samsam1

bonsoir ! je suis désolé de répondre ke maintenant mais jai été pa mal occupé ces derniers temps .... avg anti spyware na pa trouver de fichiers malveillants je nai donc pa de rapport . voici le rapport de diaghelp complet : merci d'avance !! DiagHelp version v1.2 - http://www.malekal.com excute le 12/10/2007 à 22:41:12,76 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->12/10/2007 22:41:06 C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->12/10/2007 22:41:06 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->12/10/2007 22:40:46 C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->12/10/2007 22:39:40 C:\WINDOWS\prefetch\WSCNTFY.EXE-1B24F5EB.pf -->12/10/2007 22:39:05 C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->12/10/2007 22:39:05 C:\WINDOWS\prefetch\ALG.EXE-0F138680.pf -->12/10/2007 22:39:04 C:\WINDOWS\prefetch\ZLCLIENT.EXE-1C550EB2.pf -->12/10/2007 22:39:03 C:\WINDOWS\prefetch\WLANCFG.EXE-0AC835F2.pf -->12/10/2007 22:39:03 C:\WINDOWS\prefetch\WGATRAY.EXE-0ED38BED.pf -->12/10/2007 22:39:03 C:\WINDOWS\System32\drivers\fidbox.dat -->12/10/2007 22:39:41 C:\WINDOWS\System32\drivers\fidbox.idx -->12/10/2007 21:43:00 C:\WINDOWS\System32\drivers\avg7core.sys -->20/09/2007 22:46:26 C:\WINDOWS\System32\drivers\klin.dat -->20/09/2007 22:01:37 C:\WINDOWS\System32\drivers\klick.dat -->20/09/2007 22:01:37 C:\WINDOWS\System32\drivers\avgmfx86.sys -->19/08/2007 17:20:30 C:\WINDOWS\System32\drivers\avg7rsxp.sys -->18/08/2007 23:09:44 C:\WINDOWS\System32\vsconfig.xml -->12/10/2007 22:39:00 C:\WINDOWS\System32\wpa.dbl -->12/10/2007 22:38:57 C:\WINDOWS\System32\zllictbl.dat -->07/10/2007 11:16:37 C:\WINDOWS\System32\nscompat.tlb -->30/09/2007 16:12:16 C:\WINDOWS\System32\amcompat.tlb -->30/09/2007 16:12:16 C:\WINDOWS\System32\crash -->29/09/2007 12:23:32 C:\WINDOWS\System32\jupdate-1.6.0_02-b06.log -->20/09/2007 22:33:54 C:\WINDOWS\System32\CmdLineExt.dll -->04/09/2007 22:48:07 C:\WINDOWS\System32\avgfwafu.dll -->19/08/2007 17:20:09 C:\WINDOWS\System32\avgwlntf.dll -->18/08/2007 23:09:44 C:\WINDOWS\System32\rmoc3260.dll -->29/07/2007 01:06:12 C:\WINDOWS\System32\pndx5032.dll -->29/07/2007 01:05:59 C:\WINDOWS\System32\pndx5016.dll -->29/07/2007 01:05:59 C:\WINDOWS\System32\pncrt.dll -->29/07/2007 01:05:55 C:\WINDOWS\System32\PerfStringBackup.INI -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfh00C.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfh009.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfc00C.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfc009.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\ssldivx.dll -->27/07/2007 01:06:12 C:\WINDOWS\System32\libdivx.dll -->27/07/2007 01:06:12 C:\WINDOWS\System32\swreg.exe -->22/07/2007 18:39:27 C:\WINDOWS\System32\javaws.exe -->12/07/2007 02:22:38 C:\WINDOWS\System32\javacpl.cpl -->12/07/2007 02:22:36 C:\WINDOWS\System32\javaw.exe -->12/07/2007 01:22:04 C:\WINDOWS\5-wlancfg.log -->12/10/2007 22:39:57 C:\WINDOWS.log -->12/10/2007 22:38:50 C:\WINDOWS\wiadebug.log -->12/10/2007 22:38:45 C:\WINDOWS\WindowsUpdate.log -->12/10/2007 22:38:42 C:\WINDOWS\wiaservc.log -->12/10/2007 22:38:33 C:\WINDOWS\bootstat.dat -->12/10/2007 22:37:16 C:\WINDOWS\ntbtlog.txt -->12/10/2007 21:44:49 C:\WINDOWS\SchedLgU.Txt -->12/10/2007 21:42:58 C:\WINDOWS\4-wlancfg.log -->11/10/2007 23:44:19 C:\WINDOWS\3-wlancfg.log -->10/10/2007 22:51:34 C:\WINDOWS\2-wlancfg.log -->09/10/2007 19:11:36 C:\WINDOWS\1-wlancfg.log -->08/10/2007 23:21:31 C:\WINDOWS-wlancfg.log -->07/10/2007 21:39:42 C:\WINDOWS\ALCFDRTM.VER -->07/10/2007 18:23:58 C:\WINDOWS\wmsetup.log -->04/10/2007 22:27:19 MD5 des fichiers sensibles tcpip.sys 1dbf125862891817f374f407626967f4 ndis.sys 558635d3af1c7546d26067d5d9b6959e null.sys 73c1e1f395918bc2c6dd67af7591a3ad svchost.exe 2979b03d5382a602623c0535b16ab9c0 Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\WINDOWS\system32 20/08/2004 01:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 13 718 425 600 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\WINDOWS\Downloaded Program Files 21/10/2006 22:16 <REP> . 21/10/2006 22:16 <REP> .. 02/01/2002 00:19 65 desktop.ini 13/07/2004 12:41 227 MsnMessengerSetupDownloader.inf 05/11/2004 16:58 119 496 MsnMessengerSetupDownloader.ocx 08/10/2004 17:01 372 736 MsnPUpld.dll 08/10/2004 17:13 587 MSNPupld.inf 19/06/2002 15:11 117 088 PURen-us.dll 31/05/2002 10:20 117 328 PURfr-fr.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 27/08/2005 14:30 5 065 swflash.inf 9 fichier(s) 843 184 octets Total des fichiers listés : 9 fichier(s) 843 184 octets 2 Rép(s) 13 718 421 504 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil" "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-12 22:41:28 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys13eff0ca5b] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\CfgJf40] "khjeh"=hex:20,02,00,00,da,ad,00,9c,69,b3,73,94,de,7c,fd,c2,07,fb,ff,24,f2,.. "hj34z0"=hex:bb,5e,ae,39,61,20,eb,b6,51,a7,e8,50,66,8c,e5,d9,56,92,bd,ff,11,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys13eff0ca5b] scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 208 - CDAC11BA.EXE 280 - explorer.exe 460 - spoolsv.exe 648 - mdm.exe 696 - svchost.exe 776 - csrss.exe 800 - winlogon.exe 844 - services.exe 856 - lsass.exe 860 - avgfwsrv.exe 992 - ati2evxx.exe 1020 - svchost.exe 1104 - svchost.exe 1132 - WLANCFG.EXE 1164 - svchost.exe 1252 - wuauclt.exe 1340 - guard.exe 1400 - svchost.exe 1412 - vsmon.exe 1592 - atiptaxx.exe 1612 - VCDDaemon.exe 1616 - avgamsvr.exe 1644 - SOUNDMAN.EXE 1708 - EM_EXEC.EXE 1768 - rundll32.exe 1820 - opwareSE2.exe 1860 - zlclient.exe 1876 - realsched.exe 1920 - ctfmon.exe 1952 - BTNtService.exe 1992 - ati2evxx.exe 2056 - BlueSoleil.exe 2452 - WgaTray.exe 3268 - alg.exe 3484 - wscntfy.exe 3880 - cmd.exe Total number of processes = 37 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806CE000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA781000 - d347bus.sys BA752000 - ACPI.sys BADAA000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS BA741000 - pci.sys BA8A8000 - isapnp.sys BAE70000 - pciide.sys BAB28000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS BA8B8000 - MountMgr.sys BA722000 - ftdisk.sys BADAC000 - dmload.sys BA6FC000 - dmio.sys BAB30000 - PartMgr.sys BA8C8000 - VolSnap.sys BAB38000 - VClone.sys BA6E4000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS BA6CC000 - atapi.sys BA6B8000 - nvatabus.sys BADAE000 - d347prt.sys BA8D8000 - disk.sys BA8E8000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS BA699000 - fltmgr.sys BA687000 - sr.sys BA8F8000 - PxHelp20.sys BA670000 - KSecDD.sys BA5E3000 - Ntfs.sys BA5B6000 - NDIS.sys BA59A000 - kl1.sys BAB40000 - \WINDOWS\system32\DRIVERS\TDI.SYS BA586000 - srescan.sys BAB48000 - nv_agp.sys BA56B000 - Mup.sys BAB50000 - BTHidMgr.sys BAC28000 - \SystemRoot\System32\DRIVERS\fdc.sys BA4E7000 - \SystemRoot\System32\DRIVERS\parport.sys BAFD9000 - \SystemRoot\system32\drivers\msmpu401.sys BA4C3000 - \SystemRoot\system32\drivers\portcls.sys BA948000 - \SystemRoot\system32\drivers\drmk.sys BA4A0000 - \SystemRoot\system32\drivers\ks.sys BA958000 - \SystemRoot\System32\DRIVERS\i8042prt.sys BADB2000 - \SystemRoot\System32\DRIVERS\LKbdFlt2.sys BACA8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys BAD98000 - \SystemRoot\System32\DRIVERS\gameenum.sys BA48F000 - \SystemRoot\System32\DRIVERS\serial.sys BADA0000 - \SystemRoot\System32\DRIVERS\serenum.sys BAB80000 - \SystemRoot\System32\DRIVERS\usbohci.sys BA444000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS BABB0000 - \SystemRoot\system32\DRIVERS\usbehci.sys BA543000 - \SystemRoot\System32\DRIVERS\nvnetbus.sys BA968000 - \SystemRoot\System32\DRIVERS\NVNRM.SYS BA415000 - \SystemRoot\System32\DRIVERS\NVSNPU.SYS BA37E000 - \SystemRoot\system32\drivers\ALCXWDM.SYS BA31C000 - \SystemRoot\system32\drivers\ALCXSENS.SYS BAFF1000 - \SystemRoot\System32\Drivers\ElbyDelay.sys BA978000 - \SystemRoot\System32\DRIVERS\cdrom.sys BA988000 - \SystemRoot\System32\DRIVERS\redbook.sys BA998000 - \SystemRoot\System32\DRIVERS\imapi.sys BA1E6000 - \SystemRoot\System32\DRIVERS\ati2mtag.sys BA1D2000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS BA9A8000 - \SystemRoot\System32\DRIVERS\AmdK8.sys BA9B8000 - \SystemRoot\System32\Drivers\VcommMgr.sys BAD70000 - \SystemRoot\system32\DRIVERS\vbtenum.sys BAC98000 - \SystemRoot\system32\DRIVERS\blueletaudio.sys BAE92000 - \SystemRoot\System32\DRIVERS\audstub.sys BADC4000 - \SystemRoot\System32\Drivers\RootMdm.sys BACB0000 - \SystemRoot\System32\Drivers\Modem.SYS BA9C8000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys BAD88000 - \SystemRoot\System32\DRIVERS\ndistapi.sys BA1BB000 - \SystemRoot\System32\DRIVERS\ndiswan.sys BA9D8000 - \SystemRoot\System32\DRIVERS\raspppoe.sys BA9E8000 - \SystemRoot\System32\DRIVERS\raspptp.sys BA1AA000 - \SystemRoot\System32\DRIVERS\psched.sys BA9F8000 - \SystemRoot\System32\DRIVERS\msgpc.sys BABD8000 - \SystemRoot\System32\DRIVERS\ptilink.sys BABE8000 - \SystemRoot\System32\DRIVERS\raspti.sys BAC00000 - \SystemRoot\system32\DRIVERS\VComm.sys BA179000 - \SystemRoot\System32\DRIVERS\rdpdr.sys BAA08000 - \SystemRoot\System32\DRIVERS\termdd.sys BAC58000 - \SystemRoot\System32\DRIVERS\mouclass.sys BADCA000 - \SystemRoot\System32\DRIVERS\swenum.sys BA07D000 - \SystemRoot\System32\DRIVERS\update.sys BA46B000 - \SystemRoot\System32\DRIVERS\mssmbios.sys BAA18000 - \SystemRoot\System32\Drivers\NDProxy.SYS BAA28000 - \SystemRoot\System32\DRIVERS\usbhub.sys BADD0000 - \SystemRoot\System32\DRIVERS\USBD.SYS B1FEC000 - \SystemRoot\system32\DRIVERS\klif.sys BADD8000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BAEEF000 - \SystemRoot\System32\Drivers\Null.SYS BADDC000 - \SystemRoot\System32\Drivers\Beep.SYS BAEF1000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys BAEF4000 - \SystemRoot\System32\Drivers\avgclean.sys BAC10000 - \SystemRoot\System32\drivers\vga.sys BADE0000 - \SystemRoot\System32\Drivers\mnmdd.SYS BADE4000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys BAC20000 - \SystemRoot\System32\Drivers\Msfs.SYS BAC38000 - \SystemRoot\System32\Drivers\Npfs.SYS BA171000 - \SystemRoot\System32\DRIVERS\rasacd.sys B1FB9000 - \SystemRoot\System32\DRIVERS\ipsec.sys B1F61000 - \SystemRoot\System32\DRIVERS\tcpip.sys B1F39000 - \SystemRoot\System32\DRIVERS\netbt.sys B1F18000 - \SystemRoot\System32\DRIVERS\ipnat.sys BAA68000 - \SystemRoot\System32\DRIVERS\wanarp.sys B1E90000 - \SystemRoot\System32\vsdatant.sys B1E6E000 - \SystemRoot\System32\drivers\afd.sys BAA88000 - \SystemRoot\System32\DRIVERS\netbios.sys B1E43000 - \SystemRoot\System32\DRIVERS\rdbss.sys B1DD4000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys BAAA8000 - \SystemRoot\System32\Drivers\Fips.SYS BABE0000 - \SystemRoot\System32\Drivers\avgmfx86.sys BAF4A000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys BAB70000 - \SystemRoot\System32\DRIVERS\usbccgp.sys B1D9F000 - \SystemRoot\system32\DRIVERS\sis163u.sys B1EF4000 - \SystemRoot\system32\DRIVERS\usbscan.sys BAC08000 - \SystemRoot\system32\DRIVERS\usbprint.sys BAC30000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS BAAE8000 - \SystemRoot\System32\Drivers\Cdfs.SYS BAAF8000 - \SystemRoot\system32\drivers\LHidUsb.Sys BAB08000 - \SystemRoot\system32\drivers\HIDCLASS.SYS BABA8000 - \SystemRoot\system32\drivers\HIDPARSE.SYS BABC8000 - \SystemRoot\System32\DRIVERS\LHidFlt2.sys BA059000 - \SystemRoot\System32\DRIVERS\mouhid.sys BAB18000 - \SystemRoot\System32\DRIVERS\LMouFlt2.sys B1CC3000 - \SystemRoot\System32\Drivers\dump_nvatabus.sys BAE1A000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys B2025000 - \SystemRoot\System32\drivers\Dxapi.sys BABF0000 - \SystemRoot\System32\watchdog.sys BF9C2000 - \SystemRoot\System32\drivers\dxg.sys BAFAE000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D4000 - \SystemRoot\System32\ati2dvag.dll BFA10000 - \SystemRoot\System32\ati2cqag.dll BFA43000 - \SystemRoot\System32\atikvmag.dll BFA76000 - \SystemRoot\System32\ati3duag.dll BFCB4000 - \SystemRoot\System32\ativvaxx.dll AFA55000 - \SystemRoot\System32\DRIVERS\nwlnkipx.sys B1D67000 - \SystemRoot\System32\DRIVERS\nwlnknb.sys AFBCB000 - \SystemRoot\System32\DRIVERS\ndisuio.sys AF6D0000 - \SystemRoot\system32\drivers\wdmaud.sys AF76D000 - \SystemRoot\system32\drivers\sysaudio.sys AFC63000 - \SystemRoot\System32\DRIVERS\nwlnkspx.sys AF58E000 - \SystemRoot\System32\DRIVERS\mrxdav.sys BAE62000 - \SystemRoot\System32\Drivers\ParVdm.SYS BAED5000 - \??\C:\WINDOWS\system32\drivers\aslm75.sys AF486000 - \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS AF38E000 - \SystemRoot\System32\Drivers\ElbyCDIO.sys AF336000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys AF17C000 - \SystemRoot\System32\DRIVERS\srv.sys AF39E000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS AEF83000 - \SystemRoot\System32\Drivers\HTTP.sys AFC7B000 - \SystemRoot\System32\Drivers\TDTCP.SYS AEBEE000 - \SystemRoot\System32\Drivers\RDPWD.SYS BAEE5000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 155 Liste des programmes installes "AbiWord 2.2.7 (remove only)" 802.11 USB Wireless LAN Adapter a-squared personal 1.5.1 AC3Filter (remove only) Adobe Acrobat 5.0 Adobe Flash Player 9 ActiveX aMSN Archiveur WinRAR ArcSoft Camera Suite ArcSoft PhotoStudio 5.5 ArcSoft VideoImpression 1.6 ASUS Probe V2.22.10 Athlon 64 Processor Driver ATI - Software Uninstall Utility ATI Control Panel ATI Display Driver ATI HydraVision AVG 7.5 AVG Anti-Spyware 7.5 AviSynth 2.5 Azureus BlueSoleil Caesar 3 Canon MP Navigator 2.0 Canon MP170 Canon Utilities Easy-PhotoPrint CapMan CCleaner (remove only) Correctif Windows XP - KB867282 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 DAEMON Tools Digital Camera Digital Ear DirectX for Managed Code Update (December 2004) DivX Content Uploader DivX Pro Codec Adware DivX Web Player Easy-WebPrint Empire Earth II Everest Poker (Remove Only) EVEREST Ultimate Edition v4.00 ffdshow (remove only) FinePixViewer Ver.4.3 FUJIFILM USB Driver Google Earth Pro GTA San Andreas HijackThis 2.0.2 Hotfix for Windows XP (KB926239) Huffyuv AVI lossless video codec (Remove Only) Icatch(IV) Camera Driver ImTOO PSP Video Converter Ink Innovative Music Systems intelliScore v5.0 IsoBuster 1.9 J2SE Runtime Environment 5.0 Update 1 J2SE Runtime Environment 5.0 Update 6 Java 2 Platform, Enterprise Edition 1.4 SDK Java 6 Update 2 Juiced Lecteur Windows Media 11 LimeWire 4.12.6 Livebox Logitech Desktop Messenger Logitech MouseWare 9.70 Macromedia Shockwave Player Medal of Honor Batailles du Pacifique Medal of Honor Pacific Assault Patch Microsoft .NET Framework 1.1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Excel Viewer 2003 Microsoft Office Word Viewer 2003 Microsoft Office XP Professional avec FrontPage Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB903235) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Morgan Stream Switcher Mozilla Firefox (2.0.0.7) Need for Speed Underground 2 Need for Speed™ Carbon Need for Speed™ Most Wanted Nero OEM NVIDIA Drivers OmniPage SE 2.0 Patch FR 7.0.0632 Pharaon RAW FILE CONVERTER LE RealPlayer Realtek AC'97 Audio SafeCast Shared Components SAGEM F@st 800-840 Sony Ericsson Mobile Phone Monitor STK014 TeamSpeak 2 RC2 Utilitaires Sierra VideoLAN VLC media player 0.8.6c Videora iPod Converter 0.91 VirtualCloneDrive WebFldrs XP Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 2 WinISO 5.3 XviD MPEG-4 Video Codec ZoneAlarm Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files 30/09/2007 15:58 <REP> . 30/09/2007 15:58 <REP> .. 