letito

Merci pour tout ! Je prend tes conseil avec grand plaisir vu que cela va m'enpecher de faire des gaffes ainsi qu'aux autres utilisateurs. Pour bien commencer cette année me voila pourvu d'un ordinateur tout propre. Encore merci Et bonne année 2012 !

Re Lien CJoint.com BAgpSDvF7cR Puis OTL: Lien CJoint.com BAgpUXlDjlE et ckfile: CKScanner - Additional Security Risks - These are not necessarily bad c:\getdp\magneto\coilaboveacrack.geo c:\getdp\magneto\coilaboveacrack.pro c:\getdp\magneto\coilaboveacrack_dat.pro c:\mingw\include\java\security\spec\rsakeygenparameterspec.h c:\program files\adobe\adobe dreamweaver cs5\configuration\taglibraries\html\keygen.vtm c:\program files\adobe\adobe flash catalyst cs5\plugins\com.adobe.thermo.core_1.0.0.273393\com\adobe\thermo\undo\thermoundosystem$undoabledocumentchangecracker.class c:\program files\common files\adobe\adobe contribute cs5\app\configuration\browsers\mozilla run time libraries\dist\idl\nsikeygenthread.idl c:\program files\common files\adobe\adobe contribute cs5\app\configuration\browsers\mozilla run time libraries\dist\include\nsikeygenthread.h c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat scanner sequence 3.CF.11.AKAPLX ----- EOF ----- ça m'a l'air d'aller un peu mieux mais pas sur car je n'ai pas le temps de voir plus en profondeur. Merci en tout cas pour ce que tu fait !

ola, Lien CJoint.com BAgoc40j26n pour extras Lien CJoint.com BAgodZAvSHJ pour OTL Maintenant la commande a bien fonctionner !

salut, voila pour le rapport : Lien CJoint.com BAfuRpd7qL5 Par contre je n'ai pas su executer la derniere commande sur le disque dur. Quand je tape la commande dans dos il me dit que je n'ai pas acces a ce genre de manipulation ): Sinon c vrai que mon disque dur était bien saturer donc j'ai essayer supprimer le max de choses et l'ordi a l'air deja de moins ramer cool! up: En faite rien n'a changer l'ordi est tjs aussi lent et la connection tjs aussi mauvaise ):

voila voila Le rapport : Lien CJoint.com BAfouFEYqh2 Pas de changement mais j'imagine que c'est normal

Bonjour, Je constate depuis quelque temps que mon pc est très lent. Que ce soit pour l’ouverture d'applications ou alors de dossiers, il prend un temps monstre. Aussi je constate une connexion a internet très bizarre , en effet elle s’interrompt par intermittence! Je me demandais donc si il n'y aurait pas un logiciel malveillant installé sur mon ordi qui provoquerait tous ces problèmes ? J'ai réaliser plusieurs analyses à partir de mon antivirus AVG mais aussi de antimalware mais rien n'a été détecté. Y aurait il quelqu'un pour m'apporter une aide ? merci d'avance ! El tito

merci beaucoup pour ton aide ellle ma ete precieuse c eu ete un plaisir de converser avec toi je ferai ce que tu ma demander avec plaisir a bientot pour de prochaines aventures

pour le fichier bat je l avais fait mais le bloc note affichait rien donc je te l avais dit mais pas en annocant le nom cependant je lai refait et denouveau il ne sy retouve rien . VOici le rapport hilackthis: et tu dis que c est illegal de telecharger je suis bien d accord mais lorsque je vois la duree de vie de certain jeu je suis vraiment decu comme pour crysis et donc sa ne vaut pas la peine de l acheter mais pour les bon jeu sinon je les achete ! je vais utiliser antivir comme antivirus et apparemment myn mon dd ne fait plus de bruit Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:54, on 2008-01-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12014SC Wireless Combo Set\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\12014SC Wireless Combo Set\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0B13EA69-C61D-4E7A-AA07-1999C7BFA2BC}: NameServer = 195.238.2.21,195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{0B13EA69-C61D-4E7A-AA07-1999C7BFA2BC}: NameServer = 195.238.2.21,195.238.2.22 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B13EA69-C61D-4E7A-AA07-1999C7BFA2BC}: NameServer = 195.238.2.21,195.238.2.22 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 6703 bytes

