manu37340

merci de m'avoir répondu. donne moi la démarche à suivre. ke faut il ke je t'envoi en premier?

merci d'avance

bonjour mon pc rame et des fenêtre s'ouvre toutes seules. de plus mon antivirus detecte un trojan mais n'arrive pas à le supprimer voici les rapports. que me conseillez vous? résultat diaghelp: DiagHelp version v1.4 - http://www.malekal.com excute le 06/07/2008 à 19:38:02,35 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\Layout.ini -->30/06/2008 20:53:54 C:\WINDOWS\System32\drivers\ndisio.sys -->02/07/2008 20:56:36 C:\WINDOWS\System32\drivers\bthport.sys -->14/06/2008 19:59:52 C:\WINDOWS\System32\drivers\RMCast.sys -->08/05/2008 14:28:50 C:\WINDOWS\System32\drivers\mrxdav.sys -->18/12/2007 10:51:36 C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54 C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:56 C:\WINDOWS\System32\drivers\pcouffin.sys -->14/10/2007 13:15:50 C:\WINDOWS\System32\eRLog.ini -->06/07/2008 15:56:56 C:\WINDOWS\System32\wpa.dbl -->06/07/2008 15:55:54 C:\WINDOWS\System32\edddefii.ini -->05/07/2008 17:12:40 C:\WINDOWS\System32\edddefii.ini2 -->05/07/2008 17:10:32 C:\WINDOWS\System32\chcxkodb.ini2 -->05/07/2008 13:43:42 C:\WINDOWS\System32\chcxkodb.tmp -->05/07/2008 13:43:40 C:\WINDOWS\System32\BDOKXCHC.0LL -->05/07/2008 13:43:28 C:\WINDOWS\System32\mbrxormm.ini -->05/07/2008 13:42:40 C:\WINDOWS\System32\392edcdf-.txt -->05/07/2008 13:41:20 C:\WINDOWS\System32\mcrh.tmp -->05/07/2008 12:10:22 C:\WINDOWS\System32\IIFEDDDE.0LL -->04/07/2008 13:40:32 C:\WINDOWS\System32\gxoriyst.ini -->04/07/2008 13:33:46 C:\WINDOWS\System32\LmmnWvut.ini -->03/07/2008 22:32:58 C:\WINDOWS\System32\LmmnWvut.ini2 -->03/07/2008 22:32:16 C:\WINDOWS\System32\clkcnt.txt -->03/07/2008 19:51:54 C:\WINDOWS\System32\lvcoinst.log -->03/07/2008 11:24:42 C:\WINDOWS\System32\ukgpuvon.ini -->03/07/2008 07:08:48 C:\WINDOWS\System32\HUU.0XE -->02/07/2008 20:56:36 C:\WINDOWS\System32\NOVUPGKU.0LL -->02/07/2008 20:51:46 C:\WINDOWS\System32\YLGGSJ.0LL -->02/07/2008 20:49:02 C:\WINDOWS\System32\eckee_navps.dat -->02/07/2008 19:44:46 C:\WINDOWS\System32\eckee.dat -->02/07/2008 19:44:08 C:\WINDOWS\System32\vyelcxo.dat -->27/06/2008 12:04:32 C:\WINDOWS\System32\vyelcxo_navps.dat -->27/06/2008 12:04:26 C:\WINDOWS\System32\vyelcxo_nav.dat -->27/06/2008 11:37:56 C:\WINDOWS\wiadebug.log -->06/07/2008 15:54:42 C:\WINDOWS\bootstat.dat -->06/07/2008 15:53:38 C:\WINDOWS\SchedLgU.Txt -->06/07/2008 15:52:46 C:\WINDOWS\wiaservc.log -->06/07/2008 15:52:42 C:\WINDOWS\bthservsdp.dat -->06/07/2008 15:52:40 C:\WINDOWS\cookies.ini -->05/07/2008 10:33:10 C:\WINDOWS\BM313e2b3d.xml -->02/07/2008 18:25:28 C:\WINDOWS\BM313e2b3d.txt -->11/06/2008 21:01:04 C:\WINDOWS\mozver.dat -->10/06/2008 10:28:00 C:\WINDOWS\disney.ini -->05/04/2008 19:21:06 C:\WINDOWS\disneysy.ini -->05/04/2008 19:07:46 C:\WINDOWS\b149.exe -->25/02/2008 14:19:18 C:\WINDOWS\QTFont.qfn -->09/02/2008 14:38:50 C:\WINDOWS\QTFont.for -->04/02/2008 18:28:38 C:\WINDOWS\bwUnin-6.3.2.123-6588780L.exe -->28/01/2008 18:01:24 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ Explorer.EXE pid: 4268 Command line: C:\WINDOWS\explorer.exe Base Size Version Path 0x44080000 0xd0000 7.00.6000.16674 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16674 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x10000000 0x8000 0.01.0000.0010 C:\Program Files\AntivirusFirewall\backweb\Spam Control\fsscoehk.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16674 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16674 C:\WINDOWS\system32\urlmon.dll 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16674 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x01b90000 0x7000 1.00.0000.0001 C:\PROGRA~1\WANADOO\Inactivity.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x02d60000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x18000000 0x11000 6.05.8452.0000 C:\Program Files\AntivirusFirewall\backweb\Common\FSPMAPI.dll 0x00e30000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x01460000 0x10000 5.91.0210.0000 C:\Program Files\AntivirusFirewall\backweb\FWES\Program\fsdc.dll 0x00dd0000 0x9000 5.50.9200.0000 C:\Program Files\AntivirusFirewall\backweb\Common\fpshx.dll 0x17000000 0x16000 6.05.8452.0000 C:\Program Files\AntivirusFirewall\backweb\Common\FSMA32.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x019b0000 0x2b000 C:\Program Files\WinRAR\rarext.dll 0x5f800000 0x16000 1.01.1593.0000 C:\PROGRA~1\WIFD1F~1\MpShHook.dll 0x78130000 0x9b000 8.00.50727.0163 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll 0x7c420000 0x87000 8.00.50727.0163 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCP80.dll 0x017a0000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 856 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x10000 6.14.0010.4114 C:\WINDOWS\system32\Ati2evxx.dll 0x01fc0000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x01410000 0x15000 C:\WINDOWS\system32\xxyxXPJY.dll 0x44080000 0xd0000 7.00.6000.16674 C:\WINDOWS\system32\WININET.dll 0x01440000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16674 C:\WINDOWS\system32\iertutil.dll 0x44160000 0x127000 7.00.6000.16674 C:\WINDOWS\system32\urlmon.dll 0x00f60000 0x10000 5.91.0210.0000 C:\Program Files\AntivirusFirewall\backweb\FWES\Program\fsdc.dll Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system 25/12/1998 07:15 345 983 RCDsetup.exe 10/09/1999 12:06 4 672 Wowpost.exe 17/02/2004 10:51 1 458 176 SmWizard.exe 3 fichier(s) 1 808 831 octets 0 Rép(s) 58 509 721 600 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system32 05/08/2004 05:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 58 509 721 600 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\Downloaded Program Files 17/10/2005 19:24 <REP> . 17/10/2005 19:24 <REP> .. 17/10/2005 19:24 65 desktop.ini 29/05/2003 15:00 160 864 messengerstatsclient.dll 29/05/2003 15:00 86 112 solitaireshowdown.dll 29/05/2003 15:00 84 064 minesweeper.dll 31/05/2002 09:20 117 328 purfr-fr.dll 29/05/2003 15:00 77 408 msgrchkr.dll 08/05/2006 15:36 <REP> DinerDash.1.0.0.80 31/03/2006 15:30 145 000 DinerDash.1.0.0.80.dll 31/03/2006 15:30 371 DinerDash.1.0.0.80.inf 15/10/2004 07:59 110 592 PURfr-xx.dll 17/05/2006 16:49 419 128 wlscBase.dll 17/05/2006 16:52 322 wlscBase.inf 17/07/2006 14:13 259 egaccess4.inf 16/05/2006 09:14 248 IaLdr32.inf 22/02/2007 23:41 304 544 MessengerStatsPAClient.dll 09/03/2007 15:49 <REP> CONFLICT.1 13/04/2007 15:27 367 LegitCheckControl.inf 20/11/2007 16:04 1 523 536 FP_AX_CAB_INSTALLER.exe 20/11/2007 15:50 247 swflash.inf 29/06/2007 22:34 448 024 GoPetsWeb.ocx 28/06/2007 14:18 907 GoPetsWeb.inf 28/09/2007 04:41 381 960 GAME_UNO1.dll 17/01/2007 15:44 316 GAME_UNO1.INF 19/03/2008 18:36 144 swdir.inf 11/04/2007 14:55 1 292 erma.inf 08/08/2006 11:45 576 kavwebscan.inf 04/06/2008 20:08 11 264 csswlng.dll 12/06/2008 12:14 278 528 cssweb.dll 12/06/2008 12:15 368 cssweb.inf 31/05/2006 04:15 10 oscan81.ocx_x 