05/02/2005 00:59 <REP> a2 22/05/2005 19:24 <REP> AbiSuite2 03/02/2005 15:50 <REP> AC3Filter 10/11/2005 14:42 <REP> Adobe 02/01/2002 11:55 <REP> Ahead 02/01/2002 00:33 <REP> AMD 18/09/2007 16:12 <REP> amsn 29/03/2006 14:03 <REP> ArcSoft 03/02/2005 15:00 <REP> ASUS 02/01/2002 00:39 <REP> ATI Technologies 30/07/2007 14:38 <REP> AviSynth 2.5 02/01/2002 00:33 <REP> AvRack 23/09/2007 13:43 <REP> Azureus 03/11/2005 09:45 <REP> BoontyGames 29/03/2006 14:02 <REP> Canon 23/09/2007 13:35 <REP> CCleaner 30/03/2006 19:09 <REP> Common Files 02/01/2002 00:18 <REP> ComPlus Applications 24/10/2005 21:31 <REP> Digital Ear 03/03/2006 19:05 <REP> directx 18/09/2007 16:12 <REP> DivX 03/02/2005 13:20 <REP> D-Tools 31/03/2006 13:16 <REP> EA GAMES 24/09/2005 11:01 <REP> Elaborate Bytes 22/01/2007 13:05 <REP> Electronic Arts 08/10/2007 18:28 <REP> Everest Poker 03/02/2005 12:57 <REP> ffdshow 23/09/2007 14:01 <REP> Fichiers communs 18/09/2007 16:12 <REP> FinePixViewer 04/09/2007 23:04 <REP> Games 16/01/2007 00:18 <REP> GDiVX Player 18/09/2007 16:07 <REP> Grisoft 30/07/2007 14:04 <REP> ImTOO 05/01/2006 20:39 <REP> intelliScore Polyphonic 16/06/2006 06:24 <REP> Internet Explorer 01/12/2005 22:03 <REP> Inventel 24/10/2005 20:40 <REP> IVT Corporation 20/09/2007 22:33 <REP> Java 18/08/2007 16:48 <REP> Lavalys 18/09/2007 16:12 <REP> LimeWire 18/09/2007 16:12 <REP> Logitech 01/10/2005 19:44 <REP> Maxis 18/09/2007 16:12 <REP> Messenger 02/01/2002 00:20 <REP> microsoft frontpage 09/05/2006 21:53 <REP> Microsoft Office 09/05/2006 21:53 <REP> Microsoft Visual Studio 03/02/2005 15:50 <REP> Morgan 18/09/2007 16:12 <REP> Movie Maker 19/09/2007 07:43 <REP> Mozilla Firefox 03/02/2005 22:39 <REP> MSN 02/01/2002 00:17 <REP> MSN Gaming Zone 18/09/2007 16:12 <REP> MSN Messenger 17/02/2006 18:27 <REP> NASA 04/04/2005 22:46 <REP> NetMeeting 26/10/2005 14:33 <REP> Nokia 15/04/2006 15:39 <REP> Outlook Express 22/05/2005 19:39 <REP> PDF Editeur 2 07/03/2007 11:50 <REP> QuickTime 29/07/2007 01:05 <REP> Real 02/01/2002 00:33 <REP> Realtek Sound Manager 28/06/2005 00:07 <REP> Rockstar Games 28/11/2005 19:26 <REP> SAGEM 29/03/2006 14:04 <REP> ScanSoft 02/01/2002 00:19 <REP> Services en ligne 02/10/2005 23:49 <REP> Sierra 11/12/2006 19:35 <REP> Sierra On-Line 02/09/2007 21:04 <REP> Skype 19/02/2006 04:09 <REP> Smart Projects 02/09/2007 21:06 <REP> Sony Ericsson 02/09/2007 21:06 <REP> Spybot - Search & Destroy 02/09/2007 21:06 <REP> Steam 19/08/2007 00:35 <REP> STK014 08/04/2006 09:05 <REP> support name city 19/02/2006 12:13 <REP> SurfRobot 14/06/2006 23:13 <REP> Teamspeak2_RC2 01/11/2005 11:42 <REP> THQ 29/07/2007 23:18 <REP> VideoLAN 30/07/2007 14:38 <REP> VideoraiPodConverter 02/09/2007 21:07 <REP> Wanadoo 16/01/2007 00:04 <REP> Webteh 18/09/2007 16:12 <REP> Winamp 30/09/2007 15:58 <REP> Windows Media Connect 2 30/09/2007 19:49 <REP> Windows Media Player 04/04/2005 22:45 <REP> Windows NT 18/09/2007 16:12 <REP> WinISO 26/01/2006 09:38 <REP> WinRAR 02/01/2002 00:20 <REP> xerox 03/02/2005 15:50 <REP> XviD 20/09/2007 22:00 <REP> Zone Labs 0 fichier(s) 0 octets 91 Rép(s) 13 718 102 016 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files\fichiers communs 23/09/2007 14:01 <REP> . 23/09/2007 14:01 <REP> .. 13/11/2005 00:43 <REP> Adobe 02/01/2002 11:55 <REP> Ahead 09/05/2006 21:53 <REP> Designer 02/01/2002 02:14 <REP> DirectX 01/12/2005 22:10 278 528 FDEUnInstaller.exe 02/01/2002 00:32 <REP> InstallShield 23/04/2005 20:08 <REP> Java 06/02/2005 15:35 <REP> Logitech 23/10/2005 03:42 <REP> Macrovision Shared 17/09/2006 12:39 <REP> Microsoft Shared 02/01/2002 00:18 <REP> MSSoap 01/01/2002 02:00 <REP> ODBC 29/07/2007 01:06 <REP> Real 31/03/2006 12:46 <REP> ScanSoft Shared 02/01/2002 00:18 <REP> Services 01/01/2002 02:00 <REP> SpeechEngines 29/04/2006 11:05 <REP> Symantec Shared 09/05/2006 21:53 <REP> System 1 fichier(s) 278 528 octets 19 Rép(s) 13 718 102 016 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 09/05/2006 21:54 <REP> . 09/05/2006 21:54 <REP> .. 09/05/2006 21:53 <REP> 1033 09/05/2006 21:54 <REP> 1036 15/02/2001 05:45 1 318 912 MSONSEXT.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 03/06/1999 15:09 122 937 MSOWS409.DLL 07/03/2001 10:00 127 033 MSOWS40c.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 12/02/2001 04:03 684 032 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 13 718 102 016 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files\common files 30/03/2006 19:09 <REP> . 30/03/2006 19:09 <REP> .. 19/08/2007 00:35 <REP> Companion Wizard 0 fichier(s) 0 octets 3 Rép(s) 13 718 097 920 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\ 31/10/2005 17:56 700 416 StubInstaller.exe 1 fichier(s) 700 416 octets 0 Rép(s) 13 718 097 920 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\ c:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\uninstaller.exe c:\Documents and Settings\All Users\Menu Démarrer\Programmes\Télécharger des logiciels.exe c:\Documents and Settings\famille\Application Data\Adminreal\Flag upload.exe c:\Documents and Settings\famille\Application Data\support name city\BIB CLOSE CORN.exe c:\Documents and Settings\famille\Application Data\support name city\drv frag dead.exe c:\Documents and Settings\samladen\BitTornado-0.3.7-w32install.exe c:\Documents and Settings\samladen\.limewire\.NetworkShare\LimeWireWin4.14.8.exe c:\Documents and Settings\samladen\Application Data\support name city\azgxtcae.exe c:\Documents and Settings\samladen\Application Data\support name city\bpomflra.exe c:\Documents and Settings\samladen\Application Data\support name city\bvssmqbc.exe c:\Documents and Settings\samladen\Application Data\support name city\komlrbpf.exe c:\Documents and Settings\samladen\Application Data\support name city\orvsiona.exe c:\Documents and Settings\samladen\Application Data\support name city\tczxuilu.exe c:\Documents and Settings\samladen\Application Data\support name city\zunqdeix.exe c:\Documents and Settings\samladen\Bureau\avgas-setup-7.5.1.43.exe c:\Documents and Settings\samladen\Bureau\ccsetup200.exe c:\Documents and Settings\samladen\Bureau\DSLtest2004.exe c:\Documents and Settings\samladen\Bureau\Fixwareout.exe c:\Documents and Settings\samladen\Bureau\HijackThis.exe c:\Documents and Settings\samladen\Bureau\MPSetup.exe c:\Documents and Settings\samladen\Bureau\psp-video-converter.exe c:\Documents and Settings\samladen\Bureau\velneo_64_level1_en_setup.exe c:\Documents and Settings\samladen\Bureau\vlc-0.8.6c-win32.exe c:\Documents and Settings\samladen\Bureau\VX2Finder.exe c:\Documents and Settings\samladen\Bureau\zaSetup_fr.exe c:\Documents and Settings\samladen\Bureau\bitcomet\BitComet.exe c:\Documents and Settings\samladen\Bureau\bitcomet\CrashReport.exe c:\Documents and Settings\samladen\Bureau\bitcomet\uninst.exe c:\Documents and Settings\samladen\Bureau\bitcomet\codec\CodecCheck.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\diff.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\find2.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\grep.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\streams.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\samladen\Mes documents\bitcomet_bitcomet_0.70_francais_12987.exe c:\Documents and Settings\samladen\Mes documents\BitTorrent-4.20.9.exe c:\Documents and Settings\samladen\Mes documents\dotnetfx.exe c:\Documents and Settings\samladen\Mes documents\DSLTest.exe c:\Documents and Settings\samladen\Mes documents\Firefox Setup 2.0.exe c:\Documents and Settings\samladen\Mes documents\Install_Messenger.exe c:\Documents and Settings\samladen\Mes documents\Install_MSN_Messenger.EXE c:\Documents and Settings\samladen\Mes documents\INSTALL_MSN_MESSENGER_DL.EXE c:\Documents and Settings\samladen\Mes documents\Install_MSN_Messenger-1.EXE c:\Documents and Settings\samladen\Mes documents\klcodec235f.exe c:\Documents and Settings\samladen\Mes documents\LimeWireWin.exe c:\Documents and Settings\samladen\Mes documents\MsgPlusLive-401.exe c:\Documents and Settings\samladen\Mes documents\msnspy.exe c:\Documents and Settings\samladen\Mes documents\SajjadAli.exe c:\Documents and Settings\samladen\Mes documents\virtualdj_trial.exe c:\Documents and Settings\samladen\Mes documents\zapSetup_51_039_004.exe c:\Documents and Settings\samladen\Mes documents\zapSetup_60_667_000.exe c:\Documents and Settings\samladen\Mes documents\abderrahimd\zapSetup_51_039_004.exe c:\Documents and Settings\samladen\Mes documents\Crack\nfsc.exe c:\Documents and Settings\samladen\Mes documents\Crack\rld-nfsc.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\EvID4226Patch.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\LimeWireWin.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\sp1aexpress_fr.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\winamp508e_full.exe c:\Documents and Settings\samladen\Mes documents\jeux\GTA_SA.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\61.76_win9x_international.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\ABC-win32-v2.6.9.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\avg6773fu_free.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\cd-client-3_2_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\dxsetup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\EMULE.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\farah.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\flash02.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Hl Key Gen.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\hlsw_1_0_0_8-beta.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Install_MSN_Messenger.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\kmd.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\MPSetup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\SajjadAli.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\VisualBoyAdvance.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\vlc-0.8.1-win32.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\winamp505_silvertide.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\abderrahimd\SetupDl.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\dossier important\directx_9c_redist.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\6_All_versions.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\aawsepersonal.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\ABC-win32-v2.6.9.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Acoustica-Mixcraft-Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Ad-Aware_SE_1.x_Personal_Plus_Pro_FR.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\atomixmp3_trial.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\avg6656fu_free.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\BitTorrent-3.4.2.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_11_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_12_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_20_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_8_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\DivX511Bundle.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\DivX521XP2K.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\DivXPlayerInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\eMule0.42e-Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\eMule0.44b_Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\hlsw_1_0_0-beta3_setup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\iaplayer_2.05.10.0325.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\idman318.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\ie6setup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\iMeshFRA.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\iMeshV4.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\MMSSETUP.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\MPSetupXP.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\MSNToolbarSetup_fr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\nero63125.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\noadware.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\overnet0.53.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\ps7_tryout_fra.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\regetjr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\SetupDl.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\SkypeSetup-Beta.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\spybotsd12.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\tag14.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\teamscript32c.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\teamscript36.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\TITANSH01NETFR.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\vlc-0.7.2-win32.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\winamp501_lite.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\WinDVD5.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\wrar330fr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\avg6518fu_free.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\avg70t_167.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\csru_v4.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\ebsetupfr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\EyeInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\fgf140.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\SETUPDL.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\AVIPreview.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\defuserset.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\KDat.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\KLConfigWizard.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\klrun.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\kpp.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\ksharedfolder.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\KSig.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\unins000.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\cd-client-3_2_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\FARAH.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\FLASH02.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\Hl Key Gen.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\hlsw_1_0_0_8-beta.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\Install_MSN_Messenger.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\SajjadAli.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\VisualBoyAdvance.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes fichiers reçus\Non-Steam Install.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\avg70free_296a409.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\DivXPlayerInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\eMule0.44d-Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\GoogleToolbarInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\ie6setup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\iMeshFRA.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\iMeshV4.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Échantillons d'images\cs2dmaps2.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Échantillons d'images\s2inst191.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Échantillons d'images\Échantillons d'images\GoogleToolbarInstaller_fr.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\Firefox Setup 1.0.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\install_msn70definitif.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\MsgPlus-340Beta.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\Patch fr.exe c:\Documents and Settings\samladen\Mes documents\nfs\AutoRun.exe c:\Documents and Settings\samladen\Mes documents\nfs\DIAG.EXE c:\Documents and Settings\samladen\Mes documents\nfs\eauninstall.exe c:\Documents and Settings\samladen\Mes documents\nfs\safemode_inst.exe c:\Documents and Settings\samladen\Mes documents\nfs\shell_inst.exe c:\Documents and Settings\samladen\Mes documents\nfs\speed.exe c:\Documents and Settings\samladen\Mes documents\nfs\DirectX\DXSETUP.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\EasyInfo.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\EReg.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\Need for Speed Most Wanted_code.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\Need for Speed Most Wanted_uninst.exe c:\Documents and Settings\samladen\Mes documents\nfsc\AutoRun.exe c:\Documents and Settings\samladen\Mes documents\nfsc\DIAG.EXE c:\Documents and Settings\samladen\Mes documents\nfsc\eauninstall.exe c:\Documents and Settings\samladen\Mes documents\nfsc\nfs_inst.exe c:\Documents and Settings\samladen\Mes documents\nfsc\nfs_uninst.exe c:\Documents and Settings\samladen\Mes documents\nfsc\nfsc.exe c:\Documents and Settings\samladen\Mes documents\nfsc\setup.exe c:\Documents and Settings\samladen\Mes documents\nfsc\DirectX\DXSETUP.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\EasyInfo.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\EReg.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\Need for Speed Carbon_code.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\Need for Speed Carbon_uninst.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\Process.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\restart.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\SrchSTS.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\swreg.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\swsc.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\samladen\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll ****** Fin du rapport DiagHelp

