rhodes38

Hello desh j'intercepte ta réponse depuis mon travail Le fait d'avoir installé KASPERSKY depuis hier, ne va t'il pas "chambouler" ta réponse? amitiés surfantes rhodes38

Très bonne analyse, j'attends ton coup de pouce Pour l'antivirus j'ai acheté et installé Kaspersky Internet sécurity 2007 L'analyse de cet antivirus laisse apparaitre : Trojan.Win32.Monder.gen Not-a-virus:Adware.Win32.Virtumonde.trb Trojan-Win32-Pakes.Cym merçi pour ton aide rhodes38

Hello Desh ci après tu trouveras les 2 rapports G toujours des pages qui s'ouvrent G désinstallé Bitdefender et suis allé m'acheter Kasperski Internet Security edition 2007 Dois je/Puis je l'installer? 1000 fois merçi pour ton aide amitiés surfantes rhodes38 ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, May 24, 2008 9:15:28 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 24/05/2008 Kaspersky Anti-Virus database records: 799624 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ Scan Statistics: Total number of scanned objects: 139787 Number of viruses found: 16 Number of infected objects: 45 Number of suspicious objects: 0 Duration of the scan process: 01:54:19 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0032357ce89fe8eeebe21ba4a7c2aee8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00bc9f98115cfb7b851f4764ce1265aa_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00ef674e289c7d227704680139cb4547_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01cd5ccf693e131fd8123f1ddbcf151a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01f2f7a9629e10401186ddb7911933e3_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\030c98ce77a9abef47132cb7e85c3d7f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\034ed58e0cf5451727293ef8704caf0d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03a17bd5837c9e853a3541e25b38292a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\043ddae506d167a41b6a684f7f24b6c9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\04c3ea1a8416fd52cc764f1e16bf271f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\054022ca8217bdd16f14e14430d6de28_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0742d16489233786f433a293f3d66eba_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0810fe872b3f87af8ce3a05e5f89dc29_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\081d199e2fef5e45b8270122bdfa09ac_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\08983b26698c92c854a8c21ad7ace9fc_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\097871dda2edbf215315c8b0e65f31e2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\09a27c717b8c639057ee499c5d72a8fd_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\09d831c01b35e4a6368ce13a2a5e405e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0a7860a68859faa9d9676fb5d83ea1ea_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0ae8049969886a120ba8176638e648ec_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0c58f5dc6c5596da52957f125858bbdf_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0d91a6e99adcc96182881c3ebe3027d5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e44111769163697c579c6d9bc7a7438_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e9bd612e3d01e7f8cc55b0f3d70afb6_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0ed28a2c3226201f1e2cdd2eefeb42a8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0fa15c799ff1f1b2858b8018a21924a5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\11027dd7ddae8af7ad141180ed068171_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1123e9e7a7074760a80c0c12aa16795a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\11406f21694df1cb3fda697f102dbb66_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\120adaca3f44cbad280f2fbb2eb4053b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\122e9a26ef3df25fcdcaa67684a8a41c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\131f4e002110de1b1327b2a11c942994_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\14bdc90629a60523f7fd41cde6cfb670_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\14efd593533d1e47953668c72e7d6271_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\158a1acf47cd2d962960f2ff86a1a6d5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\15970cb8c69417c468c7444344a83708_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16bf4230f56b6d7447d812ebf1158c22_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\174f4b3f4513edcc2d2bf6c9f1a97308_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\177ca6cbc1b2e0091f11f51823900ab1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1806840e66f95b217ea2757c99a8d3a3_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1837a8ab009b1e6161b0c19fc73afe24_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18f37fba2c6f3a2e241f4e992579bd62_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\190cd90a2f9d09b446aa3ee1fa5acac6_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a7e8d6a088f41936a5e6c0a437d08f8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a85499c1ea560379b4edbcac6610018_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b00ebec23a34e1d9ae3f83c41829c78_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b0d21044302a97f27f47e79e0b1b54b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b9ccb634ec4423154c039afeafa1a58_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1ce514ef10b2f8cbb8a7d18405b42c21_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d9430c84b2cd21d8d4fcc01d52d10fa_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dabb5e815cdb52c90c78904b734c479_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dc0f91041231f0f0a0ff2f791cb4448_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f7a69b1cf7a00d4be1e130628e4a8ba_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1fd5fbacc74a5bfff89f24b3a1f6ce16_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\21795ab9e7a5e7d02b9b851e2dd714f4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\22a19ade0d7904d682f5cb5087230df1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\22a89f9c215ec0143c7d94848ad049bc_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\22d8d8eeab18edc0745a45f44b087ffd_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\233e0cb49b5353b5c5cba2224e9b78ad_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\23abd8c21461cd4300d7fbab743e0017_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\23bf712b67cb8f9ea8c763cf8406adc8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\242410fefb1de9ec54f6be17615d645e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\242c70bda2385c4123c4a551c2b9a471_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24516d435dece71ae8376a97e10e9b5e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2468f9ba1fef76dc6c653774cc011190_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24e9742bf9c73eb94088b07181c6771c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\25a2d033b435aa1f62ed136e073b5b38_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2621c04f82e12e17844975b152b3fffe_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\26c76d60918ef19578fd636868d91e30_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\273caf852436da11cde6d301483b3636_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\27d25942676fcbbdc6cdf5fa5f457007_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2814b9d0e47ec3beb8cd5f16061ec49e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\281fb8a8f3930796e1a3a1ee86443d4b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2834062803951b68dd3860e3d1cd3bbc_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\283bd2bc26d9e7553724f83856e8dde0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\288bc98de862ff9b6d82c4135788b519_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\291375bd98ca9571a1a7e77e2735cbb5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2977b4309193a0afbf1bdd3264acf811_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29be56c9d0060e20601e461788885945_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2c61621ac72e7069b64a8e1daa239fb8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ca4d9dbb4568d4e680cdeb59f1dea47_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2cffc5c71f9e85ce2fdbf9994662119c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d369ac0635ef45bc378b4af7353fc42_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d6ab0eb680c5ef2b019c27187142c0b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d9599563aec2e8ee2911ba3f4a02e66_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2dbcf950db4afff1d13f5dfcc999bb78_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ee7468a38d050f0b5bb95130c62a2cc_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2f46dfbc8460f69fa9090183086f6dce_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\300aa812e16d74313a8298015505f438_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3040cab161b65d1eb7137dd2a794b893_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30e23be2d8480ca4e1b7a431079157e7_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\31021e46fda7d9124e9f77c1f73dd97f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\319ccf3ae2c31a957b21648abffdd3fa_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\34a9d0f753db349829128c7aa9254b70_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\34e8e1ec8c1ce4f0f6750c9ee9aa6551_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\34fd9d1f95283fdf23d449a8f27855ce_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\354b5512af641aaec4dfb0a6577ace7f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3598f3a4e2b82a2700aba7a5b0807425_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3599cf08eecb8a4d1980baab45240d34_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\35d469ba0c4c74586ba72d19dcda774f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\35e86615992b8d7176d4ea8ec864d970_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3658c6ded134e0eb0b2434ba9282fceb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\366a0b87b46ff4b32df3a9816fdfc002_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\36ea2f72ef485b5c21951b3a16790e5c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\37e6912e61290392165884f1bf8a7a2c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\38ec9f559a9cb4edcebf641f0817b74d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3967fb08c58f92a505b2dc516d4fcfbb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39a3a7296c8874cc6422b029c0995148_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3acc1111e280dac03b89813d07f0b29b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b6cfa74b1f3ba9a436669652c566f81_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3c7534f94b6cb4bdd5571dcd708a1845_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3c7c228a1b1b16c2d9aa772a78a2b8d4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d06be1a7e4bf7dc6e222dbc86cabd66_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e51673c830d6d6068e7dc5b4fdb43c2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4070a003a5d6e69b363fe82d39251f01_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\40715007dcd682acbbb85177537a368e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\408a34bb4aed62b2ed439b6c41de162d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4159b5e0d5cdf94fadfc8d8efd02b1c5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41817110f39feba8455e132f35fce747_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\419956277297fb735436aefa9fe0eb9a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42e066e6bb8ea376cdc026fdcfe83a13_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\43b82c163789fbc06c0e186df8c89e53_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\43e5aca35adaebb516f5b5cf5a145925_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\43e740167498af3cf17f534205d80de2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\458898fa9d08069883dd7764939996ec_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\45adf73d9105d8a2c685a247c0ccb287_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\461235c59e5cc2d0b0a0c22877515ee1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4650dd6b7ab821e03dee690982c9036b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\46f720f423965f9787f9d4c6cf70e2f9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4794c32af7be60dbd6cc1ef284192199_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\47ed2510f358fb919a3d602663b83310_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\484f469670b4f10e1a713303ebd20ac5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\487044ea3925de3b9dda5e183ebb81ab_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\491928e8475417bbf3fcd66014a90848_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4944532dc2ff8ab3602b4672c9004d85_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\498d028cdb7402a454a2a2cd06bcf332_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49d3df86835145320996994e0fbb345c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4a3de2d56e43cadf67b772fe8ed2b710_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4d0277d3daba562530a885e54f07f7e4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\50ee0bf5ce42ccaf6999c7920dc4f0f4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\51189359611c6445d988a81732bb1f40_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\51effdf24c573effa9c333518239ecb6_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5235650600c2055e31acf78648eb1a2d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5238ec110225f106103c56e29fef4810_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\53413b6d36fdfdbd154ed06e04cac5a9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5351b2f39ff011c64d7ba73217ef484d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\53d515a399a81210d0b59ddca0c89c14_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5615e31f3066032eb4e1c554d57fa48d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\564fea44345d4f0fd7139e82c7a8b022_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\569ec12804e