Aller au contenu

kleenhlab

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    26

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par kleenhlab

  1. kleenhlab
    et on fait appel comment à l équipe de sécurité? merci pour tout.
  2. kleenhlab
    Bonjour, Toujours personne pour m aider a virer ce cxbx...dll car il m ennuit vraiment bcp. Merci hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:06:07, on 11/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr .exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/fsc/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM .exe" -scheduler O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime O4 - HKLM\..\Run: [devenv] C:\Documents and Settings\Kleenh'Art\Application Data\smvss.exe /w O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: TrayMin210.exe.lnk.disabled O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128629869750 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - http://support.fujitsu-siemens.de/DeskUpda...api/activex.cab O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/KLEENH~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg -- End of file - 6669 bytes merci.
  3. kleenhlab
    Rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:34:46, on 09/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ctfmon .exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\MSN Messenger\msnmsgr .exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/fsc/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F3 - REG:win.ini: load=C:\WINDOWS\system32\mljgg.exe O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM .exe" -scheduler O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime O4 - HKLM\..\Run: [devenv] C:\Documents and Settings\Kleenh'Art\Application Data\smvss.exe /w O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: TrayMin210.exe.lnk.disabled O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128629869750 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - http://support.fujitsu-siemens.de/DeskUpda...api/activex.cab O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/KLEENH~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg -- End of file - 6792 bytes Merci.
  4. kleenhlab
    Bon, j ai 2 problemes. 1er je n arrive pas a recuperer ATF cleaner, aucun acces a leur site, 2e j ai un fichier cbxyxvs.dll impossible a supprimer meme avec antivir! Merci beaucoup car ca m en a deja enlevé pas mal quqe avast ne voyait meme pas! que conseillez vous comme antivirus payant tresn performant? Merci, il rest encore a faire.
  5. kleenhlab
    Bonjour, voila apres pas mal de tentatives je n arrive pas a supprimer ce fichier et d autres! Voici le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 14:00:52, on 09/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM .exe C:\WINDOWS\VM_STI .EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched .exe C:\WINDOWS\system\smvss.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\KLEENH~1\LOCALS~1\Temp\Rar$EX00.766\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/fsc/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: {addeb555-2b35-dacb-03f4-bbd5a5788316} - {6138875a-5dbb-4f30-bcad-53b2555bedda} - C:\WINDOWS\system32\fpuppuag.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {DB0B918E-A0A8-482B-8D75-A682816B0C7B} - C:\WINDOWS\system32\cbxyxvs.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM .exe" -scheduler O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [devenv] C:\Documents and Settings\Kleenh'Art\Application Data\smvss.exe /w O4 - HKLM\..\Run: [spyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - Global Startup: TrayMin210.exe.lnk.disabled O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128629869750 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - http://support.fujitsu-siemens.de/DeskUpda...api/activex.cab O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: cbxyxvs - C:\WINDOWS\SYSTEM32\cbxyxvs.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe Merci de m aider.
  6. kleenhlab
    effectivement plus de pub!!! ouf! merci et voila: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services] "SLService"=dword:00000002 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^FreeBrowser Heavy.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\FreeBrowser Heavy.lnk" "backup"="C:\\WINDOWS\\pss\\FreeBrowser Heavy.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\FREEBR~1\\FREEBR~1\\FREEBR~1.EXE " "item"="FreeBrowser Heavy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 1000 series.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\hp psc 1000 series.lnk" "backup"="C:\\WINDOWS\\pss\\hp psc 1000 series.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpohmr08.exe " "item"="hp psc 1000 series" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\hpoddt01.exe.lnk" "backup"="C:\\WINDOWS\\pss\\hpoddt01.exe.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe " "item"="hpoddt01.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\InterVideo WinCinema Manager.lnk" "backup"="C:\\WINDOWS\\pss\\InterVideo WinCinema Manager.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\INTERV~1\\Common\\Bin\\WINCIN~1.EXE " "item"="InterVideo WinCinema Manager" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Lancement rapide d'Adobe Reader.lnk" "backup"="C:\\WINDOWS\\pss\\Lancement rapide d'Adobe Reader.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE " "item"="Lancement rapide d'Adobe Reader" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\.nvsvc] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="smss" "hkey"="HKLM" "command"="C:\\WINDOWS\\system\\smss.exe /w" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ALCMTR" "hkey"="HKLM" "command"="ALCMTR.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AlcWzrd] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ALCWZRD" "hkey"="HKLM" "command"="ALCWZRD.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AnyDVD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AnyDVD" "hkey"="HKLM" "command"="C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApachInc] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mxyitvsr" "hkey"="HKLM" "command"="rundll32.exe \"C:\\WINDOWS\\system32\\mxyitvsr.dll\",realset" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\bvcgkgsnao] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bvcgkgsnao" "hkey"="HKLM" "command"="c:\\windows\\system32\\bvcgkgsnao.exe bvcgkgsnao" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools-1033] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="daemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstantOn] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ion_install" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerCinema Linux\\ion_install.exe\" /c" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Language" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVDServ" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updateMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeUpdateManager" "hkey"="HKCU" "command"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\weoilbxng] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="weoilbxng" "hkey"="HKLM" "command"="c:\\windows\\system32\\weoilbxng.exe weoilbxng" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state] "system.ini"=dword:00000000 "win.ini"=dword:00000000 "bootini"=dword:00000000 "services"=dword:00000002 "startup"=dword:00000002 merci.
  7. kleenhlab
    Merci pour tout, les rapports arrivent! Part contre j ai un autre soucis, j avais decocher pas mal de case dans Spybot demarrage pour supprimer les lignes louches! le pbm c est que je ne sais plus trop quoi cocher! mais pas grave il demarre quand meme, alors qu est il super important de lancer? Une autre question, dans msconfig demarrage, comment supprimer les lignes decochées donc qui ne se lancent plus au demarrage? Merci. Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 18:20:25, on 03/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\KLEENH~1\LOCALS~1\Temp\Rar$EX01.281\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/fsc/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/fsc/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: TrayMin210.exe.lnk.disabled O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128629869750 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - http://support.fujitsu-siemens.de/DeskUpda...api/activex.cab O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe Navilog: Clean Navipromo version 2.0.5 commencé le 03/07/2007 à 18:14:45,35 Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO Mode suppression automatique avec prise en charge résultats Blacklight *** Creation backups fichiers trouvés par Blacklight *** Copie vers "C:\Program Files\navilog1\Backupnavi" *** Suppression des fichiers trouvés avec Blacklight *** c:\WINDOWS\system32\weoilbxng.dat supprimé ! C:\windows\system32\weoilbxng.exe supprimé ! c:\WINDOWS\system32\weoilbxng_nav.dat supprimé ! c:\WINDOWS\system32\weoilbxng_navps.dat supprimé ! ** 2ème passage ** C:\WINDOWS\system32\weoilbxng.exe absent ! C:\WINDOWS\system32\weoilbxng.dat absent ! C:\WINDOWS\system32\weoilbxng_nav.dat absent ! C:\WINDOWS\system32\weoilbxng_navps.dat absent ! C:\WINDOWS\system32\weoilbxng_navup.dat absent ! C:\WINDOWS\system32\weoilbxng_navtmp.dat absent ! C:\WINDOWS\system32\weoilbxng_m2s.xml absent ! C:\WINDOWS\prefetch\weoilbxng*.pf trouvé ! Copie C:\WINDOWS\prefetch\weoilbxng*.pf réalise avec succes ! C:\WINDOWS\prefetch\weoilbxng*.pf supprimé ! *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer ...suppression... C:\Program Files\WebMediaPlayer supprimé ! *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Suppression dossiers dans C:\Documents and Settings\Kleenh'Art\Application Data *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-33B0F5F9.pf supprimé ! C:\WINDOWS\prefetch\WEBMEDIAPLAYER_SETUP.EXE-37E4BCC3.pf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Kleenh'Art\Local Settings\Temp effectué ! *** Sauvegarde du registre vers dossier Backupnavi*** sauvegarde du registre réalise avec succes ! *** Nettoyage registre *** Nettoyage registre Ok *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche et Suppression Heuristique : * ** *** **** ***** ****** ******* ******** 3)Contrôle présence clés Rootkit dans le registre : Aucune autre clés présente dans le registre ! 4)Certificats : Certificat Egroup supprimé ! *** Nettoyage termine le 03/07/2007 à 18:16:40,62 *** Merci
  8. kleenhlab
    Et voila le rapport: Search Navipromo version 2.0.5 commencé le 02/07/2007 à 18:49:16,92 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** WebMediaPlayer *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer trouvé ! *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\Kleenh'Art\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html Fichier(s) caché(s) dans C:\WINDOWS\system32 : c:\WINDOWS\system32\weoilbxng.dat C:\windows\system32\weoilbxng.exe c:\WINDOWS\system32\weoilbxng_nav.dat c:\WINDOWS\system32\weoilbxng_navps.dat Processus caché(s) dans C:\WINDOWS\system32 : C:\windows\system32\weoilbxng.exe *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-33B0F5F9.pf trouvé ! C:\WINDOWS\prefetch\WEBMEDIAPLAYER_SETUP.EXE-37E4BCC3.pf trouvé ! *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * C:\WINDOWS\system32\weoilbxng.dat trouvé ! ** C:\WINDOWS\system32\weoilbxng.dat trouvé ! *** **** C:\WINDOWS\system32\weoilbxng_navps.dat trouvé ! ***** ****** ******* ******** 3)Recherche Certificats : Certificat Egroup trouvé ! *** Analyse Terminé le 02/07/2007 à 19:01:02,81 ***
  9. kleenhlab
    D apres votre site j ai trouve la merde qui aurait pu m infecter: Webmediaplayer! Merci.
