPI.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x75f10000 0xfd000 6.00.2900.2995 C:\WINDOWS\system32\BROWSEUI.dll 0x77720000 0x170000 6.00.2900.2987 C:\WINDOWS\system32\SHDOCVW.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x771b0000 0xcf000 7.00.6000.16414 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x6e850000 0x45000 7.00.6000.16414 C:\WINDOWS\system32\iertutil.dll 0x77390000 0x103000 6.00.2900.2982 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x01410000 0x5ca000 7.00.6000.16414 C:\WINDOWS\system32\ieframe.dll 0x745e0000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll 0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll 0x76920000 0x8000 5.01.2600.2751 C:\WINDOWS\system32\LINKINFO.dll 0x74b30000 0x3c000 7.00.6000.16414 C:\WINDOWS\system32\webcheck.dll 0x61410000 0x124000 7.00.6000.16414 C:\WINDOWS\system32\urlmon.dll 0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv 0x02210000 0x5c000 4.00.0000.0062 C:\Program Files\SPAMfighter\Clients\Outlook Express\SFOE0001.dll 0x10000000 0x1b000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\SHCTXM~1.DLL 0x00e80000 0xe000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\RANDOM~1.DLL 0x01190000 0x1b000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\PWDFIL~1.DLL 0x011b0000 0xe000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\PWDENG~1.DLL 0x01310000 0x10000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\PWDMD5~1.DLL 0x01e10000 0x14000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\COMPZL~1.DLL 0x01a40000 0xe000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\ASYMCR~1.DLL 0x01b20000 0xf000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\DesDll.dll 0x01e40000 0x12000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\WIPEFI~1.DLL 0x02200000 0xe000 1.01.0015.0000 C:\PROGRA~1\SBOXFR~1\SUFFIX~1.DLL 0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll 0x028c0000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\SXS.DLL 0x01ff0000 0x13000 7.05.0000.0047 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll 0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL 0x01fb0000 0x13000 1.00.0000.0001 C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll 0x02170000 0x2b000 C:\Program Files\WinRAR\rarext.dll 0x023b0000 0x20000 7.05.0000.0049 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll 0x621a0000 0x10000 7.05.0000.0409 C:\Program Files\Grisoft\AVG Free\avgse.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x024f0000 0xd5000 1.04.0000.0000 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll 0x41f00000 0x7000 1.01.0000.3917 C:\WINDOWS\system32\asfsipc.dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL 0x36d30000 0x19000 11.00.5510.0000 C:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ IEXPLORE.EXE pid: 2904 Command line: "C:\Program Files\Internet Explorer\iexplore.exe" Base Size Version Path 0x00400000 0x9a000 7.00.6000.16414 C:\Program Files\Internet Explorer\iexplore.exe 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll 0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll 0x77f40000 0x76000 6.00.2900.2995 C:\WINDOWS\system32\SHLWAPI.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x61410000 0x124000 7.00.6000.16414 C:\WINDOWS\system32\urlmon.dll 0x6e850000 0x45000 7.00.6000.16414 C:\WINDOWS\system32\iertutil.dll 0x77390000 0x103000 6.00.2900.2982 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x00ac0000 0x5ca000 7.00.6000.16414 C:\WINDOWS\system32\IEFRAME.dll 0x10000000 0x5c000 4.00.0000.0062 C:\Program Files\SPAMfighter\Clients\Outlook Express\SFOE0001.dll 0x5dff0000 0x2f000 7.00.5730.0011 C:\WINDOWS\system32\IEUI.dll 0x47060000 0x21000 1.00.1018.0000 C:\WINDOWS\system32\xmllite.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll 0x61930000 0x4a000 7.00.5730.0011 C:\Program Files\Internet Explorer\ieproxy.dll 0x01fa0000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll 0x77210000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\SXS.DLL 0x02360000 0xcf000 7.00.6000.16414 C:\WINDOWS\system32\WININET.dll 0x02430000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x026c0000 0xd5000 1.04.0000.0000 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x6d7c0000 0x79000 6.00.0010.0006 C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Java\jre1.6.0_01\bin\MSVCR71.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll 0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll 0x76f70000 0x6000 5.01.2600.2938 C:\WINDOWS\system32\rasadhlp.dll 0x76ed0000 0x27000 5.01.2600.2938 C:\WINDOWS\system32\DNSAPI.dll 0x7e830000 0x36f000 7.00.6000.16414 C:\WINDOWS\system32\mshtml.dll 0x02330000 0x29000 3.10.0349.0000 C:\WINDOWS\system32\msls31.dll 0x6f8b0000 0x60000 7.00.5825.0000 C:\WINDOWS\system32\ieapfltr.dll 0x63380000 0x78000 5.07.0000.5730 c:\windows\system32\jscript.dll 0x35c50000 0x39000 7.00.5730.0011 C:\WINDOWS\system32\Dxtrans.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x35cb0000 0x57000 7.00.5730.0011 C:\WINDOWS\system32\Dxtmsft.dll 0x76200000 0x77000 7.00.6000.16414 C:\WINDOWS\system32\mshtmled.dll 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\System32\oleacc.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\System32\MSVCP60.dll 0x5a900000 0x71000 7.00.6000.16414 C:\WINDOWS\system32\msfeeds.dll 0x1b000000 0xc000 7.00.5730.0011 C:\WINDOWS\system32\ImgUtil.dll 0x1b060000 0xe000 7.00.5730.0011 C:\WINDOWS\system32\pngfilt.dll 0x30000000 0x2ee000 9.00.0028.0000 C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx 0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv 0x73300000 0x65000 5.07.0000.5730 c:\windows\system32\vbscript.dll 0x748f0000 0x10e000 8.70.1113.0000 C:\WINDOWS\system32\msxml3.dll 0x62460000 0x2b000 6.00.0009.2318 C:\WINDOWS\system32\rmoc3260.dll 0x60a20000 0x48000 6.00.0000.0000 C:\WINDOWS\system32\PNCRT.dll 0x60080000 0x7000 6.00.0009.4068 C:\Program Files\Fichiers communs\Real\Common\pnrs3260.dll 0x68100000 0x24000 5.01.2600.2133 C:\WINDOWS\system32\dssenh.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ WINLOGON.EXE pid: 624 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll 0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll 0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x77f40000 0x76000 6.00.2900.2995 C:\WINDOWS\system32\SHLWAPI.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x77390000 0x103000 6.00.2900.2982 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x776a0000 0x24000 6.00.2900.3051 C:\WINDOWS\system32\SHSVCS.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x10000000 0x17000 6.14.0010.4138 C:\WINDOWS\system32\Ati2evxx.dll 0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll 0x01310000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll 0x77210000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\sxs.dll 0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ SERVICES.EXE pid: 668 Command line: C:\WINDOWS\system32\services.exe Base Size Version Path 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x7e390000 0x90000 5.01.2600.3099 C:\WINDOWS\system32\USER32.dll 0x77ef0000 0x47000 5.01.2600.3099 C:\WINDOWS\system32\GDI32.dll 0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll 0x7dbc0000 0x21000 5.01.2600.2744 C:\WINDOWS\system32\umpnpmgr.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x77f40000 0x76000 6.00.2900.2995 C:\WINDOWS\system32\SHLWAPI.dll 0x77390000 0x103000 6.00.2900.2982 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files 14/07/2004 17:44 <REP> . 14/07/2004 17:44 <REP> .. 14/07/2004 17:44 <REP> Fichiers communs 14/07/2004 17:47 <REP> Windows NT 05/01/2006 11:54 <REP> ffdshow 14/07/2004 17:47 <REP> MSN Gaming Zone 14/07/2004 17:47 <REP> Messenger 14/07/2004 17:47 <REP> Windows Media Player 14/07/2004 17:47 <REP> Services en ligne 14/07/2004 17:48 <REP> ComPlus Applications 14/07/2004 17:48 <REP> Internet Explorer 14/07/2004 17:48 <REP> Outlook Express 14/07/2004 17:48 <REP> NetMeeting 14/07/2004 17:48 <REP> Movie Maker 14/07/2004 17:49 <REP> microsoft frontpage 14/07/2004 17:49 <REP> xerox 14/07/2004 17:55 <REP> AvRack 14/07/2004 17:55 <REP> Realtek Sound Manager 14/07/2004 17:56 <REP> NewTech Infosystems 14/07/2004 17:56 <REP> Adobe 14/07/2004 17:57 <REP> CyberLink 14/07/2004 17:58 <REP> Java 14/07/2004 18:30 <REP> Microsoft Works 29/09/2004 14:41 <REP> Microsoft Office 30/09/2004 12:00 <REP> Maxis 01/10/2004 10:54 <REP> Norton AntiVirus 01/10/2004 15:29 <REP> Microsoft Encarta 03/10/2004 10:58 <REP> Snapshot Viewer 25/11/2006 21:02 <REP> Webteh 10/10/2004 09:36 <REP> mozilla.org 13/10/2004 19:17 <REP> ArcSoft 13/10/2004 19:18 <REP> Caere 15/10/2004 21:11 <REP> MCK3 15/10/2004 22:18 <REP> Ulead Systems 17/10/2004 15:34 <REP> SuperCopier 17/10/2004 15:35 <REP> K-Lite Codec Pack 17/10/2004 15:47 <REP> Ahead 17/10/2004 15:55 <REP> THQ 17/10/2004 17:07 <REP> Elaborate Bytes 17/10/2004 17:42 <REP> Microsoft.NET 20/11/2006 08:27 <REP> MSXML 4.0 29/10/2004 11:14 <REP> eMule 28/12/2006 15:06 <REP> Grisoft 30/10/2004 13:41 <REP> DU Meter 30/10/2004 20:56 <REP> Paint Shop Pro 6 13/08/1999 06:00 5 885 CAMUNWISE.INI 30/10/2004 21:06 <REP> ALCATech 30/10/2004 21:31 <REP> Warcraft III 04/04/2007 16:00 <REP> SPAMfighter 30/10/2004 22:24 <REP> PATRICIAN II 31/10/2004 02:39 <REP> Copernic Agent 31/10/2004 18:05 <REP> File Good Security 01/11/2004 14:43 <REP> Real 01/11/2004 18:20 <REP> Lavasoft 17/03/2006 22:15 <REP> SAGEM 01/02/2006 14:16 <REP> UBISOFT 02/11/2004 19:46 <REP> SmartFTP Setup Files 13/01/2007 14:40 <REP> PasToucheXP 03/11/2004 20:12 <REP> WinRAR 05/11/2004 23:29 <REP> NukeNabber 06/11/2004 03:08 <REP> The Cleaner 07/11/2004 12:07 <REP> XviD 13/11/2004 17:12 <REP> GFI 13/11/2004 17:16 <REP> DivX 13/11/2004 17:16 <REP> XVid;-) 13/11/2004 17:37 <REP> Spybot - Search & Destroy 13/11/2004 19:01 <REP> Lionhead Studios Ltd 25/11/2004 10:01 <REP> FlashGet 04/12/2004 10:55 <REP> Cdex 12/12/2004 16:48 <REP> Pinnacle 21/12/2004 01:40 <REP> MSN Messenger 28/01/2006 16:48 <REP> Google 21/12/2004 12:38 <REP> SBox FreeWare 29/12/2004 18:45 <REP> Creative 30/12/2004 10:32 <REP> QuickTime 02/01/2005 11:30 <REP> LucasArts 22/02/2006 09:39 8 nomutil.txt 16/01/2005 00:35 <REP> K!TV 16/01/2005 01:16 <REP> Primedius 23/01/2005 19:41 <REP> Infogrames 26/01/2005 10:47 <REP> Ontrack 30/01/2005 16:17 <REP> TechSmith 08/02/2005 17:53 <REP> Micro Application 13/01/2007 14:23 <REP> LCPA Lite 12/04/2005 21:58 <REP> WinZip 13/04/2005 09:18 <REP> BulletProofSoft.com 13/04/2005 09:17 <REP> bps spyware 18/04/2005 16:36 <REP> CachemanXP 07/02/2007 18:45 <REP> Eraser 08/02/2007 09:10 <REP> OrangeHSS 11/02/2005 19:40 <REP> SweepSky 23/12/2005 17:04 <REP> Inventel 13/01/2007 14:46 <REP> Screen Watcher 06/05/2005 18:48 <REP> Agnitum 08/08/2005 15:32 <REP> Ubi Soft 05/02/2006 17:55 <REP> VideoLAN 03/04/2006 19:40 <REP> sisagp 23/12/2005 17:15 <REP> Wanadoo 20/06/2005 19:05 <REP> GT Interactive 24/06/2005 08:57 <REP> GrabIt 28/06/2005 14:40 <REP> USBDisk 28/06/2005 14:58 <REP> MpFormat 11/08/2005 14:34 <REP> Game On 01/02/2006 19:13 <REP> Anonymizer 29/08/2005 16:42 <REP> PopCap Games 13/01/2007 15:03 <REP> Internet Spy 17/03/2006 22:18 <REP> Wanadoo Messager 05/01/2006 11:54 <REP> AC3Filter 05/01/2006 11:56 <REP> Ligos 22/02/2006 11:11 558 Thierry.txt 04/03/2006 10:34 <REP> Clean Disk Security 17/02/2005 14:47 <REP> CheckFlow 21/03/2006 10:55 <REP> Skype 26/03/2006 10:34 <REP> EA GAMES 03/04/2006 18:01 <REP> HardwareDetection 03/04/2006 19:38 <REP> ATI Technologies 22/04/2006 12:21 <REP> YourWare Solutions 16/05/2006 18:53 <REP> Everest Poker 16/05/2006 19:13 <REP> PokerStars 22/07/2006 17:37 <REP> Electronic Arts 27/07/2006 10:30 <REP> Windows Media Connect 2 29/07/2006 08:34 <REP> C-Media 3D Audio 13/01/2007 15:43 <REP> ICRAplus 17/02/2007 19:09 <REP> Sesam.tv 04/08/2006 12:15 <REP> Mes Jeux Téléchargés 08/09/2006 17:13 <REP> CCleaner 13/09/2006 17:54 <REP> ProcessGuard 17/02/2007 19:10 <REP> MediaKey 21/04/2007 10:26 <REP> jv16 PowerTools 2006 13/09/2006 18:33 <REP> Steganos AntiSpyware 2006 24/09/2006 17:21 <REP> Zone Labs 30/01/2007 04:10 <REP> Microsoft Windows Vista Upgrade Advisor 21/02/2007 23:44 <REP> WinLemm 22/04/2007 09:46 <REP> a2 free 21/02/2005 19:58 <REP> WASTE 28/02/2005 15:56 <REP> Cyanide 3 fichier(s) 6 451 octets 133 Rép(s) 12 071 239 680 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 4 fichier(s) 343 040 octets 0 Rép(s) 12 071 239 680 octets libres C:\Documents and Settings\moi\Local Settings\Temp\unwise.exe C:\Documents and Settings\moi\Mes documents\icraplus.exe C:\Documents and Settings\moi\Mes documents\jv16pt_setup.exe C:\Documents and Settings\moi\Mes documents\setup multivir.exe C:\Documents and Settings\moi\Mes documents\drivers\6-7_xp-2k_dd_ccc_wdm_enu_34826.exe C:\Documents and Settings\moi\Mes documents\drivers\dotnetfx.exe C:\Documents and Settings\moi\Mes documents\drivers\dxwebsetup.exe C:\Documents and Settings\moi\Mes documents\drivers\Install_Messenger.exe C:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\setup.exe C:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\WDM\CMIRMDRV.EXE C:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\WDM\SmWizard.exe C:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\Win_98\CMIRMDRV.EXE C:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\Win_98\SmWizard.exe C:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Play3D\CmiPlay3D.exe C:\Documents and Settings\moi\Mes documents\drivers\agp121\setup.exe C:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\AMDInst.exe C:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\ata133ap.exe C:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\instdrv.exe C:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\waitwnd.exe C:\Documents and Settings\moi\Mes documents\drivers\agp121\USB\Win2K_XP\WinXPUSB\SiSUSBrg.exe C:\Documents and Settings\moi\Mes documents\drivers\agp121\USB\Win9x\SiSFiles\Mp_s3.