bonjour, jai fai tout ce ke tu ma dis, mais, je nai pa pu supprimer azureus il me lance une fenetre error me disant " couldn't load main class" et jai supprimé tout le dossier PSCS direct, je navai pa vu kil falai ke je supprime dabord sysmon32, symserv et data... a par ca tout s'est douroulé correctement. voila le nouveau rapport hikackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:12:02, on 23/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\samladen\Bureau\HijackThis.exe C:\WINDOWS\system32\WgaTray.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [regapp32] C:\WINDOWS\system32\regapp32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: STK014 PNP Monitor.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe -- End of file - 7272 bytes

bonjour ! je suis daccord avec vous, jaimerais ke vous maidiez a enlever ce truc ... mais je ne peux pa vous promettre de ne plus RIEN telecharger ... car ki ne telecharge pas ? j'eesayerai d'etre prudent, et ne pas telecharger n'importa koi... , je pense 1 film de tps en tps. mais je n'arrive mem plus a me connecter a limewire, il ne trouve aucun utilisateur, "connexion serveur time out" bref, je veu bien ke vous me débarassiez de ce truc svp... merci d'avance

bonsoir, le pc est bien a moi, je suis ladministrateur. en fait, jai une version non officielle de xp et depuis pa mal de tps, kan je démarre mon pc , windows me dit ke ma version né pa originale et kil faudrait ke je rachete la bonne, mais ya une option ki me dit " resoudre ulterieurement", c celle ke je coche a chak démarrage, peut etre ke ca peut jouer des tours pour etre administrateur ?? je né pa installé pscs, il est dailleurs en fichier caché, et il né pa present ds ajout/suppression de programme ... voila le scan, je nai pa eu besoin de redémarrer, il la affiché directment . cordialement DiagHelp version v1.2 - http://www.malekal.com excute le 19/09/2007 à 21:53:17,48 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->19/09/2007 21:52:44 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->19/09/2007 21:52:09 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->19/09/2007 21:51:13 C:\WINDOWS\prefetch\WINWORD.EXE-29F5CB89.pf -->19/09/2007 21:49:15 C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->19/09/2007 21:47:08 C:\WINDOWS\prefetch\RUNDLL32.EXE-4489B61B.pf -->19/09/2007 21:47:08 C:\WINDOWS\prefetch\USNSVC.EXE-373E4DBC.pf -->19/09/2007 21:42:51 C:\WINDOWS\prefetch\MSNMSGR.EXE-366A1A81.pf -->19/09/2007 21:42:10 C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->19/09/2007 21:41:48 C:\WINDOWS\prefetch\DFRGNTFS.EXE-269967DF.pf -->19/09/2007 21:32:32 C:\WINDOWS\System32\drivers\avg7core.sys -->01/09/2007 11:51:58 C:\WINDOWS\System32\drivers\avgmfx86.sys -->19/08/2007 17:20:30 C:\WINDOWS\System32\drivers\avg7rsxp.sys -->18/08/2007 23:09:44 C:\WINDOWS\System32\drivers\avgclean.sys -->18/08/2007 22:38:57 C:\WINDOWS\System32\drivers\avg7rsw.sys -->18/08/2007 22:38:56 C:\WINDOWS\System32\drivers\AvgAsCln.sys -->30/05/2007 14:10:42 C:\WINDOWS\System32\drivers\w810whnt.sys -->08/10/2006 15:24:46 C:\WINDOWS\System32\wpa.dbl -->19/09/2007 21:18:27 C:\WINDOWS\System32\CmdLineExt.dll -->04/09/2007 22:48:07 C:\WINDOWS\System32\crash -->29/08/2007 20:28:38 C:\WINDOWS\System32\avgfwafu.dll -->19/08/2007 17:20:09 C:\WINDOWS\System32\zllictbl.dat -->18/08/2007 23:28:52 C:\WINDOWS\System32\avgwlntf.dll -->18/08/2007 23:09:44 C:\WINDOWS\System32\rmoc3260.dll -->29/07/2007 01:06:12 C:\WINDOWS\System32\pndx5032.dll -->29/07/2007 01:05:59 C:\WINDOWS\System32\pndx5016.dll -->29/07/2007 01:05:59 C:\WINDOWS\System32\pncrt.dll -->29/07/2007 01:05:55 C:\WINDOWS\System32\PerfStringBackup.INI -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfh00C.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfh009.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfc00C.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\perfc009.dat -->29/07/2007 00:24:26 C:\WINDOWS\System32\ssldivx.dll -->27/07/2007 01:06:12 C:\WINDOWS\System32\libdivx.dll -->27/07/2007 01:06:12 C:\WINDOWS\System32\swreg.exe -->22/07/2007 18:39:27 C:\WINDOWS\System32\wups.dll -->16/04/2007 22:47:36 C:\WINDOWS\System32\wuaucpl.cpl.mui -->16/04/2007 22:47:26 C:\WINDOWS\System32\wuapi.dll.mui -->16/04/2007 22:46:54 C:\WINDOWS\System32\wuaueng.dll -->16/04/2007 22:45:54 C:\WINDOWS\System32\wuapi.dll -->16/04/2007 22:45:48 C:\WINDOWS\System32\wucltui.dll -->16/04/2007 22:45:42 C:\WINDOWS\System32\wuaueng.dll.mui -->16/04/2007 22:45:42 C:\WINDOWS\WindowsUpdate.log -->19/09/2007 21:47:25 C:\WINDOWS\3-wlancfg.log -->19/09/2007 21:19:29 C:\WINDOWS.log -->19/09/2007 21:18:21 C:\WINDOWS\wiadebug.log -->19/09/2007 21:18:15 C:\WINDOWS\wiaservc.log -->19/09/2007 21:18:00 C:\WINDOWS\bootstat.dat -->19/09/2007 21:17:38 C:\WINDOWS\SchedLgU.Txt -->19/09/2007 19:06:17 C:\WINDOWS\2-wlancfg.log -->18/09/2007 17:37:08 C:\WINDOWS\setupact.log -->18/09/2007 16:50:22 C:\WINDOWS\ntbtlog.txt -->18/09/2007 16:46:31 C:\WINDOWS\Thumbs.db -->18/09/2007 16:11:27 C:\WINDOWS\1-wlancfg.log -->17/09/2007 22:56:54 C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt -->17/09/2007 21:58:36 C:\WINDOWS-wlancfg.log -->17/09/2007 00:29:52 C:\WINDOWS\6-wlancfg.log -->15/09/2007 12:18:04 MD5 des fichiers sensibles tcpip.sys 1dbf125862891817f374f407626967f4 ndis.sys 558635d3af1c7546d26067d5d9b6959e null.sys 73c1e1f395918bc2c6dd67af7591a3ad svchost.exe 2979b03d5382a602623c0535b16ab9c0 Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\WINDOWS\system32 20/08/2004 01:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 14 953 443 328 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\WINDOWS\Downloaded Program Files 21/10/2006 22:16 <REP> . 21/10/2006 22:16 <REP> .. 02/01/2002 00:19 65 desktop.ini 13/07/2004 12:41 227 MsnMessengerSetupDownloader.inf 05/11/2004 16:58 119 496 MsnMessengerSetupDownloader.ocx 08/10/2004 17:01 372 736 MsnPUpld.dll 08/10/2004 17:13 587 MSNPupld.inf 19/06/2002 15:11 117 088 PURen-us.dll 31/05/2002 10:20 117 328 PURfr-fr.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 27/08/2005 14:30 5 065 swflash.inf 9 fichier(s) 843 184 octets Total des fichiers listés : 9 fichier(s) 843 184 octets 2 Rép(s) 14 953 439 232 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-19 21:53:23 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys13eff0ca5b] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\CfgJf40] "khjeh"=hex:20,02,00,00,9a,00,4f,15,a9,77,80,a1,1e,ed,ff,a1,47,85,be,27,b2,.. "hj34z0"=hex:7b,9a,5d,0c,a1,b1,e9,d5,11,d9,a9,53,26,cd,f0,31,16,da,d8,c5,51,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys13eff0ca5b] scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 172 - ctfmon.exe 224 - avgamsvr.exe 236 - VCDDaemon.exe 260 - rundll32.exe 264 - ati2evxx.exe 288 - EM_EXEC.EXE 308 - atiptaxx.exe 328 - CDAC11BA.EXE 496 - realsched.exe 520 - sysmon32.exe 528 - avgcc.exe 556 - explorer.exe 616 - BTNtService.exe 712 - csrss.exe 736 - winlogon.exe 780 - services.exe 792 - lsass.exe 936 - ati2evxx.exe 952 - svchost.exe 1024 - svchost.exe 1064 - svchost.exe 1108 - mdm.exe 1136 - svchost.exe 1256 - symserv.exe 1304 - svchost.exe 1468 - firefox.exe 1504 - opwareSE2.exe 1584 - WLANCFG.EXE 1640 - usnsvc.exe 1688 - spoolsv.exe 1768 - avgfwsrv.exe 2368 - wscntfy.exe 2432 - jucheck.exe 2736 - WgaTray.exe 3612 - msnmsgr.exe 3968 - cmd.exe Total number of processes = 37 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806CE000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA781000 - d347bus.sys BA752000 - ACPI.sys BADAA000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS BA741000 - pci.sys BA8A8000 - isapnp.sys BAE70000 - pciide.sys BAB28000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS BA8B8000 - MountMgr.sys BA722000 - ftdisk.sys BADAC000 - dmload.sys BA6FC000 - dmio.sys BAB30000 - PartMgr.sys BA8C8000 - VolSnap.sys BAB38000 - VClone.sys BA6E4000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS BA6CC000 - atapi.sys BA6B8000 - nvatabus.sys BADAE000 - d347prt.sys BA8D8000 - disk.sys BA8E8000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS BA699000 - fltmgr.sys BA687000 - sr.sys BA8F8000 - PxHelp20.sys BA670000 - KSecDD.sys BA5E3000 - Ntfs.sys BA5B6000 - NDIS.sys BAB40000 - nv_agp.sys BA59B000 - Mup.sys BAB48000 - BTHidMgr.sys BABE0000 - \SystemRoot\System32\DRIVERS\fdc.sys BA0BB000 - \SystemRoot\System32\DRIVERS\parport.sys BAEBB000 - \SystemRoot\system32\drivers\msmpu401.sys BA097000 - \SystemRoot\system32\drivers\portcls.sys BA9E8000 - \SystemRoot\system32\drivers\drmk.sys BA074000 - \SystemRoot\system32\drivers\ks.sys BA9F8000 - \SystemRoot\System32\DRIVERS\i8042prt.sys BADE6000 - \SystemRoot\System32\DRIVERS\LKbdFlt2.sys BABE8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys BAD6C000 - \SystemRoot\System32\DRIVERS\gameenum.sys BA063000 - \SystemRoot\System32\DRIVERS\serial.sys BAD70000 - \SystemRoot\System32\DRIVERS\serenum.sys BABF0000 - \SystemRoot\System32\DRIVERS\usbohci.sys BA040000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS BABF8000 - \SystemRoot\system32\DRIVERS\usbehci.sys BAD74000 - \SystemRoot\System32\DRIVERS\nvnetbus.sys BAA08000 - \SystemRoot\System32\DRIVERS\NVNRM.SYS BA011000 - \SystemRoot\System32\DRIVERS\NVSNPU.SYS B9F7A000 - \SystemRoot\system32\drivers\ALCXWDM.SYS B9F18000 - \SystemRoot\system32\drivers\ALCXSENS.SYS BAEBC000 - \SystemRoot\System32\Drivers\ElbyDelay.sys BAA18000 - \SystemRoot\System32\DRIVERS\cdrom.sys BAA28000 - \SystemRoot\System32\DRIVERS\redbook.sys BAA38000 - \SystemRoot\System32\DRIVERS\imapi.sys B9DE2000 - \SystemRoot\System32\DRIVERS\ati2mtag.sys A943A000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS B4127000 - \SystemRoot\System32\DRIVERS\AmdK8.sys B4117000 - \SystemRoot\System32\Drivers\VcommMgr.sys AA68A000 - \SystemRoot\system32\DRIVERS\vbtenum.sys B5DD3000 - \SystemRoot\system32\DRIVERS\blueletaudio.sys A98D9000 - \SystemRoot\System32\DRIVERS\audstub.sys BAE2E000 - \SystemRoot\System32\Drivers\RootMdm.sys B5DCB000 - \SystemRoot\System32\Drivers\Modem.SYS B4107000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys AA686000 - \SystemRoot\System32\DRIVERS\ndistapi.sys A9423000 - \SystemRoot\System32\DRIVERS\ndiswan.sys B40F7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys B40E7000 - \SystemRoot\System32\DRIVERS\raspptp.sys B5DC3000 - \SystemRoot\System32\DRIVERS\TDI.SYS A9412000 - \SystemRoot\System32\DRIVERS\psched.sys B2FB2000 - \SystemRoot\System32\DRIVERS\msgpc.sys B5DBB000 - \SystemRoot\System32\DRIVERS\ptilink.sys B5DB3000 - \SystemRoot\System32\DRIVERS\raspti.sys B5DAB000 - \SystemRoot\system32\DRIVERS\VComm.sys A93E1000 - \SystemRoot\System32\DRIVERS\rdpdr.sys B2FA2000 - \SystemRoot\System32\DRIVERS\termdd.sys BAC28000 - \SystemRoot\System32\DRIVERS\mouclass.sys BAE30000 - \SystemRoot\System32\DRIVERS\swenum.sys A93AD000 - \SystemRoot\System32\DRIVERS\update.sys A9EE5000 - \SystemRoot\System32\DRIVERS\mssmbios.sys B2F92000 - \SystemRoot\System32\Drivers\NDProxy.SYS A97B5000 - \SystemRoot\System32\DRIVERS\usbhub.sys BAE58000 - \SystemRoot\System32\DRIVERS\USBD.SYS A9BB3000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BAEDA000 - \SystemRoot\System32\Drivers\Null.SYS A9BB1000 - \SystemRoot\System32\Drivers\Beep.SYS BAEDB000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys BAEDC000 - \SystemRoot\System32\Drivers\avgclean.sys B2DC5000 - \SystemRoot\System32\drivers\vga.sys A9BAF000 - \SystemRoot\System32\Drivers\mnmdd.SYS A9BAD000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys B2DBD000 - \SystemRoot\System32\Drivers\Msfs.SYS B2DB5000 - \SystemRoot\System32\Drivers\Npfs.SYS BAD98000 - \SystemRoot\System32\DRIVERS\rasacd.sys A135A000 - \SystemRoot\System32\DRIVERS\ipsec.sys A1302000 - \SystemRoot\System32\DRIVERS\tcpip.sys A12DA000 - \SystemRoot\System32\DRIVERS\netbt.sys A12B8000 - \SystemRoot\System32\drivers\afd.sys A9775000 - \SystemRoot\System32\DRIVERS\netbios.sys A128D000 - \SystemRoot\System32\DRIVERS\rdbss.sys A121E000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys A9755000 - \SystemRoot\System32\Drivers\Fips.SYS A11FD000 - \SystemRoot\System32\DRIVERS\ipnat.sys A9745000 - \SystemRoot\System32\DRIVERS\wanarp.sys B2DA5000 - \SystemRoot\System32\Drivers\avgmfx86.sys BAEF8000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys A9725000 - \SystemRoot\System32\Drivers\Cdfs.SYS A11C8000 - \SystemRoot\system32\DRIVERS\sis163u.sys B02F4000 - \SystemRoot\system32\drivers\LHidUsb.Sys B02E4000 - \SystemRoot\system32\drivers\HIDCLASS.SYS B7DBE000 - \SystemRoot\system32\drivers\HIDPARSE.SYS B2C2C000 - \SystemRoot\System32\DRIVERS\LHidFlt2.sys BA52B000 - \SystemRoot\System32\DRIVERS\mouhid.sys BAAF8000 - \SystemRoot\System32\DRIVERS\LMouFlt2.sys A11B4000 - \SystemRoot\System32\Drivers\dump_nvatabus.sys A96C8000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys BA56F000 - \SystemRoot\System32\drivers\Dxapi.sys B06FA000 - \SystemRoot\System32\watchdog.sys BF9C2000 - \SystemRoot\System32\drivers\dxg.sys BAFBF000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D4000 - \SystemRoot\System32\ati2dvag.dll BFA10000 - \SystemRoot\System32\ati2cqag.dll BFA43000 - \SystemRoot\System32\atikvmag.dll BFA76000 - \SystemRoot\System32\ati3duag.dll BFCB4000 - \SystemRoot\System32\ativvaxx.dll 9F19E000 - \SystemRoot\System32\DRIVERS\nwlnkipx.sys BA9D8000 - \SystemRoot\System32\DRIVERS\nwlnknb.sys B2E0D000 - \SystemRoot\System32\DRIVERS\ndisuio.sys 9F0A9000 - \SystemRoot\System32\DRIVERS\mrxdav.sys BAE14000 - \SystemRoot\System32\Drivers\ParVdm.SYS BAF54000 - \??\C:\WINDOWS\system32\drivers\aslm75.sys BAA58000 - \SystemRoot\System32\DRIVERS\nwlnkspx.sys 9F06C000 - \SystemRoot\system32\drivers\wdmaud.sys BA18B000 - \SystemRoot\system32\drivers\sysaudio.sys 9EFEB000 - \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS 9EFDF000 - \SystemRoot\System32\Drivers\ElbyCDIO.sys 9EE6F000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys 9EBF6000 - \SystemRoot\System32\DRIVERS\srv.sys BAEE3000 - \??\C:\WINDOWS\system32\SVKP.sys 9E750000 - \SystemRoot\System32\Drivers\HTTP.sys 9E8E9000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS BAC10000 - \SystemRoot\System32\Drivers\TDTCP.SYS 9E43B000 - \SystemRoot\System32\Drivers\RDPWD.SYS BAFBD000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 148 Liste des programmes installes "AbiWord 2.2.7 (remove only)" 802.11 USB Wireless LAN Adapter a-squared personal 1.5.1 AC3Filter (remove only) Adobe Acrobat 5.0 Adobe Flash Player 9 ActiveX aMSN Archiveur WinRAR ArcSoft Camera Suite ArcSoft PhotoStudio 5.5 ArcSoft VideoImpression 1.6 ASUS Probe V2.22.10 Athlon 64 Processor Driver ATI - Software Uninstall Utility ATI Control Panel ATI Display Driver ATI HydraVision AVG 7.5 AVG Anti-Spyware 7.5 AviSynth 2.5 Azureus BitComet 0.59 BlueSoleil Caesar 3 Canon MP Navigator 2.0 Canon MP170 Canon Utilities Easy-PhotoPrint CapMan Correctif Windows XP - KB867282 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 DAEMON Tools Digital Camera Digital Ear DirectX for Managed Code Update (December 2004) DivX Content Uploader DivX Pro Codec Adware DivX Web Player Easy-WebPrint Empire Earth II Everest Poker (Remove Only) EVEREST Ultimate Edition v4.00 ffdshow (remove only) FinePixViewer Ver.4.3 FUJIFILM USB Driver Google Earth Pro GTA San Andreas HijackThis 2.0.2 Huffyuv AVI lossless video codec (Remove Only) Icatch(IV) Camera Driver ImTOO PSP Video Converter Ink Innovative Music Systems intelliScore v5.0 IsoBuster 1.9 J2SE Runtime Environment 5.0 Update 1 J2SE Runtime Environment 5.0 Update 6 Java 2 Platform, Enterprise Edition 1.4 SDK Juiced Lecteur Windows Media 10 LimeWire 4.12.6 Livebox Logitech Desktop Messenger Logitech MouseWare 9.70 Macromedia Shockwave Player Medal of Honor Batailles du Pacifique Medal of Honor Pacific Assault Patch Microsoft .NET Framework 1.1 Microsoft Office Excel Viewer 2003 Microsoft Office Word Viewer 2003 Microsoft Office XP Professional avec FrontPage Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB903235) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Morgan Stream Switcher Mozilla Firefox (2.0.0.7) Need for Speed Underground 2 Need for Speed™ Carbon Need for Speed™ Most Wanted Nero OEM NVIDIA Drivers OmniPage SE 2.0 Patch FR 7.0.0632 Pharaon RAW FILE CONVERTER LE RealPlayer Realtek AC'97 Audio SafeCast Shared Components SAGEM F@st 800-840 Sony Ericsson Mobile Phone Monitor STK014 TeamSpeak 2 RC2 Utilitaires Sierra VideoLAN VLC media player 0.8.6c Videora iPod Converter 0.91 VirtualCloneDrive WebFldrs XP Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Media Format Runtime Windows XP Service Pack 2 WinISO 5.3 XviD MPEG-4 Video Codec Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files 18/09/2007 17:35 <REP> . 18/09/2007 17:35 <REP> .. 05/02/2005 00:59 <REP> a2 22/05/2005 19:24 <REP> AbiSuite2 03/02/2005 15:50 <REP> AC3Filter 10/11/2005 14:42 <REP> Adobe 02/01/2002 11:55 <REP> Ahead 02/01/2002 00:33 <REP> AMD 18/09/2007 16:12 <REP> amsn 29/03/2006 14:03 <REP> ArcSoft 03/02/2005 15:00 <REP> ASUS 02/01/2002 00:39 <REP> ATI Technologies 30/07/2007 14:38 <REP> AviSynth 2.5 02/01/2002 00:33 <REP> AvRack 05/09/2007 19:49 <REP> Azureus 30/07/2007 14:28 <REP> BitComet 02/09/2007 21:10 <REP> BitTorrent 03/11/2005 09:45 <REP> BoontyGames 29/03/2006 14:02 <REP> Canon 30/03/2006 19:09 <REP> Common Files 02/01/2002 00:18 <REP> ComPlus Applications 24/10/2005 21:31 <REP> Digital Ear 03/03/2006 19:05 <REP> directx 18/09/2007 16:12 <REP> DivX 03/02/2005 13:20 <REP> D-Tools 31/03/2006 13:16 <REP> EA GAMES 24/09/2005 11:01 <REP> Elaborate Bytes 22/01/2007 13:05 <REP> Electronic Arts 03/09/2007 21:13 <REP> EMule 17/09/2007 22:36 <REP> Everest Poker 03/02/2005 12:57 <REP> ffdshow 15/09/2007 09:12 <REP> Fichiers communs 18/09/2007 16:12 <REP> FinePixViewer 04/09/2007 23:04 <REP> Games 16/01/2007 00:18 <REP> GDiVX Player 18/09/2007 16:07 <REP> Grisoft 30/07/2007 14:04 <REP> ImTOO 05/01/2006 20:39 <REP> intelliScore Polyphonic 16/06/2006 06:24 <REP> Internet Explorer 01/12/2005 22:03 <REP> Inventel 24/10/2005 20:40 <REP> IVT Corporation 27/01/2006 13:01 <REP> Java 18/08/2007 16:48 <REP> Lavalys 18/09/2007 16:12 <REP> LimeWire 18/09/2007 16:12 <REP> Logitech 01/10/2005 19:44 <REP> Maxis 18/09/2007 16:12 <REP> Messenger 02/01/2002 00:20 <REP> microsoft frontpage 09/05/2006 21:53 <REP> Microsoft Office 09/05/2006 21:53 <REP> Microsoft Visual Studio 03/02/2005 15:50 <REP> Morgan 18/09/2007 16:12 <REP> Movie Maker 19/09/2007 07:43 <REP> Mozilla Firefox 03/02/2005 22:39 <REP> MSN 02/01/2002 00:17 <REP> MSN Gaming Zone 18/09/2007 16:12 <REP> MSN Messenger 17/02/2006 18:27 <REP> NASA 04/04/2005 22:46 <REP> NetMeeting 26/10/2005 14:33 <REP> Nokia 15/04/2006 15:39 <REP> Outlook Express 22/05/2005 19:39 <REP> PDF Editeur 2 07/03/2007 11:50 <REP> QuickTime 29/07/2007 01:05 <REP> Real 02/01/2002 00:33 <REP> Realtek Sound Manager 28/06/2005 00:07 <REP> Rockstar Games 28/11/2005 19:26 <REP> SAGEM 29/03/2006 14:04 <REP> ScanSoft 02/01/2002 00:19 <REP> Services en ligne 02/10/2005 23:49 <REP> Sierra 11/12/2006 19:35 <REP> Sierra On-Line 02/09/2007 21:04 <REP> Skype 19/02/2006 04:09 <REP> Smart Projects 02/09/2007 21:06 <REP> Sony Ericsson 02/09/2007 21:06 <REP> Spybot - Search & Destroy 02/09/2007 21:06 <REP> Steam 19/08/2007 00:35 <REP> STK014 08/04/2006 09:05 <REP> support name city 19/02/2006 12:13 <REP> SurfRobot 14/06/2006 23:13 <REP> Teamspeak2_RC2 01/11/2005 11:42 <REP> THQ 29/07/2007 23:18 <REP> VideoLAN 30/07/2007 14:38 <REP> VideoraiPodConverter 02/09/2007 21:07 <REP> Wanadoo 16/01/2007 00:04 <REP> Webteh 18/09/2007 16:12 <REP> Winamp 18/09/2007 16:12 <REP> Windows Media Player 04/04/2005 22:45 <REP> Windows NT 18/09/2007 16:12 <REP> WinISO 26/01/2006 09:38 <REP> WinRAR 02/01/2002 00:20 <REP> xerox 03/02/2005 15:50 <REP> XviD 0 fichier(s) 0 octets 91 Rép(s) 14 953 074 688 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files\fichiers communs 15/09/2007 09:12 <REP> . 15/09/2007 09:12 <REP> .. 13/11/2005 00:43 <REP> Adobe 02/01/2002 11:55 <REP> Ahead 09/05/2006 21:53 <REP> Designer 02/01/2002 02:14 <REP> DirectX 01/12/2005 22:10 278 528 FDEUnInstaller.exe 02/01/2002 00:32 <REP> InstallShield 23/04/2005 20:08 <REP> Java 06/02/2005 15:35 <REP> Logitech 23/10/2005 03:42 <REP> Macrovision Shared 17/09/2006 12:39 <REP> Microsoft Shared 02/01/2002 00:18 <REP> MSSoap 01/01/2002 02:00 <REP> ODBC 29/07/2007 01:06 <REP> Real 31/03/2006 12:46 <REP> ScanSoft Shared 02/01/2002 00:18 <REP> Services 01/01/2002 02:00 <REP> SpeechEngines 29/04/2006 11:05 <REP> Symantec Shared 09/05/2006 21:53 <REP> System 02/09/2007 21:06 <REP> Teleca Shared 29/07/2007 01:06 <REP> xing shared 1 fichier(s) 278 528 octets 21 Rép(s) 14 953 074 688 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 09/05/2006 21:54 <REP> . 09/05/2006 21:54 <REP> .. 09/05/2006 21:53 <REP> 1033 09/05/2006 21:54 <REP> 1036 15/02/2001 05:45 1 318 912 MSONSEXT.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 03/06/1999 15:09 122 937 MSOWS409.DLL 07/03/2001 10:00 127 033 MSOWS40c.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 12/02/2001 04:03 684 032 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 14 953 062 400 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\Program Files\common files 30/03/2006 19:09 <REP> . 30/03/2006 19:09 <REP> .. 19/08/2007 00:35 <REP> Companion Wizard 0 fichier(s) 0 octets 3 Rép(s) 14 953 062 400 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\ 31/10/2005 17:56 700 416 StubInstaller.exe 1 fichier(s) 700 416 octets 0 Rép(s) 14 953 062 400 octets libres Le volume dans le lecteur C s'appelle DSK1_VOL1 Le numéro de série du volume est D8EF-C760 Répertoire de C:\ c:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\uninstaller.exe c:\Documents and Settings\All Users\Menu Démarrer\Programmes\Télécharger des logiciels.exe c:\Documents and Settings\famille\Application Data\Adminreal\Flag upload.exe c:\Documents and Settings\famille\Application Data\support name city\BIB CLOSE CORN.exe c:\Documents and Settings\famille\Application Data\support name city\drv frag dead.exe c:\Documents and Settings\samladen\BitTornado-0.3.7-w32install.exe c:\Documents and Settings\samladen\.limewire\.NetworkShare\LimeWireWin4.14.8.exe c:\Documents and Settings\samladen\Application Data\support name city\azgxtcae.exe c:\Documents and Settings\samladen\Application Data\support name city\bpomflra.exe c:\Documents and Settings\samladen\Application Data\support name city\bvssmqbc.exe c:\Documents and Settings\samladen\Application Data\support name city\komlrbpf.exe c:\Documents and Settings\samladen\Application Data\support name city\orvsiona.exe c:\Documents and Settings\samladen\Application Data\support name city\tczxuilu.exe c:\Documents and Settings\samladen\Application Data\support name city\zunqdeix.exe c:\Documents and Settings\samladen\Bureau\avgas-setup-7.5.1.43.exe c:\Documents and Settings\samladen\Bureau\DSLtest2004.exe c:\Documents and Settings\samladen\Bureau\Fixwareout.exe c:\Documents and Settings\samladen\Bureau\HijackThis.exe c:\Documents and Settings\samladen\Bureau\psp-video-converter.exe c:\Documents and Settings\samladen\Bureau\vlc-0.8.6c-win32.exe c:\Documents and Settings\samladen\Bureau\VX2Finder.exe c:\Documents and Settings\samladen\Bureau\bitcomet\BitComet.exe c:\Documents and Settings\samladen\Bureau\bitcomet\CrashReport.exe c:\Documents and Settings\samladen\Bureau\bitcomet\uninst.exe c:\Documents and Settings\samladen\Bureau\bitcomet\codec\CodecCheck.