0f52792f1fd4c02a9dac6_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\57b17615cffd013eb688a129566cdb2f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\588f1e505d0fa5aff16ab17ca5997b9b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a8bfb7a4f48648f5fbd9ae6ba7d53c4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a99aa8039fd045fd1bc53ba9f910bc4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a9f6d4c61bd0b204d6084154a22792b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ae196596cc66c8f2a57ef6523c39c35_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b0396023068ef92c072f65cbb9e3195_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b066c45128a56c2fd4e04f2b96ae55b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b3fe4bf2c7638857e580e288a469779_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5cb8e27805e534b58394e4055c8a8622_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5cc8e336a41659b1d39bd7e6cf30a18d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5d6db12d6405dc17c96b39fe01298d3d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5d76999a989a9095f052909b65487a76_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5dff22573c62a1433b0e8adb6483760c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e22c63f5da51912dac672d66f8d3261_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e75a0df433001e466299c4b06dbd717_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ea76a380dbf1f0a194c7a1c60efcf76_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ed51d4a57d464a85c96dec2fb517293_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f382e620fc19da8f138e09e5e1d508c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\609d7911fb2caa68c7652149493a4966_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\60defd2c434a0b2d94dd1ab890d93710_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\610fbf95d9eaf460f705f7d1d5f227a0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\61e0226352a0f0af14130b32d70d71b9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\629b6a00406ea94ff8e3f07f3b1cdf20_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6414398c3d9a08dab93a901093cb0172_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6459be538bc4613a5c1d41e584bca919_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\64eee8192bd195de2bab0586c1140981_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\65939626ea9f56c29a90db0d863d1fd0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\65a51d0f6325badee67d77ca8aee6416_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\675c009a9063e1b315a19edcb28e0f6c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6896effae5896e75f7136de78d8565f1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\68e36a6c2a69b9a647e7a5cbe10c664f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6aa7adc63bba6afca9ad96777ae38243_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6de7886c108692837741487e000b799b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6e8733b8388b83fc904c052bb57625ea_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6eae8bad5c774ed19baec94a2bc07780_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f322f8893a94094ea826dd4774f4716_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f374312efaf6aa714387bfec3f2294b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\70260ee69c9a565d52b484ce4d55a557_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\709c7e09a89f7005c41519d94301a9e8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\72dc68b0e8d78ad188a8136dc5a1539c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7310eb572e61f0f20ce38cbd5b013f5d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\735113f9a9233d54871da7e13961b287_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\73636f38b45eecf96399ce4a6581fbf3_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\73ca4e5f1e5126c1d6d2ed0bd30f2138_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\744f9531a3631818d2228abc4ad809a1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7542032d9ad4e062b7fb172590462154_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7562e51ba8b2feb02619cb70c45fc997_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\75f298675b397373ba3ff09ba1369347_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\76a355d53169f9d84f68971bab3798c9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\76f8a09d4d4f7c0c4355996daa11eb2c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\772e52f807359959e296e27e1d8a8054_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\783e4b86265dc729e5e53312cc81cadb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\78e23b456f0e28ddd7f151687fee6a17_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\791c561740a3f5018bafe234a604ed74_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7955c6c3b345bef39481a0fb35d71e16_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79818b3c8e8def953e787557bd27324e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a3cd9d4f36d3e00b9fd6c5cd6891364_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7ac80fab2b88005e04241c2ee9a16986_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7b8dba9a1eeb85568cd483fbb8b7d806_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7c5c26a90ced1b740c4b3b647aee7fcd_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7c63d6f305f123b0a722cd664259ec43_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7d25ae0ab7d2d336c4235df8dc58890a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7d726acc9584754f3317362b74c8d06a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e92e8ca28bc16f482e24f9b3ce5e77f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7ea47f65302e02d87966671033adb179_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7efdfa4871a458b5a498f808a7370747_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7fa9b2b973f52041c43b6256dba54d3d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\801271cb0d56023fa13c0285b0d030b2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\801ad55e3159e2eb12c67103b72b9a9d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8033107699f78a492fa6f722a02f636d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\80472235c873588b638d1a0099b8ec71_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\841026397c9a3ead65a1c9b0e647c7d1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\841fb425d1f299ad440aea5d0ab5e482_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\846633271aca6df1a4a08502a4dabae0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85951e4623b315ca1b28e21ae67d563c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85b9377d39a731e0ec23e413cf4c76e1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\86865874cae1b136705da5ea52f6bc5b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\87a3e077e59366f984832c32714121f9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\87b43e0fe512977e2a7c87a41451716b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\89123c073784d9a5e78b73b971433421_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8985989940cc878e9414150659660253_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8986fbfae06a734c4d4d60d8f0822140_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8ade6be8dc171b9ab64fe340ce12c683_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8af9e85de7212e4b711e87352acbbd37_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8bbec758c7826e653bc219ff5b4bc489_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8ca4fba4091e55159639de9082939a02_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8cbddd34bd9ca524c71ab89500ba0037_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8cdb56c972fd5c39289b360c1a759f5d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8d25fae92565f29d02ee3418dc3a0ca4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8deaafe6d3559553026dab3f6daa956e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e7cd47186417313ac3b2359e77e9a4b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8eb12a374438e5ba10556e9d7c3f75f8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9009260d91385956a538657aa5d22fa2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\90b4fc2e4e0cba43aebf938c4ce48e77_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91729e7fc70e94a358e410b405191882_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\917b47fb3c22b9fb0018732d798a0e4e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91c20d89e5cedd2d2824cf8b300d6d5f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91f4f068815d0bed171798741569463c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\92f7761ac1e7364f5a94c63b1d096656_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\92ff5cffc7efeac4e7ef4ae009f16de6_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9310691e068965bef0baa1e5908c9f9b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\931ef8957c095108a7e8e50f28b8411e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94017c433af98628b7374eec41599e8b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94a9bdc97d1bc550c1305868e854a013_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94c1c360d5778d00a210f8ef6fbf58fe_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94cb84bc04247676def0efcb6aedbe78_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\953031f4553c4c0b1aab232b28d7e0f1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9548508782208cde0c92606b90c3b16f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\96533d5758163b87c3817bfc49847974_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9712a75238ffdc3b9d8d8495707fb17c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97136c4fb8863eb0285dfc915a2f714a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97f113c752ccf151263f6f4f5f629779_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\980078c606d6f1181388638cd28c270c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9887d0184382b09e3d86836b7141ee62_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\98b1090190c6b00589f900ccd09ae0de_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\99a9abc1c7e916e93a99ef1688e23a93_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a31be00bf2ac4139522aefa194c9f86_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a376579c11a0aa68d041b89745fbcf2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9af092f6b2ac88fa65bc202389148029_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9b618f24a58cd77f1f83f2e1d7a54c4c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ba9d73309636b457bb978823f7b8819_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9c27f0d8003ef98333c802e439e920e4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9c29a915c3e5ec65b73fedc53b82f990_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9c49b294c3571116e83e9808155ff72d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9c8dbcecd628042d70c920cc4b4a7c71_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9d3877e89ac9a4b4293acc91f99b979a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9d7e5dfb2084abb7b6621bd4943a4685_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a012369d2159c6d75a1543e9e48e4320_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a043fb0fc5d0d85588bb13291f78adea_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a10d6daa2b24c5951008e6f377ee12b2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a1564d1686da5e26218d32940e24b3df_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a2293299b2f86557559bba604de49ec0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a425ba91d7b38d240c499b0aa1e9d79a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a49ede5337816a638fe2d977ad0cc0a3_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a49f7d2aaa160de542f0499843ffae88_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a55243f009260033a427656cbb01a3f9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a5ed4721ca8fa10c299e163179074150_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a791da6b2665f523698405beeb4d04c2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a8a776d19e5fa55e309abab410cc3157_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a9152a90394290962fa4fac057eaa141_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a9a352c982a0a912a408f597b4c89f08_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a9d3a9f1237da46175fdeaf7cf6544fa_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa0bca9496c1f9c054b6ff551c016363_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa2f4b4c57de329d17474a1ed3fc5d5f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aaa199e983f2fa2e43e805c8a0c7f076_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aad77101d0b39b581b842ac20fee7a42_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ab3817543e6e4deb145758d902651b57_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad0abd65281be917ee798952e89a358b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad725e17957b636ebd2abcf09a457c94_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ada54d9e066538ef45ed29f1cd68cf86_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\adcc04761441957f363c71e74beec915_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ae8521d35a60364a6ac08a1944b53f05_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b094f9691363dfac2d9559959bd4ce6f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b16f592e27bf91365c5e74b8e622a3b2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b1ab20a91ae5dafd787ad2d9a3424906_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b1e1bad646bdc7624d54612bd62410ca_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b304606d9b04f601b18170bd6c1f6ea0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b630f780444c06316956f3b7d577a7d8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b66bdbe7cd06c1509657558a0818d841_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b74f88d32d2dc99b3e9aa0db2a2984fa_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b7cbb890f06bf47903185f69010b1a44_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b7e35bd1575359280643272925c4bfa9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b82ddb977d7e862cf6ce48fec23bada2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b8fc25bceb93c4f41e36fee3387bd27c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b91d73adb66fc1abc634a0db9d0b7800_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b95ca0298795521c63fed3049e78a402_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9980c81f674004d544b3815ca276966_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9c0c63a70970e5c39d71cd9ab5f6e31_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ba82784ed0335ee37ba76cbc3fb9a7f8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bb3d909f2f767be60c4871b363cefca4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bc6f33e1023b5dffa26ff0437f4cd1d1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bcf0820ca1907d64b598330aa725a713_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bec6d3c06409f319d9416c5eba9b0c3f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c06c4ddc7f99a9b46fde7f22773cd863_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c0b98eb6f547d844ec458abd6c9d7792_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c0c9ac197468bb40fe7cd33abe05b46b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c0f92e0566e20120edded799ef12c63b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c16183562c9e1a51344c42723d4844ec_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c19eb1a4c5f1dba6749f7c6527097843_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c1a3924d71c1b8439c83b587db182f1a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c1eb0d81608bd56e5b1ab3d43cddd480_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c31ad2a8ef4c9ea07301f4e9e34bf292_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c33d974b1fa7027317c43f3c3a7801ce_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c47501a15983cc33d1e01cc9b62b535a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c4a2a5ff3ca5b1f7f470e3559884a742_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c4c6875dbfb708ad13f5331806c14428_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c58f0685e7fd6bb009cbcf0f8855897f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c71da00c3188dcdefc90da8960db92f4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7881abed119ac5ef6f5f6a7a6be8d58_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7ba34c3084beb3a15ce799bb19831ca_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7e9d6c344b7d2b43ca101e7ea49a07f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c896057ee21712af3c386f46b16650e9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c988819577964e2445a5be95ad52ceb8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c9b447cd54826b8560ed28c0b3074769_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c9c5ca5103e93b4ba5b8b3d529f0f0af_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ca21594d579a931d875ddced25c2e15f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ca7d1d9c3cda72503b4b3947f38272ec_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\caf6f6cfceaf162889cd24750c16181e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cc536b583bd846b21b0c9986888a72a2_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cc5b6613993847193cf9963d3935db20_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ccb9cbc5eff846804eca4e00f3d6768a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cd18788066b06f11ba9750a019b09be1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cd542b227ef57946188c947048cd1afb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cdc40dc38d6b2b23d0bf715494f4c3d1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cdd22e579d7801fae10d1df7253283eb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cf25bf88c1ba16378c42418c79a44731_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d035ef6f4c10fbae0e60b46b6feda7bc_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d1031c571a81740494db744d5731fdee_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d2b484b356c87b0387635d43b205579f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d2e07540183b15cb4f9c702ee412e8ea_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d2e507a573b4dbfb95dd84d2c77876d3_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d2fb69ce98dc72dbff5bbab96d653c68_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d3741c16e2b0c7f796fb21409d98e3df_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d37fa5a6ae1470bc9adb4607959556bd_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d4f3345bad1cc9402a4c7c8f9cefbc1a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d52764df1398b704651d423ee35d52b5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d5b8440a227d24c71e5ef88734cec8ba_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d6265821dbfa7d57fe76a48000e289ac_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d65ae6e34d66b882b47778ec3e956397_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d68e008aa9b15108dde3344d12445deb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d7961b86d5abb94bb658d55bee26d2d1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d8a518e94cd8dbbb79ba12fa4ad6e2a0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\da529aec7126ed56a8538e1cd4742b21_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\da816e18be8ecc46d8233284599b1d89_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dc679a6cd93eaebe9eac7aff42595427_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dccc15c7cff80a46822a643b04e7e47c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dd33298b73d90d112343c7baf2c8d064_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dd7664627aadeeb06ddf91b183474b58_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\de0ba48dc1c1c92ec0802fb8bf593277_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\defe304de9334a6f8867a4bd3d1a6129_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\df6219c84d50241180393aa3f9f5d955_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfcfd65db4fa9ce122692276375c007b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e02103b3237b3f008b39e82000bfd861_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e2a4cb87aba68fe32594abd32be1b2ae_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e3b530c4e7131440bcc1e1cf8a1293a3_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e41e988c4c9ba71b7e28e04ed4229f19_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e4d794fe11c88340a917e4dedb07c1cc_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e58a52b767aeeea00c5568e51de5473f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e5ba75bf7f52cf2ef64425b19a17fb78_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e62dd9612d8f4e2c7778f3b7ac7f7ca0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e652db6039f3b9cb8e9588988169ba3b_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8c35140254046e82d52b794044e5b3c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ea525ce88e04dbe32be338192a65666f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\eb2bca7c3bbb2d98af19c8c67a6cdf1e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\eb2da2a3e31c6e2e846d95395c5729b9_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ec097cabfd691224dc52cec84bc28b89_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ecb4fe67b1144763032eeb9a0f084e43_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ed8af1692856f12751502c35175201c3_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\edd179a09590af7813311136c6ae54e7_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\edd1ed66c5f3365c79c2852991251f5a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ee97dbb37d75ed473bdd1f1dc359ff04_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ef0fbdb1dc4d06cc2b1b51eaa766a0ec_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ef4c4b9989d822954c51c233be749743_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f0810fb064ebd906a9a0621c1c8f4be5_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f0f419037aefe5b348b965940530ea03_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f1be747ef7991a724881e67f0d554ecf_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f2b69fbd46fe09c5b04adf3b97eb81a1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f2c6b309ff21ad07c85a49c03ee37ccb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f31133c1cbecc4f6ae0f60b07f45f675_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f3472eb802cf5a1e7c90199138cb1c00_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f3aff1aa0495370e40f6a400db0d34bb_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f5d1b5dd49f781de3d55ae2d220cff7e_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f64ce04697bfe602924a1fd15b35bf15_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f660286ebab250ba1280dd5a912101d8_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f666e020e68162ef8b6e8e136eb71834_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f71fc4a97ec4df953c095640fab5707f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f7772dacb2e0c126b0522fa54ddc3c2a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f86d01ef1807837cdd25d07bb74290c4_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f8cd9da15ba910a9e2e477c119c2c077_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f96bee9f66c698d143364cb95a94f056_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f9893fb55d677e073fa20a8bd6b05a69_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f98ce413efcd81659714dc649481174a_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fa533e3f11ff0410edb39eb48210d6c0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fa749f78f1e1d4202ff04466626da8f0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\faccfd71bf52b9a8974ad10b5a50f68f_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fb49c1db167025ca7039fb879023cfb1_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fc2b20bf0fb6bdb288af4e7b8f07015c_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fda768de64b03945831fbf2c038a0da0_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ffd24c4dd1cf7d1e9424962260bb868d_d56529a4-f924-40c5-a255-bfe6c2f5c1a5 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\moi\Cookies\index.dat Object is locked skipped C:\Documents and Settings\moi\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\moi\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\moi\Local Settings\Application Data\Identities\{44CE6E3B-6088-4052-BBE9-FA4C04A292CD}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\moi\Local Settings\Application Data\Identities\{44CE6E3B-6088-4052-BBE9-FA4C04A292CD}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\moi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\moi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\moi\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\moi\Local Settings\Historique\History.IE5\MSHist012008052420080525\index.dat Object is locked skipped C:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\89ABL4NO\iddqd[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.srg skipped C:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\moi\ntuser.dat Object is locked skipped C:\Documents and Settings\moi\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP256\A0078013.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.sca skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP260\A0079956.exe Infected: not-a-virus:AdWare.Win32.NaviPromo.gen skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP266\A0081215.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tbw skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP267\A0081287.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tnt skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP267\A0082298.dll Infected: Trojan.Win32.Monder.gen skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP267\A0082301.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tra skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP267\A0082313.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tra skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP267\A0082345.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tra skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP267\A0082349.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.trb skipped C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP270\change.log Object is locked skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar/WINDOWS/System32/dltlinlf.dll Infected: Trojan.Win32.Monder.gen skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar/WINDOWS/System32/wnvelvpj.dll Infected: Trojan.Win32.Monder.gen skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar/WINDOWS/System32/tpymbiek.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.trb skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar/WINDOWS/System32/khohsred.dll Infected: Trojan.Win32.Monder.gen skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar/WINDOWS/System32/sirpqumx.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.trb skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar/WINDOWS/System32/niidgeft.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tnx skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar/WINDOWS/System32/idamqdjr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tnx skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz/upload_moi.tar Infected: not-a-virus:AdWare.Win32.Virtumonde.tnx skipped C:\upload_moi_PINCHI-F0C1AADC.tar.gz GZIP: infected - 8 skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\dltlinlf.dll Infected: Trojan.Win32.Monder.gen skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\hvwvcwcv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tbs skipped C:\WINDOWS\system32\idamqdjr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tnx skipped C:\WINDOWS\system32\khohsred.dll Infected: Trojan.Win32.Monder.gen skipped C:\WINDOWS\system32\niidgeft.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tnx skipped C:\WINDOWS\system32\qkwhhjtq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.tbv skipped C:\WINDOWS\system32\sirpqumx.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.trb skipped C:\WINDOWS\system32\tpymbiek.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.trb skipped C:\WINDOWS\system32\ttkfsrkn.dll Infected: Trojan.Win32.Monder.gen skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\system32\wnvelvpj.dll Infected: Trojan.Win32.Monder.gen skipped C:\WINDOWS\system32\xgghnymt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.srg skipped C:\WINDOWS\Temp\Perflib_Perfdata_6ec.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped D:\divers2\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped D:\documentsmoi\clean.zip/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped D:\documentsmoi\clean.zip ZIP: infected - 1 skipped D:\Logiciels-D\Bitdéf10\Keygen\keygen.exe Infected: Trojan-Downloader.Win32.Delf.ide skipped D:\Sauvegarde\Jeux internet\SetupHappyNoteTetris.exe Infected: not-a-virus:AdWare.Win32.EShoper.j skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Azureus Downloads\BitDefender.Antivirus.Plus.v10.247.Incl.Keymaker-CORE\bitdefender_avplus_v10.EXE/data0000.cab/is154399.exe Infected: Trojan-Downloader.Win32.Agent.qim skipped E:\Azureus Downloads\BitDefender.Antivirus.Plus.v10.247.Incl.Keymaker-CORE\bitdefender_avplus_v10.EXE/data0000.cab Infected: Trojan-Downloader.Win32.Agent.qim skipped E:\Azureus Downloads\BitDefender.Antivirus.Plus.v10.247.Incl.Keymaker-CORE\bitdefender_avplus_v10.EXE Rsrc-Package: infected - 2 skipped E:\Azureus Downloads\BitDefender.Antivirus.Plus.v10.247.Incl.Keymaker-CORE\keygen.EXE/data0000.cab/is154399.exe Infected: Trojan-Downloader.Win32.Agent.qim skipped E:\Azureus Downloads\BitDefender.Antivirus.Plus.v10.247.Incl.Keymaker-CORE\keygen.EXE/data0000.cab Infected: Trojan-Downloader.Win32.Agent.qim skipped E:\Azureus Downloads\BitDefender.Antivirus.Plus.v10.247.Incl.Keymaker-CORE\keygen.EXE Rsrc-Package: infected - 2 skipped E:\Incoming\BitDefender.Internet.Security.v10.FR.Incl-Keygen.rar/Keygen/keygen.exe Infected: Trojan-Downloader.Win32.Delf.ide skipped E:\Incoming\BitDefender.Internet.Security.v10.FR.Incl-Keygen.rar RAR: infected - 1 skipped E:\Program Files\LimeWire\telechargement\calogero\a la gueule des noyes calogero.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped E:\Program Files\LimeWire\telechargement\calogero\je vis ou tu mas laisse.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed. ComboFix 08-05-21.3 - moi 2008-05-24 21:31:23.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1448 [GMT 2:00] Endroit: C:\Documents and Settings\moi\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BMdbc8f969.xml C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\dwpktgvf.ini C:\WINDOWS\system32\hdsbgaxo.exe C:\WINDOWS\system32\hiswfykq.dll C:\WINDOWS\system32\hmexsjib.exe C:\WINDOWS\system32\hvwvcwcv.dll C:\WINDOWS\system32\igiewcpk.ini C:\WINDOWS\system32\iurrmxhc.exe C:\WINDOWS\system32\jafjvpib.ini C:\WINDOWS\system32\kefdpqyf.ini C:\WINDOWS\system32\kxiefeop.exe C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\MSINET.oca C:\WINDOWS\system32\qkwhhjtq.dll C:\WINDOWS\system32\qrehgsrk.exe C:\WINDOWS\system32\rYGNVvut.ini C:\WINDOWS\system32\rYGNVvut.ini2 C:\WINDOWS\system32\smiijxuu.ini C:\WINDOWS\system32\ttkfsrkn.dll C:\WINDOWS\system32\tuvVNGYr.dll C:\WINDOWS\system32\vgqcfdoj.ini C:\WINDOWS\system32\vjmbuhjd.exe C:\WINDOWS\system32\vwjlbxld.ini C:\WINDOWS\system32\xgghnymt.dll C:\WINDOWS\system32\ytqslafx.exe H:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_poof ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-24 to 2008-05-24 )))))))))))))))))))))))))))))))))))) . 2008-05-24 18:45 . 2008-05-24 18:45 <REP> d----c--- C:\WINDOWS\system32\Kaspersky Lab 2008-05-24 18:45 . 2008-05-24 18:45 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-05-24 16:05 . 2008-05-24 16:05 136,192 --a--c--- C:\WINDOWS\system32\gqtauaqh.dll 2008-05-24 16:02 . 2008-05-24 16:02 115,200 --a--c--- C:\WINDOWS\system32\fyqpdfek.dll 2008-05-24 15:56 . 2008-05-24 15:56 126,464 --a--c--- C:\WINDOWS\system32\sdedoyor.dll 2008-05-24 12:24 . 2008-05-24 12:24 1,416,722 --a------ C:\upload_moi_PINCHI-F0C1AADC.tar.gz 2008-05-24 06:57 . 2008-05-24 06:57 <REP> d-------- C:\VundoFix Backups 2008-05-23 20:32 . 2008-05-23 20:32 <REP> d----c--- C:\Program Files\Fichiers communs\Adobe 2008-05-23 17:28 . 2008-05-23 17:28 <REP> d----c--- C:\WINDOWS\ERUNT 2008-05-23 16:26 . 2008-05-23 16:26 <REP> d----c--- C:\Documents and Settings\moi\Application Data\Malwarebytes 2008-05-23 16:25 . 2008-05-23 16:25 <REP> d----c--- C:\Program Files\Malwarebytes' Anti-Malware 2008-05-23 16:25 . 2008-05-23 16:25 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-05-23 16:25 . 2008-05-05 20:46 27,048 --a--c--- C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-05-23 16:25 . 2008-05-05 20:46 15,864 --a--c--- C:\WINDOWS\system32\drivers\mbam.sys 2008-05-23 16:20 . 2008-05-23 16:20 136,192 --a--c--- C:\WINDOWS\system32\dltlinlf.dll 2008-05-23 15:39 . 2008-05-23 15:39 136,192 --a--c--- C:\WINDOWS\system32\wnvelvpj.dll 2008-05-23 15:37 . 2008-05-23 15:37 125,952 --a--c--- C:\WINDOWS\system32\tpymbiek.dll 2008-05-23 12:34 . 2008-05-23 12:34 136,192 --a--c--- C:\WINDOWS\system32\khohsred.dll 2008-05-23 12:25 . 2008-05-23 12:25 125,952 --a--c--- C:\WINDOWS\system32\sirpqumx.dll 2008-05-22 12:33 . 2008-05-22 12:33 135,680 --a--c--- C:\WINDOWS\system32\degtyejw.dll 2008-05-22 12:26 . 2008-05-22 12:26 126,976 --a--c--- C:\WINDOWS\system32\niidgeft.dll 2008-05-22 12:24 . 2008-05-22 12:24 126,976 --a--c--- C:\WINDOWS\system32\idamqdjr.dll 2008-05-22 05:43 . 2008-05-22 04:54 691,545 --a--c--- C:\WINDOWS\unins000.exe 2008-05-22 05:43 . 2008-05-22 05:43 2,553 --a--c--- C:\WINDOWS\unins000.dat 2008-05-19 20:43 . 2008-05-19 20:43 <REP> d----c--- C:\Program Files\microsoft frontpage 2008-05-19 18:41 . 2008-05-19 18:41 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Nero 2008-05-18 23:10 . 2008-05-18 23:14 <REP> d--h-c--- C:\WINDOWS\ShellNew 2008-05-18 23:10 . 2008-05-18 23:10 <REP> d----c--- C:\Program Files\Microsoft.NET 2008-05-18 17:16 . 2008-05-18 17:16 <REP> d----c--- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-05-18 17:16 . 2008-05-18 17:16 58,880 -----c--- C:\WINDOWS\system32\tuvUOGwV.dll 2008-05-17 22:08 . 2008-05-17 22:10 <REP> d----c--- C:\Documents and Settings\moi\Application Data\Enigma 2008-05-17 18:09 . 2008-05-18 17:40 <REP> d----c--- C:\Documents and Settings\moi\Mes documents 2008-05-15 12:32 . 2008-05-15 12:33 <REP> d----c--- C:\WINDOWS\system32\RTCOM 2008-05-15 12:32 . 2007-09-27 08:20 16,844,800 -r---c--- C:\WINDOWS\RTHDCPL.exe 2008-05-15 12:32 . 2007-03-23 13:19 9,715,200 -r---c--- C:\WINDOWS\RTLCPL.exe 2008-05-15 12:32 . 2007-10-02 10:32 4,613,120 -r---c--- C:\WINDOWS\system32\drivers\RtkHDAud.sys 2008-05-15 12:32 . 2007-06-28 10:44 2,165,760 -r---c--- C:\WINDOWS\MicCal.exe 2008-05-15 12:32 . 2007-08-03 07:22 1,826,816 -r---c--- C:\WINDOWS\SkyTel.exe 2008-05-15 12:32 . 2007-07-26 12:06 1,191,936 -r---c--- C:\WINDOWS\RtlUpd.exe 2008-05-15 12:32 . 2006-08-18 00:58 282,624 -r---c--- C:\WINDOWS\system32\RTSndMgr.cpl 2008-05-15 12:31 . 2008-05-15 12:31 <REP> d----c--- C:\Program Files\Realtek 2008-05-15 12:31 . 2006-05-04 10:26 2,808,832 -r---c--- C:\WINDOWS\alcwzrd.exe 2008-05-15 12:31 . 2007-07-26 11:09 520,192 -r---c--- C:\WINDOWS\RtlExUpd.dll 2008-05-15 12:31 . 2008-05-15 12:31 315,392 --a--c--- C:\WINDOWS\HideWin.exe 2008-05-15 12:31 . 2005-05-03 12:43 69,632 -r---c--- C:\WINDOWS\Alcmtr.exe 2008-05-15 12:07 . 2006-07-01 22:42 43,520 --a--c--- C:\WINDOWS\system32\drivers\AmdK8.sys 2008-05-15 12:06 . 2008-05-15 12:06 <REP> d----c--- C:\Documents and Settings\moi\Application Data\InstallShield 2008-05-15 12:06 . 2008-05-15 22:04 17,241 --a--c--- C:\WINDOWS\Ascd_tmp.ini 2008-05-15 12:06 . 2004-08-11 18:00 5,810 -ra--c--- C:\WINDOWS\system32\drivers\ASACPI.sys 2008-05-15 12:05 . 2007-08-01 05:39 12,536 --a--c--- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2008-05-15 11:18 . 2008-05-17 03:00 <REP> d--h-c--- C:\WINDOWS\$hf_mig$ 2008-05-11 11:00 . 2008-05-11 11:01 <REP> d----c--- C:\Documents and Settings\moi\Incomplete 2008-05-10 05:44 . 2008-05-10 05:44 <REP> d----c--- C:\Documents and Settings\moi\Application Data\DAEMON Tools 2008-05-04 19:04 . 2008-05-04 19:04 <REP> d----c--- C:\Program Files\MSECache 2008-05-04 18:43 . 2008-05-04 18:43 <REP> d----c--- C:\WINDOWS\system32\MAGIX 2008-05-04 18:43 . 2002-09-20 23:33 1,089,536 --a--c--- C:\WINDOWS\system32\ROBOEX32.DLL 2008-05-04 18:43 . 1998-10-15 16:28 85,504 --a--c--- C:\WINDOWS\system32\HtmlWH.dll 2008-05-04 18:43 . 1999-01-28 13:44 49,152 --a--c--- C:\WINDOWS\system32\INETWH32.dll 2008-05-04 18:42 . 2006-02-06 11:38 475,136 --a--c--- C:\WINDOWS\system32\mgxoschk.dll 2008-05-04 18:42 . 2006-02-06 12:11 3,192 --a--c--- C:\WINDOWS\mgxoschk.ini 2008-04-29 17:08 . 2008-04-29 17:08 <REP> d----c--- C:\Program Files\Western Digital 2008-04-29 17:08 . 2008-04-29 17:08 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\InstallShield 2008-04-29 17:06 . 2008-05-01 13:09 <REP> d---sc--- C:\Documents and Settings\All Users\Application Data\Memeo 2008-04-29 10:06 . 2008-04-29 10:11 <REP> d----c--- C:\WINDOWS\system32\inook-v4-3 dir 2008-04-29 10:06 . 2008-04-29 10:06 201,728 --a--c--- C:\WINDOWS\system32\inook-v4-3.scr 2008-04-25 14:42 . 2008-04-27 21:17 <REP> d----c--- C:\Program Files\MailNavigator . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-24 14:50 81,984 -c--a-w C:\WINDOWS\system32\bdod.bin 2008-05-23 03:47 --------- dc----w C:\Documents and Settings\moi\Application Data\Azureus 2008-05-22 03:40 --------- dc----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-05-21 19:20 --------- dc----w C:\Program Files\Fichiers communs\Softwin 2008-05-19 16:47 --------- dc----w C:\Documents and Settings\moi\Application Data\Ahead 2008-05-19 16:42 --------- dc----w C:\Program Files\Fichiers communs\Ahead 2008-05-19 00:39 --------- dc----w C:\Program Files\Fichiers communs\Real 2008-05-19 00:37 --------- dc----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-18 16:42 --------- dc----w C:\Program Files\Google 2008-05-18 16:37 --------- dc----w C:\Program Files\epson 2008-05-18 16:14 --------- dc-h--w C:\Program Files\InstallShield Installation Information 2008-05-18 15:23 9,344 -c--a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2008-05-18 15:23 8,320 -c--a-w C:\WINDOWS\system32\drivers\AWRTRD.sys 2008-05-18 15:23 12,632 -c--a-w C:\WINDOWS\system32\lsdelete.exe 2008-05-18 04:51 796,672 -c--a-w C:\WINDOWS\GPInstall.exe 2008-05-17 20:02 --------- dc----w C:\Documents and Settings\moi\Application Data\LimeWire 2008-05-17 16:13 --------- dc----w C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-05-17 14:22 --------- dc----w C:\Program Files\CyberLink 2008-05-11 08:50 --------- dc----w C:\Program Files\eMule 2008-05-10 03:46 717,296 -c--a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-04-20 07:05 --------- dc----w C:\Documents and Settings\moi\Application Data\Apple Computer 2008-04-19 13:28 --------- dc----w C:\Program Files\Freeplayer 2008-04-18 19:07 --------- dc----w C:\Documents and Settings\moi\Application Data\FileZilla 2008-04-13 08:50 --------- dc----w C:\Program Files\FileZilla FTP Client 2008-04-12 19:42 --------- dc----w C:\Program Files\FlashFXP 2008-04-11 16:57 --------- dc----w C:\Documents and Settings\moi\Application Data\ACD Systems 2008-04-02 18:20 253,116 -c--a-w C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_3421.exe 2008-04-02 18:20 15,397 -c--a-w C:\Program Files\settings.dat 2008-04-02 18:20 --------- dc----w C:\Program Files\PDFCreator Toolbar 2008-04-02 18:20 --------- dc----w C:\Program Files\PDFCreator 2008-04-02 17:54 --------- dc----w C:\Documents and Settings\moi\Application Data\OpenOffice.org2 2008-03-31 17:48 1,582 -c--a-w C:\WINDOWS\system32\tmp.reg 2008-03-26 19:18 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-03-26 19:10 --------- dc----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-03-26 16:41 --------- dc----w C:\Program Files\FpTest 2008-03-25 20:55 --------- dc----w C:\Documents and Settings\All Users\Application Data\FlashFXP 2008-03-25 04:51 621,344 -c--a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 194,144 -c--a-w C:\WINDOWS\system32\msjint40.dll 2008-03-20 08:09 1,845,376 -c--a-w C:\WINDOWS\system32\win32k.sys 2008-02-28 18:48 720,896 -c--a-w C:\WINDOWS\iun6002ev.exe 2008-02-28 15:27 86,094 -c--a-w C:\WINDOWS\BPMNT.dll 2008-02-28 15:27 71,749 -c--a-w C:\WINDOWS\hcextoutput.dll 2008-02-28 15:27 267,845 -c--a-w C:\WINDOWS\tsc.exe 2008-02-28 15:27 1,163,344 -c--a-w C:\WINDOWS\vsapi32.dll 2005-08-09 22:51 56 -csh--r C:\WINDOWS\system32\A240FB1B77.sys 2005-04-16 08:14 56 -csh--r C:\WINDOWS\system32\EF9AC0B582.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0826ecee-6f84-46e2-ba81-791de5012ce6}] 2008-05-24 16:05 136192 --a--c--- C:\WINDOWS\system32\gqtauaqh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{522E0112-EDD9-413D-A99E-C311A54B6676}] 2008-05-18 17:16 58880 -----c--- C:\WINDOWS\system32\tuvUOGwV.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 09:27 153136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus Photo RX420 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [ ] "EPSON Stylus Photo RX420 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [ ] "ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [ ] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-31 00:35 7634944] "nwiz"="nwiz.exe" [2006-10-31 00:35 1622016 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-31 00:35 86016] "RTHDCPL"="RTHDCPL.EXE" [2007-09-27 08:20 16844800 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2007-08-03 07:22 1826816 C:\WINDOWS\SkyTel.exe] "DiskeeperSystray"="d:\Program Files\Diskeeper9\DkIcon.exe" [2004-10-04 19:53 176216] "d8fbcaf5"="C:\WINDOWS\system32\fyqpdfek.dll" [2008-05-24 16:02 115200] "BMdbc8f969"="C:\WINDOWS\system32\sdedoyor.dll" [2008-05-24 15:56 126464] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{522E0112-EDD9-413D-A99E-C311A54B6676}"= C:\WINDOWS\system32\tuvUOGwV.dll [2008-05-18 17:16 58880] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvUOGwV] tuvUOGwV.dll 2008-05-18 17:16 58880 C:\WINDOWS\system32\tuvUOGwV.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.3iv2"= 3ivxVfWCodec.dll "VIDC.VP31"= vp31vfw.dll "msacm.l3fhg"= mp3fhg.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\opnkjKBU [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BigFix.lnk] backup=C:\WINDOWS\pss\BigFix.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk backup=C:\WINDOWS\pss\BTTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a--c--- 2007-05-16 09:27 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] --a------ 2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray] C:\Program Files\Executive Software\Diskeeper\DkIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a--c--- 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a--c--- 2006-10-31 00:35 7634944 C:\WINDOWS\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a--c--- 2006-10-31 00:35 86016 C:\WINDOWS\system32\NvMcTray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService] --a------ 2005-01-17 13:43 84480 C:\WINDOWS\system32\nvraidservice.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] C:\Program Files\Winamp\winampa.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\mmc.exe"= "C:\\Program Files\\eMule\\emule.exe"= "D:\\TelechargInternet\\utorrent.exe"= "C:\\Program Files\\FlashFXP\\FlashFXP.exe"= "D:\\Program Files\\Azureus\\Azureus.exe"= R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 00:45] S0 ElbyVCD;ElbyVCD;C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [] S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 15:23] S3 ProtoWall;ProtoWall Defender;C:\WINDOWS\system32\DRIVERS\ProtoWall.sys [] S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 14:51] S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 14:54] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-05-24 19:00:01 C:\WINDOWS\Tasks\B60646EF93EDF23B.job" - c:\docume~1\moi\applic~1\listti~1\team frag roam.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-24 21:35:29 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\tuvUOGwV.dll PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\system32\fyqpdfek.dll -> C:\WINDOWS\system32\sdedoyor.dll . ------------------------ Other Running Processes ------------------------ . D:\Program Files\ad-aware2007\aawservice.exe C:\WINDOWS\system32\drivers\CDANTSRV.EXE D:\Program Files\Diskeeper9\DkService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\rundll32.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-24 21:41:53 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-24 19:41:42 Pre-Run: 4,852,281,344 octets libres Post-Run: 4,882,956,288 octets libres 288 --- E O F --- 2008-05-17 01:00:28

Hello Desch voici le rapport: DiagHelp version v1.4 - http://www.malekal.com excute le 24/05/2008 à 12:23:11,10 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->24/05/2008 12:22:49 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->24/05/2008 12:22:43 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->24/05/2008 12:22:22 C:\WINDOWS\prefetch\WINZIP32.EXE-335422C1.pf -->24/05/2008 12:22:16 C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-2D4B6027.pf -->24/05/2008 12:09:46 C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->24/05/2008 12:09:36 C:\WINDOWS\prefetch\LOGONUI.EXE-0AF22957.pf -->24/05/2008 12:09:28 C:\WINDOWS\prefetch\INOOK-~1.SCR-33A3E3E2.pf -->24/05/2008 11:59:30 C:\WINDOWS\prefetch\DUMPREP.EXE-1B46F901.pf -->24/05/2008 11:43:01 C:\WINDOWS\prefetch\MSIMN.EXE-38BA891D.pf -->24/05/2008 10:59:31 C:\WINDOWS\System32\drivers\NSDriver.sys -->18/05/2008 17:23:48 C:\WINDOWS\System32\drivers\AWRTRD.sys -->18/05/2008 17:23:47 C:\WINDOWS\System32\drivers\sptd.sys -->10/05/2008 05:46:17 C:\WINDOWS\System32\drivers\mbamcatchme.sys -->05/05/2008 20:46:36 C:\WINDOWS\System32\drivers\mbam.sys -->05/05/2008 20:46:32 C:\WINDOWS\System32\drivers\tmcomm.sys -->28/02/2008 16:10:52 C:\WINDOWS\System32\drivers\mrxdav.sys -->18/12/2007 11:51:35 C:\WINDOWS\System32\rYGNVvut.ini -->24/05/2008 12:23:04 C:\WINDOWS\System32\bdod.bin -->24/05/2008 12:22:54 C:\WINDOWS\System32\rYGNVvut.ini2 -->24/05/2008 12:22:21 C:\WINDOWS\System32\wpa.dbl -->24/05/2008 06:32:22 C:\WINDOWS\System32\nvapps.xml -->24/05/2008 06:32:13 C:\WINDOWS\System32\bdss.log -->24/05/2008 06:32:12 C:\WINDOWS\System32\dltlinlf.dll -->23/05/2008 16:20:37 C:\WINDOWS\System32\vjmbuhjd.exe -->23/05/2008 16:14:48 C:\WINDOWS\System32\clkcnt.txt -->23/05/2008 15:54:54 C:\WINDOWS\System32\vgqcfdoj.ini -->23/05/2008 15:54:19 C:\WINDOWS\System32\vwjlbxld.ini -->23/05/2008 15:43:05 C:\WINDOWS\System32\qrehgsrk.exe -->23/05/2008 15:42:36 C:\WINDOWS\System32\wnvelvpj.dll -->23/05/2008 15:39:46 C:\WINDOWS\System32\tpymbiek.dll -->23/05/2008 15:37:23 C:\WINDOWS\System32\khohsred.dll -->23/05/2008 12:34:30 C:\WINDOWS\System32\kxiefeop.exe -->23/05/2008 12:25:50 C:\WINDOWS\System32\sirpqumx.dll -->23/05/2008 12:25:44 C:\WINDOWS\System32\dwpktgvf.ini -->23/05/2008 05:45:38 C:\WINDOWS\System32\mcrh.tmp -->23/05/2008 05:24:34 C:\WINDOWS\System32\degtyejw.dll -->22/05/2008 12:33:45 C:\WINDOWS\System32\hmexsjib.exe -->22/05/2008 12:29:30 C:\WINDOWS\System32\jafjvpib.ini -->22/05/2008 12:27:01 C:\WINDOWS\System32\niidgeft.dll -->22/05/2008 12:26:08 C:\WINDOWS\System32\idamqdjr.dll -->22/05/2008 12:24:32 C:\WINDOWS\System32\xreglib.dll -->21/05/2008 21:37:48 C:\WINDOWS\win.ini -->24/05/2008 12:21:59 C:\WINDOWS\WindowsUpdate.log -->24/05/2008 12:20:56 C:\WINDOWS\wiadebug.log -->24/05/2008 06:32:17 C:\WINDOWS\wiaservc.log -->24/05/2008 06:32:11 C:\WINDOWS\0.log -->24/05/2008 06:31:56 C:\WINDOWS\bootstat.dat -->24/05/2008 06:31:51 C:\WINDOWS\SchedLgU.Txt -->23/05/2008 23:32:52 C:\WINDOWS\system.ini -->23/05/2008 17:43:56 C:\WINDOWS\BMdbc8f969.txt -->23/05/2008 16:29:24 C:\WINDOWS\pskt.ini -->23/05/2008 16:28:55 C:\WINDOWS\BMdbc8f969.xml -->23/05/2008 16:20:58 C:\WINDOWS\NeroDigital.ini -->23/05/2008 13:53:02 C:\WINDOWS\setupapi.log -->23/05/2008 06:55:50 C:\WINDOWS\cookies.ini -->23/05/2008 05:45:42 C:\WINDOWS\unins000.dat -->22/05/2008 05:43:15 winlogon.exe svchost.exe ws2_32.dll user32.dll tcpip.sys ndis.sys null.sys ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1908 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x74630000 0x27000 3.10.0349.0000 C:\WINDOWS\system32\msls31.dll 0x10000000 0x9d576 C:\WINDOWS\system32\tuvVNGYr.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x02120000 0x1012f C:\WINDOWS\system32\tuvUOGwV.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x67080000 0x1c000 3.00.0009.0001 C:\Program Files\FileZilla FTP Client\fzshellext.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x01fe0000 0x31997 C:\WINDOWS\system32\dltlinlf.dll 0x04740000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x04240000 0x1b9000 2.00.0000.0008 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll 0x03610000 0x5b000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x00e00000 0xb000 2.00.0000.0000 C:\PROGRA~1\WinZip\wzshlext.dll 0x73ce0000 0x27000 4.00.1183.0001 C:\WINDOWS\system32\CRTDLL.dll 0x40000000 0x9000 1.00.0000.0001 C:\PROGRA~1\WINZIP\WZCAB2.DLL 0x01630000 0x18000 0.01.0003.0000 C:\Program Files\QuickPar\QuickParShlExt.dll 0x04500000 0x1e1000 2.09.0001.0000 D:\Program Files\Nero 7\Nero CoverDesigner\CoverEdExtension.dll 0x74da0000 0x6c000 5.30.0023.1228 C:\WINDOWS\system32\RICHED20.dll 0x02b70000 0x19000 2.09.0001.0000 D:\Program Files\Nero 7\Nero BackItUp\NBShell.dll 0x047a0000 0x102000 7.10.3077.0000 D:\Program Files\Nero 7\Nero BackItUp\MFC71U.DLL 0x03550000 0x12000 1.00.0000.0002 D:\Program Files\Softwin\BitDefender10\bdshelxt.dll 0x03570000 0x2b000 C:\Program Files\WinRAR\rarext.dll 0x02ca0000 0x6000 C:\Program Files\Unlocker\UnlockerCOM.dll 0x035b0000 0x8000 1.00.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 0x01600000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x04cb0000 0xd5000 1.04.0000.0000 D:\Program Files\Spybot - Search & Destroy\SDHelper.dll 0x6d7c0000 0x79000 6.00.0010.0006 C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll 0x05010000 0x54000 1.00.0000.0000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 760 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x011e0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x10000000 0x1012f C:\WINDOWS\system32\tuvUOGwV.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D8FB-CA5A Répertoire de C:\WINDOWS\system 25/01/2007 10:36 3 293 184 QuEnc.exe 1 fichier(s) 3 293 184 octets 0 Rép(s) 4 988 387 328 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D8FB-CA5A Répertoire de C:\WINDOWS\system32 05/08/2004 14:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 4 988 387 328 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D8FB-CA5A Répertoire de C:\WINDOWS\Downloaded Program Files 29/04/2008 17:07 <REP> . 29/04/2008 17:07 <REP> .. 17/05/2006 14:32 231 072 avsniff.dll 17/05/2006 14:29 878 avsniff.inf 17/05/2006 14:32 198 304 avsniffdlgs.dll 17/05/2006 14:26 537 704 AXXPEE.dll 07/12/2004 16:07 32 bdcore.dll 01/03/2005 14:08 118 784 bdupd.dll 17/05/2006 14:29 241 CabSA.inf 18/10/2006 01:00 2 504 catalog.dat 26/11/2007 15:14 516 CTPID.inf 13/04/2005 13:52 65 desktop.ini 25/07/2002 18:13 24 576 dwusplay.dll 25/07/2002 18:13 196 608 dwusplay.exe 18/10/2006 01:00 6 899 ecbootil.vxd 17/05/2006 14:26 42 112 ecmldr32.dll 18/10/2006 01:00 272 040 ecmsvr32.dll 07/06/2006 11:09 1 249 erma.inf 10/04/2000 18:12 1 765 fhg.inf 08/08/2006 13:28 1 563 hardwaredetection.inf 09/12/2005 14:43 1 234 680 ICSScan.dll 09/12/2005 10:02 470 ICSScanner.inf 01/03/2005 14:08 53 248 ipsupd.dll 20/03/2006 17:34 484 272 isusweb.dll 16/03/2005 11:34 7 407 lang.ini 07/12/2004 16:07 32 libfn.dll 14/03/2005 13:38 126 live.ini 30/06/2005 16:19 227 MsnMessengerSetupDownloader.inf 14/08/2005 01:26 113 664 MsnMessengerSetupDownloader.ocx 17/05/2006 14:28 6 850 navapi.vxd 17/05/2006 14:28 201 896 navapi32.dll 18/10/2006 01:00 124 584 naveng32.dll 18/10/2006 01:00 882 344 navex32a.dll 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 17/05/2006 14:32 161 480 rufsi.dll 14/03/2005 13:58 7 073 scanoptions.tsi 18/10/2006 01:00 97 568 scrauth.dat 11/06/2007 13:21 5 021 swflash.inf 18/10/2006 01:00 14 symaveng.cat 18/10/2006 01:00 1 061 symaveng.inf 18/10/2006 01:00 186 260 tcdefs.dat 18/10/2006 01:00 1 026 535 tcscan7.dat 18/10/2006 01:00 319 318 tcscan8.dat 18/10/2006 01:00 683 892 tcscan9.dat 18/10/2006 01:00 453 tinf.dat 18/10/2006 01:00 148 tinfidx.dat 18/10/2006 01:00 1 957 tinfl.dat 18/10/2006 01:00 59 897 tscan1.dat 18/10/2006 01:00 3 027 tscan1hd.dat 18/10/2006 01:00 4 778 v.grd 18/10/2006 01:00 2 261 v.sig 18/10/2006 01:00 106 244 virscan.inf 18/10/2006 01:00 969 687 virscan1.dat 18/10/2006 01:00 569 778 virscan2.dat 18/10/2006 01:00 146 720 virscan3.dat 18/10/2006 01:00 320 186 virscan4.dat 18/10/2006 01:00 2 846 758 virscan5.dat 18/10/2006 01:00 389 610 virscan6.dat 18/10/2006 01:00 4 773 958 virscan7.dat 18/10/2006 01:00 1 614 008 virscan8.dat 18/10/2006 01:00 3 753 834 virscan9.dat 18/10/2006 01:00 32 virscant.dat 25/10/2006 18:55 2 072 vscanmsx.dat 02/11/2005 19:01 1 777 xscan.inf 02/11/2005 19:07 435 712 xscan53.ocx 18/10/2006 01:00 224 zdone.dat 66 fichier(s) 23 710 436 octets Total des fichiers listés : 66 fichier(s) 23 710 436 octets 2 Rép(s) 4 988 387 328 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server" "C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"="C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI" "C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Disabled:Shareaza Ultimate File Sharing" "C:\\Program Files\\iWin.com\\Jewel Quest\\JewelQuest.exe"="C:\\Program Files\\iWin.com\\Jewel Quest\\JewelQuest.exe:*:Enabled:JewelQuest" "C:\\Program Files\\funkitron\\Slingo Deluxe\\Slingo-am-G.exe"="C:\\Program Files\\funkitron\\Slingo Deluxe\\Slingo-am-G.exe:*:Enabled:Slingo ®" "C:\\Program Files\\Team17\\Arcade Pool 2\\Arcade Pool II.exe"="C:\\Program Files\\Team17\\Arcade Pool 2\\Arcade Pool II.exe:*:Enabled:Arcade Pool II Executable" "C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Disabled:Download Accelerator Plus" "C:\\Program Files\\MotoRacer\\MOTO.EXE"="C:\\Program Files\\MotoRacer\\MOTO.EXE:*:Disabled:MotoRacer Game" "C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console" "C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "D:\\TelechargInternet\\utorrent.exe"="D:\\TelechargInternet\\utorrent.exe:*:Enabled:utorrent" "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent" "C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell" "C:\\Program Files\\NewsBin\\nbpro.exe"="C:\\Program Files\\NewsBin\\nbpro.exe:*:Enabled:Newsbin" "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Disabled:Kaspersky Anti-Virus" "C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "D:\\Program Files\\Azureus\\Azureus.exe"="D:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-24 12:23:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060b4afc5] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:f252cc96 "s2"=dword:8f5c6bb7 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:05,82,dd,f1,5f,61,a8,f3,96,12,ec,69,c8,4c,97,99,1b,5b,8d,d4,e5,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40] "ujdew"=hex:20,02,00,00,ec,69,4d,13,0a,3f,be,40,bc,5b,3d,ab,11,e3,1d,c6,0a,.. "ljej40"=hex:7d,37,b4,09,13,06,2b,df,0b,ae,0a,b2,98,78,61,31,a0,3d,8a,8d,27,.. "ljej41"=hex:e4,37,b4,09,6b,06,2b,df,0a,ae,0b,b2,99,78,61,31,a0,3d,8a,8d,77,.. "ljej42"=hex:e4,37,b4,09,6b,06,2b,df,0a,ae,0b,b2,99,78,61,31,a0,3d,8a,8d,77,.. "ljej43"=hex:e4,37,b4,09,6b,06,2b,df,0a,ae,0b,b2,99,78,61,31,a0,3d,8a,8d,77,.. "ljej44"=hex:e4,37,b4,09,6b,06,2b,df,0a,ae,0b,b2,99,78,61,31,a0,3d,8a,8d,77,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:ab,d6,97,43,9b,7c,25,ca,6d,52,98,a3,10,bf,d4,94,aa,55,74,8d,1c,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,66,c8,ec,02,3f,30,79,c6,c2,1e,dd,27,f6,ef,8c,e1,08,.. "khjeh"=hex:a6,aa,e3,fb,85,5f,cd,b6,e6,ea,2d,fa,e2,bc,02,05,13,cc,83,47,62,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:6a,6a,83,27,75,aa,96,7f,a5,6d,45,18,63,e5,f2,7f,23,83,a0,47,6d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:ab,d6,97,43,9b,7c,25,ca,6d,52,98,a3,10,bf,d4,94,aa,55,74,8d,1c,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,66,c8,ec,02,3f,30,79,c6,c2,1e,dd,27,f6,ef,8c,e1,08,.. "khjeh"=hex:a6,aa,e3,fb,85,5f,cd,b6,e6,ea,2d,fa,e2,bc,02,05,13,cc,83,47,62,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:6a,6a,83,27,75,aa,96,7f,a5,6d,45,18,63,e5,f2,7f,23,83,a0,47,6d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001060b4afc5] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:05,82,dd,f1,5f,61,a8,f3,96,12,ec,69,c8,4c,97,99,1b,5b,8d,d4,e5,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\001060b4afc5] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:05,82,dd,f1,5f,61,a8,f3,96,12,ec,69,c8,4c,97,99,1b,5b,8d,d4,e5,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 196 - DkService.exe 236 - nvsvc32.exe 568 - xcommsvr.exe 720 - bdss.exe 736 - csrss.exe 760 - winlogon.exe 804 - services.exe 816 - lsass.exe 868 - livesrv.exe 1052 - svchost.exe 1140 - svchost.exe 1180 - RTHDCPL.exe 1256 - svchost.exe 1392 - bdmcon.exe 1452 - aawservice.exe 1604 - bdagent.exe 1640 - NMBgMonitor.exe 1872 - vsserv.exe 1908 - explorer.exe 2196 - NMIndexingServi 2376 - cmd.exe 2452 - NMIndexStoreSvr 2460 - IEXPLORE.EXE Total number of processes = 24 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA6A7000 - spey.sys BADAA000 - \WINDOWS\System32\Drivers\WMILIB.SYS BA68F000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS BA668000 - Vax347b.sys BA639000 - ACPI.sys BA628000 - pci.sys BA8A8000 - isapnp.sys BA8B8000 - ohci1394.sys BA8C8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS BAE70000 - pciide.sys BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS BA8D8000 - MountMgr.sys BA609000 - ftdisk.sys BAB30000 - PartMgr.sys BA5F8000 - nvraid.sys BA8E8000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS BA8F8000 - VolSnap.sys BA5E0000 - BA5CA000 - nvatabus.sys BADAC000 - Vax347s.sys BA5B0000 - nvata.sys BA908000 - disk.sys BA590000 - fltMgr.sys BA57E000 - sr.sys BA918000 - PxHelp20.sys BA567000 - KSecDD.sys BA4DA000 - Ntfs.sys BA4AD000 - NDIS.sys BA492000 - Mup.sys BAA08000 - \SystemRoot\system32\DRIVERS\AmdK8.sys BAC38000 - \SystemRoot\system32\DRIVERS\fdc.sys B92E0000 - \SystemRoot\system32\DRIVERS\parport.sys BADEC000 - \SystemRoot\system32\DRIVERS\ASACPI.sys BAA18000 - \SystemRoot\system32\DRIVERS\i8042prt.sys BAC40000 - \SystemRoot\system32\DRIVERS\kbdclass.sys B92CF000 - \SystemRoot\system32\DRIVERS\serial.sys BA422000 - \SystemRoot\system32\DRIVERS\serenum.sys BAC48000 - \SystemRoot\system32\DRIVERS\usbohci.sys B92AC000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS BAC50000 - \SystemRoot\system32\DRIVERS\usbehci.sys B9287000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys BAA28000 - \SystemRoot\system32\DRIVERS\imapi.sys BAC58000 - \SystemRoot\system32\drivers\pfc.sys BAD5C000 - \SystemRoot\System32\Drivers\cdrbsdrv.SYS BAA38000 - \SystemRoot\system32\DRIVERS\cdrom.sys BAA48000 - \SystemRoot\system32\DRIVERS\redbook.sys B9264000 - \SystemRoot\system32\DRIVERS\ks.sys BAA58000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys B9181000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS B8DB9000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys B8DA5000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS BAF5A000 - \SystemRoot\system32\DRIVERS\audstub.sys BAC60000 - \SystemRoot\system32\DRIVERS\rasirda.sys BAC68000 - \SystemRoot\system32\DRIVERS\TDI.SYS BAA68000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys BAD70000 - \SystemRoot\system32\DRIVERS\ndistapi.sys B8D8E000 - \SystemRoot\system32\DRIVERS\ndiswan.sys B9F7F000 - \SystemRoot\system32\DRIVERS\raspppoe.sys B9F6F000 - \SystemRoot\system32\DRIVERS\raspptp.sys B8D7D000 - \SystemRoot\system32\DRIVERS\psched.sys B9F5F000 - \SystemRoot\system32\DRIVERS\msgpc.sys BAC70000 - \SystemRoot\system32\DRIVERS\ptilink.sys BAC78000 - \SystemRoot\system32\DRIVERS\raspti.sys B9F4F000 - \SystemRoot\system32\DRIVERS\termdd.sys BAC80000 - \SystemRoot\system32\DRIVERS\mouclass.sys BADEE000 - \SystemRoot\system32\DRIVERS\swenum.sys B8D49000 - \SystemRoot\system32\DRIVERS\update.sys BAD78000 - \SystemRoot\system32\DRIVERS\mssmbios.sys BAD7C000 - \SystemRoot\system32\drivers\WmBEnum.sys B9F3F000 - \SystemRoot\system32\drivers\WmXlCore.sys B9F1F000 - \SystemRoot\System32\Drivers\NDProxy.SYS BA9A8000 - \SystemRoot\system32\DRIVERS\usbhub.sys BAE08000 - \SystemRoot\system32\DRIVERS\USBD.SYS BA9B8000 - \SystemRoot\system32\DRIVERS\NVENETFD.sys B5C99000 - \SystemRoot\system32\drivers\RtkHDAud.sys B5C52000 - \SystemRoot\system32\drivers\portcls.sys B9344000 - \SystemRoot\system32\drivers\drmk.sys BAB78000 - \SystemRoot\system32\DRIVERS\flpydisk.sys BAE32000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BAEBB000 - \SystemRoot\System32\Drivers\Null.SYS BAE34000 - \SystemRoot\System32\Drivers\Beep.SYS BABB0000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS BABB8000 - \SystemRoot\System32\drivers\vga.sys BAE38000 - \SystemRoot\System32\Drivers\mnmdd.SYS BAE3A000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys BABC0000 - \SystemRoot\System32\Drivers\Msfs.SYS BABC8000 - \SystemRoot\System32\Drivers\Npfs.SYS BA43E000 - \SystemRoot\system32\DRIVERS\rasacd.sys B4657000 - \SystemRoot\system32\DRIVERS\ipsec.sys B45FF000 - \SystemRoot\system32\DRIVERS\tcpip.sys B3D0C000 - \SystemRoot\system32\DRIVERS\ipnat.sys BAAB8000 - \SystemRoot\system32\DRIVERS\wanarp.sys B6180000 - \SystemRoot\system32\DRIVERS\hidusb.sys BAAC8000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS B3CE4000 - \SystemRoot\system32\DRIVERS\netbt.sys B617C000 - \SystemRoot\System32\drivers\ws2ifsl.sys B3CBA000 - \SystemRoot\system32\DRIVERS\V0260Vid.sys BAAD8000 - \SystemRoot\system32\DRIVERS\STREAM.SYS BABE0000 - \SystemRoot\system32\DRIVERS\V0260Cmd.sys B3C48000 - \SystemRoot\System32\drivers\afd.sys BAAE8000 - \SystemRoot\system32\DRIVERS\netbios.sys B3BFF000 - \SystemRoot\system32\DRIVERS\rdbss.sys B3B90000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys BAB18000 - \SystemRoot\System32\Drivers\Fips.SYS BAC08000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS B6164000 - \SystemRoot\system32\DRIVERS\mouhid.sys AC82D000 - \SystemRoot\System32\Drivers\Fastfat.SYS AC813000 - \SystemRoot\System32\Drivers\dump_nvata.sys BAE30000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys B37A6000 - \SystemRoot\System32\drivers\Dxapi.sys B52EA000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys BAF29000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\nv4_disp.dll AC074000 - \SystemRoot\system32\DRIVERS\irda.sys B45E7000 - \SystemRoot\system32\DRIVERS\ndisuio.sys AB797000 - \SystemRoot\system32\drivers\wdmaud.sys B14C2000 - \SystemRoot\system32\drivers\sysaudio.sys AB6F5000 - \SystemRoot\system32\DRIVERS\mrxdav.sys BADBC000 - \SystemRoot\System32\Drivers\ParVdm.SYS AB7C8000 - \??\D:\Program Files\Softwin\BitDefender10\bdrsdrv.sys AB653000 - \SystemRoot\system32\DRIVERS\srv.sys B2A63000 - \SystemRoot\system32\DRIVERS\secdrv.sys AB5C3000 - \??\C:\WINDOWS\system32\drivers\tmcomm.sys AB383000 - \SystemRoot\System32\Drivers\Cdfs.SYS AB1EA000 - \SystemRoot\System32\Drivers\HTTP.sys B0E03000 - \??\D:\Program Files\Softwin\BitDefender10\bdfdll.sys AB1A2000 - \??\D:\Program Files\Softwin\BitDefender10\bdfsdrv.sys BAFE7000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 134 Liste des programmes installes Ad-Aware 2007 Adobe Reader 8 - Français Archiveur WinRAR Assistant de connexion Windows Live Azureus BitDefender Antivirus Plus v10 C-Dilla Licence Management System CCleaner (remove only) CleanUp! Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows XP (KB935448) Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 Creative Live! Cam Vista IM Driver (1.01.03.1104) Diskeeper Professional Edition EasyCleaner eMule FileZilla Client 3.0.9.1 FlashFXP v3 FpTest 3.0 Freeplayer GrabIt 1.5.3 Beta (build 909) GTA San Andreas GTK+ 2.6.7-2 runtime environment High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB926239) Indeo® Software inook-v4-3 Screen Saver Java SE Runtime Environment 6 Update 1 jv16 PowerTools 1.3 K-Lite Codec Pack 2.71 Full Lecteur Windows Media 11 Logitech Gaming Software MailNavigator v.1.11 Malwarebytes' Anti-Malware Manuel d'utilisation de Creative Live! Cam Vista IM (Français) Microsoft .NET Framework 2.0 Service Pack 1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Money Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB903235) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB929969) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931768) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933566) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB937143) Mise à jour de sécurité pour Windows XP (KB938127) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB939653) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB941644) Mise à jour de sécurité pour Windows XP (KB941693) Mise à jour de sécurité pour Windows XP (KB942615) Mise à jour de sécurité pour Windows XP (KB943055) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB943485) Mise à jour de sécurité pour Windows XP (KB944338) Mise à jour de sécurité pour Windows XP (KB944533) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour de sécurité pour Windows XP (KB945553) Mise à jour de sécurité pour Windows XP (KB946026) Mise à jour de sécurité pour Windows XP (KB947864) Mise à jour de sécurité pour Windows XP (KB948590) Mise à jour de sécurité pour Windows XP (KB948881) Mise à jour de sécurité pour Windows XP (KB950749) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) Mise à jour pour Windows XP (KB942840) Mise à jour pour Windows XP (KB946627) Module de compatibilité pour Microsoft Office System 2007 MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) Nero 7 Premium neroxml NVIDIA Drivers Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) PDFCreator PDFCreator Toolbar QuickPar 0.9 Realtek AC'97 Audio Realtek High Definition Audio Driver Samsung PC Studio Sony USB Driver Spybot - Search & Destroy 1.5.2.20 Unlocker 1.8.5 Vodafone 804SS USB driver Software WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 WinZip Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D8FB-CA5A Répertoire de C:\Program Files 23/05/2008 20:32 <REP> . 23/05/2008 20:32 <REP> .. 23/05/2008 20:32 <REP> Adobe 29/03/2006 21:52 <REP> AvRack 30/12/2006 13:24 <REP> BigFix 19/08/2007 10:59 <REP> CfgMgr 17/05/2008 16:22 <REP> CyberLink 31/03/2007 23:05 <REP> DIFX 06/05/2007 17:22 <REP> Digital Photo Navigator 1.0 13/01/2008 18:29 <REP> DivX 16/04/2005 10:13 <REP> DivX_311alpha 11/05/2008 10:50 <REP> eMule 18/05/2008 18:37 <REP> epson 23/05/2008 20:32 <REP> Fichiers communs 19/08/2007 10:50 <REP> FileZilla 13/04/2008 10:50 <REP> FileZilla FTP Client 12/04/2008 21:42 <REP> FlashFXP 26/03/2008 18:41 <REP> FpTest 21/02/2008 22:54 <REP> Free 19/04/2008 15:28 <REP> Freeplayer 24/09/2006 20:43 <REP> FreeUndelete 18/05/2008 18:42 <REP> Google 06/05/2007 19:49 <REP> Intel Desktop Board 21/05/2008 20:15 <REP> Internet Explorer 16/06/2007 07:11 <REP> Java 18/01/2007 21:33 <REP> ListTitleCoal 27/04/2008 21:17 <REP> MailNavigator 23/05/2008 16:25 <REP> Malwarebytes' Anti-Malware 16/12/2006 21:56 <REP> MesNews 19/05/2008 20:43 <REP> microsoft frontpage 18/05/2008 23:10 <REP> Microsoft.NET 29/03/2006 17:42 <REP> Movie Maker 21/05/2008 20:21 <REP> Mozilla Firefox 04/05/2008 19:04 <REP> MSECache 08/07/2005 19:43 <REP> MSI 02/12/2005 21:11 <REP> MSN 13/04/2005 13:50 <REP> MSN Gaming Zone 31/03/2007 13:36 <REP> MSXML 4.0 13/04/2005 13:52 <REP> NetMeeting 13/06/2007 22:40 <REP> Outlook Express 02/04/2008 20:20 <REP> PDFCreator 02/04/2008 20:20 <REP> PDFCreator Toolbar 24/09/2006 20:45 <REP> Power IE 05/08/2006 12:02 <REP> QuickPar 15/05/2008 12:31 <REP> Realtek 15/09/2007 14:37 <REP> Realtek AC97 29/03/2006 21:52 <REP> Realtek Sound Manager 12/04/2006 22:22 <REP> RegCleaner 13/04/2005 13:52 <REP> Services en ligne 02/04/2008 20:20 15 397 settings.dat 09/07/2005 06:12 <REP> Setup Files 17/06/2007 17:58 <REP> skycorp 26/07/2007 22:27 <REP> Sokoban 10/07/2005 20:29 <REP> Trymedia 02/02/2007 17:23 <REP> TweakDUN 15/11/2006 21:07 <REP> Unlocker 29/03/2006 17:52 <REP> VDCodecPack0.8 29/04/2008 17:08 <REP> Western Digital 18/08/2007 18:05 <REP> Windows Media Connect 2 18/08/2007 18:05 <REP> Windows Media Player 27/01/2007 21:25 <REP> Windows NT 19/08/2007 10:59 <REP> WinRAR 09/05/2008 18:29 <REP> WinZip 13/04/2005 13:54 <REP> xerox 1 fichier(s) 15 397 octets 63 Rép(s) 4 984 442 880 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D8FB-CA5A Répertoire de C:\Program Files\fichiers communs 23/05/2008 20:32 <REP> . 23/05/2008 20:32 <REP> .. 23/05/2008 20:32 <REP> Adobe 19/05/2008 18:42 <REP> Ahead 18/05/2008 23:12 <REP> DESIGNER 17/04/2006 19:52 <REP> DirectX 25/07/2005 13:36 <REP> GTK 01/12/2007 22:25 <REP> InstallShield 16/06/2007 07:09 <REP> Java 02/05/2006 19:59 <REP> Micro Application Shared 18/05/2008 23:15 <REP> Microsoft Shared 13/04/2005 13:52 <REP> MSSoap 10/06/2005 04:45 <REP> ODBC 30/05/2006 23:12 <REP> RandSync 19/05/2008 02:39 <REP> Real 17/09/2005 20:15 <REP> Roxio Shared 13/04/2005 13:52 <REP> Services 31/12/2005 08:14 <REP> Sierra On-Line 21/05/2008 21:20 <REP> Softwin 13/04/2005 15:30 <REP> SpeechEngines 02/08/2005 14:40 <REP> SWF Studio 18/05/2008 23:10 <REP> System 18/05/2008 17:16 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 23 Rép(s) 4 984 438 784 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D8FB-CA5A Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 18/05/2008 23:11 <REP> . 18/05/2008 23:11 <REP> .. 06/04/2007 13:31 <REP> 1033 18/05/2008 23:11 <REP> 1036 11/07/2003 02:15 1 292 872 MSONSEXT.DLL 15/07/2003 06:52 35 896 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 6 fichier(s) 2 253 163 octets 4 Rép(s) 4 984 438 784 octets libres c:\Documents and Settings\HUGUETTE\Application Data\Macromedia\Flash Player\#SharedObjects\2YFGK9JF\localhost\DOCUME~1\HUGUETTE\LOCALS~1\Temp\Jgl_Rt1\hostileskies.exe c:\Documents and Settings\HUGUETTE\Application Data\Macromedia\Flash Player\#SharedObjects\2YFGK9JF\localhost\DOCUME~1\HUGUETTE\LOCALS~1\Temp\Jgl_Rt2\hostileskies.exe c:\Documents and Settings\HUGUETTE\Application Data\Macromedia\Flash Player\localhost\DOCUME~1\HUGUETTE\LOCALS~1\Temp\Jgl_Rt1\discgolf.exe c:\Documents and Settings\HUGUETTE\Bureau\bgpack.exe c:\Documents and Settings\HUGUETTE\Bureau\shisen.exe c:\Documents and Settings\HUGUETTE\Bureau\Nouveau dossier\123free.exe c:\Documents and Settings\HUGUETTE\Bureau\Nouveau dossier\coloriage-setup.exe c:\Documents and Settings\HUGUETTE\Bureau\Nouveau dossier\spaceinvaders.exe c:\Documents and Settings\HUGUETTE\Bureau\Nouveau dossier\Bubble\BubbleBall.exe c:\Documents and Settings\HUGUETTE\Bureau\Nouveau dossier\Pacman\PAC20i\pacedit.exe c:\Documents and Settings\HUGUETTE\Bureau\Nouveau dossier\Pacman\PAC20i\PACMAN.exe c:\Documents and Settings\HUGUETTE\Bureau\Nouveau dossier\Sokoban\Sokoban\Sokoban.exe c:\Documents and Settings\moi\.housecall\resource\engine\windows\dsvtsc.exe c:\Documents and Settings\moi\.housecall\resource\engine\windows\tsc.exe c:\Documents and Settings\moi\.housecall6.6\getMac.exe c:\Documents and Settings\moi\.housecall6.6\patch.exe c:\Documents and Settings\moi\.housecall6.6\tsc.exe c:\Documents and Settings\moi\.housecall6.6\resource\engine\windows\dsvtsc.exe c:\Documents and Settings\moi\.housecall6.6\resource\engine\windows\tsc.exe c:\Documents and Settings\moi\Application Data\LimeWire\.NetworkShare\LimeWireWin4.10.5.exe c:\Documents and Settings\moi\Application Data\LimeWire\.NetworkShare\LimeWireWin4.10.9.exe c:\Documents and Settings\moi\Application Data\Microsoft\Installer\{532EFE70-19BC-4F0F-8F50-D5F15C243133}\NewShortcut1_8315396A5EA1419DBEC4978284BDF556.exe c:\Documents and Settings\moi\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\moi\Bureau\inook-v4-3.exe c:\Documents and Settings\moi\Bureau\LimeWireWin.exe c:\Documents and Settings\moi\Bureau\ls.exe c:\Documents and Settings\moi\Bureau\VundoFix.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\catchme.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\diff.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\dumphive.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\find2.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\Fport.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\grep.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\gzip.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\LFiles.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\md5sums.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\pslist.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\sigcheck.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\streams.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\swreg.exe c:\Documents and Settings\moi\Bureau\Diaghelp\DiagHelp\tar.exe c:\Documents and Settings\moi\Bureau\ProgPapa\bsplayer_bsplayer_1.37_sans_adware_anglais_10424.exe c:\Documents and Settings\moi\Bureau\ProgPapa\HijackThis.exe c:\Documents and Settings\moi\Bureau\ProgPapa\Raccourcis Bureau non utilisés\CartoExploreur.exe c:\Documents and Settings\moi\Bureau\ProgPapa\Raccourcis Bureau non utilisés\i-Covers.exe c:\Documents and Settings\moi\Bureau\ProgPapa\Raccourcis Bureau non utilisés\onlinedetect.exe c:\Documents and Settings\moi\Bureau\ProgPapa\Raccourcis Bureau non utilisés\Printkey2000.exe c:\Documents and Settings\moi\Bureau\ProgPapa\Raccourcis Bureau non utilisés\clone dvd\Keygen-CloneDVD.exe c:\Documents and Settings\moi\Bureau\ProgPapa\Raccourcis Bureau non utilisés\clone dvd\SetupCloneDVD.exe c:\Documents and Settings\moi\Bureau\ProgPapa\SOLITAIRE\Solitaire\Solitaire.exe c:\Documents and Settings\moi\Bureau\SDFix\catchme.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\cliptext.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\download.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\ERUNT.EXE c:\Documents and Settings\moi\Bureau\SDFix\apps\FixPath.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\grep.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\isadmin.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\LS.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\MD5File.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\Process.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\procs.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\psservice.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\RestartIt!.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\sc.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\sed.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\SF.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\shutdown.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\swreg.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\swsc.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\unzip.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\vfind.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\WINMSG.EXE c:\Documents and Settings\moi\Bureau\SDFix\apps\zip.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\Replace\regedit.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\Replace\W2K.exe c:\Documents and Settings\moi\Bureau\SDFix\apps\Replace\XP.exe c:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\89ABL4NO\install_sbd_fr[1].exe c:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\M7MVA9UZ\setup_fr[1].exe c:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\M7MVA9UZ\setup_fr[2].exe c:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\MT0JUHY5\setup_fr[1].exe c:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\OH4XERK9\ASE_Setup_Free_fr[1].exe c:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\OH4XERK9\install_sbd_fr[1].exe c:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\OH4XERK9\install_sbd_fr[2].exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\HUGUETTE\Application Data\Mozilla\Firefox\Profiles\c70zozu9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\HUGUETTE\Application Data\Mozilla\Firefox\Profiles\c70zozu9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\moi\Application Data\Identities\{002AVPFP-JHLQ-ABE4-NC3L-20GMCIJ2SVVT}\xmlparse.dll c:\Documents and Settings\moi\Application Data\Identities\{002AVPFP-JHLQ-ABE5-RUNH-200OMT85IVUO}\xmlparse.dll c:\Documents and Settings\moi\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_PINCHI-F0C1AADC.tar.gz a l'adresse http://upload.malekal.com que penses tu de kaspersky anti virus Un conseil où un forum dédié au choix d'un antivirus amitiés surfantes rhodes38

Hello Desh, Apparemment pas où plus infecté par Vundo voiçi mon rapport: VundoFix V7.0.5 Scan started at 06:57:49 24/05/2008 Listing files found while scanning.... No infected files were found. VundoFix V7.0.5 Scan started at 07:00:29 24/05/2008 Listing files found while scanning.... No infected files were found. Beginning removal... A suivre car toujours l'apparition de pages web. Mais nette amélioration du redement de mon pc qui se traine bcp moins. amitiés surfantes rhodes38

Hello Desch Je te passe les différents rapports mais apparemment il doit rester des "choses" car des pages web de merde s'affichent encore. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:49:54, on 23/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe d:\Program Files\ad-aware2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE d:\Program Files\Diskeeper9\DkService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\wscntfy.exe D:\Program Files\Softwin\BitDefender10\vsserv.exe C:\WINDOWS\RTHDCPL.EXE D:\Program Files\Softwin\BitDefender10\bdmcon.exe D:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [DiskeeperSystray] "d:\Program Files\Diskeeper9\DkIcon.exe" O4 - HKLM\..\Run: [bDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Diskeeper 9 Professional Edition Registration.lnk = D:\Program Files\Diskeeper9\ESIRegister.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37480.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15033/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3FE81C5B-2399-48FD-A2D6-2C92A28D2638}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - d:\Program Files\ad-aware2007\aawservice.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Diskeeper - Executive Software International, Inc. - d:\Program Files\Diskeeper9\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - D:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://katbalou.k.a.pic.centerblog.net/1uxniqug.gif O24 - Desktop Component 1: (no name) - http://katbalou.k.a.pic.centerblog.net/1fyqhhyd.gif O24 - Desktop Component 2: (no name) - http://katbalou.k.a.pic.centerblog.net/cwmuda0i.gif -- End of file - 6906 bytes SDFix: Version 1.185 Run by moi on 23/05/2008 at 17:36 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\moi\Bureau\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-23 17:46:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060b4afc5] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:f252cc96 "s2"=dword:8f5c6bb7 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:05,82,dd,f1,5f,61,a8,f3,96,12,ec,69,c8,4c,97,99,1b,5b,8d,d4,e5,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40] "ujdew"=hex:20,02,00,00,9c,68,8f,1d,3a,ee,9a,31,4c,32,3b,2b,61,1d,3c,8e,da,.. "ljej40"=hex:4d,e6,90,78,e3,6f,2d,5f,7b,50,2b,fa,48,03,b1,d0,90,8d,39,e9,f7,.. "ljej41"=hex:d4,e6,90,78,9b,6f,2d,5f,7a,50,2a,fa,49,03,b1,d0,90,8d,39,e9,a7,.. "ljej42"=hex:d4,e6,90,78,9b,6f,2d,5f,7a,50,2a,fa,49,03,b1,d0,90,8d,39,e9,a7,.. "ljej43"=hex:d4,e6,90,78,9b,6f,2d,5f,7a,50,2a,fa,49,03,b1,d0,90,8d,39,e9,a7,.. "ljej44"=hex:d4,e6,90,78,9b,6f,2d,5f,7a,50,2a,fa,49,03,b1,d0,90,8d,39,e9,a7,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:ab,d6,97,43,9b,7c,25,ca,6d,52,98,a3,10,bf,d4,94,aa,55,74,8d,1c,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,66,c8,ec,02,3f,30,79,c6,c2,1e,dd,27,f6,ef,8c,e1,08,.. "khjeh"=hex:a6,aa,e3,fb,85,5f,cd,b6,e6,ea,2d,fa,e2,bc,02,05,13,cc,83,47,62,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:6a,6a,83,27,75,aa,96,7f,a5,6d,45,18,63,e5,f2,7f,23,83,a0,47,6d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:ab,d6,97,43,9b,7c,25,ca,6d,52,98,a3,10,bf,d4,94,aa,55,74,8d,1c,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,66,c8,ec,02,3f,30,79,c6,c2,1e,dd,27,f6,ef,8c,e1,08,.. "khjeh"=hex:a6,aa,e3,fb,85,5f,cd,b6,e6,ea,2d,fa,e2,bc,02,05,13,cc,83,47,62,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:6a,6a,83,27,75,aa,96,7f,a5,6d,45,18,63,e5,f2,7f,23,83,a0,47,6d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001060b4afc5] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:05,82,dd,f1,5f,61,a8,f3,96,12,ec,69,c8,4c,97,99,1b,5b,8d,d4,e5,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\001060b4afc5] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:05,82,dd,f1,5f,61,a8,f3,96,12,ec,69,c8,4c,97,99,1b,5b,8d,d4,e5,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server" "C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"="C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI" "C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Disabled:Shareaza Ultimate File Sharing" "C:\\Program Files\\iWin.com\\Jewel Quest\\JewelQuest.exe"="C:\\Program Files\\iWin.com\\Jewel Quest\\JewelQuest.exe:*:Enabled:JewelQuest" "C:\\Program Files\\funkitron\\Slingo Deluxe\\Slingo-am-G.exe"="C:\\Program Files\\funkitron\\Slingo Deluxe\\Slingo-am-G.exe:*:Enabled:Slingo ©" "C:\\Program Files\\Team17\\Arcade Pool 2\\Arcade Pool II.exe"="C:\\Program Files\\Team17\\Arcade Pool 2\\Arcade Pool II.exe:*:Enabled:Arcade Pool II Executable" "C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Disabled:Download Accelerator Plus" "C:\\Program Files\\MotoRacer\\MOTO.EXE"="C:\\Program Files\\MotoRacer\\MOTO.EXE:*:Disabled:MotoRacer Game" "C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console" "C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "D:\\TelechargInternet\\utorrent.exe"="D:\\TelechargInternet\\utorrent.exe:*:Enabled:utorrent" "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:æTorrent" "C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell" "C:\\Program Files\\NewsBin\\nbpro.exe"="C:\\Program Files\\NewsBin\\nbpro.exe:*:Enabled:Newsbin" "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Disabled:Kaspersky Anti-Virus" "C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "D:\\Program Files\\Azureus\\Azureus.exe"="D:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\DOCUME~1\moi\Bureau\SDFix\backups\backups.zip Files with Hidden Attributes : Wed 10 Aug 2005 56 ..SHR --- "C:\WINDOWS\system32\A240FB1B77.sys" Sat 16 Apr 2005 56 ..SHR --- "C:\WINDOWS\system32\EF9AC0B582.sys" Fri 1 Jul 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Sun 19 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BITB.tmp" Tue 6 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4633c51c90c17af214c8eeab40b9fcf4\BITB.tmp" Fri 4 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT39.tmp" Finished! Malwarebytes' Anti-Malware 1.12 Version de la base de données: 781 Type de recherche: Examen complet (C:\|D:\|E:\|H:\|) Eléments examinés: 183188 Temps écoulé: 42 minute(s), 24 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 13 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 12 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\tuvVNGYr.dll (Trojan.Vundo) -> Unloaded module successfully. C:\WINDOWS\system32\tuvUOGwV.dll (Trojan.Vundo) -> Unloaded module successfully. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9822c705-3e5a-4a60-b77a-f96bb91e2e5c} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{9822c705-3e5a-4a60-b77a-f96bb91e2e5c} (Trojan.Vundo) -> Delete on reboot. HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{522e0112-edd9-413d-a99e-c311a54b6676} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{522e0112-edd9-413d-a99e-c311a54b6676} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvuogwv (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d8fbcaf5 (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMdbc8f969 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{522e0112-edd9-413d-a99e-c311a54b6676} (Trojan.Vundo) -> Delete on reboot. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\tuvvngyr -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\tuvvngyr -> Delete on reboot. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\tuvVNGYr.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\rYGNVvut.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rYGNVvut.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vlvrekir.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rikervlv.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\89ABL4NO\hctp[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{7A4B6835-5221-4F2F-BC21-6D99A41AE0F8}\RP261\A0080175.dll (Trojan.Vundo) -> Quarantined and deleted successfully. D:\Logiciels-D\BitDefender Plus v10 + Keygen CORE + Patch\CORE10k.EXE (Trojan.Agent) -> Quarantined and deleted successfully. E:\Azureus Downloads\BitDefender Plus v10 + Keygen CORE + Patch\CORE10k.EXE (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iftsyejr.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tuvUOGwV.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\yaywvtSi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. j'espère que tu vas pouvoir me dépétrer de tout ce "bordel" Bonne analyse Amitiés surfantes rhodes38

Hello Desch Merçi pour ton coup de pouce, voiçi le log: MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe d:\Program Files\ad-aware2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE d:\Program Files\Diskeeper9\DkService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\RTHDCPL.EXE D:\Program Files\Softwin\BitDefender10\bdmcon.exe D:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe D:\Program Files\Softwin\BitDefender10\vsserv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\explorer.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [DiskeeperSystray] "d:\Program Files\Diskeeper9\DkIcon.exe" O4 - HKLM\..\Run: [bDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [bMdbc8f969] Rundll32.exe "C:\WINDOWS\system32\sirpqumx.dll",s O4 - HKLM\..\Run: [d8fbcaf5] rundll32.exe "C:\WINDOWS\system32\dlxbljwv.dll",b O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Diskeeper 9 Professional Edition Registration.lnk = D:\Program Files\Diskeeper9\ESIRegister.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37480.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15033/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3FE81C5B-2399-48FD-A2D6-2C92A28D2638}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - d:\Program Files\ad-aware2007\aawservice.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Diskeeper - Executive Software International, Inc. - d:\Program Files\Diskeeper9\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - D:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://katbalou.k.a.pic.centerblog.net/1uxniqug.gif O24 - Desktop Component 1: (no name) - http://katbalou.k.a.pic.centerblog.net/1fyqhhyd.gif O24 - Desktop Component 2: (no name) - http://katbalou.k.a.pic.centerblog.net/cwmuda0i.gif -- End of file - 7233 bytes Amitiés surfantes rhodes38

Bonjour à tous Depuis qq jours, mon pc est bizarre. Des pages web s'ouvrent, des fenêtres mes disent que mon pc n'est pas au meilleur rendement, me demandes de télécharger Libresystème etc. Je passe souvent adware et spybot qui trouvent chaque fois des malwares, oùu autres. Qui peut m'aider? Je poste depuis mon travail et prendrais connaissance de vos réponses en début d'après midi. rhodes38

Hello Régis56 ) voici le rapport demandé, je te félicite, il me semble que tu as fait du bon travail: Clean Navipromo version 2.0.1 commencé le 13/05/2007 à 11:29:44,64 Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 10.05.2007 a 22h00 by IL-MAFIOSO Mode suppression automatique avec prise en charge résultats Blacklight *** Creation backups fichiers trouvés par Blacklight *** Copie vers "C:\Program Files\navilog1\Backupnavi" *** Suppression des fichiers trouvés avec Blacklight *** c:\WINDOWS\system32\bdytpkfavj.dat supprimé ! C:\windows\system32\bdytpkfavj.exe supprimé ! c:\WINDOWS\system32\bdytpkfavj_nav.dat supprimé ! c:\WINDOWS\system32\bdytpkfavj_navps.dat supprimé ! ** 2ème passage ** C:\WINDOWS\system32\bdytpkfavj.exe absent ! C:\WINDOWS\system32\bdytpkfavj.dat absent ! C:\WINDOWS\system32\bdytpkfavj_nav.dat absent ! C:\WINDOWS\system32\bdytpkfavj_navps.dat absent ! C:\WINDOWS\system32\bdytpkfavj_navup.dat absent ! C:\WINDOWS\system32\bdytpkfavj_navtmp.dat absent ! C:\WINDOWS\system32\bdytpkfavj_m2s.xml absent ! C:\WINDOWS\prefetch\bdytpkfavj*.pf trouvé ! Copie C:\WINDOWS\prefetch\bdytpkfavj*.pf realise avec succes ! C:\WINDOWS\prefetch\bdytpkfavj*.pf supprimé ! *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer ...suppression... C:\Program Files\WebMediaPlayer supprimé ! *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Suppression dossiers dans C:\Documents and Settings\moi\Application Data *** *** Suppression fichiers *** C:\DOCUME~1\moi\Bureau\WebMediaPlayer.lnk supprimé ! C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\moi\Local Settings\Temp effectué ! *** Sauvegarde du registre vers dossier Backupnavi*** sauvegarde du registre realise avec succes ! *** Nettoyage registre *** Nettoyage registre Ok *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche et Suppression Heuristique : * ** *** **** ***** ****** ******* ******** *** Nettoyage termine le 13/05/2007 à 11:34:19,71 ***

Hello Régis Bien belle région que le Morbihan, mais j'aime Rhône-Alpes. Voici le rapport: Search Navipromo version 2.0.1 commencé le 12/05/2007 à 21:46:11,12 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 10.05.2007 a 22h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** WebMediaPlayer *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer trouvé ! *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\moi\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html Fichier(s) caché(s) dans C:\WINDOWS\system32 : c:\WINDOWS\system32\bdytpkfavj.dat C:\windows\system32\bdytpkfavj.exe c:\WINDOWS\system32\bdytpkfavj_nav.dat c:\WINDOWS\system32\bdytpkfavj_navps.dat Processus caché(s) dans C:\WINDOWS\system32 : C:\windows\system32\bdytpkfavj.exe *** Recherche fichiers *** C:\DOCUME~1\moi\Bureau\WebMediaPlayer.lnk trouvé ! C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * C:\WINDOWS\system32\bdytpkfavj.dat trouvé ! ** C:\WINDOWS\system32\bdytpkfavj.dat trouvé ! *** **** C:\WINDOWS\system32\bdytpkfavj_navps.dat trouvé ! ***** ****** ******* ******** C:\WINDOWS\system32\bdytpkfavj.exe trouvé ! *** Analyse Terminé le 12/05/2007 à 21:53:17,12 *** amitiés surfantes rhodes38

merci pour ton coup de pouce ci-après les rapports demandés: amitiés surfantes rhodes38 --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 13:50:15 12/05/2007 + Résultat de l'analyse: :mozilla.251:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.252:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.253:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.107:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.108:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.110:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.111:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.376:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.509:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.524:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.525:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.532:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.257:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.258:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé. :mozilla.796:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé. :mozilla.266:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.267:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.86:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.331:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Com : Nettoyé. :mozilla.744:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.745:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.746:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.344:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé. :mozilla.25:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.109:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.839:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.840:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.437:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.438:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé. :mozilla.775:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Information : Nettoyé. C:\Documents and Settings\moi\Cookies\moi@search.live[1].txt -> TrackingCookie.Live : Nettoyé. :mozilla.38:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.105:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé. :mozilla.537:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.538:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.865:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé. C:\Documents and Settings\moi\Cookies\moi@real[2].txt -> TrackingCookie.Real : Nettoyé. :mozilla.100:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.96:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.97:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.98:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.99:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.574:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé. :mozilla.309:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.589:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.590:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.591:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.592:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.593:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.15:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.16:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.17:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.612:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.613:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.614:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.615:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé. :mozilla.638:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé. :mozilla.12:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.13:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.6:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.7:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.760:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé. :mozilla.158:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.159:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.160:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.201:C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\p55d9ak5.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. Fin du rapport 05/12/07 13:59:56 [info]: BlackLight Engine 1.0.61 initialized 05/12/07 13:59:56 [info]: OS: 5.1 build 2600 (Service Pack 2) 05/12/07 13:59:56 [Note]: 7019 4 05/12/07 13:59:56 [Note]: 7005 0 05/12/07 13:59:56 [Note]: 7006 0 05/12/07 13:59:56 [Note]: 7011 2752 05/12/07 13:59:56 [Note]: 7026 0 05/12/07 13:59:56 [Note]: 7026 0 05/12/07 13:59:56 [Note]: 7024 3 05/12/07 13:59:56 [info]: Hidden process: C:\windows\system32\bdytpkfavj.exe 05/12/07 13:59:59 [Note]: FSRAW library version 1.7.1021 05/12/07 14:05:55 [info]: Hidden file: c:\WINDOWS\system32\bdytpkfavj.dat 05/12/07 14:05:55 [Note]: 10002 1 05/12/07 14:05:55 [info]: Hidden file: C:\windows\system32\bdytpkfavj.exe 05/12/07 14:05:55 [Note]: 10002 1 05/12/07 14:05:56 [info]: Hidden file: c:\WINDOWS\system32\bdytpkfavj_nav.dat 05/12/07 14:05:56 [Note]: 10002 1 05/12/07 14:05:56 [info]: Hidden file: c:\WINDOWS\system32\bdytpkfavj_navps.dat 05/12/07 14:05:56 [Note]: 10002 1 05/12/07 14:06:53 [Note]: 2000 1012 05/12/07 14:06:53 [Note]: 2000 1012 05/12/07 14:06:53 [Note]: 7007 0 Logfile of HijackThis v1.99.1 Scan saved at 14:07:57, on 12/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\WINDOWS\system32\nvraidservice.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\Program Files\Bluetooth Remote Control\BluetoothRemoteControl.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\PeerGuardian2\pg2.exe C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\moi\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [bluetoothRC] C:\Program Files\Bluetooth Remote Control\BluetoothRemoteControl.exe O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37480.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Bpnne analyse rhodes38

bonjour Nouveau venu sur ce forum, je rencontre depuis quelques jours l'apparition de page me signalant des virus, attaque multiple contre mon système. On me )propose de scanner mon DD, et propose l'achat de logiciel (clean drive, secure....) je joins à toutes fins utiles un rapport: Logfile of HijackThis v1.99.1 Scan saved at 21:30:52, on 11/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\nvraidservice.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\Program Files\Bluetooth Remote Control\BluetoothRemoteControl.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Outlook Express\msimn.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\moi\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [bluetoothRC] C:\Program Files\Bluetooth Remote Control\BluetoothRemoteControl.exe O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37480.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Un p'tit coup de pouce amitiés surfantes rhodes38