14/03/2005 14:38 126 live.ini 14/03/2005 14:58 7 073 scanoptions.tsi 16/03/2005 12:34 7 407 lang.ini 25/05/2006 01:21 53 248 ipsupd.dll 25/05/2006 01:21 118 784 bdupd.dll 07/12/2004 17:07 32 libfn.dll 07/12/2004 17:07 32 bdcore.dll 01/06/2006 02:54 471 040 oscan8.ocx 01/06/2006 02:57 1 331 oscan8.inf 37 fichier(s) 4 812 917 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:30 1 009 256 dinerdash.exe 08/05/2006 15:36 <REP> assets 1 fichier(s) 1 009 256 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 5 460 playfirst_logo.png 31/03/2006 15:28 11 803 strings.xml 08/05/2006 15:36 <REP> accessories 08/05/2006 15:36 <REP> backgrounds 08/05/2006 15:36 <REP> buttons 08/05/2006 15:36 <REP> comics 08/05/2006 15:36 <REP> config 08/05/2006 15:36 <REP> cook 08/05/2006 15:36 <REP> cursor 08/05/2006 15:36 <REP> flo 08/05/2006 15:36 <REP> fonts 08/05/2006 15:36 <REP> furniture 08/05/2006 15:36 <REP> hiscore 08/05/2006 15:36 <REP> layouts 08/05/2006 15:36 <REP> restaurants 08/05/2006 15:36 <REP> scripts 08/05/2006 15:36 <REP> splash 08/05/2006 15:36 <REP> ui 08/05/2006 15:36 <REP> audio 08/05/2006 15:36 <REP> customers 2 fichier(s) 17 263 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 568 cup.png 31/03/2006 15:27 619 customer_cup.png 31/03/2006 15:27 239 heart.png 31/03/2006 15:27 927 menu_down.png 31/03/2006 15:27 1 244 menu_up.png 31/03/2006 15:27 850 plates.png 31/03/2006 15:27 741 ticket.png 31/03/2006 15:27 1 639 tray.png 8 fichier(s) 6 827 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 1 319 choosedifficulty.png 31/03/2006 15:27 12 316 credits.jpg 31/03/2006 15:27 12 927 flo_lose.png 31/03/2006 15:27 13 807 flo_win.png 31/03/2006 15:27 16 725 help1.jpg 31/03/2006 15:27 18 595 help2.jpg 31/03/2006 15:27 14 327 highscores.jpg 31/03/2006 15:27 14 586 levelintro.jpg 31/03/2006 15:27 2 967 levelintro_mask.png 31/03/2006 15:27 14 582 levelover.jpg 31/03/2006 15:27 3 383 levelover_mask.png 31/03/2006 15:27 43 278 mainmenu.jpg 31/03/2006 15:27 7 362 popup.jpg 31/03/2006 15:27 1 899 popup_mask.png 31/03/2006 15:27 6 010 upgradegrid.png 31/03/2006 15:27 3 218 upgradetitle.png 31/03/2006 15:27 39 050 upsell.jpg 17 fichier(s) 226 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 825 arrowleft_blue.png 31/03/2006 15:27 995 arrowleft_yellow.png 31/03/2006 15:27 827 arrowright_blue.png 31/03/2006 15:27 991 arrowright_yellow.png 31/03/2006 15:27 2 326 backchalk.png 31/03/2006 15:27 2 960 backchalkup.png 31/03/2006 15:27 1 420 backtomenu_blue.png 31/03/2006 15:27 1 393 backtomenu_yellow.png 31/03/2006 15:27 1 795 back_blue.png 31/03/2006 15:27 1 761 back_yellow.png 31/03/2006 15:27 2 403 cancel.png 31/03/2006 15:27 2 368 cancelup.png 31/03/2006 15:27 2 722 career.png 31/03/2006 15:27 2 714 career_over.png 31/03/2006 15:27 2 156 close.png 31/03/2006 15:27 2 223 closeup.png 31/03/2006 15:27 3 346 continue.png 31/03/2006 15:27 3 208 continueover.png 31/03/2006 15:27 1 378 credits_blue.png 31/03/2006 15:27 1 365 credits_yellow.png 31/03/2006 15:27 2 073 download_blue.png 31/03/2006 15:27 2 081 download_yellow.png 31/03/2006 15:27 2 530 easy.png 31/03/2006 15:27 1 695 easy_over.png 31/03/2006 15:27 2 882 endlessshift.png 31/03/2006 15:27 2 886 endlessshift_over.png 31/03/2006 15:27 2 525 hard.png 31/03/2006 15:27 1 780 hard_over.png 31/03/2006 15:27 1 397 help.png 31/03/2006 15:27 1 395 help_over.png 31/03/2006 15:27 2 871 highscores.png 31/03/2006 15:27 2 871 highscores_over.png 31/03/2006 15:27 1 492 instructions_blue.png 31/03/2006 15:27 1 487 instructions_yellow.png 31/03/2006 15:27 1 491 letsplay.png 31/03/2006 15:27 1 491 letsplayover.png 31/03/2006 15:27 2 934 medium.png 31/03/2006 15:27 1 972 medium_over.png 31/03/2006 15:27 2 909 moreinfo.png 31/03/2006 15:27 2 903 moreinfoup.png 31/03/2006 15:27 580 off.png 31/03/2006 15:27 580 off_on.png 31/03/2006 15:27 505 on.png 31/03/2006 15:27 504 on_on.png 31/03/2006 15:27 827 pause.png 31/03/2006 15:27 843 pauseover.png 31/03/2006 15:27 2 835 quit.png 31/03/2006 15:27 3 776 quitgame.png 31/03/2006 15:27 3 122 quitgameover.png 31/03/2006 15:27 2 866 quitover.png 31/03/2006 15:27 3 762 resumegame.png 31/03/2006 15:27 3 196 resumegameover.png 31/03/2006 15:27 2 812 submit.png 31/03/2006 15:27 2 737 submitup.png 31/03/2006 15:27 3 175 tryagain.png 31/03/2006 15:27 3 244 tryagainover.png 31/03/2006 15:27 4 392 upgrade_over.png 31/03/2006 15:27 4 429 upgrade_up.png 31/03/2006 15:27 4 235 viewglobal.png 31/03/2006 15:27 4 219 viewglobalup.png 31/03/2006 15:27 3 710 viewhighscore.png 31/03/2006 15:27 3 250 viewhighscoreon.png 31/03/2006 15:27 4 189 viewlocal.png 31/03/2006 15:27 4 173 viewlocalup.png 64 fichier(s) 150 802 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\comics 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 31 920 webcomic.jpg 1 fichier(s) 31 920 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 33 657 career.xml 31/03/2006 15:27 11 169 customer.xml 31/03/2006 15:27 17 741 endless.xml 31/03/2006 15:27 621 global.xml 31/03/2006 15:27 3 137 powerups.xml 5 fichier(s) 66 325 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 6 690 cook.png 31/03/2006 15:27 3 091 cook.xml 31/03/2006 15:27 228 stove.png 3 fichier(s) 10 009 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 1 773 arrow.png 31/03/2006 15:27 2 028 click.png 31/03/2006 15:27 1 926 click2.png 31/03/2006 15:27 1 726 grab.png 31/03/2006 15:27 2 274 open.png 5 fichier(s) 9 727 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 21 613 idle.png 31/03/2006 15:27 2 752 idle.xml 31/03/2006 15:27 6 943 lower.png 31/03/2006 15:27 2 177 lower.xml 31/03/2006 15:27 16 974 upper.png 31/03/2006 15:27 6 892 upper.xml 6 fichier(s) 57 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 36 107 arial.mvec 31/03/2006 15:27 34 231 komikaaxis.mvec 2 fichier(s) 70 338 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 5 529 chair.png 31/03/2006 15:27 2 914 chair.xml 31/03/2006 15:27 1 512 dirt2top.png 31/03/2006 15:27 1 762 dirt4top.png 31/03/2006 15:27 11 831 dishcart.png 31/03/2006 15:27 1 455 dishcart.xml 31/03/2006 15:27 2 990 drinkstation_off.png 31/03/2006 15:27 3 248 drinkstation_on1.png 31/03/2006 15:27 2 965 drinkstation_on2.png 31/03/2006 15:28 14 012 ticketstation.png 31/03/2006 15:28 2 621 ticketstation.xml 11 fichier(s) 50 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 700 arrowdown.png 31/03/2006 15:28 699 arrowdownon.png 31/03/2006 15:28 684 arrowleft.png 31/03/2006 15:28 684 arrowlefton.png 31/03/2006 15:28 677 arrowright.png 31/03/2006 15:28 679 arrowrighton.png 31/03/2006 15:28 701 arrowup.png 31/03/2006 15:28 703 arrowupon.png 31/03/2006 15:28 357 p1icon.png 31/03/2006 15:28 3 844 textedit.png 31/03/2006 15:28 2 066 title.png 11 fichier(s) 11 794 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 301 endless_1_1.txt 31/03/2006 15:28 301 endless_1_1_a.txt 31/03/2006 15:28 301 endless_1_1_b.txt 31/03/2006 15:28 301 endless_1_1_c.txt 31/03/2006 15:28 