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\BackgroundDownloader.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\BNUpdate.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\Launcher.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\Repair.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.0-frFR-downloader.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.0-frFR-patch.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-patch.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-frFR-downloader.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-frFR-patch.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.3-frFR-downloader.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WowError.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch\Updater.exe C:\Documents and Settings\moi\Mes documents\World of Warcraft\Patches\WoW-2.0.0-to-2.0.3-frFR-Win-patch\BNUpdate.exe C:\Documents and Settings\moi\Mes documents\divers7pwd.exe C:\Documents and Settings\moi\Mes documents\divers\a2freesetup.exe C:\Documents and Settings\moi\Mes documents\divers\aawsepersonal.exe C:\Documents and Settings\moi\Mes documents\divers\AluriaLiteScannerInstall.exe C:\Documents and Settings\moi\Mes documents\divers\cleaner41.exe C:\Documents and Settings\moi\Mes documents\divers\codinstl.exe C:\Documents and Settings\moi\Mes documents\divers\copernicagentbasicfr.exe C:\Documents and Settings\moi\Mes documents\divers\cpuz.exe C:\Documents and Settings\moi\Mes documents\divers\DivX412Bundle+Player.exe C:\Documents and Settings\moi\Mes documents\divers\DUMeter-Install.exe C:\Documents and Settings\moi\Mes documents\divers\eMule0.44d-Installer.exe C:\Documents and Settings\moi\Mes documents\divers\fgf140.exe C:\Documents and Settings\moi\Mes documents\divers\fgs-3.10g.exe C:\Documents and Settings\moi\Mes documents\divers\flowprotector2005_demo2.exe C:\Documents and Settings\moi\Mes documents\divers\INSTALL_MSN_MESSENGER_DL.EXE C:\Documents and Settings\moi\Mes documents\divers\klcodec227f.exe C:\Documents and Settings\moi\Mes documents\divers\RealPlayer10-5GOLD_fr.exe C:\Documents and Settings\moi\Mes documents\divers\Security BOX® Freeware.exe C:\Documents and Settings\moi\Mes documents\divers\setup.exe C:\Documents and Settings\moi\Mes documents\divers\setup_MCK3.exe C:\Documents and Settings\moi\Mes documents\divers\SetupCloneDVD2Slysoft.exe C:\Documents and Settings\moi\Mes documents\divers\SetupDVDDecrypter_3.5.1.0.exe C:\Documents and Settings\moi\Mes documents\divers\setupMckFtp.exe C:\Documents and Settings\moi\Mes documents\divers\SFTPMSI.exe C:\Documents and Settings\moi\Mes documents\divers\ssfisetup1611_1793400604.exe C:\Documents and Settings\moi\Mes documents\divers\tauscan.exe C:\Documents and Settings\moi\Mes documents\divers\vlc-0.8.6b-win32.exe C:\Documents and Settings\moi\Mes documents\divers\waste-setup-1.5-beta-3-mini-fre.exe C:\Documents and Settings\moi\Mes documents\divers\zlsSetup_51_033_000.exe C:\Documents and Settings\moi\Mes documents\divers\zlsSetup_51_039_004.exe C:\Documents and Settings\moi\Mes documents\divers\disk expert\dx_s_f.exe C:\Documents and Settings\moi\Mes documents\divers\Photoshop 7 FR by Arsonik\setup\_ISDel.exe C:\Documents and Settings\moi\Mes documents\divers\Photoshop 7 FR by Arsonik\setup\Setup.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Setup\instmsia.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Setup\instmsiw.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Setup\setup.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\Setup.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\CHKDSK.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\EMM386.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\FLOPPY.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\FLOPPY9x.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\FLOPPYME.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\NWCDEX.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\PTEDIT32.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\DKeeper\instmsia.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\DKeeper\instmsiw.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\DKeeper\setup.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Setup\instmsia.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Setup\instmsiw.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Setup\setup.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\Setup.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\CHKDSK.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\EMM386.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\FLOPPY.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\FLOPPY9x.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\FLOPPYME.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\NWCDEX.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\PQBOOT.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\PTEDIT32.EXE C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\restrmbr.exe C:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\WRPROG.EXE C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Hollywood FX5\Hollywood FX.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Welcome.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Tutorial\Tutorial.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Tools\amcap.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Tools\PPE114.EXE C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Setup\setup.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Pixie5\PixieTool.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Pixie5\RegisterStudio\LicenseTool.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\HollywoodFX\hfx5studiosilent.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Driver\PCLEBendPCI.exe C:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Driver\PCLEUSB.exe C:\Documents and Settings\moi\Mes documents\divers\winzip\winzip90.exe C:\Documents and Settings\moi\Mes documents\soptiti\EraserSetup.exe C:\Documents and Settings\moi\Mes documents\soptiti\free-parental-control.exe C:\Documents and Settings\moi\Mes documents\soptiti\setup espion.exe C:\Documents and Settings\moi\Mes documents\soptiti\vlc-0.8.4a-win32.exe C:\Documents and Settings\moi\Bureau\gmer.exe C:\Documents and Settings\moi\Bureau\rustbfix.exe C:\Documents and Settings\moi\Bureau\anti trojan\avgas-setup-7.5.0.50.exe C:\Documents and Settings\moi\Bureau\anti trojan\avgas-signatures-full-current.exe C:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.exe C:\Documents and Settings\moi\Bureau\anti trojan\pgsetup.exe C:\Documents and Settings\moi\Bureau\anti trojan\sarsfx.exe C:\Documents and Settings\moi\Bureau\anti trojan\saspy2006int.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\dumphive.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\GenericRenosFix.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\HostsChk.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\Process.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\Reboot.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\SmiUpdate.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\SrchSTS.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\swreg.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\swsc.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\swxcacls.exe C:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\unzip.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\catchme.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\diff.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\dumphive.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\FilesInfoCmd.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\Fport.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\grep.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\LFiles.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\LISTDLLS.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\pslist.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\streams.exe C:\Documents and Settings\moi\Bureau\anti trojan\DiagHelp\swreg.exe C:\Documents and Settings\moi\Bureau\TV\setup-2.0.0.0.exe C:\Documents and Settings\moi\Bureau\outils disk\pagedfrg.exe C:\Documents and Settings\moi\Bureau\jeux\pokerth-0.3-win32.exe C:\Documents and Settings\moi\Bureau\divers\aawsepersonal.exe C:\Documents and Settings\moi\Bureau\divers\ccsetup132.exe C:\Documents and Settings\moi\Bureau\divers\eMule0.47a-Installer.exe C:\Documents and Settings\moi\Bureau\divers\GrabIt153b.exe C:\Documents and Settings\moi\Bureau\divers\lusetup.exe C:\Documents and Settings\moi\Bureau\divers\QuickPar-0.9.1.0-FRA.exe C:\Documents and Settings\moi\Bureau\divers\securitoo_controle_parental_r5.exe C:\Documents and Settings\moi\Bureau\divers\setupavast.exe C:\Documents and Settings\moi\Bureau\divers\SkypeSetup.exe C:\Documents and Settings\moi\Bureau\divers\spamfighter.exe C:\Documents and Settings\moi\Bureau\divers\spybotsd14.exe C:\Documents and Settings\moi\Bureau\divers\TCPOptimizer.exe C:\Documents and Settings\moi\Bureau\divers\WM9Codecs.exe C:\Documents and Settings\moi\Bureau\divers\zone alarm.exe C:\Documents and Settings\moi\Bureau\divers\FORMATAGE MPFUB26 b\mpformat.exe C:\Documents and Settings\moi\Bureau\divers\FORMATAGE MPFUB26 b\setup.exe C:\Documents and Settings\moi\Bureau\divers\clins d'oeil et image perso animées [zozobis] testé OK\install.exe C:\Documents and Settings\moi\Bureau\divers\anonyme\Anonymizer_Software_Setup.exe C:\Documents and Settings\moi\Bureau\divers\anonyme\ipanonymizer.exe C:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\Start_Pc.exe C:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\XTRAS\ACTIVEX\REDIST\APRXDIST.EXE C:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\XTRAS\ACTIVEX\REDIST\AXDIST.EXE C:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\XTRAS\ACTIVEX\REDIST\WINTDIST.EXE C:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\Process.exe C:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\Reboot.exe C:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\SrchSTS.exe C:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\swreg.exe C:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\swsc.exe C:\Documents and Settings\moi\Bureau\DiagHelp\catchme.exe C:\Documents and Settings\moi\Bureau\DiagHelp\diff.exe C:\Documents and Settings\moi\Bureau\DiagHelp\dumphive.exe C:\Documents and Settings\moi\Bureau\DiagHelp\FilesInfoCmd.exe C:\Documents and Settings\moi\Bureau\DiagHelp\Fport.exe C:\Documents and Settings\moi\Bureau\DiagHelp\grep.exe C:\Documents and Settings\moi\Bureau\DiagHelp\LFiles.exe C:\Documents and Settings\moi\Bureau\DiagHelp\LISTDLLS.exe C:\Documents and Settings\moi\Bureau\DiagHelp\pslist.exe C:\Documents and Settings\moi\Bureau\DiagHelp\streams.exe C:\Documents and Settings\moi\Bureau\DiagHelp\swreg.exe C:\Documents and Settings\moi\Bureau\video-music\NERO 6.0.0.19\nbr60019fra.exe C:\Documents and Settings\moi\Bureau\video-music\NERO 6.0.0.19\nero60019.exe et le "Gmer" GMER 1.0.12.12244 - http://www.gmer.net Rootkit scan 2007-05-06 10:23:07 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT mmrtkrnl.sys ZwClose SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwCreateFile SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwCreateKey SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwCreateThread SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwDeleteKey SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwDeleteValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwFsControlFile SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwOpenFile SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwOpenKey SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwOpenSection SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwProtectVirtualMemory SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwReadVirtualMemory SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwSetContextThread SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwSetSystemInformation SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwSetValueKey SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwSuspendProcess SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwSuspendThread SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwTerminateProcess SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwTerminateThread SSDT \??\C:\WINDOWS\system32\drivers\procguard.sys ZwWriteVirtualMemory ---- Kernel code sections - GMER 1.0.12 ---- .text ntoskrnl.exe!_abnormal_termination + 104 804E2760 12 Bytes [ 60, EC, 44, B2, E0, 4E, 45, ... ] ? srescan.sys Le fichier spécifié est introuvable. ? C:\WINDOWS\System32\DRIVERS\update.sys .text ntoskrnl.exe!_abnormal_termination + 104 804E2760 12 Bytes [ 60, EC, 44, B2, E0, 4E, 45, ... ] ---- Devices - GMER 1.0.12 ---- Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [b24602A0] vsdatant.sys Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\usbstor \Device000083 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\usbstor \Device000086 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\usbstor \Device000087 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\usbstor \Device000088 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [b24602A0] vsdatant.sys Device \Driver\usbstor \Device000089 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7717D60] sfsync02.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [b24602A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [b24602A0] vsdatant.sys ---- Registry - GMER 1.0.12 ---- Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x31 0x77 0xE1 0xBA ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ... ---- EOF - GMER 1.0.12 ---- A trés vite !!