  10. kleenhlab
    desole mais rien installé de nouveau! par contre diaghelp ne lance rien quand je rentre: 1.? Merci.
  11. kleenhlab
    Ok il faut que je retrouve diaghelp, en plus les pages qui s ouvrent c est de pire en pire maintenant spybot me donne un autre nom: weoilbxng. Merci.
  12. kleenhlab
    spybot: --- Report generated: 2007-06-25 19:43 --- Advertising.com: Cookie traceur (Firefox: default) (Cookie, nothing done) Advertising.com: Cookie traceur (Firefox: default) (Cookie, nothing done) MediaPlex: Cookie traceur (Firefox: default) (Cookie, nothing done) Log: Activity: SchedLgU.Txt (Sauver le fichier, nothing done) C:\WINDOWS\SchedLgU.Txt Log: Shutdown: System32\wbem\logs\wbemess.log (Sauver le fichier, nothing done) C:\WINDOWS\System32\wbem\logs\wbemess.log Log: Shutdown: System32\wbem\logs\wmiprov.log (Sauver le fichier, nothing done) C:\WINDOWS\System32\wbem\logs\wmiprov.log MS Media Player: Anonymous ID (Modification du registre, nothing done) HKEY_USERS\S-1-5-21-3026621731-2904187974-4198665175-1007\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0 MS DirectDraw: Most recent application (Modification du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!= Windows Explorer: User Assistant history IE (1 fichiers) (Clé du registre, nothing done) HKEY_USERS\S-1-5-21-3026621731-2904187974-4198665175-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count Windows Explorer: User Assistant history files (11 fichiers) (Clé du registre, nothing done) HKEY_USERS\S-1-5-21-3026621731-2904187974-4198665175-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count Cookie: Cookie (3) (Cookie, nothing done) Cache: Cache (25) (Cache, nothing done) Cookie: Cookie (77) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2007-06-10 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2007-05-23 advcheck.dll (1.5.3.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2007-01-02 Tools.dll (2.0.1.0) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2007-06-20 Includes\Cookies.sbi (*) 2007-05-30 Includes\Dialer.sbi (*) 2007-06-20 Includes\DialerC.sbi (*) 2007-06-20 Includes\Hijackers.sbi (*) 2007-06-20 Includes\HijackersC.sbi (*) 2007-06-20 Includes\Keyloggers.sbi (*) 2007-06-20 Includes\KeyloggersC.sbi (*) 2007-06-20 Includes\Malware.sbi (*) 2007-06-20 Includes\MalwareC.sbi (*) 2007-03-21 Includes\PUPS.sbi (*) 2007-06-20 Includes\PUPSC.sbi (*) 2007-06-20 Includes\Revision.sbi (*) 2007-05-30 Includes\Security.sbi (*) 2007-06-20 Includes\SecurityC.sbi (*) 2007-06-20 Includes\Spybots.sbi (*) 2007-06-20 Includes\SpybotsC.sbi (*) 2005-02-17 Includes\Tracks.uti (*) 2007-06-20 Includes\Trojans.sbi (*) 2007-06-20 Includes\TrojansC.sbi (*) 2007-06-06 Plugins\TCPIPAddress.dll hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 20:05:09, on 25/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\KLEENH~1\LOCALS~1\Temp\Rar$EX00.797\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/fsc/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/fsc/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /waitstart O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453637 14 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: TrayMin210.exe.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128629869750 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - http://support.fujitsu-siemens.de/DeskUpda...api/activex.cab O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe Merci
  13. kleenhlab
    il me dit juste, quand il est en resident, que bcv machin tente demodifier une entree registre et ensuit il dit impossible! Cependant quand je suis sur le net , j ai des pages qui s ouvrent toutes seules. Merci.
  14. kleenhlab
    voilaqu il ma trouve une autre merde: bvcgkgsnao et spybot me dit qu il ne peux pas le supprimer! Merci.
  15. kleenhlab
    seek.bat: Effectué le 24/06/2007 à 18:50:00,32. Le volume dans le lecteur C s'appelle Main One Le numéro de série du volume est F0A1-2813 rem.bat: je suis aller voir il me dit qu il est endommagé mais pas suppriméé! hijackthis: StartupList report, 24/06/2007, 18:56:45 StartupList version: 1.52.2 Started from : C:\DOCUME~1\KLEENH~1\LOCALS~1\Temp\Rar$EX01.453\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\ALCFDRTM.EXE C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\DOCUME~1\KLEENH~1\LOCALS~1\Temp\Rar$EX01.453\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Kleenh'Art\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] TrayMin210.exe.lnk = ? Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Raccourci vers la page des propriétés de High Definition Audio = HDAShCut.exe SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe BigDogPath = C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam ISUSPM = "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized SunJavaUpdateSched = C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe fsc-reminder.exe = C:\WINDOWS\reminder\fsc-reminder.exe 2453637 14 -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install [{8b15971b-5355-4c82-8c07-7e181ea07608}] StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser [{94de52c8-2d59-4f1b-883e-79663d2d9a8c}] StubPath = rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} -------------------------------------------------- Enumerating Task Scheduler jobs: AppleSoftwareUpdate.job FRU Task #Hewlett-Packard#hp psc 1200 series#1147016911.job -------------------------------------------------- Enumerating Download Program Files: [QuickTime Object] InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab [shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/shockwa...director/sw.cab [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204 [MUWebControl Class] InProcServer32 = C:\WINDOWS\system32\muweb.dll CODEBASE = http://update.microsoft.com/microsoftupdat...b?1128629869750 [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [DeskUpdate- Activex Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\activex.ocx CODEBASE = http://support.fujitsu-siemens.de/DeskUpda...api/activex.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll Protocol #18: C:\WINDOWS\system32\mswsock.dll Protocol #19: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) Pilote de contrôleur intégré Microsoft: system32\DRIVERS\ACPIEC.sys (system) Adobe LM Service: "C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe" (manual start) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: system32\DRIVERS\arp1394.sys (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start) avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart) ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart) ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart) avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start) avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start) AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) Pilote pour Batterie à méthode de contrôle ACPI Microsoft: system32\DRIVERS\CmBatt.sys (manual start) Pilote de batterie composite Microsoft: system32\DRIVERS\compbatt.sys (system) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) d347bus: system32\DRIVERS\d347bus.sys (system) d347prt: System32\Drivers\d347prt.sys (system) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) GEARAspiWDM: System32\Drivers\GEARAspiWDM.sys (manual start) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Google Updater Service: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (manual start) Pilote de fonction Microsoft UAA pour Service High Definition Audio: system32\drivers\HdAudio.sys (manual start) Pilote de bus Microsoft UAA pour High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start) Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start) USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) iaStor: system32\drivers\iaStor.sys (system) InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (manual start) Service for Realtek HD Audio (WDM): system32\drivers\RtkHDAud.sys (manual start) IntelIde: system32\DRIVERS\intelide.sys (system) Pilote de processeur Intel: system32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: system32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) Service de l'iPod: "C:\Program Files\iPod\bin\iPodService.exe" (manual start) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) IviRegMgr: C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe (autostart) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Machine Debug Manager: "C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE" (autostart) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Périphérique de filtrage de flux Unimodem: system32\drivers\MODEMCSA.sys (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Mtlmnt5: system32\DRIVERS\SLDRV\Mtlmnt5.sys (manual start) Mtlstrm: system32\DRIVERS\SLDRV\Mtlstrm.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: system32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface): system32\DRIVERS\ohci1394.sys (system) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Pilote de bus PCI: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) VSO Software pcouffin: System32\Drivers\Pcouffin.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (manual start) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) RecAgent: system32\DRIVERS\SLDRV\RecAgent.sys (system) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Cyberlink RichVideo Service(CRVS): "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" (autostart) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver: system32\DRIVERS\Rtlnicxp.sys (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lecteur de disquettes haute densité: system32\DRIVERS\sfloppy.sys (manual start) Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiSRaid2: system32\drivers\SiSRaid2.sys (system) SmartLink AMR_PCI Driver: system32\DRIVERS\SLDRV\slazldrv.sys (manual start) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) SlNtHal: system32\DRIVERS\SLDRV\Slnthal.sys (manual start) SmartLinkService: slserv.exe (disabled) SlWdmSup: system32\DRIVERS\SLDRV\SlWdmSup.sys (manual start) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{A676EF47-0AB1-4218-8C56-B32AF6F84781} (manual start) Synaptics TouchPad Driver: system32\DRIVERS\SynTP.sys (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: system32\DRIVERS\usbhub.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) viamraid: system32\drivers\viamraid.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP: system32\DRIVERS\w29n51.sys (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Interface de gestion Microsoft Windows pour ACPI: system32\DRIVERS\wmiacpi.sys (system) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Microsoft Common Controller For Windows Driver Service: system32\DRIVERS\xnacc.sys (manual start) Philips SPC210NC Webcam: System32\Drivers\usbVM31b.sys (manual start) {95808DC4-FA4A-4c74-92FE-5B863F82066B}: \??\C:\Program Files\CyberLink\PowerDVD0.fcl (autostart) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 38 101 bytes Report generated in 0,156 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only Merci
  16. kleenhlab
    Personne pour m aider à supprimer ce fichier? meme en mode sans echec je n arrive pas a le supprimer car il est dans les dependances de Desktop Update! Merci.
  17. kleenhlab
    Up
  18. kleenhlab
    Ce qui a c est que je le trouve que dans les Proprietes/ Dependance du dossier precite danc je ne vois pas comment l effacer! Je poste le rapport des que c est effacé Merci
  19. kleenhlab
    Bonjour, j ai trouve le fichier dans system32 en enlevant le masquage mais je ne trouve activex.inf en dependance de DesktopUpdate Activex control, donc comment faire, pour le supprimer? Encore un e chose, pourquoi avoir enlever les updates Java? Merci
  20. kleenhlab
    Alors voila: Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Kleenh'Art\Cookies\kleenh'art@xiti[1].txt Outil indésirable:Application/ToolWget No Désinfecté C:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\freebrowser-full-setup.exe[wget.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\SDFix.exe[sDFix\apps\Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\SDFix\apps\Process.exe Virus:Trj/Rizalof.FM Désinfecté C:\SDFix\backups_old1\backups.zip[backups/nvsvcd.exe] Spyware:Spyware/Virtumonde No Désinfecté C:\VundoFix Backups\xnxcwpxl.dll.bad Adware:adware/wupd No Désinfecté C:\WINDOWS\Downloaded Program Files\activex.inf Ce que je comprends pas c est queles defauts viennent pratiquement tous de ce que vous m avez dit de telecharger! Que faire? Q utilisez vous comme anivirus et firemwall? quel est le top quid du prix? Merci
  21. kleenhlab
    Bonsoir, Je n ai pas trouve le fichier que vous me disiez de supprimer dans le System32? Où l avez vous vu? J ai fixe les autres lignes et là le scan Panda est en cours et il trouve des trucs pas tres cool, je poste le rapport des que c ets fini! Merci.
  22. kleenhlab
    et enfin Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 21:16:11, on 11/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\KLEENH~1\LOCALS~1\Temp\Rar$EX00.437\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/fsc/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/fsc/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\xnxcwpxl.dll (file missing) O2 - BHO: (no name) - {EA99E904-C04E-4F09-BD0F-F6A3148527C5} - C:\WINDOWS\system32\sstqq.dll (file missing) O2 - BHO: (no name) - {F627D19B-E4CA-4377-823D-80BD010AA3Dd} - C:\WINDOWS\system32\ipmyiwop.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam O4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453637 14 O4 - Global Startup: TrayMin210.exe.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128629869750 O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate- Activex Control) - http://support.fujitsu-siemens.de/DeskUpda...api/activex.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe Et voila qu est que je dois faire maintenant? car je vois bcp de svhost et de CLi dans le gestionnaire est ce normal? 1 ne suffit pas? Et c est quoi ces 3 lignes?: O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\xnxcwpxl.dll (file missing) O2 - BHO: (no name) - {EA99E904-C04E-4F09-BD0F-F6A3148527C5} - C:\WINDOWS\system32\sstqq.dll (file missing) O2 - BHO: (no name) - {F627D19B-E4CA-4377-823D-80BD010AA3Dd} - C:\WINDOWS\system32\ipmyiwop.dll (file missing) Merci.