301 endless_1_2.txt 31/03/2006 15:28 301 endless_1_2_a.txt 31/03/2006 15:28 313 endless_1_2_b.txt 31/03/2006 15:28 301 endless_1_2_c.txt 31/03/2006 15:28 301 endless_1_2_d.txt 31/03/2006 15:28 301 endless_1_3.txt 31/03/2006 15:28 301 endless_1_3_a.txt 31/03/2006 15:28 301 endless_1_3_b.txt 31/03/2006 15:28 301 endless_1_3_c.txt 31/03/2006 15:28 301 endless_1_3_d.txt 31/03/2006 15:28 313 fifth_level_diner.txt 31/03/2006 15:28 313 first_level_diner.txt 31/03/2006 15:28 313 fourth_level_diner.txt 31/03/2006 15:28 313 second_level_diner.txt 18 fichier(s) 5 478 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 2 996 tableshadow.png 08/05/2006 15:36 <REP> diner 1 fichier(s) 2 996 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 23 014 background.jpg 31/03/2006 15:28 443 upgrades.xml 08/05/2006 15:36 <REP> food 08/05/2006 15:36 <REP> frames 08/05/2006 15:36 <REP> tables 2 fichier(s) 23 457 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 3 323 food1.png 31/03/2006 15:28 679 food1.xml 31/03/2006 15:28 3 217 food2.png 31/03/2006 15:28 678 food2.xml 31/03/2006 15:28 3 263 food3.png 31/03/2006 15:28 678 food3.xml 6 fichier(s) 11 838 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\frames 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 28 970 upgrade_0001.png 1 fichier(s) 28 970 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 2 142 2top.png 31/03/2006 15:28 1 757 2top.xml 31/03/2006 15:28 1 926 4top.png 31/03/2006 15:28 2 227 4top.xml 4 fichier(s) 8 052 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 1 947 choosedifficulty.lua 31/03/2006 15:28 3 861 chooseplayer.lua 31/03/2006 15:28 1 497 chooserestaurant.lua 31/03/2006 15:28 8 311 credits.lua 31/03/2006 15:28 4 094 game.lua 31/03/2006 15:28 1 300 gothighscore.lua 31/03/2006 15:28 2 500 help.lua 31/03/2006 15:28 3 381 help2.lua 31/03/2006 15:28 14 475 hiscore.lua 31/03/2006 15:28 702 hiscoreinfo.lua 31/03/2006 15:28 3 784 hiscoresubmit.lua 31/03/2006 15:28 1 582 levelintro.lua 31/03/2006 15:28 3 757 levelover.lua 31/03/2006 15:28 775 loading.lua 31/03/2006 15:28 825 mainloop.lua 31/03/2006 15:28 2 574 mainmenu.lua 31/03/2006 15:28 836 ok.lua 31/03/2006 15:28 2 057 pause.lua 31/03/2006 15:28 1 323 style.lua 31/03/2006 15:28 1 521 tutorialintro.lua 31/03/2006 15:28 2 754 upgrade.lua 31/03/2006 15:28 973 upsell.lua 31/03/2006 15:28 2 247 webcomic.lua 31/03/2006 15:28 1 516 yesno.lua 24 fichier(s) 68 592 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 7 620 aol_logo.png 31/03/2006 15:28 7 639 gamelabsplash.jpg 31/03/2006 15:28 21 506 playfirst_logo.jpg 3 fichier(s) 36 765 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 3 181 angersmoke.png 31/03/2006 15:28 1 179 angersmoke.xml 31/03/2006 15:28 2 098 chairflags.png 31/03/2006 15:28 1 884 chairflags.xml 31/03/2006 15:28 1 641 check.png 31/03/2006 15:28 335 checkmark.png 31/03/2006 15:28 9 739 clock.png 31/03/2006 15:28 3 021 closed.png 31/03/2006 15:28 5 511 closingtime.png 31/03/2006 15:28 2 511 coinflip.png 31/03/2006 15:28 1 146 coinflip.xml 31/03/2006 15:28 1 182 dollar.png 31/03/2006 15:28 6 341 expert.png 31/03/2006 15:28 3 910 expertscore.png 31/03/2006 15:28 5 463 foodpoof.png 31/03/2006 15:28 640 foodpoof.xml 31/03/2006 15:28 2 676 fork_timer.png 31/03/2006 15:28 2 680 goalcompleted.png 31/03/2006 15:28 2 013 heartgrow.png 31/03/2006 15:28 1 117 heartgrow.xml 31/03/2006 15:28 18 939 jar.png 31/03/2006 15:28 941 jar.xml 31/03/2006 15:28 10 376 level.png 31/03/2006 15:28 4 276 level_career.png 31/03/2006 15:28 8 910 score.png 31/03/2006 15:28 697 sound.png 31/03/2006 15:28 862 staroff.png 31/03/2006 15:28 1 830 staron.png 31/03/2006 15:28 2 187 tablenumber.png 31/03/2006 15:28 2 303 tablenumberup.png 31/03/2006 15:28 419 traynumber.png 31/03/2006 15:28 1 014 tutorialarrow.png 31/03/2006 15:28 1 880 tutorialbox.png 31/03/2006 15:28 6 924 tutorial_character.png 31/03/2006 15:28 11 027 upgradeanim.png 31/03/2006 15:28 1 457 upgradeanim.xml 08/05/2006 15:36 <REP> doodles 08/05/2006 15:36 <REP> upgrades 36 fichier(s) 132 310 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 5 155 coffee.png 31/03/2006 15:28 3 960 tables.png 31/03/2006 15:28 2 928 wallpaper.png 3 fichier(s) 12 043 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:28 2 301 drinks.png 31/03/2006 15:28 4 505 maitred.png 31/03/2006 15:28 3 783 oven.png 31/03/2006 15:28 4 177 select.png 31/03/2006 15:28 2 482 shoes.png 31/03/2006 15:28 4 267 stereo.png 31/03/2006 15:28 3 924 table.png 7 fichier(s) 25 439 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 08/05/2006 15:36 <REP> music 08/05/2006 15:36 <REP> sfx 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\music 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 55 809 mainmenumusic.ogg 1 fichier(s) 55 809 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 5 299 sfx_bring_check_1_snd.ogg 31/03/2006 15:27 3 602 sfx_deliver_food_1_snd.ogg 31/03/2006 15:27 5 560 sfx_deliver_order_1_snd.ogg 31/03/2006 15:27 9 248 sfx_diner.ogg 31/03/2006 15:27 3 906 sfx_dish_dropoff_1_snd.ogg 31/03/2006 15:27 3 932 sfx_food_ready_1_snd.ogg 31/03/2006 15:27 3 650 sfx_gain_heart_1.ogg 31/03/2006 15:27 14 169 sfx_get_drinks_1_snd.ogg 31/03/2006 15:27 6 727 sfx_party_arrive_1_snd.ogg 31/03/2006 15:27 4 861 sfx_pencil_write_2.ogg 31/03/2006 15:27 4 413 sfx_pickup_food_1_snd.ogg 31/03/2006 15:27 2 868 sfx_rollover_1.ogg 31/03/2006 15:27 4 862 sfx_seat_people_snd.ogg 13 fichier(s) 73 097 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 08/05/2006 15:36 <REP> old_male 08/05/2006 15:36 <REP> young_female 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 13 644 anim.xml 08/05/2006 15:36 <REP> blue 08/05/2006 15:36 <REP> green 08/05/2006 15:36 <REP> purple 08/05/2006 15:36 <REP> red 08/05/2006 15:36 <REP> yellow 1 fichier(s) 13 644 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 14 880 anim.png 31/03/2006 15:27 1 479 anim.xml 31/03/2006 15:27 678 sit_legs.png 3 fichier(s) 17 037 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 14 567 anim.png 31/03/2006 15:27 1 481 anim.xml 31/03/2006 15:27 626 sit_legs.png 3 fichier(s) 16 674 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 14 859 anim.png 31/03/2006 15:27 1 483 anim.xml 31/03/2006 15:27 640 sit_legs.png 3 fichier(s) 16 982 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 14 840 anim.png 31/03/2006 15:27 1 477 anim.xml 31/03/2006 15:27 649 sit_legs.png 3 fichier(s) 16 966 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 14 982 anim.png 31/03/2006 15:27 1 483 anim.xml 31/03/2006 15:27 786 sit_legs.png 3 fichier(s) 17 251 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 13 571 anim.xml 08/05/2006 15:36 <REP> blue 08/05/2006 15:36 <REP> green 08/05/2006 15:36 <REP> purple 08/05/2006 15:36 <REP> red 08/05/2006 15:36 <REP> yellow 1 fichier(s) 13 571 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 11 922 anim.png 31/03/2006 15:27 1 485 anim.xml 31/03/2006 15:27 476 sit_legs.png 3 fichier(s) 13 883 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 11 759 anim.png 31/03/2006 15:27 1 487 anim.xml 31/03/2006 15:27 448 sit_legs.png 3 fichier(s) 13 694 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 11 875 anim.png 31/03/2006 15:27 1 489 anim.xml 31/03/2006 15:27 475 sit_legs.png 3 fichier(s) 13 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 11 584 anim.png 31/03/2006 15:27 1 483 anim.xml 31/03/2006 15:27 466 sit_legs.png 3 fichier(s) 13 533 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow 08/05/2006 15:36 <REP> . 