et le scan panda..... StartupList report, 03/05/2007, 18:49:44 StartupList version: 1.52.2 Started from : C:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16414) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DU Meter\DUMeter.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\MediaKey\MMKeybd.EXE C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\moi\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run SiSUSBRG = C:\WINDOWS\SiSUSBrg.exe DU Meter = C:\Program Files\DU Meter\DUMeter.exe Realtime Audio Engine = mmrtkrnl.exe PinnacleDriverCheck = C:\WINDOWS\system32\PSDrvCheck.exe Creative WebCam Tray = C:\Program Files\Creative\Shared Files\CAMTRAY.EXE QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime Cloneur Expert Monitor = "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" Acronis Scheduler2 Service = "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd SoundMan = SOUNDMAN.EXE ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" !1_pgaccount = "C:\Program Files\ProcessGuard\pgaccount.exe" Zone Labs Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP s-watch = C:\Program Files\Screen Watcher\watcher.exe MMKeybd = C:\PROGRA~1\MediaKey\MMKeybd.EXE SPAMfighter Agent = "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized SunJavaUpdateSched = C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{161C1725-D892-484A-9F8E-41B7C73BAA5F}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install [{8b15971b-5355-4c82-8c07-7e181ea07608}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -------------------------------------------------- Enumerating Task Scheduler jobs: Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [{00000055-9980-0010-8000-00AA00389B71}] CODEBASE = http://codecs.microsoft.com/codecs/i386/fhg.CAB [shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll CODEBASE = http://fpdownload.macromedia.com/get/shock...director/sw.cab [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204 [LSSupCtl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\LSSupCtl.dll CODEBASE = https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab [symantec AntiVirus scanner] InProcServer32 = C:\WINDOWS\Downloaded Program Files\avsniff.dll CODEBASE = http://security.symantec.com/SSC/SharedCon...bin/AvSniff.cab [ActiveDataInfo Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\SymAData.dll CODEBASE = https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab [symantec SmartIssue] InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsi.dll CODEBASE = http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab [symantec Script Runner Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsr.dll CODEBASE = http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab [MSN Photo Upload Tool] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll CODEBASE = http://soptiti.spaces.msn.com//PhotoUpload/MsnPUpld.cab [symantec RuFSI Utility Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll CODEBASE = http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab [HouseCall Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx CODEBASE = http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab [iCSScanner Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ICSScan.dll CODEBASE = http://download.zonelabs.com/bin/promotion...anner371020.cab [HardwareDetection Control] InProcServer32 = C:\PROGRA~1\HARDWA~1\IE\HARDWA~1.OCX CODEBASE = http://charon777.free.fr/plugins/hardwaredetection.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx CODEBASE = http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll Protocol #18: C:\WINDOWS\system32\mswsock.dll Protocol #19: C:\WINDOWS\system32\mswsock.dll Protocol #20: C:\WINDOWS\system32\mswsock.dll Protocol #21: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pinnacle PCTV Stereo service: system32\DRIVERS\3xHybrid.sys (manual start) Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) Acronis Scheduler2 Service: "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe" (autostart) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system) Service for WDM 3D Audio Driver: system32\drivers\ALCXSENS.SYS (manual start) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart) ati2mtag: System32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) AVG Anti-Rootkit: System32\DRIVERS\avgarkt.sys (system) AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart) AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system) AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system) AVG7 Resident Driver XP: \SystemRoot\System32\Drivers\avg7rsxp.sys (system) AVG7 Update Service: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart) Avg Anti-Rootkit Clean Driver: System32\DRIVERS\AvgArCln.sys (system) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) AVG7 Clean Driver: \SystemRoot\System32\Drivers\avgclean.sys (system) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Boonty Games: "C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" (manual start) C4C_BSC2: System32\DRIVERS\C4C_BSC2.sys (manual start) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) CdaC15BA: \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS (autostart) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) C-Media WDM Audio Interface: system32\drivers\cmuda.sys (manual start) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Dual-Mode DSC(2770): System32\Drivers\SQcaptur.sys (manual start) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) DiamondCS ProcessGuard Service v3.410: "C:\Program Files\ProcessGuard\dcsuserprot.exe" (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) driverhardwarev2: \??\C:\Program Files\HardwareDetection\driverhardwarev2.sys (manual start) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) DSDrv4: \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Fallback: System32\DRIVERS\C4C_FALL.sys (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fax: %systemroot%\system32\fxssvc.exe (autostart) FreeBox USB Network Adapter: system32\DRIVERS\fbxusb.sys (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Fsks: System32\DRIVERS\C4C_FSKS.sys (autostart) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) France Telecom Routing Table Service: "C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe" (autostart) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe" (manual start) Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) Pilote de processeur Intel: System32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) K56: System32\DRIVERS\C4C_K56K.sys (autostart) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Pilote HID de clavier: system32\DRIVERS\kbdhid.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart) MEMSWEEP2: \??\C:\WINDOWS\system32\SophosMEMSWEEP.SYS (manual start) MMRTKRNL: system32\drivers\mmrtkrnl.sys (system) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) NetBT: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Upper Class Filter Driver: System32\DRIVERS\NTIDrvr.sys (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte compatible IEE 1394 VIA OHCI: System32\DRIVERS\ohci1394.sys (system) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Creative WebCam Live!: system32\DRIVERS\P0630Vid.sys (manual start) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCAMPR5.SYS (manual start) PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCANDIS5.SYS (manual start) Pilote de bus PCI: System32\DRIVERS\pci.sys (system) PCIIde: System32\DRIVERS\pciide.sys (system) PCTVVBI: system32\DRIVERS\pctvvbi.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Pilote processeur: System32\DRIVERS\processr.sys (system) procguard: \??\C:\WINDOWS\system32\drivers\procguard.sys (autostart) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Inventel Access Point USB Rescue Driver: System32\Drivers\resc_dwb.sys (manual start) Rksample: System32\DRIVERS\C4C_SAMP.sys (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver: System32\DRIVERS\Rtlnic51.sys (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (autostart) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system) StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system) StarForce Protection Synchronization Driver (version 2.x): System32\drivers\sfsync02.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiS163 usb Wireless LAN Adapter Driver: system32\DRIVERS\sis163u.sys (manual start) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Acronis Snapshots Manager: system32\DRIVERS\snapman.sys (system) SoftFax: System32\DRIVERS\C4C_FAXX.sys (autostart) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) srescan: system32\ZoneLabs\srescan.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{2809FDD8-F32D-4F8D-9942-C31571BC30E2} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Tdlpt: \??\C:\WINDOWS\system32\drivers\Tdlpt.sys (autostart) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Acronis TrueImage FS Filter: system32\DRIVERS\tifsfilt.sys (autostart) Acronis TrueImage Backup Archive Explorer: system32\DRIVERS\timntr.sys (system) Tones: System32\DRIVERS\C4C_TONE.sys (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Filtre AGP version 3.5 Microsoft: system32\DRIVERS\uagp35.sys (system) Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: System32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) Service Messenger Sharing USN Journal Reader: C:\WINDOWS\system32\svchost.exe -k usnsvc (manual start) V124: System32\DRIVERS\C4C_V124.sys (autostart) Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system) vsdatant: System32\vsdatant.sys (system) TrueVector Internet Monitor: C:\WINDOWS\system32\ZONELABS\vsmon.exe -service (autostart) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de lancement de WlanCfg: C:\Program Files\Inventel\Gateway\wlancfg.exe SVC (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemRoot%\System32\svchost.exe -k netsvcs (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) ZDCndis5 Protocol Driver: \??\C:\WINDOWS\system32\ZDCndis5.SYS (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\DOCUME~1\moi\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\moi\Cookies\index.dat -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll UPnPMonitor: C:\WINDOWS\system32\upnpui.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 39 845 bytes Report generated in 0.171 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only