  23. kleenhlab
    voici le rapport de Diaghelp: DiagHelp version v1.1.1 - http://www.malekal.com excute le 11/06/2007 à 21:09:19,09 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\pcouffin.sys -->10/06/2007 14:34:15 C:\WINDOWS\System32/drivers\AvgAsCln.sys -->30/05/2007 14:10:42 C:\WINDOWS\System32/drivers\aswmon.sys -->30/04/2007 17:41:55 C:\WINDOWS\System32/drivers\aswmon2.sys -->30/04/2007 17:41:42 C:\WINDOWS\System32/drivers\aswRdr.sys -->30/04/2007 17:39:41 C:\WINDOWS\System32/drivers\aswTdi.sys -->30/04/2007 17:38:51 C:\WINDOWS\System32/drivers\aavmker4.sys -->30/04/2007 17:37:23 C:\WINDOWS\System32\wpa.dbl -->11/06/2007 20:55:10 C:\WINDOWS\System32\PerfStringBackup.INI -->10/06/2007 20:11:57 C:\WINDOWS\System32\perfh00C.dat -->10/06/2007 20:11:57 C:\WINDOWS\System32\perfh009.dat -->10/06/2007 20:11:57 C:\WINDOWS\System32\perfc00C.dat -->10/06/2007 20:11:57 C:\WINDOWS\System32\perfc009.dat -->10/06/2007 20:11:57 C:\WINDOWS\System32\VundoFixSVC.exe -->10/06/2007 19:36:42 C:\WINDOWS\System32\rsvtiyxm.ini -->10/06/2007 15:53:11 C:\WINDOWS\System32\dtu_fr.qm -->30/05/2007 22:27:07 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->08/05/2007 12:15:49 C:\WINDOWS\System32\CONFIG.NT -->08/05/2007 09:43:21 C:\WINDOWS\System32\aswBoot.exe -->30/04/2007 17:46:10 C:\WINDOWS\System32\AVASTSS.scr -->30/04/2007 17:35:28 C:\WINDOWS\System32\MRT.exe -->27/04/2007 22:45:12 C:\WINDOWS\System32\QuickTimeVR.qtx -->27/04/2007 09:42:00 C:\WINDOWS\System32\QuickTime.qts -->27/04/2007 09:42:00 C:\WINDOWS\System32\msi.dll -->18/04/2007 18:14:18 C:\WINDOWS\System32\amcompat.tlb -->12/04/2007 12:54:22 C:\WINDOWS\System32\nscompat.tlb -->12/04/2007 12:54:21 C:\WINDOWS\System32\FNTCACHE.DAT -->03/04/2007 21:00:18 C:\WINDOWS\System32\hhctrl.ocx -->02/04/2007 07:59:26 C:\WINDOWS\System32\winsrv.dll -->17/03/2007 15:44:47 C:\WINDOWS\System32\LegitCheckControl.dll -->15/03/2007 18:19:28 C:\WINDOWS\System32\WgaTray.exe -->15/03/2007 18:17:20 C:\WINDOWS\System32\WgaLogon.dll -->15/03/2007 18:16:48 C:\WINDOWS.log -->11/06/2007 20:54:47 C:\WINDOWS\wiadebug.log -->11/06/2007 20:54:39 C:\WINDOWS\WindowsUpdate.log -->11/06/2007 20:54:32 C:\WINDOWS\wiaservc.log -->11/06/2007 20:54:31 C:\WINDOWS\bootstat.dat -->11/06/2007 20:54:02 C:\WINDOWS\ntbtlog.txt -->11/06/2007 20:48:21 C:\WINDOWS\SchedLgU.Txt -->11/06/2007 20:47:18 C:\WINDOWS\mozver.dat -->10/06/2007 20:23:34 C:\WINDOWS\nsreg.dat -->10/06/2007 19:51:34 C:\WINDOWS\win.ini -->10/06/2007 17:06:14 C:\WINDOWS\system.ini -->10/06/2007 17:06:14 C:\WINDOWS\QTFont.qfn -->10/06/2007 10:45:55 C:\WINDOWS\QTFont.for -->10/06/2007 10:45:55 C:\WINDOWS\NeroDigital.ini -->09/06/2007 20:54:26 C:\WINDOWS\vpd.properties -->09/05/2007 20:48:00 Le volume dans le lecteur C s'appelle Main One Le numéro de série du volume est F0A1-2813 Répertoire de C:\WINDOWS\system32 05/08/2004 14:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 19 340 398 592 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Main One Le numéro de série du volume est F0A1-2813 Répertoire de C:\WINDOWS\Downloaded Program Files 06/05/2007 12:33 <REP> . 06/05/2007 12:33 <REP> .. 07/04/2005 08:28 143 activex.inf 04/04/2005 16:53 753 664 activex.ocx 07/09/2005 11:13 65 desktop.ini 20/03/2006 18:34 24 576 dwusplay.dll 20/03/2006 18:34 196 608 dwusplay.exe 09/02/2005 16:54 1 271 erma.inf 20/03/2006 18:34 484 272 isusweb.dll 26/08/2005 15:57 495 LegitCheckControl.inf 26/05/2005 04:19 293 muweb.inf 09/10/2003 10:32 144 QTPlugin.inf 10 fichier(s) 1 461 531 octets Total des fichiers listés : 10 fichier(s) 1 461 531 octets 2 Rép(s) 19 340 398 592 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Disabled:WinDVD" "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update" "C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Freeplayer\\FreeBrowser\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\FreeBrowser\\vlc\\vlc.exe:*:Disabled:VLC media player" "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe:*:Disabled:WinDVD" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\SecondLife\\SecondLife.exe"="C:\\Program Files\\SecondLife\\SecondLife.exe:*:Enabled:Second Life" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-11 21:09:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 136 - explorer.exe 156 - ashServ.exe 556 - svchost.exe 840 - csrss.exe 872 - winlogon.exe 916 - services.exe 928 - lsass.exe 1084 - ati2evxx.exe 1096 - svchost.exe 1200 - svchost.exe 1284 - guard.exe 1344 - svchost.exe 1396 - svchost.exe 1448 - svchost.exe 1544 - ati2evxx.exe 1628 - avgas.exe 1656 - ctfmon.exe 1728 - MDM.EXE 1840 - ashMaiSv.exe 1964 - ashWebSv.exe 2180 - CLI.exe 2244 - CLI.exe 2948 - cmd.exe 3136 - SynTPLpr.exe 3144 - SynTPEnh.exe 3160 - ashDisp.exe 3168 - VM_STI.EXE 3176 - ISUSPM.exe 3192 - firefox.exe 3256 - CLI.exe 3888 - iPodService.exe Total number of processes = 32 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntoskrnl.exe 806EC000 - \WINDOWS\system32\hal.dll F7987000 - \WINDOWS\system32\KDCOM.DLL F7897000 - \WINDOWS\system32\BOOTVID.dll F75B0000 - d347bus.sys F7581000 - ACPI.sys F7989000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F7570000 - pci.sys F75F7000 - isapnp.sys F7607000 - ohci1394.sys F7617000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F789B000 - compbatt.sys F789F000 - \WINDOWS\system32\DRIVERS\BATTC.SYS F7A4F000 - pciide.sys F7707000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F798B000 - intelide.sys F7627000 - MountMgr.sys F74B1000 - ftdisk.sys F78A3000 - ACPIEC.sys F7A50000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS F770F000 - PartMgr.sys F7637000 - VolSnap.sys F7499000 - F7424000 - iaStor.sys F7647000 - viamraid.sys F740C000 - \WINDOWS\system32\drivers\SCSIPORT.SYS F798D000 - d347prt.sys F7717000 - SiSRaid2.sys F7657000 - disk.sys F7667000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7857000 - fltMgr.sys F7845000 - sr.sys F782E000 - KSecDD.sys F7B52000 - Ntfs.sys F795A000 - NDIS.sys F78A7000 - RecAgent.sys F7A34000 - Mup.sys F7697000 - \SystemRoot\system32\DRIVERS\nic1394.sys BAF30000 - \SystemRoot\system32\DRIVERS\intelppm.sys B99AC000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys A91DA000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS A91B5000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys A9872000 - \SystemRoot\system32\DRIVERS\usbuhci.sys A9192000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS AFCDF000 - \SystemRoot\system32\DRIVERS\usbehci.sys A8E6C000 - \SystemRoot\system32\DRIVERS\w29n51.sys A8E5A000 - \SystemRoot\system32\DRIVERS\Rtlnicxp.sys A9E94000 - \SystemRoot\system32\DRIVERS\i8042prt.sys AE9C2000 - \SystemRoot\system32\DRIVERS\kbdclass.sys A8E2B000 - \SystemRoot\system32\DRIVERS\SynTP.sys B5D15000 - \SystemRoot\system32\DRIVERS\USBD.SYS AE9F2000 - \SystemRoot\system32\DRIVERS\mouclass.sys A9E84000 - \SystemRoot\system32\DRIVERS\imapi.sys A9E74000 - \SystemRoot\system32\DRIVERS\cdrom.sys A9E64000 - \SystemRoot\system32\DRIVERS\redbook.sys A8E08000 - \SystemRoot\system32\DRIVERS\ks.sys AE9EA000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys A9FF8000 - \SystemRoot\system32\DRIVERS\CmBatt.sys A98EF000 - \SystemRoot\system32\DRIVERS\audstub.sys A9E54000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys A9FF4000 - \SystemRoot\system32\DRIVERS\ndistapi.sys A8DF1000 - \SystemRoot\system32\DRIVERS\ndiswan.sys A9E44000 - \SystemRoot\system32\DRIVERS\raspppoe.sys A9E34000 - \SystemRoot\system32\DRIVERS\raspptp.sys AE9BA000 - \SystemRoot\system32\DRIVERS\TDI.SYS A8DE0000 - \SystemRoot\system32\DRIVERS\psched.sys A9E24000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7747000 - \SystemRoot\system32\DRIVERS\ptilink.sys AE9AA000 - \SystemRoot\system32\DRIVERS\raspti.sys A9E14000 - \SystemRoot\system32\DRIVERS\termdd.sys B5D13000 - \SystemRoot\system32\DRIVERS\swenum.sys A8DAC000 - \SystemRoot\system32\DRIVERS\update.sys A9FEC000 - \SystemRoot\system32\DRIVERS\mssmbios.sys A9858000 - \SystemRoot\System32\Drivers\NDProxy.SYS A0D6B000 - \SystemRoot\system32\DRIVERS\SLDRV\slazldrv.sys A923A000 - \SystemRoot\system32\DRIVERS\SLDRV\SlWdmSup.sys A0D4C000 - \SystemRoot\system32\DRIVERS\SLDRV\Mtlmnt5.sys F7767000 - \SystemRoot\System32\Drivers\Modem.SYS A0ADE000 - \SystemRoot\system32\drivers\RtkHDAud.sys A0ABC000 - \SystemRoot\system32\drivers\portcls.sys A9828000 - \SystemRoot\system32\drivers\drmk.sys AF073000 - \SystemRoot\system32\drivers\MODEMCSA.sys A9818000 - \SystemRoot\system32\DRIVERS\usbhub.sys AABFC000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BA903000 - \SystemRoot\System32\Drivers\Null.SYS AA1F1000 - \SystemRoot\System32\Drivers\Beep.SYS B833F000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys F780F000 - \SystemRoot\System32\drivers\vga.sys AA1EF000 - \SystemRoot\System32\Drivers\mnmdd.SYS AA1ED000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys AE9B2000 - \SystemRoot\System32\Drivers\Msfs.SYS F77AF000 - \SystemRoot\System32\Drivers\Npfs.SYS BAFC0000 - \SystemRoot\system32\DRIVERS\rasacd.sys A0A89000 - \SystemRoot\system32\DRIVERS\ipsec.sys A0A30000 - \SystemRoot\system32\DRIVERS\tcpip.sys A9808000 - \SystemRoot\System32\Drivers\aswTdi.SYS A0A08000 - \SystemRoot\system32\DRIVERS\netbt.sys A09E6000 - \SystemRoot\System32\drivers\afd.sys A97F8000 - \SystemRoot\system32\DRIVERS\netbios.sys A09BB000 - \SystemRoot\system32\DRIVERS\rdbss.sys A094C000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys A97E8000 - \SystemRoot\System32\Drivers\Fips.SYS A092B000 - \SystemRoot\system32\DRIVERS\ipnat.sys A97D8000 - \SystemRoot\system32\DRIVERS\wanarp.sys A97C8000 - \SystemRoot\system32\DRIVERS\arp1394.sys F7A9C000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys F7757000 - \SystemRoot\System32\Drivers\Aavmker4.SYS F7877000 - \SystemRoot\System32\Drivers\Cdfs.SYS BAFE8000 - \SystemRoot\System32\Drivers\dump_diskdump.sys BA741000 - \SystemRoot\System32\Drivers\dump_viamraid.sys BF800000 - \SystemRoot\System32\win32k.sys BAFD0000 - \SystemRoot\System32\drivers\Dxapi.sys F77E7000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys B82F8000 - \SystemRoot\System32\drivers\dxgthk.sys B13E4000 - \SystemRoot\system32\DRIVERS\wmiacpi.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA18000 - \SystemRoot\System32\ati2cqag.dll BFA5E000 - \SystemRoot\System32\atikvmag.dll BFAA2000 - \SystemRoot\System32\ati3duag.dll BFCE6000 - \SystemRoot\System32\ativvaxx.dll AA14B000 - \SystemRoot\system32\DRIVERS\ndisuio.sys 9E875000 - \SystemRoot\System32\Drivers\aswMon2.SYS 9E770000 - \SystemRoot\system32\drivers\wdmaud.sys F7540000 - \SystemRoot\system32\drivers\sysaudio.sys 9E6F5000 - \SystemRoot\system32\DRIVERS\mrxdav.sys 9E5B3000 - \SystemRoot\system32\DRIVERS\srv.sys ADC11000 - \??\C:\Program Files\CyberLink\PowerDVD�0.fcl 9E4BB000 - \SystemRoot\System32\Drivers\aswRdr.SYS 9E0ED000 - \SystemRoot\System32\Drivers\HTTP.sys F7A83000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 131 Liste des programmes installes Ad-Aware SE Personal Adobe Photoshop CS2 Adobe Photoshop CS2 Adobe Reader 7.0.9 - Français Apple Software Update Archiveur WinRAR ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver avast! Antivirus AVG Anti-Spyware 7.5 Azureus Camera Window Canon PhotoRecord Canon Utilities ZoomBrowser EX CCleaner (remove only) Correctif pour Windows XP (KB889527) Correctif pour Windows XP (KB893357) Correctif pour Windows XP (KB903234) Correctif pour Windows XP (KB935448) Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB883529 Correctif Windows XP - KB883667 Correctif Windows XP - KB884020 Correctif Windows XP - KB884575 Correctif Windows XP - KB884883 Correctif Windows XP - KB885222 Correctif Windows XP - KB885250 Correctif Windows XP - KB885523 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885855 Correctif Windows XP - KB885887 Correctif Windows XP - KB885894 Correctif Windows XP - KB886185 Correctif Windows XP - KB886677 Correctif Windows XP - KB886716 Correctif Windows XP - KB887742 Correctif Windows XP - KB887797 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB888402 Correctif Windows XP - KB889016 Correctif Windows XP - KB890831 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Correctif Windows XP - KB892627 Correctif Windows XP - KB893056 Correctif Windows XP - KB893086 Correctif Windows XP - KB896626 DAEMON Tools dBPowerAMP AIFF codec r4 dBpowerAMP FLAC Codec dBpowerAMP mp3PRO Input Codec dBpowerAMP Music Converter dBpowerAMP Ogg Vorbis Codec dBpowerAMP Real Audio Codec dBpowerAMP WMA V9 Codec DkZ Studio dMC mp3PRO (CLI) Encoder DVD Shrink 3.2 EVEREST Home Edition v2.20 Fenêtre d'appareil photo Canon pour ZoomBrowser EX foobar2000 Google Earth Pro Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer High Definition Audio - KB888111 HijackThis 1.99.1 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB926239) hp psc 1200 series HP USB Disk Storage Format Tool InterVideo WinDVD 8 InterVideo WinDVD 8 iTunes J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 6 Java SE Runtime Environment 6 Update 1 K-Lite Codec Pack 2.81 Full Lecteur Windows Media 11 Macromedia Flash Player 8 Macromedia Shockwave Player Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Professional Edition 2003 Microsoft Office Standard Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Works Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB900930) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929969) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931768) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mozilla Firefox (2.0.0.4) Nero Suite Philips SPC210NC Webcam Photo et imagerie HP 2.0 - All-in-One Photo et imagerie HP 2.0 - All-in-One Pilote Photo et imagerie HP 2.0 - hp psc 1200 series PowerDVD Pro Evolution Soccer 6 Pro Evolution Soccer 6 QuickTime Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Smart Link 56K Voice Modem Spybot - Search & Destroy 1.4 Synaptics Pointing Device Driver WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Format SDK Hotfix - KB891122 Windows Media Player 10 Hotfix - KB888656 Windows Media Player 11 Windows Messenger 5.1 Xbox 360 Controller for Windows XRELAIS 2.1 Yahoo! Mail Outil de sélection express (PhotoMail) Le volume dans le lecteur C s'appelle Main One Le numéro de série du volume est F0A1-2813 Répertoire de C:\Program Files 10/06/2007 19:51 <REP> . 10/06/2007 19:51 <REP> .. 21/12/2005 20:54 <REP> Adobe 05/11/2006 13:31 <REP> Ahead 21/12/2005 13:49 <REP> Alwil Software 25/02/2007 13:15 <REP> Apple Software Update 02/04/2007 20:00 <REP> ATI Technologies 10/02/2007 09:26 <REP> Azureus 26/09/2005 21:29 <REP> Canon 10/06/2007 17:21 <REP> CCleaner 07/09/2005 11:12 <REP> ComPlus Applications 30/12/2005 16:05 <REP> Creative 18/03/2007 15:55 <REP> CyberLink 03/11/2005 22:18 <REP> dBpowerAMP 10/06/2007 20:03 <REP> DivX 17/07/2006 21:16 <REP> DkZ Studio 21/12/2005 14:33 <REP> D-Tools 18/03/2006 12:55 <REP> DVD Shrink 03/06/2007 17:33 <REP> DVDFab Gold 03/06/2007 17:34 <REP> eMule 17/03/2007 20:49 <REP> Fichiers communs 26/09/2005 09:24 <REP> foobar2000 05/02/2006 11:46 <REP> Freeplayer 27/04/2007 20:37 <REP> Google 27/04/2007 20:34 <REP> Google Earth 08/05/2006 21:15 <REP> Graphisoft 10/06/2007 17:42 <REP> Grisoft 21/05/2006 18:42 <REP> Hewlett-Packard 10/06/2007 19:42 <REP> HijackThis 03/11/2005 22:11 <REP> Illustrate 03/04/2007 18:45 <REP> InterActual 09/05/2007 20:46 <REP> Internet Explorer 03/04/2007 20:11 <REP> InterVideo 03/04/2007 20:14 <REP> InterVideo Information Service 21/02/2007 19:49 <REP> Inventel 03/06/2007 12:16 <REP> iPod 03/06/2007 12:16 <REP> iTunes 08/05/2007 12:15 <REP> Java 30/12/2006 18:24 <REP> K-Lite Codec Pack 06/11/2006 21:28 <REP> KONAMI 19/10/2005 22:17 <REP> Lavalys 10/06/2007 17:47 <REP> Lavasoft 06/10/2005 22:24 <REP> Messenger 09/05/2007 20:46 <REP> Microsoft CAPICOM 2.1.0.2 07/09/2005 11:14 <REP> microsoft frontpage 07/09/2005 11:49 <REP> Microsoft Office 07/09/2005 11:49 <REP> Microsoft Visual Studio 03/11/2006 22:12 <REP> Microsoft Works 07/09/2005 11:48 <REP> Microsoft.NET 07/09/2005 11:12 <REP> Movie Maker 10/06/2007 20:31 <REP> Mozilla Firefox 07/09/2005 11:12 <REP> MSN Gaming Zone 20/03/2007 21:44 <REP> MSN Messenger 07/09/2005 11:12 <REP> NetMeeting 23/12/2006 10:07 <REP> Outlook Express 24/02/2007 12:38 <REP> Philips 20/05/2007 17:15 <REP> QuickTime 23/09/2005 09:16 <REP> Raccourcis de programmes 17/11/2005 14:42 <REP> Real 23/09/2005 13:28 <REP> Samurize 24/02/2007 11:28 <REP> Securitoo 09/05/2007 20:50 <REP> SEE Building LT 06/05/2007 13:02 <REP> Sega 10/06/2007 18:15 <REP> SlySoft 10/06/2007 17:32 <REP> Spybot - Search & Destroy 21/12/2005 14:06 <REP> Symantec 07/09/2005 11:45 <REP> Synaptics 23/09/2005 13:36 <REP> TGTSoft 20/10/2005 11:20 <REP> TheaterTek 16/12/2005 23:50 <REP> TryMedia 17/12/2005 18:06 <REP> Voxengo 24/02/2007 11:31 <REP> Wanadoo 11/04/2007 20:15 <REP> Windows Media Connect 2 11/04/2007 20:15 <REP> Windows Media Player 07/09/2005 11:12 <REP> Windows NT 23/09/2005 12:01 <REP> WinRAR 07/09/2005 11:14 <REP> xerox 26/09/2005 21:50 <REP> Yahoo! 0 fichier(s) 0 octets 78 Rép(s) 19 340 402 688 octets libres Le volume dans le lecteur C s'appelle Main One Le numéro de série du volume est F0A1-2813 Répertoire de C:\Program Files\fichiers communs 17/03/2007 20:49 <REP> . 17/03/2007 20:49 <REP> .. 21/12/2005 20:57 <REP> Adobe 21/12/2005 20:57 <REP> Adobe Systems Shared 05/11/2006 13:31 <REP> Ahead 21/05/2006 18:41 <REP> AVSMedia 29/12/2006 20:39 <REP> Bcgsoft 07/09/2005 11:49 <REP> DESIGNER 07/05/2006 17:43 <REP> Hewlett-Packard 27/04/2007 20:36 <REP> InstallShield 03/04/2007 20:12 <REP> InterVideo 29/09/2005 17:30 <REP> Java 17/03/2007 20:46 <REP> Microsoft Shared 07/09/2005 11:12 <REP> MSSoap 05/11/2006 13:33 <REP> Nero 07/09/2005 13:10 <REP> ODBC 09/03/2006 21:47 <REP> Real 07/09/2005 11:12 <REP> Services 07/09/2005 13:10 <REP> SpeechEngines 21/12/2005 14:06 <REP> Symantec Shared 23/12/2006 10:07 <REP> System 17/03/2007 20:49 <REP> Ulead 0 fichier(s) 0 octets 22 Rép(s) 19 340 402 688 octets libres Le volume dans le lecteur C s'appelle Main One Le numéro de série du volume est F0A1-2813 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 07/09/2005 11:49 <REP> . 07/09/2005 11:49 <REP> .. 07/09/2005 11:49 <REP> 1033 07/09/2005 11:48 <REP> 1036 11/07/2003 10:15 1 292 872 MSONSEXT.DLL 15/07/2003 06:52 35 896 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 19 340 398 592 octets libres Le volume dans le lecteur C s'appelle Main One Le numéro de série du volume est F0A1-2813 Répertoire de C:\ 12/05/2007 18:22 68 096 diff.exe 12/05/2007 18:22 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 19 340 398 592 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.2.0.34\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Documents\setup.exe c:\Documents and Settings\Kleenh'Art\Application Data\inst.exe c:\Documents and Settings\Kleenh'Art\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Azureus Download\PowerDVD_Ultra_7.2_Full_silent_instalation.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Azureus Download\Alcohol 120% 1.9.5.3105 + Betamaster patch (LATEST)\setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Azureus Download\AnyDVD 6.1.3.6 + key\SetupAnyDVD6136.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Azureus Download\DVDFab Platinum 3.1.2.6 + Patch\DVDFabPlatinum3126.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Azureus Download\DVDFab Platinum 3.1.2.6 + Patch\ICU-Generic.Patch.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Azureus Download\Intervideo.WinDVD.Platinium.BD.HD.v8.Incl.Serial\WinDVD8Plt.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Azureus Download\Virtua.Tennis.3.Crack.Only -RELOADED\Crack\VT3.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Firefox Setup 1.5.0.6.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\HP_USB_Boot_Utility.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\iTunesSetup2.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\mozilla-1.7.12.fr-FR.win32.installer.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\via tee.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Alcohol 120% 1.9.2.1705\Crack\Alcohol.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Alcohol 120% 1.9.2.1705\Crack\axcmd.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Alcohol 120% 1.9.2.1705\Patch\Devsupp.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Alcohol 120% 1.9.2.1705\Setup\trial_setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Audio-Video\iTunesSetup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Montauroux\VoxengoBMS_10_WinVST_setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\Montauroux\Voxengor8brainPRO_12_WinGUI_setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\269601USA8.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\321467USA8.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\AEEnable.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\RemADI.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\Setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SMAXWDM\SE\ADI_RMV.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SMAXWDM\W2K_XP\INSTALL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SMAXWDM\W2K_XP\Remove.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_Comn\Wizards\SMax4Wiz.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_Panel\Sys\SMAgent.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_Panel\Sys\SMAgentI.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_Panel\Sys\SMAgentX.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_Panel\Sys\SMax4.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_PNP\Sys\SMax4PNP.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_Synth\DLSLdr.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\SM_Synth\Sys\RemDev.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\Sys\CleanUp.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\AD1985\Sys\DSndUp.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\WINXP\PRO100\WS03XP32\PROUnstl.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\PC Maman\ASUS Dezip\WINXP\PRO1000\WS03XP32\PROUnstl.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\RecupAFPA\Fabien\SLDcodecpack1.5.3.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\RecupAFPA\Fabien\SuperCopier2beta1.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers reçus\RecupAFPA\Fabien\vlc-0.8.6-win32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\Schemaplic 3.0 + Crack\schemaplic 3.0\crack\Simuli.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\Schemaplic 3.0 + Crack\schemaplic 3.0\disk1\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\Schemaplic 3.0 + Crack\schemaplic 3.0\disk1\Install.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\Schemaplic 3.0 + Crack\schemaplic 3.0\disk1\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\XRelais\setup_xrelais_2_1_complet.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\XRelais\Autres logiciels\Adelor - GTS2 - Version démo\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\XRelais\Autres logiciels\Adelor - GTS2 - Version démo\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\XRelais\Autres logiciels\Adelor - XY - Version démo\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\XRelais\Autres logiciels\Adelor - XY - Version démo\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\XRelais\Autres logiciels\rs232 - Version démo\Inst_RS.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Mes images\A.F.P.A. Gap\XRelais\XRelais - Version 2.1 démo\setup_xrelais_2_1_démo.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Firefox Setup 2.0.0.4.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\7-1_xp_dd_ccc_wdm_enu_40211.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\ac3filter_1_01a_rc5.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\ac3filter_1_02a_test8.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Codecs6027_allin1.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\DivXPlay.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\dMC-r11[1].5.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\foobar2000_0.8.3_special.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\freebrowser_Heavy_0.8b.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\freebrowser-0.6-full-setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\freebrowser-full-setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Freeplayer-Win32-20050905.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\iTunesSetup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\klcodec254f.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\klcodec281f.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\PPLiveSetup1[1].0.9.6.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\rad_w2kxp_omega_38330_7z_fixed.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\room-arranger_3.91.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\RoomEQwizardinstall.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\TheaterTek Setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Voxengor8brainPRO_122_WinGUI_setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\WinDVD8.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\ATI\7-3_xp_dd_ccc_wdm_enu_43737.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\ATI\atimcatw.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\ATI\cat-uninstaller.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\ATI\pilote_ati_catalyst_mobility_6.8_3719.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\ATI\smartgart-uninstall.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\Azureus_2.3.0.4_Win32.setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\ccsetup124.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\daemon347.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\eMule0.47a-Installer.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\everesthome220.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\Fifa06MultiToolSetup-v151-Fra.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\FileZilla_2_2_16_setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\IEPrivacyKeeperSetup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\jre-1_5_0_04-windows-i586-p.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\Setup_FixMessenger.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\setupfreAvast.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\WindowsXPMediaCenter2005-KB900325-fr.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\WinRar V3.40 Final US_FR.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\wrar340fr.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\zlsSetup_61_737_000_fr.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Audio-Video\Utilitaires\[Pirate Bay] Tag and Rename v3.1.6\TagRename316.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\femme.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\LogonStudio_public.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\samurize_1.62.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\mcoinstall.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\SPNG2.2.397.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\fonds dynamique�2.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\fonds dynamique16.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\installer\mcoinstall.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks27.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks29.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks36.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks38.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks45.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks47.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks60.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks72.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks77.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks98.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\127.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\141.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\149.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\185.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\200.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\226.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\242.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\248.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\258.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\300.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\319.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\348.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\260.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\282.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\501.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\503.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\505.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\top\172.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\top\176.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\top\180.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\top\210.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\top\212.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\new\top\239.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\442.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\443.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\444.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\447.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\448.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\451.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\452.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\Msn Messenger\Winks\Smileys\453.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\DEMO.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\VERRUN.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Acrobat\AR505FRA.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\SEMIOLOG\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\SEMIOLOG\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\SEMIOLOG\Xtras\AFTER.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\SEMIOLOG\Xtras\SEMIOLOG.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo1.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo2.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo3.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo4.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo5.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo6.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo7.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo8.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\1-2-3 Schéma HAGER(2005)\Taloha\Demo\demo9.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Capteur de position.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Cartouches Fusibles .exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\champ_tournant.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Disjoncteur différentiel.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Disjoncteur magneto-thermique.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Distribution TGBT.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Exercices de Grafcet.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Moteur 4 temps.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\oscilloscope.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Procédés de chauffage.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Relais thermique.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\technologie_mot_asynchrone.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Thermostat à Bilame.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Thermostat à Bulbe.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\Thermostat electronique.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Cours Animés\VMC.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\DivX 6.1\divx_divx_6.1_create_win_xp_2000_francais_10144.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\DivX 6.1\divx_divx_6.1_play_2000_xp_francais_10144.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\DivX 6.1\keygen.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\IGE-XAO 2003_Installation\etp-seetech.2003.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\IGE-XAO 2003_Installation\seetech_2003a.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\install.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\start.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\files\legrand.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\adobe\rp500fra.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\acrobat reader 500.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\flash32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\FlashAXInstall.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\SwFlsh32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\Debug\flash32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\Debug\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\Debug\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\Release\flash32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\Release\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\flash player 500\Release\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\IE4_Fr\IE4SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\IE4_Fr\ISK3RO.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\IE4_Fr\ISK3RO2.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\IE4_Fr\ISKRUN.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La programmation Legrand (n°2)\redist\IE4_Fr\README.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\install.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\start.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\files\legrand_pro.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\adobe\rp500fra.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\acrobat reader 500.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\flash32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\FlashAXInstall.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\SwFlsh32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\Debug\flash32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\Debug\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\Debug\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\Release\flash32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\Release\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\flash player 500\Release\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\IE4_Fr\IE4SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\IE4_Fr\ISK3RO.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\IE4_Fr\ISK3RO2.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\IE4_Fr\ISKRUN.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\La Protection Legrand (n°1)\redist\IE4_Fr\README.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\install.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\start.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\Files\legrand.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\Files\ocx\fullscreen\REGSVR32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\Files\ocx\video\REGSVR32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\ocx\fullscreen\REGSVR32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\ocx\video\REGSVR32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\adobe\rp500fra.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\acrobat reader 500.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\flash32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\FlashAXInstall.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\SwFlsh32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\Debug\flash32.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\Debug\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\Debug\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\Release\flash32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\Release\FlashPla.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash player 500\Release\InstallAXFlash.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash_player 6\Flash_Shockwave_Full.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash_player 6\Install Flash Player 6 AX.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash_player 6\Install Flash Player 6.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\flash_player 6\Shockwave_Installer_Full.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\Ie_55\IE5-5sp2.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\ocx\fullscreen\REGSVR32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\LEGRAND\VDI Legrand (n°3)\redist\ocx\video\REGSVR32.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Calculux_AREA_6.2.2\car.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Calculux_AREA_6.2.2\setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Calculux_INDOOR_5.0b\cin.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Calculux_INDOOR_5.0b\Setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Calculux_ROAD_6.2.2\cro.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Calculux_ROAD_6.2.2\setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Database-Calculux_Mazda\setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\CalculLux\Database-Calculux_Philips\Setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\DIALuxSetup_4100_20050905_fr.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\ClaudePlugIn0405_20050418.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\ConcordPlugIn0405_20050421.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\LumiancePlugIn0405_20050421.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\PlugInSEAE_0403.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\SylvaniaPlugIn0405_20050418.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\Plugin-Mazda-pour-Dialux\setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\Plugin-OSRAM\Setup.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\DiaLux\PlugIn\Plugin-Philips-pour-Dialux\setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\BTRIEVE.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\BUTIL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\ECLAIR1.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\ECLCAT.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\ECLEDI.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\ECLEDIEN.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\ECLINI.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\GDZR.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\HELP0.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\HELP1.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\HELP2.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\HELP3.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\LISTFIC.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\PKUNZIP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\RLSGDZR.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\ECLAIR\SELCODIM.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Eclairage Label Promotélec\ELPEXE.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Eclairage Label Promotélec\HF.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Eclairage Label Promotélec\HPRUN.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Mazda Telstar (éclairage)\TELSTAR\PKUNZIP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Thorn Europhane (éclairage)\THORN\EI.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Thorn Europhane (éclairage)\THORN\EIGR.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Thorn Europhane (éclairage)\THORN\EIPLAN.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Logiciels éclairage\Thorn Europhane (éclairage)\THORN\LOGO.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\PneumatiX 6.3\Pneumatix 6.3_Nimes\INSTALLE.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\PneumatiX 6.3\Pneumatix 6.3_Nimes\PNEUMATX.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\PneumatiX 6.3\Pneumatix 6.3_Nimes\APPELEC\APPELEC.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\QCM\Couplages de lampes1\Couplage de lampes_1.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\QCM\Evaluation\EVALUATION.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\QCM\Fresnel\Vecteur_Fresnel.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\QCM\RéviseMath\Angles et trigo.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Schemaplic 3\schemaplic 3.0\crack\Simuli.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Schemaplic 3\schemaplic 3.0\DISKs\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Schemaplic 3\schemaplic 3.0\DISKs\Install.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Schemaplic 3\schemaplic 3.0\DISKs\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMU\P167EP02.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMU\P187P02.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMU\P2730001.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMU\P2730002.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMU\SIMU.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMUTRI\3.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMUTRI\7.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\simu\SIMUTRI\SIMUTRI.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Visionneuses\Excel 2003\XLVIEWER.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Visionneuses\PowerPoint 2003\PPVIEWER.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\Visionneuses\Word 2003\WDVIEWER.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\X-Relais 2\Crack\XRelais.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\X-Relais 2\Crack-X relais-ver 2\XRelais.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\xrelay\X-Relais\1\Crack Xrelais v1.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\xrelay\X-Relais\1\Prog_X-relais\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\xrelay\X-Relais\1\Prog_X-relais\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\xrelay\X-Relais\2\Crack.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Acrobat Reader v5.1 Fr\AcroReader51_FRA_full.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Cartes\Typons\PrintCI.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Conversion Eagle vers Wintypon\Lib_list.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Doc\Common Ground\CG Viewer\CGMINIVW.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Extens\Pic84\Programmateur\pp84.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\Dm11acps\DISK1\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\Dm11acps\DISK1\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\Dm11as\DISK1\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\Dm11as\DISK1\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\DP84\DISK1\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\DP84\DISK1\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\DP84B\DISK1\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\DP84B\DISK1\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\DP84C\DISK1\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\DP84C\DISK1\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\NETTYPON\DISK1\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\NETTYPON\DISK1\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\NetTypon version 4\Setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Install\TstMic11\Disk1\Setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Outils\S19Bin.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Outils\Visu11.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Outils\Visu84.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\Notation 2-2 démo\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\Notation 2-2 démo\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\rs232 - démo\Inst_RS.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\winecad 2-0 démo\_ISDEL.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\winecad 2-0 démo\SETUP.EXE c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\winschem 5_2 démo\setup_wh_demo.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\wintypon 5_2 démo\setup_wt_demo.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\versions démonstrations\XRelais 1.4 démo\setup_xr_demo.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo1 - WINSCHEM - Etape 1 sur 4.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo2 - WINSCHEM - Etape 2 sur 4.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo3 - WINSCHEM - Etape 3 sur 4.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo4 - WINTYPON - Etape 4 sur 4.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo5 - EMPREINTE - Création d'un transformateur.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo6 - SYMBOLE - Création d'un nouveau symbole.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo7 - WINSCHEM - Copier un schéma vers WORD.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo8 - WINTYPON - Routage automatique simple.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo9 - WINTYPON - Routage manuel + strap + traversée.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electronique\Vidéo\10 - WINTYPON - Manipulation de blocs.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electrotechnique\dll dcom 95-98\dcom95.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electrotechnique\dll dcom 95-98\dcom98.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\Electrotechnique\XRelais - Version 1.4 démo\setup_xr_demo.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Elec\XR_COMPLET (D)\XRelais 1.4\setup_xr_complet.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\aawsepersonal.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\avgas-setup-7.5.1.36.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\SDFix.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\VundoFix.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\catchme.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\diff.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\dumphive.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\find2.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\Fport.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\grep.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\KProcCheck.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\LFiles.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\pslist.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\streams.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Espion\DiagHelp\swreg.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Logiclic-3.25 (E)\Setup.exe c:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Logiclic-3.25 (E)\Demo\DEMO32.EXE c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Kleenh'Art\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Il me dit 0 fichiertrouvé. catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-11 21:09:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0
  24. kleenhlab
    Merci je suis en train de le faire mais j avais oublie de desactiver teatimer donc je le refais! j ai quoi d autre dessus, beaucoup d autres ? car j avais deja fais pas mal d anti spyware + ccleaner + vundo. est ce des trucs graves? voici de rapport sdfix: SDFix: Version 1.86 Run by Kleenh'Art - 11/06/2007 - 20:50:40,98 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files... ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking if ADS is attached to ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Disabled:WinDVD" "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update" "C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Freeplayer\\FreeBrowser\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\FreeBrowser\\vlc\\vlc.exe:*:Disabled:VLC media player" "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix" "C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe:*:Disabled:WinDVD" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\SecondLife\\SecondLife.exe"="C:\\Program Files\\SecondLife\\SecondLife.exe:*:Enabled:Second Life" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- Listing Files with Hidden Attributes: C:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers re‡us\RecupAFPA\Jackass.Number.Two.UNRATED.DVDRip.XviD-iMBT.[www.torrentfive.com]\Thumbs.db C:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers re‡us\RecupAFPA\Jackass.Number.Two.UNRATED.DVDRip.XviD-iMBT.[www.torrentfive.com]\Sample\Thumbs.db C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Outlook Express\msimn.exe C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp C:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\[screensaver] - Marine Aquarium 2.0+Time 2.0+Goldfish 1.0+Sharks Terrors of the Deep v.1.0 + serials + key.zip Listing User Accounts: comptes d'utilisateurs de \\KEVINNOTEBOOK Administrateur ASPNET HelpAssistant Invit‚ Kleenh'Art SUPPORT_388945a0 La commande s'est termin‚e correctement. Finished et celui que j ai fais avant avec teatimer active: SDFix: Version 1.86 Run by Kleenh'Art - 11/06/2007 - 20:32:40,98 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Name: Windows Log ImagePath: C:\WINDOWS\system32\nvsvcd.exe Windows Log - Deleted Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\WINDOWS\system32\nvsvcd.exe - Deleted Removing Temp Files... ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking if ADS is attached to ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Disabled:WinDVD" "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update" "C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Freeplayer\\FreeBrowser\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\FreeBrowser\\vlc\\vlc.exe:*:Disabled:VLC media player" "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix" "C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe:*:Disabled:WinDVD" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\SecondLife\\SecondLife.exe"="C:\\Program Files\\SecondLife\\SecondLife.exe:*:Enabled:Second Life" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Listing Files with Hidden Attributes: C:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers re‡us\RecupAFPA\Jackass.Number.Two.UNRATED.DVDRip.XviD-iMBT.[www.torrentfive.com]\Thumbs.db C:\Documents and Settings\Kleenh'Art\Mes documents\Mes fichiers re‡us\RecupAFPA\Jackass.Number.Two.UNRATED.DVDRip.XviD-iMBT.[www.torrentfive.com]\Sample\Thumbs.db C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Outlook Express\msimn.exe C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp C:\Documents and Settings\Kleenh'Art\Mes documents\Utils\Customize\[screensaver] - Marine Aquarium 2.0+Time 2.0+Goldfish 1.0+Sharks Terrors of the Deep v.1.0 + serials + key.zip Listing User Accounts: comptes d'utilisateurs de \\KEVINNOTEBOOK Administrateur ASPNET HelpAssistant Invit‚ Kleenh'Art SUPPORT_388945a0 La commande s'est termin‚e correctement. Finished Voila! et Vundo n a rien trouve car deja fait hier peut etre? Merci.
  25. kleenhlab
    Merci je vais essayer de faire ca ce soir et je vous tiens au courant!
×
×
  • Créer...