donc voici le dernier rapport de kapersky: mais pour vnc aucun probleme c est moi qui l ai installe alors que me conseille tu comme antivirus antivir est ce bien enfin quel verification pour mon disque dur puis je faire ? KASPERSKY ONLINE SCANNER REPORT Thursday, January 17, 2008 12:25:47 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 15/01/2008 Kaspersky Anti-Virus database records: 512458 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ F:\ G:\ H:\ J:\ Scan Statistics Total number of scanned objects 43617 Number of viruses found 1 Number of infected objects 4 Number of suspicious objects 0 Duration of the scan process 00:41:49 Infected Object Name Virus Name Last Action C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\cert8.db Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\history.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\key3.db Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\parent.lock Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\search.sqlite Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\user\Cookies\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\XUL.mfl Object is locked skipped C:\Documents and Settings\user\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Historique\History.IE5\MSHist012008011620080117\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\user\Mes documents\Emule\Temp1.part Object is locked skipped C:\Documents and Settings\user\Mes documents\Emule\Temp2.part Object is locked skipped C:\Documents and Settings\user\Mes documents\Emule\Temp3.part Object is locked skipped C:\Documents and Settings\user\Mes documents\Emule\Temp4.part Object is locked skipped C:\Documents and Settings\user\Mes documents\Emule\Temp5.part Object is locked skipped C:\Documents and Settings\user\NTUSER.DAT Object is locked skipped C:\Documents and Settings\user\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped C:\Program Files\RealVNC\VNC4\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Program Files\RealVNC\VNC4\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Program Files\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Program Files\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP1\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RTacDbg.txt Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{DEA44CE2-E6D9-466F-AC3E-7E3E2414B243}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_55c.dat Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

voila j ai trouver le rapport de vundo : VundoFix V6.7.7 Checking Java version... Sun Java not detected Scan started at 18:13:26 09/01/2008 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.7.7 Checking Java version... Sun Java not detected Scan started at 19:05:13 09/01/2008 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.7.7 Checking Java version... Scan started at 16:13:55 13/01/2008 Listing files found while scanning.... No infected files were found. Beginning removal... voila le rapport que me donne kapersky : KASPERSKY ONLINE SCANNER REPORT Monday, January 14, 2008 5:51:57 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 13/01/2008 Kaspersky Anti-Virus database records: 510043 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ F:\ G:\ H:\ J:\ Scan Statistics Total number of scanned objects 48263 Number of viruses found 8 Number of infected objects 138 Number of suspicious objects 0 Duration of the scan process 00:39:30 Infected Object Name Virus Name Last Action C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\cert8.db Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\formhistory.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\history.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\key3.db Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\parent.lock Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\search.sqlite Object is locked skipped C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\user\Cookies\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Mozilla\Firefox\Profiles\zcvs8re8.default\XUL.mfl Object is locked skipped C:\Documents and Settings\user\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Historique\History.IE5\MSHist012008011420080115\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\user\NTUSER.DAT Object is locked skipped C:\Documents and Settings\user\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped C:\Program Files\eMule\Incoming\Company of Heroes Opposing Fronts crack.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\Program Files\eMule\Incoming\Company of Heroes Opposing Fronts crack.exe SetupFactory: infected - 1 skipped C:\Program Files\eMule\Incoming\NOCD Company of Heroes Opposing Fronts crack.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\Program Files\eMule\Incoming\NOCD Company of Heroes Opposing Fronts crack.exe SetupFactory: infected - 1 skipped C:\Program Files\eMule\Incoming\Win.All Company of Heroes Opposing Fronts crack.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\Program Files\eMule\Incoming\Win.All Company of Heroes Opposing Fronts crack.exe SetupFactory: infected - 1 skipped C:\Program Files\RealVNC\VNC4\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Program Files\RealVNC\VNC4\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Program Files\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Program Files\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\QooBox\Quarantine\C\Documents and Settings\user\Application Data\user32.exe.vir Infected: Trojan-Downloader.Win32.Small.hkt skipped C:\QooBox\Quarantine\C\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\Analog Devices\Core\smax4pnp.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4 .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4 .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4 .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\DAEMON Tools Lite\daemon.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\Program Files\Windows Live\Messenger\MsnMsgr.Exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\WINDOWS\system32\nnnkjkj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\QooBox\Quarantine\C\WINDOWS\system32\pmnlkkk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\QooBox\Quarantine\C\WINDOWS\system32\qommlli.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\QooBox\Quarantine\C\WINDOWS\system32\RCX16.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\WINDOWS\system32\RCX17.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\WINDOWS\system32\RCX19.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\WINDOWS\system32\RCX1D.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\WINDOWS\system32\RCX1F.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\C\WINDOWS\system32\vtstu.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\QooBox\Quarantine\catchme2008-01-06_232632.70.zip/jkkiijj.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhx skipped C:\QooBox\Quarantine\catchme2008-01-06_232632.70.zip/vtstu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dih skipped C:\QooBox\Quarantine\catchme2008-01-06_232632.70.zip ZIP: infected - 2 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP19\A0001631.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP19\A0001631.exe/file2 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP19\A0001631.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP19\A0001631.exe/file5 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP19\A0001631.exe Inno: infected - 4 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001840.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001840.exe SetupFactory: infected - 1 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001841.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001841.exe SetupFactory: infected - 1 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001842.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001842.exe SetupFactory: infected - 1 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001843.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001843.exe SetupFactory: infected - 1 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001844.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP27\A0001844.exe SetupFactory: infected - 1 skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0001873.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0001875.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0001876.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0001877.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0001878.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0001882.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0002868.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0002877.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0002878.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0002886.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0002887.exe Infected: Trojan.Win32.Dialer.yz skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP31\A0002897.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003876.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003878.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003879.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003880.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003888.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003914.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003921.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003923.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003929.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003940.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003941.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003942.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003943.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003950.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003955.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003964.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003970.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003972.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003974.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003980.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003986.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003993.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003995.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003996.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0003997.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0004003.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0004016.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0004023.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0004025.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0004027.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP32\A0004032.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP34\A0004054.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP34\A0004063.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP34\A0004064.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP34\A0004065.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP34\A0004073.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP34\A0004081.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004269.exe Infected: Trojan-Downloader.Win32.Small.hkt skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004270.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004271.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004272.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004273.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004277.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004278.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004279.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004280.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004281.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004282.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004283.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004284.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004285.Exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004289.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhx skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP36\A0004290.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dih skipped C:\System Volume Information\_restore{4032E363-2FDF-4D38-8A00-14839BBC990C}\RP53\change.log Object is locked skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Documents and Settings/user/Application Data/user32.exe.vir Infected: Trojan-Downloader.Win32.Small.hkt skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Adobe/Reader 8.0/Reader/Reader_sl.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Analog Devices/Core/smax4pnp.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Analog Devices/SoundMAX/Smax4 .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Analog Devices/SoundMAX/Smax4 .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Analog Devices/SoundMAX/Smax4 .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Analog Devices/SoundMAX/Smax4.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/DAEMON Tools Lite/daemon.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Messenger/msmsgs.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/Program Files/Windows Live/Messenger/MsnMsgr.Exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/ctfmon.exe.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/nnnkjkj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/pmnlkkk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/qommlli.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dio skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/RCX16.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/RCX17.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/RCX19.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/RCX1D.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/RCX1F.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/C/WINDOWS/system32/vtstu.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/catchme2008-01-06_232632.70.zip/jkkiijj.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhx skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/catchme2008-01-06_232632.70.zip/vtstu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dih skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar/qoobox/Quarantine/catchme2008-01-06_232632.70.zip Infected: not-a-virus:AdWare.Win32.Virtumonde.dih skipped C:\upload_moi_USER-E9E6940105.tar.gz/upload_moi.tar Infected: not-a-virus:AdWare.Win32.Virtumonde.dih skipped C:\upload_moi_USER-E9E6940105.tar.gz GZIP: infected - 24 skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\RTacDbg.txt Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_564.dat Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. mais pour le dique dur ca me paraitrai bizarre qu il soit fatigué puisque mon ordi est tout neuf et donc le disque dur aussi.

bonjour, jai essayer vundo il na pas trouver de fichier infecter donc y avait rien a delete . ensuite j ai fait le scan kapersky mais il ne me donne pas de rapport et dit juste qu il a trouver 8 fichier infecter jai essayer les des plusieur fois mais ca na rien donner aussi , depuis que j ai mis le virus en quarantaine mon disque dur fait un bruit de frottement est ce possible que ce soit a cause du virus ? est ce qu il peut l avoir niquer? ps: desoler de ne pas t avoir repondu plus tot .

pour le doossier /fichier spxo.sys le voila: WINSeeker 1.0B - bibi26 Fichier/dossier recherché : spxo.sys Date recherchée : Aucune (jj/mm/aaaa) Répertoire à scanner : C: (Récursif) --> Fichiers/Dossiers trouvés --> Fin du rapport et pour le dossier fichier a9vdy4po.SYS le voici : WINSeeker 1.0B - bibi26 Fichier/dossier recherché : a9vdy4po.SYS Date recherchée : Aucune (jj/mm/aaaa) Répertoire à scanner : C: (Récursif) --> Fichiers/Dossiers trouvés --> Fin du rapport

voila mtn ca a marcher le voici : et aussi que me conseille tu comme antivirus . J ai deja avast mais j aimerais changer pcq apparemment ce n est pas tres bon Antivir serai mieux comme logiciel gratuit ? DiagHelp version v1.4 - http://www.malekal.com excute le 07/01/2008 à 20:53:55,75 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->07/01/2008 20:53:52 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->07/01/2008 20:53:48 C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->07/01/2008 20:52:04 C:\WINDOWS\prefetch\FIREFOX.EXE-17EE503B.pf -->07/01/2008 20:51:08 C:\WINDOWS\prefetch\VLC.EXE-22DF01AA.pf -->07/01/2008 20:50:53 C:\WINDOWS\prefetch\NERO.EXE-2B418BF0.pf -->07/01/2008 20:50:00 C:\WINDOWS\prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->07/01/2008 20:47:03 C:\WINDOWS\prefetch\TWOWORLDS.EXE-20CF0C24.pf -->07/01/2008 19:24:57 C:\WINDOWS\prefetch\RUNDLL32.EXE-2A94BB85.pf -->07/01/2008 19:24:15 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->07/01/2008 19:24:13 C:\WINDOWS\System32\drivers\PnkBstrK.sys -->07/01/2008 17:53:23 C:\WINDOWS\System32\drivers\sptd.sys -->30/12/2007 17:39:32 C:\WINDOWS\System32\drivers\pxhelp20.sys -->29/12/2007 03:36:13 C:\WINDOWS\System32\drivers\AegisP.sys -->19/12/2007 00:03:19 C:\WINDOWS\System32\drivers\aswmon.sys -->04/12/2007 15:56:02 C:\WINDOWS\System32\drivers\aswmon2.sys -->04/12/2007 15:55:46 C:\WINDOWS\System32\drivers\aswRdr.sys -->04/12/2007 15:53:39 C:\WINDOWS\System32\PnkBstrB.exe -->07/01/2008 17:53:16 C:\WINDOWS\System32\CONFIG.NT -->05/01/2008 22:21:25 C:\WINDOWS\System32\wpa.dbl -->05/01/2008 12:49:06 C:\WINDOWS\System32\PnkBstrA.exe -->01/01/2008 01:39:04 C:\WINDOWS\System32\FNTCACHE.DAT -->29/12/2007 03:41:51 C:\WINDOWS\System32\vxblock.dll -->29/12/2007 03:36:13 C:\WINDOWS\System32\pxwave.dll -->29/12/2007 03:36:13 C:\WINDOWS\System32\pxmas.dll -->29/12/2007 03:36:13 C:\WINDOWS\System32\pxhpinst.exe -->29/12/2007 03:36:13 C:\WINDOWS\System32\pxdrv.dll -->29/12/2007 03:36:13 C:\WINDOWS\System32\px.dll -->29/12/2007 03:36:13 C:\WINDOWS\System32\CmdLineExt.dll -->29/12/2007 02:47:48 C:\WINDOWS\System32\PerfStringBackup.INI -->29/12/2007 02:32:10 C:\WINDOWS\System32\perfh00C.dat -->29/12/2007 02:32:10 C:\WINDOWS\System32\perfh009.dat -->29/12/2007 02:32:10 C:\WINDOWS\System32\perfc00C.dat -->29/12/2007 02:32:10 C:\WINDOWS\System32\perfc009.dat -->29/12/2007 02:32:10 C:\WINDOWS\System32\TZLog.log -->29/12/2007 01:48:59 C:\WINDOWS\System32\wpa.bak -->29/12/2007 01:25:25 C:\WINDOWS\System32\nvapps.xml -->29/12/2007 01:19:20 C:\WINDOWS\System32\h323log.txt -->19/12/2007 00:49:35 C:\WINDOWS\System32\$winnt$.inf -->18/12/2007 23:54:30 C:\WINDOWS\System32\nscompat.tlb -->18/12/2007 23:53:15 C:\WINDOWS\System32\amcompat.tlb -->18/12/2007 23:53:15 C:\WINDOWS\System32\WindowsLogon.manifest -->18/12/2007 23:52:42 C:\WINDOWS\NeroDigital.ini -->07/01/2008 19:25:00 C:\WINDOWS\setupapi.log -->07/01/2008 16:41:42 C:\WINDOWS\WindowsUpdate.log -->07/01/2008 09:20:12 C:\WINDOWS.log -->07/01/2008 09:10:05 C:\WINDOWS\RTacDbg.txt -->07/01/2008 09:09:59 C:\WINDOWS\bootstat.dat -->07/01/2008 09:09:51 C:\WINDOWS\SchedLgU.Txt -->07/01/2008 05:40:10 C:\WINDOWS\system.ini -->06/01/2008 23:26:35 C:\WINDOWS\wmsetup.log -->06/01/2008 14:08:32 C:\WINDOWS\win.ini -->06/01/2008 11:00:23 C:\WINDOWS\DPINST.LOG -->05/01/2008 16:46:10 C:\WINDOWS\setupact.log -->01/01/2008 14:32:03 C:\WINDOWS\DirectX.log -->30/12/2007 17:56:56 C:\WINDOWS\KB941569.log -->30/12/2007 01:10:09 C:\WINDOWS\tsoc.log -->30/12/2007 01:10:02 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1616 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x44080000 0xcf000 7.00.6000.16574 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16574 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x44360000 0x5cd000 7.00.6000.16574 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16574 C:\WINDOWS\system32\urlmon.dll 0x442b0000 0x3c000 7.00.6000.16574 C:\WINDOWS\system32\webcheck.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x01a30000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x58640000 0x8a000 1.09.0000.0305 C:\WINDOWS\system32\l3codeca.acm 0x086d0000 0x247000 10.00.0000.4054 C:\WINDOWS\system32\wmvcore.dll 0x070d0000 0x3b000 10.00.0000.4060 C:\WINDOWS\system32\WMASF.DLL 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x02190000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x00e30000 0x2e000 C:\Program Files\WinRAR\rarext.dll 0x64f00000 0x12000 4.07.1098.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll 0x10000000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 720 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est B4BF-D981 Répertoire de C:\WINDOWS\system32 02/03/2006 13:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 389 515 665 408 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est B4BF-D981 Répertoire de C:\WINDOWS\Downloaded Program Files 07/01/2008 13:25 <REP> . 07/01/2008 13:25 <REP> .. 18/12/2007 23:52 65 desktop.ini 20/11/2007 16:04 1 523 536 FP_AX_CAB_INSTALLER.exe 02/08/2007 18:20 1 864 OnlineScanner.inf 20/11/2007 15:50 247 swflash.inf 4 fichier(s) 1 525 712 octets Total des fichiers listés : 4 fichier(s) 1 525 712 octets 2 Rép(s) 389 515 665 408 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-07 20:54:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\CfgD79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:61,40,51,fd,fb,20,cc,9b,91,dd,d9,0a,83,e9,2e,27,01,93,67,a6,34,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000001 "khjeh"=hex:64,85,05,a5,bc,9e,f3,00,90,6f,86,6d,a9,ce,cb,b6,f2,c4,73,37,01,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001] "a0"=hex:20,01,00,00,eb,af,5e,1b,40,2e,9a,fd,a7,6e,bb,a3,ed,d8,5f,69,3d,.. "khjeh"=hex:b0,44,68,d2,23,0b,f7,b5,62,2f,28,5b,79,7f,ea,77,2d,f8,6e,d6,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf40] "khjeh"=hex:77,9f,e4,fe,4b,0e,5f,cb,1d,96,d2,d0,a1,56,76,d2,16,2b,70,c8,c3,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\CfgD79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:61,40,51,fd,fb,20,cc,9b,91,dd,d9,0a,83,e9,2e,27,01,93,67,a6,34,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000001 "khjeh"=hex:64,85,05,a5,bc,9e,f3,00,90,6f,86,6d,a9,ce,cb,b6,f2,c4,73,37,01,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001] "a0"=hex:20,01,00,00,eb,af,5e,1b,40,2e,9a,fd,a7,6e,bb,a3,ed,d8,5f,69,3d,.. "khjeh"=hex:b0,44,68,d2,23,0b,f7,b5,62,2f,28,5b,79,7f,ea,77,2d,f8,6e,d6,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf40] "khjeh"=hex:77,9f,e4,fe,4b,0e,5f,cb,1d,96,d2,d0,a1,56,76,d2,16,2b,70,c8,c3,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 212 - ctfmon.exe 228 - RtWLan.exe 420 - winvnc4.exe 696 - csrss.exe 720 - winlogon.exe 768 - services.exe 780 - lsass.exe 952 - svchost.exe 1004 - ashMaiSv.exe 1144 - svchost.exe 1204 - svchost.exe 1332 - svchost.exe 1388 - ashWebSv.exe 1516 - ashServ.exe 1564 - PnkBstrA.exe 1616 - explorer.exe 1980 - ashDisp.exe 2304 - alg.exe 2604 - emule.exe 3000 - firefox.exe 3292 - cmd.exe Total number of processes = 22 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA6A9000 - spxo.sys BADAA000 - \WINDOWS\System32\Drivers\WMILIB.SYS BA691000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS BA662000 - ACPI.sys BA651000 - pci.sys BA8A8000 - ohci1394.sys BA8B8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS BA8C8000 - isapnp.sys BAE70000 - pciide.sys BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS BA8D8000 - MountMgr.sys BA632000 - ftdisk.sys BAB30000 - PartMgr.sys BA8E8000 - VolSnap.sys BA61A000 - atapi.sys BA8F8000 - disk.sys BA908000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS BA5FA000 - fltMgr.sys BA5E8000 - sr.sys BAB38000 - PxHelp20.sys BA5D1000 - KSecDD.sys BA544000 - Ntfs.sys BA517000 - NDIS.sys BA504000 - sfvfs02.sys BAB40000 - sfhlp02.sys BA4F2000 - sfdrv01.sys BA4D7000 - Mup.sys BAA38000 - \SystemRoot\system32\DRIVERS\intelppm.sys B9D80000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys B9D6C000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS BABB8000 - \SystemRoot\system32\DRIVERS\usbuhci.sys B9D49000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS BABC0000 - \SystemRoot\system32\DRIVERS\usbehci.sys B9D24000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys B9CE7000 - \SystemRoot\system32\DRIVERS\yk51x86.sys BAA48000 - \SystemRoot\system32\DRIVERS\nic1394.sys BABC8000 - \SystemRoot\system32\DRIVERS\fdc.sys BADBC000 - \SystemRoot\system32\DRIVERS\ASACPI.sys B9CD6000 - \SystemRoot\system32\DRIVERS\serial.sys BAD5C000 - \SystemRoot\system32\DRIVERS\serenum.sys BABD0000 - \SystemRoot\system32\DRIVERS\kbdclass.sys BAA68000 - \SystemRoot\system32\DRIVERS\imapi.sys BAA78000 - \SystemRoot\system32\DRIVERS\cdrom.sys BAA88000 - \SystemRoot\system32\DRIVERS\redbook.sys B9CB3000 - \SystemRoot\system32\DRIVERS\ks.sys B9C4E000 - \SystemRoot\System32\Drivers\a9vdy4po.SYS BAFDD000 - \SystemRoot\system32\DRIVERS\audstub.sys BAA98000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys BAD9C000 - \SystemRoot\system32\DRIVERS\ndistapi.sys B9C1B000 - \SystemRoot\system32\DRIVERS\ndiswan.sys BAAA8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys BAAB8000 - \SystemRoot\system32\DRIVERS\raspptp.sys BAC20000 - \SystemRoot\system32\DRIVERS\TDI.SYS B9B6A000 - \SystemRoot\system32\DRIVERS\psched.sys BAAC8000 - \SystemRoot\system32\DRIVERS\msgpc.sys BAC38000 - \SystemRoot\system32\DRIVERS\ptilink.sys BAC40000 - \SystemRoot\system32\DRIVERS\raspti.sys BAAF8000 - \SystemRoot\system32\DRIVERS\termdd.sys BAC48000 - \SystemRoot\system32\DRIVERS\mouclass.sys BADCA000 - \SystemRoot\system32\DRIVERS\swenum.sys B9AE9000 - \SystemRoot\system32\DRIVERS\update.sys BA4AB000 - \SystemRoot\system32\DRIVERS\mssmbios.sys BAB08000 - \SystemRoot\System32\Drivers\NDProxy.SYS BA978000 - \SystemRoot\system32\DRIVERS\usbhub.sys BADCC000 - \SystemRoot\system32\DRIVERS\USBD.SYS B7975000 - \SystemRoot\system32\drivers\ADIHdAud.sys B7951000 - \SystemRoot\system32\drivers\portcls.sys BA988000 - \SystemRoot\system32\drivers\drmk.sys B793A000 - \SystemRoot\system32\drivers\AEAudio.sys B78DA000 - \SystemRoot\system32\drivers\Senfilt.sys BAC98000 - \SystemRoot\system32\DRIVERS\flpydisk.sys BADFE000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BAF11000 - \SystemRoot\System32\Drivers\Null.SYS BAE00000 - \SystemRoot\System32\Drivers\Beep.SYS BA9F8000 - \SystemRoot\system32\DRIVERS\i8042prt.sys BACB0000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS BAB50000 - \SystemRoot\System32\drivers\vga.sys BAE04000 - \SystemRoot\System32\Drivers\mnmdd.SYS BAE06000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys BAB58000 - \SystemRoot\System32\Drivers\Msfs.SYS BAB90000 - \SystemRoot\System32\Drivers\Npfs.SYS B9B46000 - \SystemRoot\system32\DRIVERS\rasacd.sys B78A7000 - \SystemRoot\system32\DRIVERS\ipsec.sys B784F000 - \SystemRoot\system32\DRIVERS\tcpip.sys BAA08000 - \SystemRoot\System32\Drivers\aswTdi.SYS B7806000 - \SystemRoot\system32\DRIVERS\ipnat.sys B77DE000 - \SystemRoot\system32\DRIVERS\netbt.sys BAA18000 - \SystemRoot\system32\DRIVERS\wanarp.sys BAA28000 - \SystemRoot\system32\DRIVERS\arp1394.sys B771C000 - \SystemRoot\System32\drivers\afd.sys B9C0B000 - \SystemRoot\system32\DRIVERS\netbios.sys B76F1000 - \SystemRoot\system32\DRIVERS\rdbss.sys B7682000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys B9BFB000 - \SystemRoot\System32\Drivers\Fips.SYS BABA0000 - \SystemRoot\System32\Drivers\Aavmker4.SYS B9BDB000 - \SystemRoot\System32\Drivers\Cdfs.SYS BABA8000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS BABB0000 - \SystemRoot\system32\DRIVERS\usbccgp.sys BAD50000 - \SystemRoot\system32\DRIVERS\hidusb.sys B9BCB000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS BAD54000 - \SystemRoot\system32\DRIVERS\kbdhid.sys BAD64000 - \SystemRoot\system32\DRIVERS\mouhid.sys B7642000 - \SystemRoot\System32\Drivers\dump_atapi.sys BAE1A000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys BAD80000 - \SystemRoot\System32\drivers\Dxapi.sys BABE8000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys BAF98000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\nv4_disp.dll BAC10000 - \SystemRoot\system32\DRIVERS\AegisP.sys B732E000 - \SystemRoot\system32\DRIVERS\ndisuio.sys B70BC000 - \SystemRoot\System32\Drivers\aswMon2.SYS B6DAF000 - \SystemRoot\system32\drivers\wdmaud.sys B6ECC000 - \SystemRoot\system32\drivers\sysaudio.sys B60C9000 - \SystemRoot\system32\DRIVERS\mrxdav.sys B6027000 - \SystemRoot\system32\DRIVERS\srv.sys B5D8E000 - \SystemRoot\System32\Drivers\HTTP.sys B5E2F000 - \SystemRoot\System32\Drivers\aswRdr.SYS A8BEE000 - \SystemRoot\System32\Drivers\Fastfat.SYS 91C43000 - \SystemRoot\system32\drivers\kmixer.sys 91A13000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 126 Liste des programmes installes 12014SC Wireless Combo Set 12014SC Wireless Combo Set Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player ActiveX Adobe Help Center 2.0 Adobe Premiere Pro 2.0 Adobe Premiere Pro 2.0 Adobe Reader 8.1.1 Adobe Stock Photos 1.0 AGEIA PhysX v7.01.12 Archiveur WinRAR Assistant de connexion Windows Live ASUS WiFi-AP Solo avast! Antivirus Correctif pour Windows XP (KB914440) Correctif Windows XP - KB873339 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 eMule ESET Online Scanner FEARCombat High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 Hotfix for Windows XP (KB915865) Marvell Miniport Driver Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office XP Professional with FrontPage Microsoft Visual C++ 2005 Redistributable Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB938127) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB942615) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911164) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB936357) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) Mise à jour pour Windows XP (KB942840) Mozilla Firefox (2.0.0.11) Nero 6 Enterprise Edition NVIDIA Drivers PokerStars SoundMAX TrackMania Nations ESWC 1.7.9 Two Worlds VideoLAN VLC media player 0.8.6d VNC Free Edition 4.1.2 WebFldrs XP Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live installer Windows Live Mail Windows Live Messenger Windows Media Format Runtime Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est B4BF-D981 Répertoire de C:\Program Files 07/01/2008 13:23 <REP> . 07/01/2008 13:23 <REP> .. 03/01/2008 16:08 <REP> Adobe 30/12/2007 18:03 <REP> AGEIA Technologies 06/01/2008 14:54 <REP> Ahead 30/12/2007 17:23 <REP> Alcohol Soft 30/12/2007 17:32 <REP> Alcohol Toolbar 29/12/2007 02:12 <REP> Alwil Software 19/12/2007 00:01 <REP> Analog Devices 19/12/2007 00:03 <REP> ASUS WiFi-AP Solo 18/12/2007 23:51 <REP> ComPlus Applications 06/01/2008 23:26 <REP> DAEMON Tools Lite 07/01/2008 09:12 <REP> eMule 07/01/2008 13:40 <REP> EsetOnlineScanner 06/01/2008 14:54 <REP> Fichiers communs 18/12/2007 23:59 <REP> Intel 29/12/2007 02:30 <REP> Internet Explorer 19/12/2007 00:02 <REP> Marvell 06/01/2008 23:26 <REP> Messenger 29/12/2007 02:00 <REP> Microsoft ActiveSync 18/12/2007 23:53 <REP> microsoft frontpage 29/12/2007 02:00 <REP> Microsoft Office 18/12/2007 23:51 <REP> Movie Maker 07/01/2008 20:51 <REP> Mozilla Firefox 18/12/2007 23:50 <REP> MSN 18/12/2007 23:50 <REP> MSN Gaming Zone 18/12/2007 23:51 <REP> NetMeeting 18/12/2007 23:50 <REP> Online Services 29/12/2007 01:49 <REP> Outlook Express 02/01/2008 18:09 <REP> PokerStars 30/12/2007 17:11 <REP> Reality Pump 30/12/2007 13:08 <REP> RealVNC 18/12/2007 23:52 <REP> Services en ligne 29/12/2007 02:24 <REP> Sierra 01/01/2008 15:38 <REP> TrackMania Nations ESWC 06/01/2008 14:44 <REP> Trend Micro 29/12/2007 03:20 <REP> VideoLAN 05/01/2008 16:47 <REP> Windows Live 29/12/2007 03:36 <REP> Windows Media Player 18/12/2007 23:50 <REP> Windows NT 30/12/2007 13:33 <REP> WinRAR 18/12/2007 23:53 <REP> xerox 0 fichier(s) 0 octets 42 Rép(s) 389 498 753 024 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est B4BF-D981 Répertoire de C:\Program Files\fichiers communs 06/01/2008 14:54 <REP> . 06/01/2008 14:54 <REP> .. 03/01/2008 16:08 <REP> Adobe 29/12/2007 03:36 <REP> Adobe Systems Shared 06/01/2008 14:54 <REP> Ahead 29/12/2007 02:00 <REP> Designer 19/12/2007 00:02 <REP> InstallShield 06/01/2008 11:00 <REP> Microsoft Shared 18/12/2007 23:51 <REP> MSSoap 19/12/2007 00:43 <REP> ODBC 18/12/2007 23:51 <REP> Services 19/12/2007 00:43 <REP> SpeechEngines 29/12/2007 02:00 <REP> System 30/12/2007 17:56 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 14 Rép(s) 389 498 753 024 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est B4BF-D981 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 06/01/2008 11:00 <REP> . 06/01/2008 11:00 <REP> .. 29/12/2007 02:00 <REP> 1033 25/03/2003 18:38 1 327 104 MSONSEXT.DLL 13/02/2001 00:23 58 784 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 22/01/2001 03:25 671 744 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 875 848 octets 3 Rép(s) 389 498 753 024 octets libres c:\Documents and Settings\All Users\Documents\Monolith Productions\FEARCombat\pb\PnkBstrB.exe c:\Documents and Settings\user\Bureau\ComboFix.exe c:\Documents and Settings\user\Bureau\WLinstaller.exe c:\Documents and Settings\user\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\user\Bureau\DiagHelp\diff.exe c:\Documents and Settings\user\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\user\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\user\Bureau\DiagHelp\find2.exe c:\Documents and Settings\user\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\user\Bureau\DiagHelp\grep.exe c:\Documents and Settings\user\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\user\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\user\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\user\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\user\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\user\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\user\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\user\Bureau\DiagHelp\streams.exe c:\Documents and Settings\user\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\user\Bureau\DiagHelp\tar.exe c:\Documents and Settings\user\Bureau\ps cs2\Setup.exe c:\Documents and Settings\user\Bureau\ps cs2\Adobe DNG Converter\Adobe DNG Converter.exe c:\Documents and Settings\user\Bureau\ps cs2\Adobe® Photoshop® CS2\instmsia.exe c:\Documents and Settings\user\Bureau\ps cs2\Adobe® Photoshop® CS2\instmsiw.exe c:\Documents and Settings\user\Bureau\ps cs2\Adobe® Photoshop® CS2\setup.exe c:\Documents and Settings\user\Mes documents\Emule\Redfield 9 Plugins Package + Crack + Addons\Pack de 9 Plugins\Redfield 9 filters package.exe c:\Documents and Settings\user\Mes documents\Emule\Redfield 9 Plugins Package + Crack + Addons\Plasteroid\version 1.10\TexturationPlasteroid (Plasteroid 1.10 & Texturation 3D 1.22) demo.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_USER-E9E6940105.tar.gz a l'adresse http://upload.malekal.com

j ai essayer de telecharger le programme mais la page web ne s affiche pas et il ne veut donc pas telecharger . Cependant voici le rapport hijackthis : ps: j ai stopper mes discussion sur les autre forum et je n ai pas fait d autre manip que la tienne Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:55:47, on 07/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\eMule\emule.exe C:\Program Files\VideoLAN\VLC\vlc.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe" /tray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12014SC Wireless Combo Set\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\12014SC Wireless Combo Set\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0B13EA69-C61D-4E7A-AA07-1999C7BFA2BC}: NameServer = 195.238.2.21,195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{0B13EA69-C61D-4E7A-AA07-1999C7BFA2BC}: NameServer = 195.238.2.21,195.238.2.22 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B13EA69-C61D-4E7A-AA07-1999C7BFA2BC}: NameServer = 195.238.2.21,195.238.2.22 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 5943 bytes

voici ce que j obtiens avec eset : et merci pour ton aide les autres forum eux ne repondent pas tu peux remarquer que je les ai mis en quarantaine mais je sais pas si je peux les suprimer # version=4 # OnlineScanner.ocx=1.0.0.56 # OnlineScannerDLLA.dll=1, 0, 0, 51 # OnlineScannerDLLW.dll=1, 0, 0, 51 # OnlineScannerUninstaller.exe=1, 0, 0, 49 # vers_standard_module=2767 (20080106) # vers_arch_module=1.060 (20071228) # vers_adv_heur_module=1.064 (20070717) # EOSSerial=264ca60d46c8ea4c92e9fc3fe348dc86 # end=finished # remove_checked=false # unwanted_checked=false # utc_time=2008-01-07 12:40:18 # local_time=2008-01-07 01:40:18 (+0100, Paris, Madrid) # country="France" # osver=5.1.2600 NT Service Pack 2 # scanned=132124 # found=18 # scan_time=853 C:\QooBox\Quarantine\catchme2008-01-06_232632.70.zip Win32/Adware.Virtumonde.FP application 5102E3FF29C8186338E5DBFA178F2476 C:\QooBox\Quarantine\catchme2008-01-06_232632.70.zip »ZIP »vtstu.dll Win32/Adware.Virtumonde.FP application 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Analog Devices\Core\smax4pnp.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4 .exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4 .exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4 .exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Analog Devices\SoundMAX\Smax4.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\DAEMON Tools Lite\daemon.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\Program Files\Windows Live\Messenger\MsnMsgr.Exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\WINDOWS\system32\RCX16.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\WINDOWS\system32\RCX17.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\WINDOWS\system32\RCX19.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\WINDOWS\system32\RCX1D.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\WINDOWS\system32\RCX1F.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000 C:\QooBox\Quarantine\C\WINDOWS\system32\vtstu.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000