salut ! voici (en deux fois) ce que tu m'as demandé. StartupList report, 03/05/2007, 18:49:44 StartupList version: 1.52.2 Started from : C:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16414) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DU Meter\DUMeter.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\MediaKey\MMKeybd.EXE C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\moi\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run SiSUSBRG = C:\WINDOWS\SiSUSBrg.exe DU Meter = C:\Program Files\DU Meter\DUMeter.exe Realtime Audio Engine = mmrtkrnl.exe PinnacleDriverCheck = C:\WINDOWS\system32\PSDrvCheck.exe Creative WebCam Tray = C:\Program Files\Creative\Shared Files\CAMTRAY.EXE QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime Cloneur Expert Monitor = "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" Acronis Scheduler2 Service = "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd SoundMan = SOUNDMAN.EXE ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" !1_pgaccount = "C:\Program Files\ProcessGuard\pgaccount.exe" Zone Labs Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP s-watch = C:\Program Files\Screen Watcher\watcher.exe MMKeybd = C:\PROGRA~1\MediaKey\MMKeybd.EXE SPAMfighter Agent = "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized SunJavaUpdateSched = C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{161C1725-D892-484A-9F8E-41B7C73BAA5F}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install [{8b15971b-5355-4c82-8c07-7e181ea07608}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -------------------------------------------------- Enumerating Task Scheduler jobs: Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [{00000055-9980-0010-8000-00AA00389B71}] CODEBASE = http://codecs.microsoft.com/codecs/i386/fhg.CAB [shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll CODEBASE = http://fpdownload.macromedia.com/get/shock...director/sw.cab [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204 [LSSupCtl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\LSSupCtl.dll CODEBASE = https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab [symantec AntiVirus scanner] InProcServer32 = C:\WINDOWS\Downloaded Program Files\avsniff.dll CODEBASE = http://security.symantec.com/SSC/SharedCon...bin/AvSniff.cab [ActiveDataInfo Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\SymAData.dll CODEBASE = https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab [symantec SmartIssue] InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsi.dll CODEBASE = http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab [symantec Script Runner Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsr.dll CODEBASE = http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab [MSN Photo Upload Tool] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll CODEBASE = http://soptiti.spaces.msn.com//PhotoUpload/MsnPUpld.cab [symantec RuFSI Utility Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll CODEBASE = http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab [HouseCall Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx CODEBASE = http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab [iCSScanner Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ICSScan.dll CODEBASE = http://download.zonelabs.com/bin/promotion...anner371020.cab [HardwareDetection Control] InProcServer32 = C:\PROGRA~1\HARDWA~1\IE\HARDWA~1.OCX CODEBASE = http://charon777.free.fr/plugins/hardwaredetection.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx CODEBASE = http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll Protocol #18: C:\WINDOWS\system32\mswsock.dll Protocol #19: C:\WINDOWS\system32\mswsock.dll Protocol #20: C:\WINDOWS\system32\mswsock.dll Protocol #21: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pinnacle PCTV Stereo service: system32\DRIVERS\3xHybrid.sys (manual start) Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) Acronis Scheduler2 Service: "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe" (autostart) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system) Service for WDM 3D Audio Driver: system32\drivers\ALCXSENS.SYS (manual start) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart) ati2mtag: System32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) AVG Anti-Rootkit: System32\DRIVERS\avgarkt.sys (system) AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart) AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system) AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system) AVG7 Resident Driver XP: \SystemRoot\System32\Drivers\avg7rsxp.sys (system) AVG7 Update Service: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart) Avg Anti-Rootkit Clean Driver: System32\DRIVERS\AvgArCln.sys (system) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) AVG7 Clean Driver: \SystemRoot\System32\Drivers\avgclean.sys (system) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Boonty Games: "C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" (manual start) C4C_BSC2: System32\DRIVERS\C4C_BSC2.sys (manual start) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) CdaC15BA: \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS (autostart) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) C-Media WDM Audio Interface: system32\drivers\cmuda.sys (manual start) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Dual-Mode DSC(2770): System32\Drivers\SQcaptur.sys (manual start) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) DiamondCS ProcessGuard Service v3.410: "C:\Program Files\ProcessGuard\dcsuserprot.exe" (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) driverhardwarev2: \??\C:\Program Files\HardwareDetection\driverhardwarev2.sys (manual start) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) DSDrv4: \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Fallback: System32\DRIVERS\C4C_FALL.sys (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fax: %systemroot%\system32\fxssvc.exe (autostart) FreeBox USB Network Adapter: system32\DRIVERS\fbxusb.sys (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Fsks: System32\DRIVERS\C4C_FSKS.sys (autostart) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) France Telecom Routing Table Service: "C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe" (autostart) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe" (manual start) Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) Pilote de processeur Intel: System32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) K56: System32\DRIVERS\C4C_K56K.sys (autostart) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Pilote HID de clavier: system32\DRIVERS\kbdhid.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart) MEMSWEEP2: \??\C:\WINDOWS\system32\SophosMEMSWEEP.SYS (manual start) MMRTKRNL: system32\drivers\mmrtkrnl.sys (system) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) NetBT: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Upper Class Filter Driver: System32\DRIVERS\NTIDrvr.sys (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte compatible IEE 1394 VIA OHCI: System32\DRIVERS\ohci1394.sys (system) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Creative WebCam Live!: system32\DRIVERS\P0630Vid.sys (manual start) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCAMPR5.SYS (manual start) PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCANDIS5.SYS (manual start) Pilote de bus PCI: System32\DRIVERS\pci.sys (system) PCIIde: System32\DRIVERS\pciide.sys (system) PCTVVBI: system32\DRIVERS\pctvvbi.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Pilote processeur: System32\DRIVERS\processr.sys (system) procguard: \??\C:\WINDOWS\system32\drivers\procguard.sys (autostart) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Inventel Access Point USB Rescue Driver: System32\Drivers\resc_dwb.sys (manual start) Rksample: System32\DRIVERS\C4C_SAMP.sys (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver: System32\DRIVERS\Rtlnic51.sys (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (autostart) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system) StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system) StarForce Protection Synchronization Driver (version 2.x): System32\drivers\sfsync02.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiS163 usb Wireless LAN Adapter Driver: system32\DRIVERS\sis163u.sys (manual start) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Acronis Snapshots Manager: system32\DRIVERS\snapman.sys (system) SoftFax: System32\DRIVERS\C4C_FAXX.sys (autostart) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) srescan: system32\ZoneLabs\srescan.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{2809FDD8-F32D-4F8D-9942-C31571BC30E2} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Tdlpt: \??\C:\WINDOWS\system32\drivers\Tdlpt.sys (autostart) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Acronis TrueImage FS Filter: system32\DRIVERS\tifsfilt.sys (autostart) Acronis TrueImage Backup Archive Explorer: system32\DRIVERS\timntr.sys (system) Tones: System32\DRIVERS\C4C_TONE.sys (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Filtre AGP version 3.5 Microsoft: system32\DRIVERS\uagp35.sys (system) Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: System32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) Service Messenger Sharing USN Journal Reader: C:\WINDOWS\system32\svchost.exe -k usnsvc (manual start) V124: System32\DRIVERS\C4C_V124.sys (autostart) Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system) vsdatant: System32\vsdatant.sys (system) TrueVector Internet Monitor: C:\WINDOWS\system32\ZONELABS\vsmon.exe -service (autostart) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de lancement de WlanCfg: C:\Program Files\Inventel\Gateway\wlancfg.exe SVC (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemRoot%\System32\svchost.exe -k netsvcs (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) ZDCndis5 Protocol Driver: \??\C:\WINDOWS\system32\ZDCndis5.SYS (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\DOCUME~1\moi\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\moi\Cookies\index.dat -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll UPnPMonitor: C:\WINDOWS\system32\upnpui.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 39 845 bytes Report generated in 0.171 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only

Bonjour charles ! merci pour ta réponse, mais cette fois c'est moi qui ai pris mon temps, désolé !! Voici donc les logs que tu me demandes. A noter que ma connection a un comportement beaucoup sain depuis tes premiers conseils : merci encore !! dernière chose, j'ai désinstallé process guard dans un moment de lassitude (oups !!)... mais maintenant il m'affiche au démarrage un message bizarre "mutex2 error" je crois. Ai-je fais une bétise ? à bientôt.... ************************* Rustock.b-fix -- By ejvindh ************************* 02/05/2007 13:04:49.31 No Rustock.b-rootkits found ******************************* End of Logfile ******************************** hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 13:15:16, on 02/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DU Meter\DUMeter.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\MediaKey\MMKeybd.EXE C:\Program Files\SPAMfighter\SFAgent.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [!1_pgaccount] "C:\Program Files\ProcessGuard\pgaccount.exe" O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [s-watch] C:\Program Files\Screen Watcher\watcher.exe O4 - HKLM\..\Run: [MMKeybd] C:\PROGRA~1\MediaKey\MMKeybd.EXE O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedCon...bin/AvSniff.cab O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://soptiti.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...anner371020.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: DiamondCS ProcessGuard Service v3.410 (DCSPGSRV) - Unknown owner - C:\Program Files\ProcessGuard\dcsuserprot.exe (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

merci de ta réponse malekal mais j'ai pas tout compris.... lool !! Tu peux traduire stp ? ou autrement dit, dois-je agir sur la ligne que tu désignes ?

...et le rapport de l'antivirus en ligne, sommes toutes très chargé Incident Status Location Virus:Trj/Agent.CDG Disinfected C:\WINDOWS\SYSTEM32\THX32.ACM Virus:Trj/Agent.CDG Disinfected C:\WINDOWS\SYSTEM32\DVAUDIO.DRV Adware:Adware/SaveNow Not disinfected C:\Documents and Settings\MOI\Mes documents\bsplayer216.945_clip.exe[bSplayer_WhenUSave_InstallerInst.exe] Adware:Adware/SaveNow Not disinfected C:\Documents and Settings\MOI\Mes documents\SOPTITI\bsplayer212.941_clip.exe[bSplayer_WhenUSave_InstallerInst.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\MOI\Bureau\anti trojan\SmitfraudFix.zip[smitfraudFix/Process.exe] Virus:Trj/Shutdown.Z Disinfected C:\Documents and Settings\MOI\Bureau\anti trojan\SmitfraudFix.zip[smitfraudFix/restart.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\MOI\Bureau\anti trojan\SmitfraudFix\Process.exe Virus:Trj/Shutdown.Z Disinfected C:\Documents and Settings\MOI\Bureau\anti trojan\SmitfraudFix\RESTART.EXE Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\MOI\Bureau\DIVERS\SmitfraudFix\Process.exe Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\MOI\Bureau\DIVERS\SmitfraudFix.zip[smitfraudFix/Process.exe] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\MOI\Cookies\moi@xiti[1].txt