08/05/2006 15:36 <REP> .. 31/03/2006 15:27 12 011 anim.png 31/03/2006 15:27 1 489 anim.xml 31/03/2006 15:27 483 sit_legs.png 3 fichier(s) 13 983 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 09/03/2007 15:49 <REP> . 09/03/2007 15:49 <REP> .. 28/02/2007 14:21 130 472 MineSweeper.dll 28/02/2007 14:21 142 248 SolitaireShowdown.dll 28/02/2007 14:21 131 472 msgrchkr.dll 3 fichier(s) 404 192 octets Total des fichiers listés : 327 fichier(s) 7 601 814 octets 125 Rép(s) 58 508 673 024 octets libres Recherche de rootkit! (Merci S!Ri) infection possible Magic.Control : un scan F-Secure BlackLight est recommandé Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe"="C:\\Program Files\\Securitoo\\Av_Fw\\backweb\\8520111\\Program\\fspex.exe:*:Enabled:Securitoo Antivirus Firewall" "C:\\Program Files\\WinAntiVirus Pro 2006\\Updater.exe"="C:\\Program Files\\WinAntiVirus Pro 2006\\Updater.exe:*:Enabled:updater.exe" "C:\\WINDOWS\\System32\\ftp.exe"="C:\\WINDOWS\\System32\\ftp.exe:*:Disabled:Logiciel de transfert de fichiers" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\Bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\AntivirusFirewall\\backweb\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\backweb\\6588780\\Program\\fspex.exe:*:Enabled:Antivirus Firewall" "C:\\Program Files\\BoontyGames\\Taxi Racer London 2\\LT2.EXE"="C:\\Program Files\\BoontyGames\\Taxi Racer London 2\\LT2.EXE:*:Disabled:Taxi Racer" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Documents and Settings\\cognard emmanuel\\rtwf.exe"="C:\\Documents and Settings\\cognard emmanuel\\rtwf.exe:*:Enabled:ENABLE" "C:\\WINDOWS\\system32\\fxge.exe"="C:\\WINDOWS\\system32\\fxge.exe:*:Enabled:ENABLE" "C:\\Documents and Settings\\cognard emmanuel\\naw.exe"="C:\\Documents and Settings\\cognard emmanuel\\naw.exe:*:Enabled:ENABLE" "C:\\WINDOWS\\system32\\huu.exe"="C:\\WINDOWS\\system32\\huu.exe:*:Enabled:ENABLE" "C:\\Documents and Settings\\cognard emmanuel\\tiq.exe"="C:\\Documents and Settings\\cognard emmanuel\\tiq.exe:*:Enabled:ENABLE" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\AntivirusFirewall\\backweb\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\backweb\\6588780\\Program\\fspex.exe:*:Enabled:Antivirus Firewall" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 www.housecall.trendmicro.com 127.0.0.1 www.research.sunbelt-software.com 127.0.0.1 www.pandasecurity.com catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-06 19:39:26 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden services ... scanning hidden autostart entries ... HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\cognard emmanuel\tiq.exe \s???? ?a?n?d? ?S?e?t?t?i?n?g?s?\?c?o?g?n?a?r?d? ?e?m?m?a?n?u?e?l?\?r?t?w?f?.?e?x?e? ?\?s??????? ???a???n???d??? ???S???e???t???t???i???n???g???s???\???c???o???g???n? scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 312 - CDAC11BA.EXE 428 - cisvc.exe 488 - fspex.exe 536 - ispnews.exe 556 - EIJPCX01.EXE 604 - FSGK32.EXE 624 - fsbwsys.exe 660 - fssm32.exe 688 - FSMA32.EXE 832 - csrss.exe 856 - winlogon.exe 900 - services.exe 912 - lsass.exe 960 - FSMB32.EXE 1092 - svchost.exe 1168 - svchost.exe 1244 - FCH32.EXE 1264 - MsMpEng.exe 1304 - svchost.exe 1328 - Monitor.exe 1332 - AGRSMMSG.exe 1376 - svchost.exe 1512 - svchost.exe 1600 - spoolsv.exe 1980 - fsqh.exe 1984 - FAMEH32.EXE 2008 - MediaServerServ 2176 - fsrw.exe 2184 - hpqtra08.exe 2392 - TaskBarIcon.exe 2420 - Watch.exe 2432 - AspireService.e 2484 - GestionnaireInt 2500 - MediaSync.exe 2600 - CALMAIN.exe 2716 - FSM32.EXE 2724 - fsguidll.exe 2776 - fsav32.exe 3048 - fsdfwd.exe 3184 - msnclicfg.exe --[Hidden]-- 3232 - ctfmon.exe 3336 - LVCOMSX.EXE 3352 - LogitechDesktop 3460 - WINWORD.EXE 3520 - rundll32.exe 3576 - alg.exe 3764 - MSASCui.exe 3800 - ComComp.exe 3892 - Toaster.exe 3908 - Inactivity.exe 3940 - PollingModule.e 4012 - ALERTM~1.EXE 4268 - Explorer.EXE 4428 - cidaemon.exe 5056 - msnmsgr.exe 5268 - DownloadManager 5276 - WOOBrowser.exe 5292 - cmd.exe Total number of processes = 59 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806CE000 - \WINDOWS\system32\hal.dll F8B65000 - \WINDOWS\system32\KDCOM.DLL F8A75000 - \WINDOWS\system32\BOOTVID.dll F8535000 - ACPI.sys F8B67000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F8524000 - pci.sys F8665000 - isapnp.sys F8C2D000 - pciide.sys F88E5000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F8B69000 - viaide.sys F8675000 - MountMgr.sys F8505000 - ftdisk.sys F88ED000 - PartMgr.sys F8685000 - VolSnap.sys F84ED000 - atapi.sys F8695000 - disk.sys F86A5000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F84CD000 - fltMgr.sys F84BB000 - sr.sys F86B5000 - MPRIFL.SYS F88F5000 - PxHelp20.sys F8498000 - Fastfat.sys F8481000 - KSecDD.sys F846F000 - fsdfw.sys F8442000 - \WINDOWS\System32\drivers\NDIS.SYS F86C5000 - \WINDOWS\System32\drivers\fsndis5.sys F88FD000 - viaagp1.sys F8427000 - Mup.sys F86D5000 - gagp30kx.sys F8AF9000 - \SystemRoot\system32\DRIVERS\tunmp.sys F8705000 - \SystemRoot\system32\DRIVERS\processr.sys F82D9000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys F82C5000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F818F000 - \SystemRoot\system32\DRIVERS\AGRSM.sys F892D000 - \SystemRoot\System32\Drivers\Modem.SYS F8715000 - \SystemRoot\system32\DRIVERS\imapi.sys F8935000 - \SystemRoot\system32\drivers\Afc.sys F8B05000 - \SystemRoot\System32\Drivers\UBHelper.SYS F8725000 - \SystemRoot\system32\DRIVERS\cdrom.sys F8735000 - \SystemRoot\system32\DRIVERS\redbook.sys F816C000 - \SystemRoot\system32\DRIVERS\ks.sys F8B6B000 - \SystemRoot\system32\DRIVERS\NTIDrvr.sys F893D000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F8149000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F8945000 - \SystemRoot\system32\DRIVERS\usbehci.sys F7D71000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F7D4D000 - \SystemRoot\system32\drivers\portcls.sys F8755000 - \SystemRoot\system32\drivers\drmk.sys F7D3A000 - \SystemRoot\system32\DRIVERS\Rtlnicxp.sys F894D000 - \SystemRoot\system32\DRIVERS\fdc.sys F7D29000 - \SystemRoot\system32\DRIVERS\serial.sys F8B0D000 - \SystemRoot\system32\DRIVERS\serenum.sys F7D15000 - \SystemRoot\system32\DRIVERS\parport.sys F8765000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F8955000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F8CED000 - \SystemRoot\system32\DRIVERS\audstub.sys F8B79000 - \SystemRoot\System32\Drivers\RootMdm.sys F87C5000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F8B11000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F7CFE000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F7CCB000 - \SystemRoot\system32\DRIVERS\ndisio.sys F87D5000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F87E5000 - \SystemRoot\system32\DRIVERS\raspptp.sys F895D000 - \SystemRoot\system32\DRIVERS\TDI.SYS F7C92000 - \SystemRoot\system32\DRIVERS\psched.sys F87F5000 - \SystemRoot\system32\DRIVERS\msgpc.sys F8965000 - \SystemRoot\system32\DRIVERS\ptilink.sys F896D000 - \SystemRoot\system32\DRIVERS\raspti.sys F8805000 - \SystemRoot\System32\Drivers\pcouffin.sys F8815000 - \SystemRoot\system32\DRIVERS\termdd.sys F8975000 - \SystemRoot\system32\DRIVERS\mouclass.sys F8B7B000 - \SystemRoot\system32\DRIVERS\swenum.sys F7BBE000 - \SystemRoot\system32\DRIVERS\update.sys F8B1D000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F8825000 - \SystemRoot\System32\Drivers\NDProxy.SYS F8B39000 - \SystemRoot\system32\drivers\MODEMCSA.sys F8885000 - \SystemRoot\system32\DRIVERS\usbhub.sys F8B7F000 - \SystemRoot\system32\DRIVERS\USBD.SYS F8B81000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F8D11000 - \SystemRoot\System32\Drivers\Null.SYS F8B83000 - \SystemRoot\System32\Drivers\Beep.SYS F8985000 - \SystemRoot\System32\drivers\vga.sys F8B85000 - \SystemRoot\System32\Drivers\mnmdd.SYS F8B87000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F898D000 - \SystemRoot\System32\Drivers\Msfs.SYS F8995000 - \SystemRoot\System32\Drivers\Npfs.SYS F8B5D000 - \SystemRoot\system32\DRIVERS\rasacd.sys EFB43000 - \SystemRoot\system32\DRIVERS\ipsec.sys EFAEB000 - \SystemRoot\system32\DRIVERS\tcpip.sys EFAB3000 - \SystemRoot\system32\DRIVERS\tcpip6.sys EFA8B000 - \SystemRoot\system32\DRIVERS\netbt.sys EFA69000 - \SystemRoot\System32\drivers\afd.sys F8895000 - \SystemRoot\system32\DRIVERS\netbios.sys EFA3E000 - \SystemRoot\system32\DRIVERS\rdbss.sys EF9A7000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F88A5000 - \SystemRoot\System32\Drivers\Fips.SYS EF986000 - \SystemRoot\system32\DRIVERS\ipnat.sys F899D000 - \SystemRoot\system32\DRIVERS\Ip6Fw.sys F88B5000 - \SystemRoot\system32\DRIVERS\wanarp.sys F89A5000 - \SystemRoot\system32\DRIVERS\usbccgp.sys F88D5000 - \SystemRoot\system32\drivers\lvusbsta.sys F7CC7000 - \SystemRoot\system32\DRIVERS\usbscan.sys F89AD000 - \SystemRoot\system32\DRIVERS\usbprint.sys F89B5000 - \SystemRoot\system32\DRIVERS\HPZius12.sys F8745000 - \SystemRoot\system32\DRIVERS\HPZid412.sys F7CC3000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys EF88A000 - \SystemRoot\system32\DRIVERS\LV561AV.SYS F8775000 - \SystemRoot\system32\DRIVERS\STREAM.SYS F89BD000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F7CBF000 - \SystemRoot\system32\DRIVERS\hidusb.sys F8785000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F89C5000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F7CBB000 - \SystemRoot\system32\DRIVERS\mouhid.sys F8795000 - \SystemRoot\System32\Drivers\Cdfs.SYS EF872000 - \SystemRoot\System32\Drivers\dump_atapi.sys F8B89000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F7CAB000 - \SystemRoot\System32\drivers\Dxapi.sys F89CD000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F8C30000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA10000 - \SystemRoot\System32\ati2cqag.dll BFA42000 - \SystemRoot\System32\atikvmag.dll BFA74000 - \SystemRoot\System32\ati3duag.dll BFCA5000 - \SystemRoot\System32\ativvaxx.dll ED44D000 - \SystemRoot\system32\drivers\wdmaud.sys ED6AA000 - \SystemRoot\system32\drivers\sysaudio.sys ED3FE000 - \SystemRoot\system32\DRIVERS\mrxdav.sys ED486000 - \SystemRoot\System32\Drivers\Aspi32.SYS ED342000 - \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS F89F5000 - \??\C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\Win2K\FSrec.sys ECE1E000 - \SystemRoot\System32\Drivers\HTTP.sys ECE0D000 - \??\C:\Program Files\acer\eRecovery\int15.sys F8D4B000 - \??\C:\WINDOWS\system32\STEC3.sys ECBDB000 - \SystemRoot\system32\DRIVERS\srv.sys ECF7F000 - \??\C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\Win2K\FSfilter.sys ECF8F000 - \??\C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\Win2K\FSgk.sys EC730000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS BAFD5000 - \SystemRoot\system32\drivers\kmixer.sys F8D00000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 142 Liste des programmes installes 1400 1400_Help 1400Trb Acer eConsole Acer eMode Management Adaptec UDF Reader Adobe Acrobat 5.0 Adobe Flash Player ActiveX Adobe Reader 7.1.0 - Français Adobe Shockwave Player Agere Systems PCI Soft Modem AiO_Scan AiOSoftware AntiVirus Firewall Archiveur WinRAR Assistant de connexion Windows Live ATI Display Driver Avanquest update Barre d'outils MSN BufferChm C-Media WDM Audio Driver Canon Camera Access Library Canon Camera Support Core Library Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX Canon G.726 WMP-Decoder CANON iMAGE GATEWAY Task Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities EOS Utility Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX CCleaner (remove only) ConvertXtoDVD 2.2.3.258 Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB914440) Correctif Windows XP - KB867282 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893086 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 Creative System Information Creative Zen Nano Plus Desperate Housewives Destinations DeviceManagementQFolder DivX DivX Converter DivX Player DivX Web Player DocProc Dream Day Honeymoon DVD Decrypter (Remove Only) EPSON Logiciel imprimante eSupportQFolder Fax Folder Lockbox 1.1 for Windows 2000/XP GalleryPlayer Images GdiplusUpgrade Gestionnaire Internet Google Toolbar for Firefox Google Toolbar for Internet Explorer Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) HP Imaging Device Functions 5.3 HP Photosmart Essential HP PSC & OfficeJet 5.3.B HP Software Update HP Solution Center & Imaging Support Tools 5.3 HPProductAssistant J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 2 J2SE Runtime Environment 5.0 Update 6 Java 6 Update 2 Java 6 Update 3 Java 6 Update 5 Java SE Runtime Environment 6 Update 1 Kaspersky Online Scanner Lecteur Windows Media 11 Logiciel QuickCam de Logitech Logitech Desktop Messenger Logitech Print Service Macromedia Flash Player 8 Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office PowerPoint Viewer 2003 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Word 2002 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931768) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB941644) Mise à jour de sécurité pour Windows XP (KB941693) Mise à jour de sécurité pour Windows XP (KB943055) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB943485) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour de sécurité pour Windows XP (KB945553) Mise à jour de sécurité pour Windows XP (KB946026) Mise à jour de sécurité pour Windows XP (KB948590) Mise à jour de sécurité pour Windows XP (KB948881) Mise à jour de sécurité pour Windows XP (KB950749) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB932823-v3) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) mobile PhoneTools MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) Music Manager Navigateur Orange NewCopy NTI Backup NOW! 4 NTI Backup NOW! 4 NTI CD & DVD-Maker NTI CD & DVD-Maker NTI HomeVideo-Maker PhotoFiltre ProductContext Programme de gestion Camera de Logitech® Readme RealPlayer Realtek AC'97 Audio SafeCast Shared Components Satsuki Decoder Pack Scan ScannerCopy Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) SolutionCenter Sony Print Service Status SweetIM For Internet Explorer 1.0a TrayApp Unload WebFldrs XP WebReg Winamp (remove only) Windows Defender Windows Imaging Component Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live installer Windows Live Messenger Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files 17/10/2005 19:19 <REP> . 17/10/2005 19:19 <REP> .. 07/05/2008 08:34 10 .autoreg 17/10/2005 20:10 <REP> acer 17/10/2005 19:36 <REP> Adobe 06/07/2007 13:13 <REP> Agendis 23/01/2008 15:17 <REP> AntivirusFirewall 14/10/2006 11:13 <REP> Boonty 26/05/2006 13:21 <REP> BoontyGames 05/04/2008 19:08 <REP> Buena Vista Games 26/12/2006 10:52 <REP> Canon 06/07/2008 16:25 <REP> CCleaner 26/03/2006 17:19 <REP> Common Files 17/10/2005 19:24 <REP> ComPlus Applications 27/05/2006 19:25 <REP> Creative 17/10/2005 19:40 <REP> CyberLink 06/05/2006 17:22 <REP> DIFX 29/05/2006 18:57 <REP> DivX 06/09/2007 22:05 <REP> DMV 17/03/2007 17:57 <REP> DVD Decrypter 26/05/2006 13:22 <REP> eMule 17/10/2005 19:19 <REP> Fichiers communs 26/02/2007 08:04 <REP> Folder Lockbox 29/12/2006 14:00 <REP> FunWebProducts 19/04/2007 10:33 <REP> Gamenext 25/03/2006 11:11 <REP> Google 17/12/2005 19:13 <REP> GotSmiley 25/06/2006 10:16 <REP> Hewlett-Packard 01/10/2005 16:28 <REP> HP 27/06/2008 12:06 <REP> InetGet2 30/07/2006 19:06 <REP> Instant Access 17/10/2005 19:24 <REP> Internet Explorer 08/01/2008 12:30 <REP> Inventel 01/10/2005 15:43 <REP> Java 01/11/2006 10:19 <REP> Lavasoft 02/10/2005 09:40 <REP> LiveUpdate 05/03/2006 18:19 <REP> Logitech 19/03/2006 17:38 <REP> Macrogaming 28/06/2006 19:50 <REP> MailSkinner 09/01/2007 17:44 <REP> Mes Jeux Téléchargés 27/06/2008 12:07 <REP> Messenger Plus! Live 09/05/2007 20:20 <REP> Microsoft CAPICOM 2.1.0.2 17/10/2005 19:26 <REP> microsoft frontpage 01/10/2005 16:00 <REP> Microsoft Office 12/01/2008 08:51 <REP> Microsoft SQL Server Compact Edition 27/06/2008 12:06 <REP> mobile PhoneTools 07/05/2006 11:28 <REP> monAlbumPhoto 17/10/2005 19:24 <REP> Movie Maker 01/11/2006 10:21 <REP> Mozilla Firefox 10/06/2008 09:18 <REP> Mozilla Firefox(2) 17/10/2005 19:23 <REP> MSN 08/05/2006 15:36 <REP> MSN Games 17/10/2005 19:23 <REP> MSN Gaming Zone 07/05/2006 21:35 <REP> MSN Pictures Displayer 27/06/2008 12:07 <REP> MSN Toolbar 21/11/2006 17:12 <REP> MSXML 4.0 27/05/2006 19:36 <REP> Music Manager 29/12/2006 14:00 <REP> MyWebSearch 17/10/2005 19:24 <REP> NetMeeting 17/10/2005 19:38 <REP> NewTech Infosystems 17/10/2005 19:41 <REP> Norton AntiVirus 25/03/2006 17:10 <REP> Oberon Media 17/10/2005 19:24 <REP> Outlook Express 09/03/2007 15:25 <REP> PhotoDeluxe BE 1.0 TO 26/06/2008 10:04 <REP> PhotoFiltre 26/10/2006 16:12 <REP> Plus! 01/11/2006 10:36 <REP> Real 08/06/2007 21:22 <REP> Realtek AC97 28/12/2005 15:49 <REP> Samsung 27/06/2008 12:06 <REP> Satsuki Decoder Pack 10/03/2006 11:44 <REP> Securitoo 14/03/2007 14:50 899 414 SetupDVDDecrypter_3.5.4.0.exe 14/07/2006 17:41 <REP> Sony Print Service 27/06/2008 12:08 <REP> Spcron 26/10/2006 10:37 <REP> Téléchargeur de 7 Sins MS 27/06/2008 12:06 <REP> Temporary 17/06/2008 11:12 <REP> Virtools Web Player 3.5 14/10/2007 13:15 <REP> VSO 23/07/2006 16:24 <REP> Wanadoo 04/06/2006 10:14 <REP> WIDCOMM 31/05/2006 19:27 <REP> Winamp 27/05/2007 08:56 <REP> Windows Defender 11/06/2008 20:54 <REP> Windows Live 08/06/2006 14:14 <REP> Windows Live Safety Center 27/10/2006 07:42 <REP> Windows Live Toolbar 27/05/2007 09:37 <REP> Windows Media Connect 2 17/10/2005 19:23 <REP> Windows Media Player 17/10/2005 19:23 <REP> Windows NT 24/06/2006 20:40 <REP> WinRAR 17/10/2005 19:26 <REP> xerox 27/06/2008 12:06 <REP> YesMessenger 03/11/2006 11:53 <REP> Zylom Games 27/06/2008 12:06 <REP> ?asks 2 fichier(s) 899 424 octets 91 Rép(s) 58 516 701 184 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs 17/10/2005 19:19 <REP> . 17/10/2005 19:19 <REP> .. 17/10/2005 19:19 <REP> Microsoft Shared 17/10/2005 19:19 <REP> SpeechEngines 17/10/2005 19:19 <REP> ODBC 17/10/2005 19:24 <REP> System 17/10/2005 19:24 <REP> MSSoap 17/10/2005 19:24 <REP> Services 17/10/2005 19:34 <REP> InstallShield 17/10/2005 19:38 <REP> NewTech Infosystems 17/10/2005 19:38 <REP> muvee Technologies 01/10/2005 15:43 <REP> Java 01/10/2005 16:00 <REP> Designer 01/10/2005 16:32 <REP> Hewlett-Packard 01/10/2005 19:19 <REP> SWF Studio 17/12/2005 17:41 <REP> CMEII 17/12/2005 18:41 <REP> edbrjhjt 05/03/2006 18:20 <REP> Logitech 05/03/2006 18:21 <REP> FotoWire 26/03/2006 17:18 <REP> WinAntiVirus Pro 2006 26/05/2006 13:26 <REP> BOONTY Shared 26/05/2006 15:23 <REP> Macrovision Shared 31/05/2006 19:22 <REP> Wise Installation Wizard 04/06/2006 16:01 <REP> Adobe 14/07/2006 17:41 <REP> ColorPlaza 01/11/2006 10:36 <REP> Real 26/12/2006 10:52 <REP> Canon 12/02/2008 12:04 <REP> HP 27/06/2008 12:06 <REP> ArcSoft 27/06/2008 12:07 <REP> xing shared 0 fichier(s) 0 octets 30 Rép(s) 58 517 716 992 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 17/10/2005 19:34 <REP> . 17/10/2005 19:34 <REP> .. 07/03/2001 07:00 127 033 MSOWS40c.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 01/10/2005 16:00 <REP> 1036 01/10/2005 16:00 <REP> 1033 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 29/01/2004 15:08 86 016 PKMWS.DLL 29/01/2004 15:38 634 880 PKMRES.DLL 29/01/2004 15:08 28 672 PKMSSTLB.DLL 29/01/2004 15:08 69 632 PKMAXCTL.DLL 29/01/2004 15:08 868 352 PKMCDO.DLL 29/01/2004 15:08 53 248 PKMCORE.DLL 29/01/2004 15:08 102 400 PKMFORMS.DLL 29/01/2004 15:08 24 576 PKMTRACE.DLL 29/01/2004 15:08 237 568 PROMDEMO.DLL 29/01/2004 15:08 184 320 SECMGR.DLL 29/01/2004 15:08 315 392 VAIDDMGR.DLL 29/01/2004 15:08 32 768 VAIMEM.DLL 17 fichier(s) 3 389 000 octets 4 Rép(s) 58 517 716 992 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\common files 26/03/2006 17:19 <REP> . 26/03/2006 17:19 <REP> .. 26/03/2006 17:19 <REP> Companion Wizard 27/06/2008 12:06 <REP> ??crosoft.NET 0 fichier(s) 0 octets 4 Rép(s) 58 517 716 992 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\ 15/03/2008 21:05 7 900 mitm.exe 1 fichier(s) 7 900 octets 0 Rép(s) 58 517 716 992 octets libres Attention : C:\autorun.inf existe [AutoRun] open=tgfokacmo.exe shellexecute=tgfokacmo.exe shell\Auto\command=tgfokacmo.exe shell=Auto [VVflagRun] aabb=kdkfjdkfk1 c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\dinerdash2\fr-FR\dinerdash2.exe c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\ddfotg\fr-FR\ddfotg.exe c:\Documents and Settings\All Users\Documents\Ma musique\dg\AUDIO (E)\player.exe c:\Documents and Settings\All Users\Documents\Ma musique\dg\AUDIO (E)\UninstallPlayer.exe c:\Documents and Settings\All Users\Documents\Ma musique\dg\AUDIO (E)\player\audio.exe c:\Documents and Settings\All Users\Documents\Ma musique\dg\AUDIO (E)\player\skin.exe c:\Documents and Settings\All Users\Documents\Ma musique\dg\AUDIO (E)\player\wmmp.exe c:\Documents and Settings\cognard emmanuel\Local Settings\Temporary Internet Files\Content.IE5\BXJONT0U\ATF-Cleaner[1].exe c:\Documents and Settings\cognard emmanuel\Local Settings\Temporary Internet Files\Content.IE5\TU6OVJG0\Lavasoft_Adaware_multi[1].exe c:\Documents and Settings\cognard emmanuel\Local Settings\Temporary Internet Files\Content.IE5\TU6OVJG0\spybotsd152[1].exe c:\Documents and Settings\cognard emmanuel\Mes documents\GoogleEarthWin.exe c:\Documents and Settings\cognard emmanuel\Mes documents\IE7-WindowsXP-x86-fra.exe c:\Documents and Settings\cognard emmanuel\Mes documents\wmp11-windowsxp-x86-FR-FR.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\atf-cleaner.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\catchme.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\diff.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\dumphive.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\find2.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\Fport.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\grep.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\gzip.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\LFiles.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\md5sums.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\pslist.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\sigcheck.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\streams.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\swreg.exe c:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\diaghelp\DiagHelp\tar.exe c:\Documents and Settings\cognard emmanuel\Mes documents\PcSetup\OOo_2.2.1_Win32Intel_install_wJRE_fr.exe c:\Documents and Settings\cognard emmanuel\Bureau\install_avfw412.exe c:\Documents and Settings\cognard emmanuel\Bureau\Pilote_Acoustic_Edge_1.89_WDM_98Me2000XP.exe c:\Documents and Settings\cognard emmanuel\Bureau\pilote_audio_realtek_a3.99_970.exe c:\Documents and Settings\cognard emmanuel\Bureau\vsoConvertXtoDVD2_setup.exe c:\Documents and Settings\cognard emmanuel\Bureau\WLinstaller.exe c:\Documents and Settings\cognard emmanuel\Application Data\inst.exe c:\Documents and Settings\cognard emmanuel\Application Data\Microsoft\Installer\{F86FFD86-1966-4C6C-99D9-44A6E7AB97E3}\ARPPRODUCTICON.exe c:\Documents and Settings\cognard emmanuel\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_fr_FR.exe c:\Documents and Settings\cognard emmanuel\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Default\MpEngine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{C11F7205-7244-44FD-8427-EBCFEFEDE33F}\mpengine.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\PlayfirstExtension\PlayfirstExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\delicious2\fr-FR\Delicious2.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\Zylom\delicious2\fr-FR\fmod.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\cognard emmanuel\Application Data\Identities\{000HQ7FF-AD7A-3FG4-7162-239Q3NAHCVU8}\xmlparse.dll c:\Documents and Settings\cognard emmanuel\Application Data\Identities\{0000278T-TT9K-T8DU-1KFV-23O5NTEJMVRF}\xmlparse.dll c:\Documents and Settings\cognard emmanuel\Application Data\Identities\{000HQ7FF-AD7A-3FG5-BPAV-24QJBB1JIVUR}\xmlparse.dll c:\Documents and Settings\cognard emmanuel\Application Data\Identities\{000HQ7FF-AD7A-3FG6-L514-25CJ6NICMVUR}\xmlparse.dll c:\Documents and Settings\cognard emmanuel\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll c:\Documents and Settings\cognard emmanuel\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll c:\Documents and Settings\cognard emmanuel\Application Data\Mozilla\Firefox\Profiles\bk09rprp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\cognard emmanuel\Application Data\Mozilla\Firefox\Profiles\bk09rprp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_MANOLO.tar.gz a l'adresse http://upload.malekal.com résultat hijacktis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:56:32, on 06/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\acer\Acer eConsole\MediaServerService.exe C:\PROGRA~1\ANTIVI~1\backweb\backweb\6588780\Program\SERVIC~1.EXE C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\cisvc.exe C:\Program Files\AntivirusFirewall\backweb\backweb\6588780\Program\fspex.exe C:\WINDOWS\System32\EIJPCX01.EXE C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\backweb\Common\FSMA32.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\AntivirusFirewall\backweb\Common\FSMB32.EXE C:\Program Files\AntivirusFirewall\backweb\Common\FCH32.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\fsqh.exe C:\Program Files\AntivirusFirewall\backweb\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\fsrw.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\fsav32.exe C:\Program Files\AntivirusFirewall\backweb\FWES\Program\fsdfwd.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\WANADOO\Watch.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Folder Lockbox\flockbox.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AntivirusFirewall\backweb\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\backweb\FSGUI\ispnews.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\AntivirusFirewall\backweb\FSGUI\fsguidll.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\WinRAR\WinRAR.exe C:\PROGRA~1\WANADOO\WOOBRO~1\DownloadManager.exe C:\Documents and Settings\cognard emmanuel\Mes documents\emmanuelcognard\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\cognard emmanuel\tiq.exe \s O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {4020100D-29D7-4392-AFD5-5AD713FF4B88} - C:\WINDOWS\system32\fccywXRl.dll (file missing) O2 - BHO: {b0bb9d2d-62bc-1c28-2884-5b2092c54d05} - {50d45c29-02b5-4882-82c1-cb26d2d9bb0b} - C:\WINDOWS\system32\ylggsj.dll (file missing) O2 - BHO: (no name) - {5535836E-2E0B-F2BF-2CA0-9E6ED334DC15} - (no file) O2 - BHO: (no name) - {5C884654-3F36-4EA8-9BFB-AB3E84B4D1FF} - C:\WINDOWS\system32\tuvWnmmL.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {B75E6A6E-1364-4FD3-A07E-2A08A30C748E} - C:\WINDOWS\system32\xxyxXPJY.dll (file missing) O2 - BHO: (no name) - {B87CA177-F94B-4306-9771-D1BFA52A6BF1} - C:\WINDOWS\system32\iifeddde.dll (file missing) O2 - BHO: (no name) - {EE0479CD-7391-4BF8-8871-EDA8D54B11A9} - C:\WINDOWS\system32\geBtQhEV.dll (file missing) O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [flockbox] C:\Program Files\Folder Lockbox\flockbox.exe /a O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\backweb\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\backweb\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\backweb\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CHK Disker] chkdsker.exe O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu2000201.exe 61A847B5BBF72810329B385472F801F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310F3 D29332016DC76C5C01F37D84BBFD566D55F8540B30A647BA9CC62012329B3A5673E744AB97 O4 - HKLM\..\Run: [MSn Client Cfg] msnclicfg.exe O4 - HKLM\..\Run: [eckee] c:\windows\system32\eckee.exe eckee O4 - HKLM\..\Run: [bM313e2b3d] Rundll32.exe "C:\WINDOWS\system32\jcjoifly.dll",s O4 - HKLM\..\Run: [huu] C:\WINDOWS\system32\huu.exe \u O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\system32\bdokxchc.dll",b O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [sakora] C:\Program Files\Sakora\Sakora.exe O4 - HKCU\..\Run: [mjc] C:\Program Files\mjc\mjc.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV\MaxTV.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\backweb\6588780\Program\fspex.exe O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\backweb\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\backweb\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\backweb\Anti-Spyware\ieshield.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing) O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase5059.cab O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4..._1070_em_XP.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...5/installer.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_...sh.1.0.0.80.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O20 - Winlogon Notify: fccywXRl - fccywXRl.dll (file missing) O20 - Winlogon Notify: xxyxXPJY - xxyxXPJY.dll (file missing) O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Securitoo Antivirus Firewall (BackWeb Plug-in - 8520111) - Unknown owner - C:\PROGRA~1\SECURI~1\Av_Fw\backweb\8520111\Program\SERVIC~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Epson Paper Check Service - - C:\WINDOWS\System32\EIJPCX01.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\backweb\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\backweb\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\backweb\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 18529 bytes résultat mbam Malwarebytes' Anti-Malware 1.19 Version de la base de données: 927 Windows 5.1.2600 Service Pack 2 21:00:01 06/07/2008 mbam-log-7-6-2008 (21-00-01).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 96699 Temps écoulé: 32 minute(s), 44 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 37 Valeur(s) du Registre infectée(s): 10 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 24 Fichier(s) infecté(s): 35 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\xxyxXPJY.dll (Trojan.Vundo) -> Unloaded module successfully. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4020100d-29d7-4392-afd5-5ad713ff4b88} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4020100d-29d7-4392-afd5-5ad713ff4b88} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{aa59202c-5e41-48fc-af7d-324f5fd6a9f1} (Adware.EGDAccess) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\egdhtml (Adware.NaviPromo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spcron (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b75e6a6e-1364-4fd3-a07e-2a08a30c748e} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b75e6a6e-1364-4fd3-a07e-2a08a30c748e} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyxxpjy (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\poof (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{4020100d-29d7-4392-afd5-5ad713ff4b88} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Sakora (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mjc (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlogon (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\320d18a1 (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM313e2b3d (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{b75e6a6e-1364-4fd3-a07e-2a08a30c748e} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\medias (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\js (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MailSkinner (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\msskinner (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Spcron (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Documents and Settings\cognard emmanuel\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Documents and Settings\cognard emmanuel\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntivirus) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\b149.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\system32\NOVUPGKU.0LL (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\cognard emmanuel\Local Settings\Temporary Internet Files\Content.IE5\OPJ1976O\euSp5x[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP875\A0219190.exe (Adware.ClickSpring) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP875\A0219193.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP875\A0219194.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\medias\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\medias\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\medias\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\medias\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\medias\4265_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Multi\20070103200104\js\js_api_dialer.php (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MailSkinner\OLSkinner.dll (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\msskinner\msbackup.dat (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Documents and Settings\cognard emmanuel\Application Data\WinAntiVirus Pro 2006\PGE.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\WINDOWS\dialerexe.ini (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\logon.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xxyxXPJY.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\stera.job (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\WINDOWS\tmlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vgbtfkx_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vyelcxo_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\eckee_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uoyomqy_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vgbtfkx_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vyelcxo_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\eckee_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uoyomqy_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.