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\diff.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\find2.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\grep.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\streams.exe c:\Documents and Settings\samladen\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\samladen\Mes documents\bitcomet_bitcomet_0.70_francais_12987.exe c:\Documents and Settings\samladen\Mes documents\BitTorrent-4.20.9.exe c:\Documents and Settings\samladen\Mes documents\dotnetfx.exe c:\Documents and Settings\samladen\Mes documents\DSLTest.exe c:\Documents and Settings\samladen\Mes documents\Firefox Setup 2.0.exe c:\Documents and Settings\samladen\Mes documents\Install_Messenger.exe c:\Documents and Settings\samladen\Mes documents\Install_MSN_Messenger.EXE c:\Documents and Settings\samladen\Mes documents\INSTALL_MSN_MESSENGER_DL.EXE c:\Documents and Settings\samladen\Mes documents\Install_MSN_Messenger-1.EXE c:\Documents and Settings\samladen\Mes documents\klcodec235f.exe c:\Documents and Settings\samladen\Mes documents\LimeWireWin.exe c:\Documents and Settings\samladen\Mes documents\MsgPlusLive-401.exe c:\Documents and Settings\samladen\Mes documents\msnspy.exe c:\Documents and Settings\samladen\Mes documents\SajjadAli.exe c:\Documents and Settings\samladen\Mes documents\virtualdj_trial.exe c:\Documents and Settings\samladen\Mes documents\zapSetup_51_039_004.exe c:\Documents and Settings\samladen\Mes documents\zapSetup_60_667_000.exe c:\Documents and Settings\samladen\Mes documents\abderrahimd\zapSetup_51_039_004.exe c:\Documents and Settings\samladen\Mes documents\Crack\nfsc.exe c:\Documents and Settings\samladen\Mes documents\Crack\rld-nfsc.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\EvID4226Patch.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\LimeWireWin.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\sp1aexpress_fr.exe c:\Documents and Settings\samladen\Mes documents\Downloads\Programs\winamp508e_full.exe c:\Documents and Settings\samladen\Mes documents\jeux\GTA_SA.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\61.76_win9x_international.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\ABC-win32-v2.6.9.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\avg6773fu_free.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\cd-client-3_2_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\dxsetup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\EMULE.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\farah.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\flash02.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Hl Key Gen.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\hlsw_1_0_0_8-beta.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Install_MSN_Messenger.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\kmd.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\MPSetup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\SajjadAli.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\VisualBoyAdvance.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\vlc-0.8.1-win32.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\winamp505_silvertide.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\abderrahimd\SetupDl.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\dossier important\directx_9c_redist.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\6_All_versions.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\aawsepersonal.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\ABC-win32-v2.6.9.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Acoustica-Mixcraft-Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Ad-Aware_SE_1.x_Personal_Plus_Pro_FR.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\atomixmp3_trial.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\avg6656fu_free.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\BitTorrent-3.4.2.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_11_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_12_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_20_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\cd-client-4_8_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\DivX511Bundle.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\DivX521XP2K.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\DivXPlayerInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\eMule0.42e-Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\eMule0.44b_Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\hlsw_1_0_0-beta3_setup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\iaplayer_2.05.10.0325.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\idman318.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\ie6setup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\iMeshFRA.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\iMeshV4.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\MMSSETUP.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\MPSetupXP.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\MSNToolbarSetup_fr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\nero63125.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\noadware.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\overnet0.53.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\ps7_tryout_fra.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\regetjr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\SetupDl.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\SkypeSetup-Beta.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\spybotsd12.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\tag14.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\teamscript32c.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\teamscript36.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\TITANSH01NETFR.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\vlc-0.7.2-win32.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\winamp501_lite.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\WinDVD5.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\wrar330fr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\avg6518fu_free.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\avg70t_167.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\csru_v4.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\ebsetupfr.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\EyeInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\fgf140.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Downloads\Programs\SETUPDL.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\AVIPreview.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\defuserset.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\KDat.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\KLConfigWizard.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\klrun.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\kpp.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\ksharedfolder.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\KSig.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Kazaa Lite\unins000.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\cd-client-3_2_0-en.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\FARAH.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\FLASH02.EXE c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\Hl Key Gen.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\hlsw_1_0_0_8-beta.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\Install_MSN_Messenger.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\SajjadAli.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\VisualBoyAdvance.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes fichiers reçus\Non-Steam Install.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\avg70free_296a409.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\DivXPlayerInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\eMule0.44d-Installer.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\GoogleToolbarInstaller.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\ie6setup.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\iMeshFRA.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Mes images\iMeshV4.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Échantillons d'images\cs2dmaps2.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Échantillons d'images\s2inst191.exe c:\Documents and Settings\samladen\Mes documents\Mes documents\Échantillons d'images\Échantillons d'images\GoogleToolbarInstaller_fr.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\Firefox Setup 1.0.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\install_msn70definitif.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\MsgPlus-340Beta.exe c:\Documents and Settings\samladen\Mes documents\Mes fichiers reçus\Patch fr.exe c:\Documents and Settings\samladen\Mes documents\nfs\AutoRun.exe c:\Documents and Settings\samladen\Mes documents\nfs\DIAG.EXE c:\Documents and Settings\samladen\Mes documents\nfs\eauninstall.exe c:\Documents and Settings\samladen\Mes documents\nfs\safemode_inst.exe c:\Documents and Settings\samladen\Mes documents\nfs\shell_inst.exe c:\Documents and Settings\samladen\Mes documents\nfs\speed.exe c:\Documents and Settings\samladen\Mes documents\nfs\DirectX\DXSETUP.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\EasyInfo.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\EReg.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\Need for Speed Most Wanted_code.exe c:\Documents and Settings\samladen\Mes documents\nfs\Support\Need for Speed Most Wanted_uninst.exe c:\Documents and Settings\samladen\Mes documents\nfsc\AutoRun.exe c:\Documents and Settings\samladen\Mes documents\nfsc\DIAG.EXE c:\Documents and Settings\samladen\Mes documents\nfsc\eauninstall.exe c:\Documents and Settings\samladen\Mes documents\nfsc\nfs_inst.exe c:\Documents and Settings\samladen\Mes documents\nfsc\nfs_uninst.exe c:\Documents and Settings\samladen\Mes documents\nfsc\nfsc.exe c:\Documents and Settings\samladen\Mes documents\nfsc\setup.exe c:\Documents and Settings\samladen\Mes documents\nfsc\DirectX\DXSETUP.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\EasyInfo.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\EReg.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\Need for Speed Carbon_code.exe c:\Documents and Settings\samladen\Mes documents\nfsc\Support\Need for Speed Carbon_uninst.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\Process.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\restart.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\SrchSTS.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\swreg.exe c:\Documents and Settings\samladen\Mes documents\Nouveau dossier\swsc.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\samladen\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll ****** Fin du rapport DiagHelp

bonjour voici les 4 scans demandés : Fichier sysmon32.exe reçu le 2007.09.19 02:14:21 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 7/32 (21.88%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: 1. L'heure estimée de démarrage est entre 39 et 56 secondes. Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Formaté Impression des résultats Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2007.9.19.0 2007.09.18 - AntiVir 7.6.0.10 2007.09.18 - Authentium 4.93.8 2007.09.18 - Avast 4.7.1043.0 2007.09.18 - AVG 7.5.0.485 2007.09.18 - BitDefender 7.2 2007.09.18 Backdoor.Genlot.LH CAT-QuickHeal 9.00 2007.09.18 - ClamAV 0.91.2 2007.09.19 - DrWeb 4.33 2007.09.18 BackDoor.Generic.1490 eSafe 7.0.15.0 2007.09.17 - eTrust-Vet 31.2.5146 2007.09.19 - Ewido 4.0 2007.09.18 - FileAdvisor 1 2007.09.19 - Fortinet 3.11.0.0 2007.09.18 - F-Prot 4.3.2.48 2007.09.18 - F-Secure 6.70.13030.0 2007.09.18 - Ikarus T3.1.1.12 2007.09.19 - Kaspersky 4.0.2.24 2007.09.19 not-a-virus:Monitor.Win32.PSpy.48 McAfee 5122 2007.09.18 - Microsoft 1.2803 2007.09.19 - NOD32v2 2539 2007.09.18 - Norman 5.80.02 2007.09.18 - Panda 9.0.0.4 2007.09.18 Suspicious file Prevx1 V2 2007.09.19 Malware.Gen Rising 19.41.13.00 2007.09.18 - Sophos 4.21.0 2007.09.18 - Sunbelt 2.2.907.0 2007.09.15 - Symantec 10 2007.09.19 Spyware.PowerSpy TheHacker 6.2.5.061 2007.09.17 - VBA32 3.12.2.4 2007.09.18 - VirusBuster 4.3.26:9 2007.09.18 - Webwasher-Gateway 6.0.1 2007.09.18 Riskware.PSpy.48.1 Information additionnelle File size: 114688 bytes MD5: 99d532727ee2c900c6f3581d96949e54 SHA1: 5e3edbb6bcd1174287e7cf6124262279b7a98239 Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5...B316A0046C3272B Fichier symserv.exe reçu le 2007.09.19 02:19:29 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 6/32 (18.75%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: 1. L'heure estimée de démarrage est entre 39 et 56 secondes. Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Formaté Impression des résultats Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2007.9.19.0 2007.09.18 - AntiVir 7.6.0.10 2007.09.18 - Authentium 4.93.8 2007.09.18 - Avast 4.7.1043.0 2007.09.18 - AVG 7.5.0.485 2007.09.18 - BitDefender 7.2 2007.09.18 Application.Pup.I CAT-QuickHeal 9.00 2007.09.18 - ClamAV 0.91.2 2007.09.19 - DrWeb 4.33 2007.09.19 - eSafe 7.0.15.0 2007.09.17 - eTrust-Vet 31.2.5146 2007.09.19 - Ewido 4.0 2007.09.18 - FileAdvisor 1 2007.09.19 - Fortinet 3.11.0.0 2007.09.18 - F-Prot 4.3.2.48 2007.09.18 - F-Secure 6.70.13030.0 2007.09.18 - Ikarus T3.1.1.12 2007.09.19 - Kaspersky 4.0.2.24 2007.09.19 not-a-virus:Monitor.Win32.PSpy.48 McAfee 5122 2007.09.18 potentially unwanted program Generic PUP Microsoft 1.2803 2007.09.19 - NOD32v2 2539 2007.09.18 - Norman 5.80.02 2007.09.18 - Panda 9.0.0.4 2007.09.18 Generic Malware Prevx1 V2 2007.09.19 - Rising 19.41.13.00 2007.09.18 - Sophos 4.21.0 2007.09.18 - Sunbelt 2.2.907.0 2007.09.15 - Symantec 10 2007.09.19 Spyware.PowerSpy TheHacker 6.2.5.061 2007.09.17 - VBA32 3.12.2.4 2007.09.18 - VirusBuster 4.3.26:9 2007.09.18 - Webwasher-Gateway 6.0.1 2007.09.18 Riskware.PSpy.48 Information additionnelle File size: 32768 bytes MD5: 7a7b300829feab8680733fc572bc6d3a SHA1: 9f9fc3d7b078d60cdd55ee311c474de8b94bc2e2 File: sysmon32.exe Status: INFECTED/MALWARE MD5: 99d532727ee2c900c6f3581d96949e54 Packers detected: - Bit9 reports: File not found Scanner results Scan taken on 19 Sep 2007 05:43:13 (GMT) A-Squared Found nothing AntiVir Found SPR/PSpy.48.1 ArcaVir Found Riskware.Monitor.Pspy.48 Avast Found nothing AVG Antivirus Found nothing BitDefender Found Backdoor.Genlot.LH ClamAV Found nothing CPsecure Found nothing Dr.Web Found BackDoor.Generic.1490 F-Prot Antivirus Found nothing F-Secure Anti-Virus Found not-a-virus:Monitor.Win32.PSpy.48 (6, 2, 604) Fortinet Found nothing Kaspersky Anti-Virus Found not-a-virus:Monitor.Win32.PSpy.48 NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Rising Antivirus Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing File: symserv.exe Status: INFECTED/MALWARE MD5: 7a7b300829feab8680733fc572bc6d3a Packers detected: - Bit9 reports: File not found Scanner results Scan taken on 19 Sep 2007 05:46:30 (GMT) A-Squared Found nothing AntiVir Found SPR/PSpy.48 ArcaVir Found Riskware.Monitor.Pspy.48 Avast Found nothing AVG Antivirus Found nothing BitDefender Found Application.Pup.I ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found not-a-virus:Monitor.Win32.PSpy.48 (6, 2, 604) Fortinet Found nothing Kaspersky Anti-Virus Found not-a-virus:Monitor.Win32.PSpy.48 NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found Generic Rising Antivirus Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing

bonjour ! jai effectué toutes les taches ke tu ma demander sauf pour : _le nettoyage hijackthis, je nai pa trouvé O4 - HKLM\..\Run: [secondjoysoapmode] C:\Documents and Settings\All Users\Application Data\LiveDrvSecondJoy\heartdata.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" _je nai pa AFT Cleaner.exe je nai donc pa pu faire le nettoyage... mai jai continué et jai les 2 rapports . les voici : avg as AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 17:31:57 18/09/2007 + Résultat de l'analyse: C:\Documents and Settings\samladen\Mes documents\Mes documents\Mes documents\Messenger Plus! - Setup.exe/70000011.exe -> Downloader.Swizzor.af : Nettoyé. C:\Documents and Settings\samladen\Mes documents\Mes documents\Messenger Plus! - Setup.exe/70000011.exe -> Downloader.Swizzor.af : Nettoyé. :mozilla.8:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé. :mozilla.51:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.52:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.53:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.54:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.55:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.56:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.34:C:\Documents and Settings\samladen\Application Data\Mozilla\Firefox\Profiles\h0ml847x.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. Fin du rapport Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:43:03, on 18/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PSCS\data\sysmon32.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\PSCS\data\symserv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\samladen\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [regapp32] C:\WINDOWS\system32\regapp32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: STK014 PNP Monitor.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe -- End of file - 7269 bytes

bonsoir ! voila les rapports demandés : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:07:53, on 17/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PSCS\data\sysmon32.exe C:\Program Files\PSCS\data\symserv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\samladen\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {9A80093E-42C0-3B24-10AD-BFB07D6A44D2} - C:\DOCUME~1\samladen\APPLIC~1\ADMINR~1\Flag upload.exe (file missing) O2 - BHO: (no name) - {C143FC98-DF1E-3F7C-4694-A456B9BFDC1E} - C:\DOCUME~1\samladen\APPLIC~1\ADMINR~1\Flag upload.exe (file missing) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: (no name) - {4247D6E0-BE58-4B7A-B8F4-D295D8AB4763} - (no file) O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [secondjoysoapmode] C:\Documents and Settings\All Users\Application Data\LiveDrvSecondJoy\heartdata.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [regapp32] C:\WINDOWS\system32\regapp32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: STK014 PNP Monitor.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe -- End of file - 7582 bytes ET LE DEUXIEME : Username "samladen" - 17/09/2007 21:45:18 [Fixwareout edited 9/01/2007] ~~~~~ Prerun check HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{1DB41D84-B740-4ACC-BB93-E86AE257C709} "DhcpNameServer"="85.255.115.101,85.255.112.173" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CB5FA6A9-BF45-4635-ABB8-0298A6AAFDDD} "DhcpNameServer"="85.255.115.101,85.255.112.173" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CE763F31-B39C-4D97-8885-19A9C0B9D0CB} "DhcpNameServer"="85.255.115.101,85.255.112.173" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D2D24CB3-8A56-4334-B643-EE8621E8E74B} "DhcpNameServer"="85.255.115.101,85.255.112.173" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D46E76DC-F512-491D-A5ED-C236193F4F27} "DhcpNameServer"="85.255.115.101,85.255.112.173" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D88229FC-ABD2-4F62-927E-03939634675A} "DhcpNameServer"="85.255.115.101,85.255.112.173" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{DCCDF136-9415-4C10-BF71-CE88B6FA963F} "DhcpNameServer"="85.255.115.101,85.255.112.173" <Value cleared. Cache de résolution DNS vidé. System was rebooted successfully. ~~~~~ Postrun check HKLM\SOFTWARE\~\Winlogon\ "system"="" .... .... ~~~~~ Misc files. .... ~~~~~ Checking for older varients. .... ~~~~~ Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="\"C:\\Program Files\\Elaborate Bytes\\VirtualCloneDrive\\VCDDaemon.exe\" /s" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "SoundMan"="SOUNDMAN.EXE" "NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "MessengerPlus3"="\"C:\\Program Files\\Messenger Plus! 3\\MsgPlus.exe\"" "EM_EXEC"="C:\\PROGRA~1\\Logitech\\MOUSEW~1\\SYSTEM\\EM_EXEC.EXE" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\"" "secondjoysoapmode"="C:\\Documents and Settings\\All Users\\Application Data\\LiveDrvSecondJoy\\heartdata.exe" "REGSHAVE"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN" "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "regapp32"="C:\\WINDOWS\\system32\\regapp32.exe" "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="C:\\PROGRA~1\\Wanadoo\\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" .... Hosts file was reset, If you use a custom hosts file please replace it... ~~~~~ End report ~~~~~ merci

bonsoir ! voila le contenu du fichier findjoblop. merci beaucoup ! Le volume dans le lecteur C s'appelle DSK1_VOL1 Le num‚ro de s‚rie du volume est D8EF-C760 R‚pertoire de C:\WINDOWS\tasks 16/09/2007 22:54 <REP> . 16/09/2007 22:54 <REP> .. 28/08/2001 14:00 65 desktop.ini 16/09/2007 22:54 6 SA.DAT 2 fichier(s) 71 octets R‚pertoire de C:\Documents and Settings\samladen\Bureau

bonsoir gof voila le rapport que tu mavai demander. merci Look2Me-Destroyer V1.0.12 Scanning for infected files..... Scan started at 16/09/2007 22:49:57 Attempting to delete infected files... Making registry repairs. Restoring Windows certificates. Replaced hosts file with default windows hosts file Restoring SeDebugPrivilege for Administrateurs - Succeeded

bonjour voila le rapport de combofix .. merci. ComboFix 07-09-14.2 - "samladen" 2007-09-15 9:10:17.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.993 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Fichiers communs\winantivirus pro 2006 C:\WINDOWS\system32\kdwbi.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\nm ((((((((((((((((((((((((( Files Created from 2007-08-15 to 2007-09-15 ))))))))))))))))))))))))))))))) . 2007-09-15 09:09 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-05 19:49 <REP> d-------- C:\Program Files\Azureus 2007-09-05 01:03 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus 2007-09-04 23:04 <REP> d-------- C:\Program Files\Games 2007-08-23 01:06 <REP> d-------- C:\DOCUME~1\samladen\APPLIC~1\Azureus 2007-08-18 23:09 9,216 --a------ C:\WINDOWS\system32\avgwlntf.dll 2007-08-18 22:38 110,592 --a------ C:\WINDOWS\system32\avgfwafu.dll 2007-08-18 16:48 <REP> d-------- C:\Program Files\Lavalys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-14 22:31 --------- d-------- C:\Program Files\Everest Poker 2007-09-13 01:10 --------- d-------- C:\Program Files\MSN Messenger 2007-09-04 23:30 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-03 21:13 --------- d-------- C:\Program Files\EMule 2007-09-02 21:10 --------- d-------- C:\Program Files\BitTorrent 2007-09-02 21:07 --------- d-------- C:\Program Files\Wanadoo 2007-09-02 21:06 --------- d-------- C:\Program Files\Steam 2007-09-02 21:06 --------- d-------- C:\Program Files\Sony Ericsson 2007-09-02 21:06 --------- d-------- C:\Program Files\Fichiers communs\Teleca Shared 2007-09-02 21:06 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson 2007-09-02 21:04 --------- d-------- C:\Program Files\Skype 2007-09-02 21:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype 2007-08-26 21:45 --------- d-------- C:\Program Files\DivX 2007-08-19 03:25 --------- d-------- C:\DOCUME~1\samladen\APPLIC~1\Skype 2007-08-19 00:35 --------- d-------- C:\Program Files\STK014 2007-08-04 20:01 --------- d-------- C:\DOCUME~1\famille\APPLIC~1\Real 2007-07-30 14:38 --------- d-------- C:\Program Files\VideoraiPodConverter 2007-07-30 14:38 --------- d-------- C:\Program Files\AviSynth 2.5 2007-07-30 14:28 --------- d-------- C:\Program Files\BitComet 2007-07-30 14:04 --------- d-------- C:\Program Files\ImTOO 2007-07-29 23:19 --------- d-------- C:\DOCUME~1\samladen\APPLIC~1\vlc 2007-07-29 23:18 --------- d-------- C:\Program Files\VideoLAN 2007-07-29 01:10 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google 2007-07-29 01:06 --------- d-------- C:\Program Files\Fichiers communs\xing shared 2007-07-29 01:06 --------- d-------- C:\Program Files\Fichiers communs\Real 2007-07-29 01:06 --------- d-------- C:\DOCUME~1\samladen\APPLIC~1\Real 2007-07-29 01:05 --------- d-------- C:\Program Files\Real 2005-12-01 22:10 278528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2005-11-02 14:25 0 --a------ C:\DOCUME~1\samladen\BitTornado-0.3.7-w32install.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A80093E-42C0-3B24-10AD-BFB07D6A44D2}] C:\DOCUME~1\samladen\APPLIC~1\ADMINR~1\Flag upload.exe [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C143FC98-DF1E-3F7C-4694-A456B9BFDC1E}] C:\DOCUME~1\samladen\APPLIC~1\ADMINR~1\Flag upload.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2004-08-20 12:28] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 14:03] "SoundMan"="SOUNDMAN.EXE" [2004-06-18 10:31 C:\WINDOWS\SOUNDMAN.EXE] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "MessengerPlus3"="C:\Program Files\Messenger Plus! 3\MsgPlus.exe" [2006-09-17 12:44] "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 10:50] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-20 01:10 C:\WINDOWS\system32\bthprops.cpl] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-12 21:05] "OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00] "secondjoysoapmode"="C:\Documents and Settings\All Users\Application Data\LiveDrvSecondJoy\heartdata.exe" [] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [] "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [] "regapp32"="C:\WINDOWS\system32\regapp32.exe" [2006-07-18 10:19] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-07-29 01:05] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-08-19 17:20] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\ BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-10-24 20:40:38] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-02-06 15:36:23] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf] avgwlntf.dll 2007-08-18 23:09 9216 C:\WINDOWS\system32\avgwlntf.dll R2 SVKP;SVKP;\??\C:\WINDOWS\system32\SVKP.sys R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys S3 DCamUSBSTK014;STK014 Camera;C:\WINDOWS\system32\DRIVERS\STK014W2.sys S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\v800mdfl.sys S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\v800mdm.sys S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\v800obex.sys . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-15 09:14:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... C:\WINDOWS\TEMP scan completed successfully hidden files: 1 ************************************************************************** . Completion time: 2007-09-15 9:16:04 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-15 09:15 . --- E O F ---

re bonsoir je narrive pa a effectuer un nettoyage.. il me met un rapport derreur, mem mon antivirus plante au bout de 5 minutes.. jai supprimé FXT. Je ne peut donc rien faire ... merci

bonsoir je ne retrouve pas mes droits mem en faisant lutilitaire, apres avoir cliker sur "restore policy" il me demande de redémarrer et une fois le pc redémaré je relance fixwareout mé il me dit toujours le mem probleme, " you need admistrative privileges to run this tool" ..

re bonsoir wong, je tavou ke jai pa labitude de rentrer dans le registre, je nai pa trop compris pour le ver, bref, fixwareout ne se lance tjrs pas mem apres le restore policy.., c ptete paske je nai pa une version originale de windows. un jour jai démarer mon pc il g recu un msg me disant ke jetait victime dune contrefacon et kil falai ke jachete la verion originale, ou bien une case " resoudre ulterieurement" .. ce msg saffiche depuis a chak foi ke jalume le pc ... je tenvoi le rapport hijackthis comme tu le ma demander . merci ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:12:55, on 14/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\PSCS\data\sysmon32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PSCS\data\symserv.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\ASUS\Probe\ASUSPROB.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\samladen\Bureau\HijackThis.exe C:\WINDOWS\System32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {9A80093E-42C0-3B24-10AD-BFB07D6A44D2} - C:\DOCUME~1\samladen\APPLIC~1\ADMINR~1\Flag upload.exe (file missing) O2 - BHO: (no name) - {C143FC98-DF1E-3F7C-4694-A456B9BFDC1E} - C:\DOCUME~1\samladen\APPLIC~1\ADMINR~1\Flag upload.exe (file missing) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: (no name) - {4247D6E0-BE58-4B7A-B8F4-D295D8AB4763} - (no file) O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [secondjoysoapmode] C:\Documents and Settings\All Users\Application Data\LiveDrvSecondJoy\heartdata.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [regapp32] C:\WINDOWS\system32\regapp32.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: STK014 PNP Monitor.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O10 - Broken Internet access because of LSP provider 'c:\windows\newdotnet3_36.dll' missing O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe -- End of file - 8085 bytes

Bonjour, ca ne marche toujours pas en renommant le fichier.. il me di you need administratives privileges to run this tool...

re je narrive pas a utiliser fixwareout, il me di ke je ne suis pa ladministrateur et ke je ne peu pa faire ca ... or, je suis bien ladministrateur! kan je v ds compte d'utilisateur c confirmé.. je ne comprend pas.. kelkun a une idée ? merci d'avance ... :s