voilà le rapport diaghelp... C:\WINDOWS\System32/drivers\avg7core.sys -->28/04/2007 14:57:22 C:\WINDOWS\System32/drivers\avgmfx86.sys -->20/04/2007 23:20:18 C:\WINDOWS\System32/drivers\avg7rsxp.sys -->23/02/2007 20:31:02 C:\WINDOWS\System32/drivers\avgarkt.sys -->31/01/2007 16:33:46 C:\WINDOWS\System32/drivers\PxHelp20.sys -->30/01/2007 08:03:36 C:\WINDOWS\System32/drivers\cdr4_xp.sys -->30/01/2007 08:03:36 C:\WINDOWS\System32/drivers\cdralw2k.sys -->30/01/2007 08:03:36 C:\WINDOWS\System32\wpa.dbl -->29/04/2007 16:52:20 C:\WINDOWS\System32\vsconfig.xml -->29/04/2007 16:52:14 C:\WINDOWS\System32\tmp.txt -->29/04/2007 14:30:42 C:\WINDOWS\System32\tmp.reg -->29/04/2007 14:30:42 C:\WINDOWS\System32\pghash.dat -->29/04/2007 14:23:50 C:\WINDOWS\System32\pguard.dat -->29/04/2007 14:17:04 C:\WINDOWS\System32\HA_Registration.dll -->23/04/2007 15:39:44 C:\WINDOWS\System32\HA_Inet.dll -->23/04/2007 15:39:44 C:\WINDOWS\System32\HA_Error.dll -->23/04/2007 15:39:44 C:\WINDOWS\System32\Uninstall.ico -->21/04/2007 21:31:00 C:\WINDOWS\System32\Help.ico -->21/04/2007 21:30:58 C:\WINDOWS\System32\pavas.ico -->21/04/2007 21:30:58 C:\WINDOWS\System32\fcbeaab_s.dll -->21/04/2007 10:26:12 C:\WINDOWS\System32\ecacfbbd1_s.ocx -->21/04/2007 10:26:12 C:\WINDOWS\System32\libeay32.dll -->21/04/2007 03:12:22 C:\WINDOWS\System32\ssleay32.dll -->21/04/2007 03:11:58 C:\WINDOWS\System32\lzx32.sy_ -->21/04/2007 03:10:34 C:\WINDOWS\System32\FNTCACHE.DAT -->04/04/2007 15:56:04 C:\WINDOWS\System32\MRT.exe -->03/04/2007 23:48:52 C:\WINDOWS\System32\winsrv.dll -->17/03/2007 16:44:48 C:\WINDOWS\System32\xpsp3res.dll -->09/03/2007 14:51:20 C:\WINDOWS\System32\mf3216.dll -->08/03/2007 18:37:50 C:\WINDOWS\System32\user32.dll -->08/03/2007 18:37:50 C:\WINDOWS\System32\gdi32.dll -->08/03/2007 18:37:50 C:\WINDOWS\System32\win32k.sys -->08/03/2007 18:33:58 C:\WINDOWS-wlancfg.log -->29/04/2007 16:53:56 C:\WINDOWS.log -->29/04/2007 16:52:12 C:\WINDOWS\ModemLog_Conexant HSF V92 56K PCI Modem.txt -->29/04/2007 16:52:10 C:\WINDOWS\wiadebug.log -->29/04/2007 16:52:10 C:\WINDOWS\bootstat.dat -->29/04/2007 16:51:44 C:\WINDOWS\SchedLgU.Txt -->29/04/2007 16:50:06 C:\WINDOWS\WindowsUpdate.log -->29/04/2007 16:50:06 C:\WINDOWS\wiaservc.log -->29/04/2007 16:50:06 C:\WINDOWS\win.ini -->29/04/2007 14:19:18 C:\WINDOWS\tsc.ini -->21/04/2007 21:29:08 C:\WINDOWS\GetServer.ini -->21/04/2007 21:27:12 C:\WINDOWS\QTFont.for -->21/04/2007 02:58:30 C:\WINDOWS\QTFont.qfn -->21/04/2007 02:58:30 C:\WINDOWS\cdplayer.ini -->09/03/2007 20:19:34 C:\WINDOWS\AudStu.INI -->07/03/2007 15:23:12 C:\WINDOWS\PATCH.EXE |09/09/2006 11:39:41 C:\WINDOWS\twunk_16.exe |01/01/1980 00:00:00 C:\WINDOWS\twunk_32.exe |01/01/1980 00:00:00 C:\WINDOWS\IsUninst.exe |14/07/2004 17:56:32 C:\WINDOWS\unin040c.exe |29/09/2004 14:35:22 C:\WINDOWS\runtsckl.exe |02/11/2005 18:07:12 C:\WINDOWS\tsc.exe |09/09/2006 11:44:18 C:\WINDOWS\CtDrvIns.exe |29/12/2004 18:46:30 C:\WINDOWS\P0630Cfg.exe |29/12/2004 18:46:30 C:\WINDOWS\IsUn040c.exe |14/07/2004 17:54:55 C:\WINDOWS\Ctregrun.exe |29/12/2004 18:55:18 C:\WINDOWS\UpdtNv28.exe |26/12/2006 16:02:32 C:\WINDOWS\unvise32.exe |11/08/2005 14:34:29 C:\WINDOWS\UNINST32.EXE |23/03/2001 13:45:22 C:\WINDOWS\CopernicAgentUninstall.exe |24/02/2007 14:53:31 C:\WINDOWS\unvise32qt.exe |30/12/2004 10:33:05 C:\WINDOWS\SiSUSBrg.exe |14/07/2004 17:55:01 C:\WINDOWS\alcrmv.exe |14/07/2004 17:55:12 C:\WINDOWS\alcupd.exe |14/07/2004 17:55:12 C:\WINDOWS\SOUNDMAN.EXE |14/07/2004 17:55:12 C:\WINDOWS\slrundll.exe |29/09/2004 15:02:51 C:\WINDOWS\IsUn0410.exe |13/10/2004 19:17:06 C:\WINDOWS\unin0410.exe |13/10/2004 19:18:09 C:\WINDOWS\Uninsop9.exe |13/10/2004 19:18:40 C:\WINDOWS\unin0407.exe |11/08/2005 14:42:43 C:\WINDOWS\Navigator Uninstaller.exe |17/02/2007 19:09:53 C:\WINDOWS\UninstWiFi.exe |27/01/2006 17:00:20 C:\WINDOWS\OptRemove.exe |28/05/2006 02:14:35 C:\WINDOWS\OptChecker.exe |28/05/2006 02:14:34 C:\WINDOWS\CmiRmRedundDir.exe |29/07/2006 08:34:32 C:\WINDOWS\CMIUninstall.exe |29/07/2006 08:34:32 C:\WINDOWS\uninst.exe |30/10/2004 21:06:19 C:\WINDOWS\twain.dll |01/01/1980 00:00:00 C:\WINDOWS\UNZIP.DLL |09/09/2006 11:39:42 C:\WINDOWS\TMUPDATE.DLL |09/09/2006 11:39:42 C:\WINDOWS\loadhttp.dll |15/10/2002 14:29:40 C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46 C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20 C:\WINDOWS\BPMNT.dll |09/09/2006 11:44:18 C:\WINDOWS\vsapi32.dll |09/09/2006 11:44:18 C:\WINDOWS\hcextoutput.dll |09/09/2006 11:44:18 C:\WINDOWS\jestertb.dll |16/01/2005 01:17:14 C:\WINDOWS\WRServices.dll |13/09/2006 18:33:47 C:\WINDOWS\SIS_LIB.DLL |14/07/2004 17:55:01 C:\WINDOWS\twain_32.dll |01/01/1980 00:00:00 C:\WINDOWS\PCDLIB32.DLL |13/10/2004 19:17:21 C:\WINDOWS\CMIRmDriver.dll |29/07/2006 08:34:32 C:\WINDOWS\system32\pgdfgsvc.exe |05/09/2005 07:10:19 C:\WINDOWS\system32\append.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\unwlsdrv.exe |06/01/2005 17:04:00 C:\WINDOWS\system32\dosx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\debug.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34 C:\WINDOWS\system32\edlin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\exe2bin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\fastopen.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mem.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mscdexnt.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\nlsfunc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\setver.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\share.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\ati2sgag.exe |03/04/2006 19:38:51 C:\WINDOWS\system32\fgs.exe |14/02/2003 00:00:00 C:\WINDOWS\system32\bzip2.exe |10/11/1999 23:00:00 C:\WINDOWS\system32\gzip.exe |10/11/1999 23:00:00 C:\WINDOWS\system32\slserv.exe |29/09/2004 15:02:54 C:\WINDOWS\system32\slrundll.exe |29/09/2004 15:02:54 C:\WINDOWS\system32\md5sum.exe |10/11/1999 23:00:00 C:\WINDOWS\system32\tar.exe |10/11/1999 23:00:00 C:\WINDOWS\system32\cnmUnInst.exe |29/09/2004 14:51:15 C:\WINDOWS\system32\FTD2XXUN.EXE |10/11/2004 00:09:00 C:\WINDOWS\system32\autoprnt.exe |08/02/2005 17:54:48 C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\PSDrvCheck.exe |28/05/2003 16:37:44 C:\WINDOWS\system32\P0630Srv.exe |29/12/2004 18:46:30 C:\WINDOWS\system32\redir.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\OggDSuninst.exe |05/01/2006 11:54:29 C:\WINDOWS\system32\java.exe |02/01/2006 17:59:46 C:\WINDOWS\system32\javaw.exe |02/01/2006 17:59:46 C:\WINDOWS\system32\javaws.exe |02/01/2006 17:59:47 C:\WINDOWS\system32\NeroCheck.exe |01/03/2006 12:01:28 C:\WINDOWS\system32\cmirmdrv.exe |29/07/2006 08:34:33 C:\WINDOWS\system32\GSW.EXE |15/03/2005 23:38:00 C:\WINDOWS\system32\EASIMME.exe |11/08/2006 20:37:46 C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\PlgEnabler.exe |11/08/2006 20:37:46 C:\WINDOWS\system32\DivXsm.exe |01/02/2007 00:27:01 C:\WINDOWS\system32\pxhpinst.exe |21/02/2007 13:03:34 C:\WINDOWS\system32\pxinsa64.exe |21/02/2007 13:03:34 C:\WINDOWS\system32\pxinsi64.exe |21/02/2007 13:03:35 C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |31/01/2007 02:15:10 C:\WINDOWS\system32\pxcpya64.exe |21/02/2007 13:03:35 C:\WINDOWS\system32\pxcpyi64.exe |21/02/2007 13:03:35 C:\WINDOWS\system32\asuninst.exe |21/04/2007 21:31:53 C:\WINDOWS\system32\N065UUD.DLL |30/09/2004 19:31:53 C:\WINDOWS\system32\N065UCPL.DLL |30/09/2004 19:31:53 C:\WINDOWS\system32\N065UFW.dll |30/09/2004 19:31:53 C:\WINDOWS\system32\UCS32P.DLL |30/09/2004 19:31:53 C:\WINDOWS\system32\ir41_32.dll |23/01/2005 17:11:30 C:\WINDOWS\system32\FreeImage.dll |11/02/2007 17:51:00 C:\WINDOWS\system32\a3d.dll |14/07/2004 17:55:12 C:\WINDOWS\system32\w32n50.dll |23/12/2005 17:01:15 C:\WINDOWS\system32\opshel32.dll |13/10/2004 19:18:40 C:\WINDOWS\system32\Pixdfltn.dll |04/05/2000 13:55:46 C:\WINDOWS\system32\scnlib32.dll |04/05/2000 13:58:02 C:\WINDOWS\system32\Pixlocn.dll |04/05/2000 13:55:46 C:\WINDOWS\system32\Pixpermn.dll |04/05/2000 13:55:46 C:\WINDOWS\system32\DLLCDA32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\cpuinf32.dll |17/09/2001 13:20:02 C:\WINDOWS\system32\atmfd.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\WLANUTL.dll |27/01/2006 16:58:48 C:\WINDOWS\system32\ltkrn13n.dll |03/01/2006 01:46:12 C:\WINDOWS\system32\ltfil13n.dll |03/01/2006 01:46:12 C:\WINDOWS\system32\ltdis13n.dll |03/01/2006 01:46:12 C:\WINDOWS\system32\jgaw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgmd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgdw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsh400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgpl400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ltimg13n.dll |03/01/2006 01:46:12 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06 C:\WINDOWS\system32\xvidcore.dll |05/06/2004 12:56:16 C:\WINDOWS\system32\xvidvfw.dll |06/06/2004 12:53:42 C:\WINDOWS\system32\3ivx.dll |27/01/2004 13:48:18 C:\WINDOWS\system32\msencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\huffyuv.dll |20/12/2003 01:38:58 C:\WINDOWS\system32\ir50_lcs.dll |06/11/1997 14:53:30 C:\WINDOWS\system32\TDXMW32.DLL |30/10/2004 21:07:29 C:\WINDOWS\system32\stvp.dll |11/07/2003 12:48:21 C:\WINDOWS\system32\msdmo.dll |12/12/2002 00:14:32 C:\WINDOWS\system32\vp6vfw.dll |12/02/2004 09:39:38 C:\WINDOWS\system32\lfbmp13n.dll |03/01/2006 01:46:12 C:\WINDOWS\system32\vp31vfw.dll |14/02/2002 11:48:12 C:\WINDOWS\system32\slbrccsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\lfcmp13n.dll |03/01/2006 01:46:12 C:\WINDOWS\system32\tsd32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\win87em.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\isrdbg32.dll |14/07/2004 17:48:31 C:\WINDOWS\system32\vboxs430.dll |12/09/2000 21:24:29 C:\WINDOWS\system32\cmuda.dll |29/07/2006 08:34:33 C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\Ir50_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Ir50_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\eraser.dll |25/07/2003 11:14:34 C:\WINDOWS\system32\Ir50_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\3ivxVfWCodec.dll |27/01/2004 13:48:34 C:\WINDOWS\system32\OpenQuicktimeLib.dll |27/01/2004 13:13:54 C:\WINDOWS\system32\Ir32_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Ir41_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Ir41_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\MACDec.dll |15/05/2004 16:10:42 C:\WINDOWS\system32\iccvid.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\WNASPI32.DLL |30/10/2004 21:07:29 C:\WINDOWS\system32\ltefx13n.dll |03/01/2006 01:46:12 C:\WINDOWS\system32\lfgif13n.dll |03/01/2006 01:46:13 C:\WINDOWS\system32\WooDial2000.dll |23/12/2005 17:16:56 C:\WINDOWS\system32\clrviddc.dll |04/03/2006 10:46:37 C:\WINDOWS\system32\compatUI.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\DLLAV32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\ogg.dll |05/10/2002 02:04:17 C:\WINDOWS\system32\xvid.dll |04/09/2002 15:12:16 C:\WINDOWS\system32\vorbis.dll |05/10/2002 02:04:24 C:\WINDOWS\system32\atmlib.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\amstream.dll |12/12/2002 00:14:32 C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\DLLCDF32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\slgen.dll |29/09/2004 15:02:54 C:\WINDOWS\system32\slextspk.dll |29/09/2004 15:02:54 C:\WINDOWS\system32\slcoinst.dll |29/09/2004 15:02:54 C:\WINDOWS\system32\sbe.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\s3gnb.dll |29/09/2004 15:02:54 C:\WINDOWS\system32\nv4_disp.dll |29/09/2004 15:02:54 C:\WINDOWS\system32\mtxparhd.dll |29/09/2004 15:02:55 C:\WINDOWS\system32\hsfcisp2.dll |29/09/2004 15:02:56 C:\WINDOWS\system32\vsdata.dll |24/09/2006 17:20:41 C:\WINDOWS\system32\encdec.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\pncrt.dll |01/11/2004 14:43:22 C:\WINDOWS\system32\pndx5016.dll |01/11/2004 14:43:28 C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativtmxx.dll |29/09/2004 15:02:57 C:\WINDOWS\system32\ati2dvaa.dll |29/09/2004 15:02:57 C:\WINDOWS\system32\pndx5032.dll |01/11/2004 14:43:28 C:\WINDOWS\system32\rmoc3260.dll |01/11/2004 14:43:39 C:\WINDOWS\system32\Wh2Robo.dll |30/10/2004 20:57:02 C:\WINDOWS\system32\FTD2XX.DLL |10/11/2004 00:09:00 C:\WINDOWS\system32\Audio3D.dll |14/07/2004 17:55:12 C:\WINDOWS\system32\lfbmp11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\DLLCPY32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\HtmlWH.dll |11/08/2006 20:34:55 C:\WINDOWS\system32\setupnt.dll |08/02/2005 17:54:04 C:\WINDOWS\system32\snapapi.dll |08/02/2005 17:54:02 C:\WINDOWS\system32\DLLDEV32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\dpv10.dll |01/09/2004 16:49:16 C:\WINDOWS\system32\dpus10.dll |01/09/2004 16:49:16 C:\WINDOWS\system32\dpuGUI10.dll |03/09/2004 18:37:38 C:\WINDOWS\system32\qt-mt331.dll |01/09/2004 16:49:17 C:\WINDOWS\system32\DivX.dll |01/02/2007 07:56:04 C:\WINDOWS\system32\PSIKey.dll |01/09/2004 16:48:50 C:\WINDOWS\system32\NTICDMK32.dll |14/07/2004 17:56:07 C:\WINDOWS\system32\divx_xx0c.dll |01/02/2007 07:56:05 C:\WINDOWS\system32\divx_xx07.dll |01/02/2007 07:56:06 C:\WINDOWS\system32\hypertrm.dll |14/07/2004 17:47:30 C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38 C:\WINDOWS\system32\EqnClass.Dll |14/07/2004 17:44:27 C:\WINDOWS\system32\spxcoins.dll |14/07/2004 17:44:27 C:\WINDOWS\system32\dgsetup.dll |14/07/2004 17:44:27 C:\WINDOWS\system32\dgrpsetu.dll |14/07/2004 17:44:27 C:\WINDOWS\system32\lfeps11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lffax11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfgif11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfpcd11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfpcx11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfpsd11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lftga11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lftif11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\lfwmf11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\ltfil11n.DLL |07/06/2002 05:02:00 C:\WINDOWS\system32\ltimg11n.dll |07/06/2002 05:02:02 C:\WINDOWS\system32\ltkrn11n.dll |07/06/2002 05:02:02 C:\WINDOWS\system32\PCDLIB32.DLL |07/06/2002 05:02:02 C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 20:46:58 C:\WINDOWS\system32\pclepim1.dll |15/01/2005 23:10:35 C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30 C:\WINDOWS\system32\mdmxsdk.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\C4C_INST.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56 C:\WINDOWS\system32\ati3d2ag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\CNMLMON.DLL |29/09/2004 14:51:23 C:\WINDOWS\system32\DLLDIR32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLDRV32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36 C:\WINDOWS\system32\divx_xx11.dll |01/02/2007 07:56:05 C:\WINDOWS\system32\divxdec_040c.dll |04/09/2004 00:34:08 C:\WINDOWS\system32\divxdec_0407.dll |04/09/2004 00:34:08 C:\WINDOWS\system32\divxdec_0411.dll |04/09/2004 00:25:12 C:\WINDOWS\system32\MagixDS.dll |11/08/2006 20:37:46 C:\WINDOWS\system32\DLLIMG32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLIO32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLPRJ32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLPTL32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLISO32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLIX.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLMSC32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLPNT32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLPRF32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLRD32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\DLLRES32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\P0630Sti.dll |29/12/2004 18:46:30 C:\WINDOWS\system32\P0630Hwx.dll |29/12/2004 18:46:30 C:\WINDOWS\system32\P0630Pin.dll |29/12/2004 18:46:30 C:\WINDOWS\system32\CtCamMgr.dll |29/12/2004 18:46:30 C:\WINDOWS\system32\P0630Vfw.dll |29/12/2004 18:46:30 C:\WINDOWS\system32\34CoInstaller.dll |15/01/2005 22:59:45 C:\WINDOWS\system32\Ma32.dll |15/01/2005 23:10:35 C:\WINDOWS\system32\PCLEGetGuid.dll |15/01/2005 23:10:35 C:\WINDOWS\system32\hticons.dll |14/07/2004 17:47:30 C:\WINDOWS\system32\Macd32.dll |15/01/2005 23:10:35 C:\WINDOWS\system32\Mamc32.dll |15/01/2005 23:10:35 C:\WINDOWS\system32\Masd32.dll |15/01/2005 23:10:35 C:\WINDOWS\system32\Mase32.dll |15/01/2005 23:10:35 C:\WINDOWS\system32\LFCMP11n.DLL |07/06/2002 05:02:00 C:\WINDOWS\system32\Lfpng11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\LTDIS11n.dll |07/06/2002 05:02:00 C:\WINDOWS\system32\Ltwvc11n.dll |07/06/2002 05:02:02 C:\WINDOWS\system32\RALMain.dll |15/01/2005 23:10:38 C:\WINDOWS\system32\Cnmbjun4.dll |29/09/2004 14:51:15 C:\WINDOWS\system32\Cnmbjun5.dll |29/09/2004 14:51:15 C:\WINDOWS\system32\DiskIO.dll |15/01/2005 23:10:38 C:\WINDOWS\system32\Cachex.dll |15/01/2005 23:10:38 C:\WINDOWS\system32\MLPagAx.dll |15/01/2005 23:10:38 C:\WINDOWS\system32\cmirmdrv.dll |29/07/2006 08:34:33 C:\WINDOWS\system32\midas.dll |01/07/2003 22:48:09 C:\WINDOWS\system32\imagr5.dll |01/03/2006 12:01:28 C:\WINDOWS\system32\iacenc.dll |05/01/2006 11:56:21 C:\WINDOWS\system32\iyvu9_32.dll |05/01/2006 11:56:21 C:\WINDOWS\system32\imagx5.dll |01/03/2006 12:01:28 C:\WINDOWS\system32\slbiop.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbcsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\dpu11.dll |30/01/2007 07:56:52 C:\WINDOWS\system32\dpus11.dll |30/01/2007 07:56:52 C:\WINDOWS\system32\qedwipes.dll |12/12/2002 00:14:32 C:\WINDOWS\system32\psisdecd.dll |14/07/2004 17:59:39 C:\WINDOWS\system32\picn20.dll |01/03/2006 12:01:29 C:\WINDOWS\system32\DLLTPO32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\OWL52T.DLL |11/02/2005 19:40:21 C:\WINDOWS\system32\BDS52T.DLL |11/02/2005 19:40:22 C:\WINDOWS\system32\STRING32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\livesnth.dll |04/03/2006 10:46:37 C:\WINDOWS\system32\vorbisenc.dll |05/10/2002 02:04:25 C:\WINDOWS\system32\OggDS.dll |06/10/2002 21:42:57 C:\WINDOWS\system32\vsutil.dll |24/09/2006 17:20:41 C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\MMRTKRNL.DLL |10/11/2004 00:08:59 C:\WINDOWS\system32\TTI32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\ffJmpWeb.dll |17/03/2006 22:18:02 C:\WINDOWS\system32\ImagXpr5.dll |01/03/2006 12:01:28 C:\WINDOWS\system32\udaprop.dll |29/07/2006 08:34:33 C:\WINDOWS\system32\TTIC32.dll |11/08/2006 20:37:45 C:\WINDOWS\system32\atioglx1.dll |22/02/2006 06:27:13 C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\vsmonapi.dll |24/09/2006 17:21:23 C:\WINDOWS\system32\dpv11.dll |30/01/2007 07:56:52 C:\WINDOWS\system32\vspubapi.dll |24/09/2006 17:21:23 C:\WINDOWS\system32\DATEDLL.DLL |15/03/2005 23:37:59 C:\WINDOWS\system32\GSWDLL.DLL |15/03/2005 23:38:00 C:\WINDOWS\system32\QPRO200.DLL |15/03/2005 23:38:00 C:\WINDOWS\system32\UnzDll.dll |15/03/2005 23:38:00 C:\WINDOWS\system32\ZipDll.dll |15/03/2005 23:38:00 C:\WINDOWS\system32\ati3d1ag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\EASIMME.dll |11/08/2006 20:37:46 C:\WINDOWS\system32\ATI2EVXX(3).DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\ssleay32.dll |21/04/2007 03:11:57 C:\WINDOWS\system32\ATI2EVXX(4).DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDEMGR.dll |22/02/2006 05:21:35 C:\WINDOWS\system32\ati2cqag.dll |29/09/2004 15:02:57 C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativvaxx.dll |29/09/2004 15:02:57 C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2edxx.dll |22/02/2006 06:40:41 C:\WINDOWS\system32\atikvmag.dll |22/02/2006 06:11:01 C:\WINDOWS\system32\mgxasio.dll |11/08/2006 20:37:47 C:\WINDOWS\system32\mgxoschk.dll |11/08/2006 20:34:15 C:\WINDOWS\system32\INETWH32.dll |15/10/2004 22:18:38 C:\WINDOWS\system32\ROBOEX32.DLL |15/10/2004 22:18:38 C:\WINDOWS\system32\vsinit.dll |24/09/2006 17:20:41 C:\WINDOWS\system32\zlib.dll |27/07/2000 01:13:02 C:\WINDOWS\system32\SmartSubClass.dll |27/04/2001 13:11:42 C:\WINDOWS\system32\SmartMenuXP.dll |13/10/2001 22:48:34 C:\WINDOWS\system32\zlcommdb.dll |24/09/2006 17:21:29 C:\WINDOWS\system32\vsxml.dll |24/09/2006 17:21:23 C:\WINDOWS\system32\vswmi.dll |24/09/2006 17:21:24 C:\WINDOWS\system32\zlcomm.dll |24/09/2006 17:21:29 C:\WINDOWS\system32\Registry.dll |25/09/2001 18:53:24 C:\WINDOWS\system32\vsregexp.dll |24/09/2006 17:21:31 C:\WINDOWS\system32\dtu100.dll |30/01/2007 07:56:56 C:\WINDOWS\system32\dpl100.dll |30/01/2007 07:56:56 C:\WINDOWS\system32\libeay32_0.9.6l.dll |24/09/2006 17:21:31 C:\WINDOWS\system32\vsutil_loc040c.dll |24/09/2006 17:21:34 C:\WINDOWS\system32\libdivx.dll |30/01/2007 08:03:26 C:\WINDOWS\system32\ssldivx.dll |30/01/2007 08:03:26 C:\WINDOWS\system32\qt-dx331.dll |30/01/2007 08:03:40 C:\WINDOWS\system32\dpu10.dll |03/09/2004 18:33:33 C:\WINDOWS\system32\dpuGUI11.dll |30/01/2007 07:56:52 C:\WINDOWS\system32\px.dll |21/02/2007 13:03:34 C:\WINDOWS\system32\pxmas.dll |21/02/2007 13:03:34 C:\WINDOWS\system32\pxwave.dll |21/02/2007 13:03:34 C:\WINDOWS\system32\vxblock.dll |21/02/2007 13:03:34 C:\WINDOWS\system32\pxdrv.dll |21/02/2007 13:03:34 C:\WINDOWS\system32\pxsfs.dll |21/02/2007 13:03:34 C:\WINDOWS\system32\pxafs.dll |21/02/2007 13:03:34 C:\WINDOWS\system32\ResInterface.dll |11/07/2003 12:48:21 C:\WINDOWS\system32\DivXWMPExtType.dll |12/12/2006 19:24:42 C:\WINDOWS\system32\libeay32.dll |21/04/2007 03:12:21 C:\WINDOWS\system32\fcbeaab_s.dll |21/04/2007 10:26:11 C:\WINDOWS\system32\ZPORT4AS.dll |21/04/2007 21:31:53 C:\WINDOWS\system32\HA_Error.dll |23/04/2007 15:39:58 C:\WINDOWS\system32\HA_Inet.dll |23/04/2007 15:39:58 C:\WINDOWS\system32\HA_Registration.dll |23/04/2007 15:39:58 C:\WINDOWS\system32\xmlparse.dll |08/08/2005 15:33:05 C:\WINDOWS\system32\xmltok.dll |08/08/2005 15:33:05 C:\WINDOWS\system32\libmySQL.dll |30/10/2002 10:07:25 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\system 23/08/2001 12:00 9 728 regsvr32.exe 23/12/1997 02:00 4 672 WOWPOST.EXE 28/04/1993 00:00 286 720 GSW.EXE 17/02/2004 17:51 1 458 176 SmWizard.exe 4 fichier(s) 1 759 296 octets 0 Rép(s) 5 122 424 832 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\system32 19/08/2004 16:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 5 122 424 832 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\Downloaded Program Files 14/07/2004 17:48 <REP> . 14/07/2004 17:48 <REP> .. 14/07/2004 17:48 65 desktop.ini 07/11/2004 03:47 <REP> CONFLICT.1 19/06/2002 14:11 117 088 PURen-us.dll 31/05/2002 09:20 117 328 PURfr-fr.dll 25/01/2006 12:43 367 LegitCheckControl.inf 10/04/2000 17:12 1 765 fhg.inf 15/10/2004 07:59 110 592 PURfr-xx.dll 12/04/2006 15:39 372 736 MsnPUpld.dll 12/04/2006 15:38 393 MsnPUpld.inf 26/06/2006 19:21 169 672 SymAData.dll 27/10/2004 14:10 111 752 LSSupCtl.dll 27/10/2004 14:03 302 LSSupCtl.inf 16/11/2005 11:52 490 Medialogic.INF 26/06/2006 19:21 558 792 tgctlsr.dll 26/06/2006 19:21 1 091 272 tgctlsi.dll 17/05/2006 14:32 161 480 rufsi.dll 17/05/2006 14:29 241 CabSA.inf 02/11/2005 18:07 435 712 xscan53.ocx 02/11/2005 18:01 1 777 xscan.inf 10/09/2006 01:00 124 584 naveng32.dll 10/09/2006 01:00 882 344 navex32a.dll 10/09/2006 01:00 2 504 catalog.dat 10/09/2006 01:00 272 040 ecmsvr32.dll 10/09/2006 01:00 6 899 ecbootil.vxd 10/09/2006 01:00 32 virscant.dat 10/09/2006 01:00 966 991 virscan1.dat 10/09/2006 01:00 569 712 virscan2.dat 10/09/2006 01:00 146 648 virscan3.dat 10/09/2006 01:00 320 186 virscan4.dat 10/09/2006 01:00 2 710 718 virscan5.dat 10/09/2006 01:00 389 301 virscan6.dat 10/09/2006 01:00 4 477 098 virscan7.dat 10/09/2006 01:00 1 595 050 virscan8.dat 10/09/2006 01:00 3 633 426 virscan9.dat 10/09/2006 01:00 224 zdone.dat 10/09/2006 01:00 106 244 virscan.inf 10/09/2006 01:00 97 552 scrauth.dat 10/09/2006 01:00 453 tinf.dat 10/09/2006 01:00 148 tinfidx.dat 10/09/2006 01:00 1 957 tinfl.dat 10/09/2006 01:00 58 757 tscan1.dat 10/09/2006 01:00 3 027 tscan1hd.dat 10/09/2006 01:00 901 symaveng.inf 10/09/2006 01:00 14 symaveng.cat 10/09/2006 01:00 48 717 tcdefs.dat 10/09/2006 01:00 968 580 tcscan7.dat 10/09/2006 01:00 315 343 tcscan8.dat 10/09/2006 01:00 661 149 tcscan9.dat 10/09/2006 01:00 5 116 v.grd 10/09/2006 01:00 2 261 v.sig 26/10/2004 18:10 6 854 navapi.vxd 26/10/2004 18:10 208 896 navapi32.dll 26/10/2004 18:14 197 760 avsniff.dll 26/10/2004 18:11 626 avsniff.inf 13/09/2006 16:49 2 072 vscanmsx.dat 18/09/2006 17:00 1 734 392 ICSScan.dll 18/09/2006 13:31 471 ICSScanner.inf 09/11/2006 14:36 5 019 swflash.inf 22/12/2006 12:20 1 564 hardwaredetection.inf 25/06/2006 12:50 1 793 erma.inf 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 61 fichier(s) 23 921 208 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 07/11/2004 03:47 <REP> . 07/11/2004 03:47 <REP> .. 26/06/2006 19:21 169 672 SymAData.dll 27/10/2004 14:10 111 752 LSSupCtl.dll 27/10/2004 14:03 302 LSSupCtl.inf 3 fichier(s) 281 726 octets Total des fichiers listés : 64 fichier(s) 24 202 934 octets 5 Rép(s) 5 122 424 832 octets libres Recherche de rootkit! (Merci S!Ri) C:\WINDOWS\System32\ip6fw.sys présent! Possible infection Spy-Agent.bv.dldr/Win32/Cutwail.M Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run !1_pgaccount = "C:\Program Files\ProcessGuard\pgaccount.exe"???? ?????? ? ?????????A??????????????????????? scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes AC3Filter (remove only) Ad-Aware SE Personal Adobe Acrobat 5.0 Adobe Flash Player 9 ActiveX Adobe Shockwave Player Ahead Nero 6 Demo Archiveur WinRAR ArcSoft PhotoStudio 2000 ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver AutoUpdate AVG Anti-Rootkit Free AVG Anti-Spyware 7.5 AVG Free Edition C-Media 3D Audio C-Media WDM Audio Driver Caere Scan Manager 5.1 CCleaner (remove only) Cloneur Expert Copernic Agent Basic Creative WebCam Center Creative WebCam Live! Driver (1.00.06.0414) Direct Show Ogg Vorbis Filter (remove only) DivX Codec DivX Content Uploader DivX Converter DivX Player DivX Web Player DU Meter Dépanneur Expert EasyRecovery Professional EasyRecovery Professional Editeur de disque eMule File Good Security 3.10g HardwareDetection HijackThis 1.99.1 Imprimante BJ Indeo® XP Software J2SE Runtime Environment 5.0 Update 2 J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_01 Java 2 Runtime Environment, SE v1.4.2_06 jv16 PowerTools 2006 K-Lite Codec Pack 2.27 Full K!TV La Bataille pour la Terre du Milieu™ II Language pack for Ad-Aware SE Lecteur Windows Media 10 Lemmings for Windows 95 Livebox Manuel d'utilisation de Creative WebCam Live! (Français) MediaKey Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 CD-ROM 2 Microsoft Office Professional Edition 2003 Microsoft XML Parser Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Monopoly MpFormat MpFormat (C:\Program Files\MpFormat\) MpFormat (C:\Program Files\MpFormat\) #3 MSN Messenger 7.5 MSXML 4.0 SP2 (KB927978) Navigator Nettoyeur de disque NTI CD & DVD-Maker NTI CD & DVD-Maker 6.5 Gold OmniPage Pro 9.0 Paint Shop Pro 6 Digital Camera Support Paint Shop Pro 6.0 (CD-ROM) Panda ActiveScan Partition Expert Pinnacle PCTV PowerDVD QuickTime RealPlayer Realtek AC'97 Audio Security BOX FreeWare 1.1 Security BOX FreeWare 1.1 Shockwave SiSAGP driver Skype 2.0 SkySwePro SPAMfighter Spybot - Search & Destroy 1.4 StatView Ulead GIF Animator 5 Trial USB Flash Disk VideoLAN VLC media player 0.8.6b Wanadoo Messager WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format Runtime Windows Vista Upgrade Advisor Windows XP Service Pack 2 WinZip World of Warcraft XviD Video Codec 04092002-1 (Koepi's build with EPSZ ME) XVid;-) ZoneAlarm Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files 14/07/2004 17:44 <REP> . 14/07/2004 17:44 <REP> .. 22/04/2007 09:46 <REP> a2 free 05/01/2006 11:54 <REP> AC3Filter 14/07/2004 17:56 <REP> Adobe 06/05/2005 18:48 <REP> Agnitum 17/10/2004 15:47 <REP> Ahead 30/10/2004 21:06 <REP> ALCATech 01/02/2006 19:13 <REP> Anonymizer 13/10/2004 19:17 <REP> ArcSoft 03/04/2006 19:38 <REP> ATI Technologies 14/07/2004 17:55 <REP> AvRack 13/04/2005 09:17 <REP> bps spyware 13/04/2005 09:18 <REP> BulletProofSoft.com 18/04/2005 16:36 <REP> CachemanXP 13/10/2004 19:18 <REP> Caere 13/08/1999 06:00 5 885 CAMUNWISE.INI 08/09/2006 17:13 <REP> CCleaner 04/12/2004 10:55 <REP> Cdex 17/02/2005 14:47 <REP> CheckFlow 04/03/2006 10:34 <REP> Clean Disk Security 29/07/2006 08:34 <REP> C-Media 3D Audio 14/07/2004 17:48 <REP> ComPlus Applications 31/10/2004 02:39 <REP> Copernic Agent 29/12/2004 18:45 <REP> Creative 28/02/2005 15:56 <REP> Cyanide 14/07/2004 17:57 <REP> CyberLink 13/11/2004 17:16 <REP> DivX 30/10/2004 13:41 <REP> DU Meter 26/03/2006 10:34 <REP> EA GAMES 17/10/2004 17:07 <REP> Elaborate Bytes 22/07/2006 17:37 <REP> Electronic Arts 29/10/2004 11:14 <REP> eMule 07/02/2007 18:45 <REP> Eraser 16/05/2006 18:53 <REP> Everest Poker 05/01/2006 11:54 <REP> ffdshow 14/07/2004 17:44 <REP> Fichiers communs 31/10/2004 18:05 <REP> File Good Security 25/11/2004 10:01 <REP> FlashGet 11/08/2005 14:34 <REP> Game On 13/11/2004 17:12 <REP> GFI 28/01/2006 16:48 <REP> Google 24/06/2005 08:57 <REP> GrabIt 28/12/2006 15:06 <REP> Grisoft 20/06/2005 19:05 <REP> GT Interactive 03/04/2006 18:01 <REP> HardwareDetection 13/01/2007 15:43 <REP> ICRAplus 23/01/2005 19:41 <REP> Infogrames 14/07/2004 17:48 <REP> Internet Explorer 13/01/2007 15:03 <REP> Internet Spy 23/12/2005 17:04 <REP> Inventel 14/07/2004 17:58 <REP> Java 21/04/2007 10:26 <REP> jv16 PowerTools 2006 16/01/2005 00:35 <REP> K!TV 17/10/2004 15:35 <REP> K-Lite Codec Pack 01/11/2004 18:20 <REP> Lavasoft 13/01/2007 14:23 <REP> LCPA Lite 05/01/2006 11:56 <REP> Ligos 13/11/2004 19:01 <REP> Lionhead Studios Ltd 02/01/2005 11:30 <REP> LucasArts 30/09/2004 12:00 <REP> Maxis 15/10/2004 21:11 <REP> MCK3 17/02/2007 19:10 <REP> MediaKey 04/08/2006 12:15 <REP> Mes Jeux Téléchargés 14/07/2004 17:47 <REP> Messenger 08/02/2005 17:53 <REP> Micro Application 01/10/2004 15:29 <REP> Microsoft Encarta 14/07/2004 17:49 <REP> microsoft frontpage 29/09/2004 14:41 <REP> Microsoft Office 30/01/2007 04:10 <REP> Microsoft Windows Vista Upgrade Advisor 14/07/2004 18:30 <REP> Microsoft Works 17/10/2004 17:42 <REP> Microsoft.NET 14/07/2004 17:48 <REP> Movie Maker 10/10/2004 09:36 <REP> mozilla.org 28/06/2005 14:58 <REP> MpFormat 14/07/2004 17:47 <REP> MSN Gaming Zone 21/12/2004 01:40 <REP> MSN Messenger 20/11/2006 08:27 <REP> MSXML 4.0 14/07/2004 17:48 <REP> NetMeeting 14/07/2004 17:56 <REP> NewTech Infosystems 22/02/2006 09:39 8 nomutil.txt 01/10/2004 10:54 <REP> Norton AntiVirus 05/11/2004 23:29 <REP> NukeNabber 26/01/2005 10:47 <REP> Ontrack 08/02/2007 09:10 <REP> OrangeHSS 14/07/2004 17:48 <REP> Outlook Express 30/10/2004 20:56 <REP> Paint Shop Pro 6 13/01/2007 14:40 <REP> PasToucheXP 30/10/2004 22:24 <REP> PATRICIAN II 12/12/2004 16:48 <REP> Pinnacle 16/05/2006 19:13 <REP> PokerStars 29/08/2005 16:42 <REP> PopCap Games 16/01/2005 01:16 <REP> Primedius 13/09/2006 17:54 <REP> ProcessGuard 30/12/2004 10:32 <REP> QuickTime 01/11/2004 14:43 <REP> Real 14/07/2004 17:55 <REP> Realtek Sound Manager 17/03/2006 22:15 <REP> SAGEM 21/12/2004 12:38 <REP> SBox FreeWare 13/01/2007 14:46 <REP> Screen Watcher 14/07/2004 17:47 <REP> Services en ligne 17/02/2007 19:09 <REP> Sesam.tv 03/04/2006 19:40 <REP> sisagp 21/03/2006 10:55 <REP> Skype 02/11/2004 19:46 <REP> SmartFTP Setup Files 03/10/2004 10:58 <REP> Snapshot Viewer 04/04/2007 16:00 <REP> SPAMfighter 13/11/2004 17:37 <REP> Spybot - Search & Destroy 13/09/2006 18:33 <REP> Steganos AntiSpyware 2006 17/10/2004 15:34 <REP> SuperCopier 11/02/2005 19:40 <REP> SweepSky 30/01/2005 16:17 <REP> TechSmith 06/11/2004 03:08 <REP> The Cleaner 22/02/2006 11:11 558 Thierry.txt 17/10/2004 15:55 <REP> THQ 08/08/2005 15:32 <REP> Ubi Soft 01/02/2006 14:16 <REP> UBISOFT 15/10/2004 22:18 <REP> Ulead Systems 28/06/2005 14:40 <REP> USBDisk 05/02/2006 17:55 <REP> VideoLAN 23/12/2005 17:15 <REP> Wanadoo 17/03/2006 22:18 <REP> Wanadoo Messager 30/10/2004 21:31 <REP> Warcraft III 21/02/2005 19:58 <REP> WASTE 25/11/2006 21:02 <REP> Webteh 27/07/2006 10:30 <REP> Windows Media Connect 2 14/07/2004 17:47 <REP> Windows Media Player 14/07/2004 17:47 <REP> Windows NT 21/02/2007 23:44 <REP> WinLemm 03/11/2004 20:12 <REP> WinRAR 12/04/2005 21:58 <REP> WinZip 14/07/2004 17:49 <REP> xerox 07/11/2004 12:07 <REP> XviD 13/11/2004 17:16 <REP> XVid;-) 22/04/2006 12:21 <REP> YourWare Solutions 24/09/2006 17:21 <REP> Zone Labs 3 fichier(s) 6 451 octets 133 Rép(s) 5 120 917 504 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\fichiers communs 14/07/2004 17:44 <REP> . 14/07/2004 17:44 <REP> .. 14/07/2004 17:44 <REP> Microsoft Shared 14/07/2004 17:44 <REP> SpeechEngines 14/07/2004 17:44 <REP> ODBC 14/07/2004 17:48 <REP> System 14/07/2004 17:48 <REP> MSSoap 14/07/2004 17:48 <REP> Services 14/07/2004 17:55 <REP> InstallShield 14/07/2004 17:56 <REP> Adobe 14/07/2004 17:58 <REP> Java 29/09/2004 14:43 <REP> Designer 01/10/2004 10:54 <REP> Symantec Shared 13/10/2004 19:18 <REP> Caere 08/03/2006 13:55 <REP> xing shared 04/04/2007 16:01 <REP> Application 01/11/2004 14:43 <REP> Real 04/08/2006 12:17 <REP> BOONTY Shared 05/11/2004 23:26 <REP> Wise Installation Wizard 08/02/2005 17:54 <REP> Acronis 11/08/2006 20:37 <REP> MAGIX Shared 04/04/2007 16:02 <REP> Ankiro 08/02/2007 09:09 <REP> France Telecom 24/02/2007 14:53 <REP> Copernic 01/04/2007 13:05 <REP> Blizzard Entertainment 11/08/2005 14:34 <REP> Broderbund 24/01/2006 14:58 278 528 FDEUnInstaller.exe 01/03/2006 12:01 <REP> Ahead 1 fichier(s) 278 528 octets 27 Rép(s) 5 121 933 312 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 14/07/2004 17:54 <REP> . 14/07/2004 17:54 <REP> .. 07/03/2001 09:00 127 033 MSOWS40c.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 17/10/2004 17:41 <REP> 1036 15/07/2003 06:52 35 896 MSOSV.DLL 17/10/2004 17:42 <REP> 1033 11/07/2003 10:15 1 292 872 MSONSEXT.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 6 fichier(s) 2 253 163 octets 4 Rép(s) 5 121 933 312 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 5 121 933 312 octets libres c:\Documents and Settings\moi\Local Settings\Temp\unwise.exe c:\Documents and Settings\moi\Mes documents\bsplayer216.945_clip.exe c:\Documents and Settings\moi\Mes documents\icraplus.exe c:\Documents and Settings\moi\Mes documents\jv16pt_setup.exe c:\Documents and Settings\moi\Mes documents\setup multivir.exe c:\Documents and Settings\moi\Mes documents\drivers\6-7_xp-2k_dd_ccc_wdm_enu_34826.exe c:\Documents and Settings\moi\Mes documents\drivers\dotnetfx.exe c:\Documents and Settings\moi\Mes documents\drivers\dxwebsetup.exe c:\Documents and Settings\moi\Mes documents\drivers\Install_Messenger.exe c:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\setup.exe c:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\WDM\CMIRMDRV.EXE c:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\WDM\SmWizard.exe c:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\Win_98\CMIRMDRV.EXE c:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Driver\Win_98\SmWizard.exe c:\Documents and Settings\moi\Mes documents\drivers\UDA051_build01(Logo51.3_Standard)\Play3D\CmiPlay3D.exe c:\Documents and Settings\moi\Mes documents\drivers\agp121\setup.exe c:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\AMDInst.exe c:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\ata133ap.exe c:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\instdrv.exe c:\Documents and Settings\moi\Mes documents\drivers\agp121\SISfiles\waitwnd.exe c:\Documents and Settings\moi\Mes documents\drivers\agp121\USB\Win2K_XP\WinXPUSB\SiSUSBrg.exe c:\Documents and Settings\moi\Mes documents\drivers\agp121\USB\Win9x\SiSFiles\Mp_s3.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\BackgroundDownloader.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\BNUpdate.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\Launcher.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\Repair.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.0-frFR-downloader.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.0-frFR-patch.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-patch.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-frFR-downloader.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-frFR-patch.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-2.0.3-frFR-downloader.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WowError.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch\Updater.exe c:\Documents and Settings\moi\Mes documents\World of Warcraft\Patches\WoW-2.0.0-to-2.0.3-frFR-Win-patch\BNUpdate.exe c:\Documents and Settings\moi\Mes documents\divers7pwd.exe c:\Documents and Settings\moi\Mes documents\divers\a2freesetup.exe c:\Documents and Settings\moi\Mes documents\divers\aawsepersonal.exe c:\Documents and Settings\moi\Mes documents\divers\AluriaLiteScannerInstall.exe c:\Documents and Settings\moi\Mes documents\divers\cleaner41.exe c:\Documents and Settings\moi\Mes documents\divers\codinstl.exe c:\Documents and Settings\moi\Mes documents\divers\copernicagentbasicfr.exe c:\Documents and Settings\moi\Mes documents\divers\cpuz.exe c:\Documents and Settings\moi\Mes documents\divers\DivX412Bundle+Player.exe c:\Documents and Settings\moi\Mes documents\divers\DUMeter-Install.exe c:\Documents and Settings\moi\Mes documents\divers\eMule0.44d-Installer.exe c:\Documents and Settings\moi\Mes documents\divers\fgf140.exe c:\Documents and Settings\moi\Mes documents\divers\fgs-3.10g.exe c:\Documents and Settings\moi\Mes documents\divers\flowprotector2005_demo2.exe c:\Documents and Settings\moi\Mes documents\divers\INSTALL_MSN_MESSENGER_DL.EXE c:\Documents and Settings\moi\Mes documents\divers\klcodec227f.exe c:\Documents and Settings\moi\Mes documents\divers\RealPlayer10-5GOLD_fr.exe c:\Documents and Settings\moi\Mes documents\divers\Security BOX® Freeware.exe c:\Documents and Settings\moi\Mes documents\divers\setup.exe c:\Documents and Settings\moi\Mes documents\divers\setup_MCK3.exe c:\Documents and Settings\moi\Mes documents\divers\SetupCloneDVD2Slysoft.exe c:\Documents and Settings\moi\Mes documents\divers\SetupDVDDecrypter_3.5.1.0.exe c:\Documents and Settings\moi\Mes documents\divers\setupMckFtp.exe c:\Documents and Settings\moi\Mes documents\divers\SFTPMSI.exe c:\Documents and Settings\moi\Mes documents\divers\ssfisetup1611_1793400604.exe c:\Documents and Settings\moi\Mes documents\divers\tauscan.exe c:\Documents and Settings\moi\Mes documents\divers\vlc-0.8.6b-win32.exe c:\Documents and Settings\moi\Mes documents\divers\waste-setup-1.5-beta-3-mini-fre.exe c:\Documents and Settings\moi\Mes documents\divers\zlsSetup_51_033_000.exe c:\Documents and Settings\moi\Mes documents\divers\zlsSetup_51_039_004.exe c:\Documents and Settings\moi\Mes documents\divers\disk expert\dx_s_f.exe c:\Documents and Settings\moi\Mes documents\divers\Photoshop 7 FR by Arsonik\setup\_ISDel.exe c:\Documents and Settings\moi\Mes documents\divers\Photoshop 7 FR by Arsonik\setup\Setup.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Setup\instmsia.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Setup\instmsiw.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Setup\setup.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\Setup.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\CHKDSK.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\EMM386.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\FLOPPY.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\FLOPPY9x.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\FLOPPYME.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\NWCDEX.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\Rescueme\DOSYSTEM\PTEDIT32.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\DKeeper\instmsia.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\DKeeper\instmsiw.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\DKeeper\setup.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Setup\instmsia.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Setup\instmsiw.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Setup\setup.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\Setup.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\CHKDSK.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\EMM386.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\FLOPPY.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\FLOPPY9x.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\FLOPPYME.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\NWCDEX.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\PQBOOT.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\PTEDIT32.EXE c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\restrmbr.exe c:\Documents and Settings\moi\Mes documents\divers\PArtition Magic 8 fr\BTMagic\Rescueme\DOSYSTEM\WRPROG.EXE c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Hollywood FX5\Hollywood FX.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Welcome.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Tutorial\Tutorial.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Tools\amcap.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Tools\PPE114.EXE c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Setup\setup.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Pixie5\PixieTool.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Pixie5\RegisterStudio\LicenseTool.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\HollywoodFX\hfx5studiosilent.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Driver\PCLEBendPCI.exe c:\Documents and Settings\moi\Mes documents\divers\Pinnacle Studio 9\Driver\PCLEUSB.exe c:\Documents and Settings\moi\Mes documents\divers\winzip\winzip90.exe c:\Documents and Settings\moi\Mes documents\soptiti\bsplayer212.941_clip.exe c:\Documents and Settings\moi\Mes documents\soptiti\EraserSetup.exe c:\Documents and Settings\moi\Mes documents\soptiti\free-parental-control.exe c:\Documents and Settings\moi\Mes documents\soptiti\setup espion.exe c:\Documents and Settings\moi\Mes documents\soptiti\vlc-0.8.4a-win32.exe c:\Documents and Settings\moi\Bureau\anti trojan\avgas-setup-7.5.0.50.exe c:\Documents and Settings\moi\Bureau\anti trojan\avgas-signatures-full-current.exe c:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.exe c:\Documents and Settings\moi\Bureau\anti trojan\pgsetup.exe c:\Documents and Settings\moi\Bureau\anti trojan\sarsfx.exe c:\Documents and Settings\moi\Bureau\anti trojan\saspy2006int.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\dumphive.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\HostsChk.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\Process.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\Reboot.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\restart.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\swreg.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\swsc.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\swxcacls.exe c:\Documents and Settings\moi\Bureau\anti trojan\SmitfraudFix\unzip.exe c:\Documents and Settings\moi\Bureau\TV\setup-2.0.0.0.exe c:\Documents and Settings\moi\Bureau\outils disk\pagedfrg.exe c:\Documents and Settings\moi\Bureau\jeux\pokerth-0.3-win32.exe c:\Documents and Settings\moi\Bureau\divers\aawsepersonal.exe c:\Documents and Settings\moi\Bureau\divers\ccsetup132.exe c:\Documents and Settings\moi\Bureau\divers\eMule0.47a-Installer.exe c:\Documents and Settings\moi\Bureau\divers\GrabIt153b.exe c:\Documents and Settings\moi\Bureau\divers\lusetup.exe c:\Documents and Settings\moi\Bureau\divers\QuickPar-0.9.1.0-FRA.exe c:\Documents and Settings\moi\Bureau\divers\securitoo_controle_parental_r5.exe c:\Documents and Settings\moi\Bureau\divers\setupavast.exe c:\Documents and Settings\moi\Bureau\divers\SkypeSetup.exe c:\Documents and Settings\moi\Bureau\divers\spamfighter.exe c:\Documents and Settings\moi\Bureau\divers\spybotsd14.exe c:\Documents and Settings\moi\Bureau\divers\TCPOptimizer.exe c:\Documents and Settings\moi\Bureau\divers\WM9Codecs.exe c:\Documents and Settings\moi\Bureau\divers\zone alarm.exe c:\Documents and Settings\moi\Bureau\divers\FORMATAGE MPFUB26 b\mpformat.exe c:\Documents and Settings\moi\Bureau\divers\FORMATAGE MPFUB26 b\setup.exe c:\Documents and Settings\moi\Bureau\divers\clins d'oeil et image perso animées [zozobis] testé OK\install.exe c:\Documents and Settings\moi\Bureau\divers\anonyme\Anonymizer_Software_Setup.exe c:\Documents and Settings\moi\Bureau\divers\anonyme\ipanonymizer.exe c:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\Start_Pc.exe c:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\XTRAS\ACTIVEX\REDIST\APRXDIST.EXE c:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\XTRAS\ACTIVEX\REDIST\AXDIST.EXE c:\Documents and Settings\moi\Bureau\divers\Roxio 24 (D)\XTRAS\ACTIVEX\REDIST\WINTDIST.EXE c:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\Process.exe c:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\Reboot.exe c:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\swreg.exe c:\Documents and Settings\moi\Bureau\divers\SmitfraudFix\swsc.exe c:\Documents and Settings\moi\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\moi\Bureau\DiagHelp\diff.exe c:\Documents and Settings\moi\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\moi\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\moi\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\moi\Bureau\DiagHelp\grep.exe c:\Documents and Settings\moi\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\moi\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\moi\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\moi\Bureau\DiagHelp\streams.exe c:\Documents and Settings\moi\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\moi\Bureau\video-music\NERO 6.0.0.19\nbr60019fra.exe c:\Documents and Settings\moi\Bureau\video-music\NERO 6.0.0.19\nero60019.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7upd\backup\avgcore.dll c:\Documents and Settings\moi\Application Data\Adobe\Acrobat\Whapi\WHA Library.dll c:\Documents and Settings\moi\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

Merci pour ta réponse Charles !! je m'attaque à tout cela et j'envoie les rapports les uns après les autres dès que possible...

merci pour vos réponses... je galère toujous autant.... n'y a t il aucune ame charitable ???

RE bonjour! Je m'aperçois que j'ai oublié d'indiquer que j'ai une connection de 512k ( ile de la réunion oblige) et surtout que j'ai été dans l'impossibilité de suivre à la lettre la procédure de pré-désinfection décrite sur le forum. A cela plusieurs raisons : sites miroirs qui ne renvoient à rien (ou en tout cas Internet explorer ne veut rien ouvrir), ordi qui rame grave, etc ... j'ai donc tenté de faire avec les moyens déjà installés sur mon pc et de coller au plus près de ce qui est décrit, en utilisant Ccleaner par exemple pour fait place net. Merci encore pour vos futures réponses !!

Bonjour à Tous ! J'utilise DU METER, et depuis plusieurs jours je me suis rendu compte que ma connexion "tournait" sans raison (pas de mise à jour en route ou autres pourtant). J'ai tenté de nettoyer mon pc par les moyens habituels : AD-aware, spybot search and destroy, AVG en mode normal et en mode sans échec. Malheureusement rien n'y fait puisqu'aucun d'entre eux n'a détecté d'anomalies... ou presque : AVG m'a signalé un éléments nommé "clicker" puis plus rien. Je suis donc très inquiet de cette connection intempestive continuelle (principalement en up load). L'un ou l'une d'entre vous aurait-il une solution, s'il vous plait ? merci d'avance. PS : Pour avoir surfer sur le forum, voici quelques éléments qui sont souvent demandés je crois j'utilise xp édition familial avec le service pack 2. Mon ordi est un pentium IV de 2.8Gigas et 1.25 Gigas de RAM. j'en profite aussi pour laisser un scanne de Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 16:42:05, on 23/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\ProcessGuard\dcsuserprot.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\DU Meter\DUMeter.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ProcessGuard\pgaccount.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\MediaKey\MMKeybd.EXE C:\Program Files\Sesam.tv\IRAssistant\IRAssistant.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\ProcessGuard\procguard.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\moi\Bureau\anti trojan\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [!1_pgaccount] "C:\Program Files\ProcessGuard\pgaccount.exe" O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [s-watch] C:\Program Files\Screen Watcher\watcher.exe O4 - HKLM\..\Run: [MMKeybd] C:\PROGRA~1\MediaKey\MMKeybd.EXE O4 - HKLM\..\Run: [iRAssistant] C:\Program Files\Sesam.tv\IRAssistant\IRAssistant.exe O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "C:\Program Files\ProcessGuard\procguard.exe" -minimize O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedCon...bin/AvSniff.cab O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://soptiti.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...anner371020.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: DiamondCS ProcessGuard Service v3.410 (DCSPGSRV) - DiamondCS - C:\Program Files\ProcessGuard\dcsuserprot.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe