Aller au contenu

lili80

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    33

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par lili80

  1. lili80
    j'ai refais un scan avec usbfix, le rapport généré suite à la suppression est le suivant : ############################## | UsbFix V6.042 | User : linda (Administrateurs) # FUSION Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8 Start at: 19:56:25 | 21/10/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Intel® Core2 Duo CPU T5250 @ 1.50GHz Microsoft® Windows Vista™ Édition Intégrale (6.0.6000 32-bit) # Internet Explorer 7.0.6000.16890 Windows Firewall Status : Enabled AV : AVG Anti-Virus Free 8.0 [ Enabled | (!) Outdated ] C:\ -> Disque fixe local # 29,29 Go (1,46 Go free) # NTFS D:\ -> Disque fixe local # 19,53 Go (16,4 Go free) [travail] # NTFS G:\ -> Disque fixe local # 100,21 Go (39,66 Go free) [other] # NTFS H:\ -> Disque CD-ROM ############################## | Processus actifs | C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\LogonUI.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Windows\system32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Windows\system32\runonce.exe C:\Windows\system32\wbem\wmiprvse.exe ################## | Fichiers # Dossiers infectieux | ################## | Registre # Clés Run infectieuses | ################## | Registre # Mountpoints2 | ################## | Listing des fichiers présent | [27/04/2008 12:26|--a------|0] C:\ATICCC.ins [18/09/2006 22:43|--a------|24] C:\autoexec.bat [25/05/2008 23:46|---hs----|492] C:\Boot.BAK [25/05/2008 23:55|--ahs----|492] C:\Boot.ini.saved [28/08/2001 11:00|-rahs----|4952] C:\Bootfont.bin [29/05/2008 22:56|-rahs----|443912] C:\bootmgr [29/05/2008 01:03|-ra-s----|8192] C:\BOOTSECT.BAK [18/09/2006 22:43|--a------|10] C:\config.sys [27/04/2008 12:28|--a------|630] C:\DPsFnshr.ini [07/04/2007 19:52|--a------|420] C:\DriverPack_CPU_wnt5_x86-32.ini [11/04/2008 20:33|--a------|1279] C:\DriverPack_Graphics_A_wnt5_x86-32.ini [29/12/2007 20:38|--a------|1653] C:\DriverPack_Graphics_B_wnt5_x86-32.ini [23/12/2007 11:04|--a------|1822] C:\DriverPack_Graphics_C_wnt5_x86-32.ini [22/04/2008 05:29|--a------|769] C:\DriverPack_LAN_wnt5_x86-32.ini [11/04/2008 05:12|--a------|73938] C:\DriverPack_MassStorage_wnt5_x86-32.ini [01/04/2008 16:37|--a------|4214] C:\DriverPack_Sound_A_wnt5_x86-32.ini [12/04/2008 10:47|--a------|3525] C:\DriverPack_Sound_B_wnt5_x86-32.ini [27/05/2007 10:08|--a------|211039] C:\DSPdsblr.exe [01/06/2008 21:56|-rahs----|171136] C:\grldr [25/05/2008 20:18|-rahs----|0] C:\IO.SYS [25/05/2008 20:18|-rahs----|0] C:\MSDOS.SYS [13/04/2008 08:43|-rahs----|47564] C:\NTDETECT.COM [13/04/2008 10:31|-rahs----|252240] C:\ntldr [?|?|?] C:\pagefile.sys [17/05/2009 15:15|--ah-----|268] C:\sqmdata00.sqm [11/09/2009 18:06|--ah-----|268] C:\sqmdata01.sqm [28/12/2008 20:32|--ah-----|268] C:\sqmdata02.sqm [10/09/2009 08:14|--ah-----|268] C:\sqmdata03.sqm [11/09/2009 17:46|--ah-----|268] C:\sqmdata04.sqm [12/09/2009 08:50|--ah-----|268] C:\sqmdata05.sqm [28/12/2008 18:00|--ah-----|268] C:\sqmdata06.sqm [29/12/2008 21:11|--ah-----|268] C:\sqmdata07.sqm [01/01/2009 13:55|--ah-----|268] C:\sqmdata08.sqm [01/01/2009 21:46|--ah-----|268] C:\sqmdata09.sqm [02/01/2009 15:11|--ah-----|268] C:\sqmdata10.sqm [03/01/2009 23:36|--ah-----|268] C:\sqmdata11.sqm [04/01/2009 23:26|--ah-----|268] C:\sqmdata12.sqm [06/01/2009 01:17|--ah-----|268] C:\sqmdata13.sqm [06/01/2009 21:28|--ah-----|268] C:\sqmdata14.sqm [07/01/2009 20:48|--ah-----|268] C:\sqmdata15.sqm [07/01/2009 22:10|--ah-----|268] C:\sqmdata16.sqm [08/01/2009 14:42|--ah-----|268] C:\sqmdata17.sqm [08/01/2009 16:21|--ah-----|268] C:\sqmdata18.sqm [17/05/2009 12:39|--ah-----|268] C:\sqmdata19.sqm [17/05/2009 15:15|--ah-----|244] C:\sqmnoopt00.sqm [11/09/2009 18:06|--ah-----|244] C:\sqmnoopt01.sqm [28/12/2008 20:32|--ah-----|244] C:\sqmnoopt02.sqm [10/09/2009 08:14|--ah-----|244] C:\sqmnoopt03.sqm [11/09/2009 17:46|--ah-----|244] C:\sqmnoopt04.sqm [12/09/2009 08:50|--ah-----|244] C:\sqmnoopt05.sqm [28/12/2008 18:00|--ah-----|244] C:\sqmnoopt06.sqm [29/12/2008 21:11|--ah-----|244] C:\sqmnoopt07.sqm [01/01/2009 13:55|--ah-----|244] C:\sqmnoopt08.sqm [01/01/2009 21:46|--ah-----|244] C:\sqmnoopt09.sqm [02/01/2009 15:11|--ah-----|244] C:\sqmnoopt10.sqm [03/01/2009 23:36|--ah-----|244] C:\sqmnoopt11.sqm [04/01/2009 23:26|--ah-----|244] C:\sqmnoopt12.sqm [06/01/2009 01:17|--ah-----|244] C:\sqmnoopt13.sqm [06/01/2009 21:28|--ah-----|244] C:\sqmnoopt14.sqm [07/01/2009 20:48|--ah-----|244] C:\sqmnoopt15.sqm [07/01/2009 22:10|--ah-----|244] C:\sqmnoopt16.sqm [08/01/2009 14:42|--ah-----|244] C:\sqmnoopt17.sqm [08/01/2009 16:21|--ah-----|244] C:\sqmnoopt18.sqm [17/05/2009 12:39|--ah-----|244] C:\sqmnoopt19.sqm [21/10/2009 19:57|--a------|5736] C:\UsbFix.txt [29/05/2008 01:28|--a------|146] C:\YServer.txt [13/03/2007 06:32|--a------|195810036] G:\Documentaire Envoye Special - Iran - France 2-2004-01-15.avi [01/04/2007 15:18|--a------|730218496] G:\L'Age De Glace.DivX.FR.DVDRip.ShareD bY JefJef10.avi ################## | Vaccination | # C:\autorun.inf -> Folder created by UsbFix. # D:\autorun.inf -> Folder created by UsbFix. # G:\autorun.inf -> Folder created by UsbFix. ################## | Upload | Veuillez envoyer le fichier : C:\Users\linda\Desktop\UsbFix_Upload_Me_fusion.zip : http://forum-aide-contre-virus.be/usbfix/choix_fichier.php Merci pour votre contribution .
  2. lili80
    voici les rapports de usbfix : ############################## | UsbFix V6.042 | User : linda (Administrateurs) # FUSION Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8 Start at: 20:35:08 | 20/10/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Intel® Core2 Duo CPU T5250 @ 1.50GHz Microsoft® Windows Vista™ Édition Intégrale (6.0.6000 32-bit) # Internet Explorer 7.0.6000.16890 Windows Firewall Status : Enabled AV : AVG Anti-Virus Free 8.0 [ Enabled | (!) Outdated ] C:\ -> Disque fixe local # 29,29 Go (1,51 Go free) # NTFS D:\ -> Disque fixe local # 19,53 Go (16,4 Go free) [travail] # NTFS F:\ -> Disque amovible # 1,86 Go (502,56 Mo free) [LINDA] # FAT G:\ -> Disque fixe local # 100,21 Go (39,5 Go free) [other] # NTFS H:\ -> Disque CD-ROM ############################## | Processus actifs | C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\UberIcon\UberIcon Manager.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Windows\system32\svchost.exe C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe ################## | Fichiers # Dossiers infectieux | C:\devcon.exe C:\DPsFnshr.exe C:\makePNF.exe C:\mute.exe C:\pmtimer.exe ################## | Registre # Clés Run infectieuses | ################## | Registre # Mountpoints2 | HKCU\..\..\Explorer\MountPoints2\{204fd08b-0cf4-11de-bfdc-806e6f6e6963} shell\AutoRun\command =sm.exe shell\open\Command =sm.exe HKCU\..\..\Explorer\MountPoints2\{6b4e8b4a-3e24-11dd-a8d7-001b38aab2b4} shell\AutoRun\command =wscript.exe .\.vbs shell\open\command =wscript.exe .\.vbs HKCU\..\..\Explorer\MountPoints2\{6b7f9050-0a23-11de-b2e9-001b38aab2b4} shell\AutoRun\command =E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\player32.exe shell\open\command =E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\player32.exe HKCU\..\..\Explorer\MountPoints2\{6b7f9053-0a23-11de-b2e9-001b38aab2b4} shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\ml_rhinatiol.pdf HKCU\..\..\Explorer\MountPoints2\{a005baa8-6ad8-11dd-b1d6-0013e8dcd295} shell\AutoRun\command =wscript.exe .\.vbs shell\open\command =wscript.exe .\.vbs ################## | ! Fin du rapport # UsbFix V6.042 ! | ############################## | UsbFix V6.042 | User : linda (Administrateurs) # FUSION Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8 Start at: 21:24:46 | 20/10/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Intel® Core2 Duo CPU T5250 @ 1.50GHz Microsoft® Windows Vista™ Édition Intégrale (6.0.6000 32-bit) # Internet Explorer 7.0.6000.16890 Windows Firewall Status : Enabled AV : AVG Anti-Virus Free 8.0 [ Enabled | (!) Outdated ] C:\ -> Disque fixe local # 29,29 Go (1,58 Go free) # NTFS D:\ -> Disque fixe local # 19,53 Go (16,4 Go free) [travail] # NTFS F:\ -> Disque amovible # 1,86 Go (502,66 Mo free) [LINDA] # FAT G:\ -> Disque fixe local # 100,21 Go (39,66 Go free) [other] # NTFS H:\ -> Disque CD-ROM ################## | Vaccination | # C:\autorun.inf -> Folder created by UsbFix. # D:\autorun.inf -> Folder created by UsbFix. # F:\autorun.inf -> Folder created by UsbFix. # G:\autorun.inf -> Folder created by UsbFix. ################## | ! Fin du rapport # UsbFix V6.042 ! | Merci.
  3. lili80
    Rebonsoir ; Il me semble que le lien vers Usb Fix que vous m'avez donné ne marche pas
  4. lili80
    Bonsoir ; Voilà le rapport de ZhpDiag : Rapport de ZHPDiag v1.24.21 par Nicolas Coolman Run by linda at 19/10/2009 19:04:26 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html Platform : Windows Vista Ultimate MSIE: Internet Explorer v7.0.6000.16890 MFIE: Mozilla Firefox (2.0.0.20) Boot mode: Normal (Normal boot) Total RAM: 3,0 Gb (48 % free) System drive C: 29 Go (2 Go free) ---\\ Processus lancés C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\UberIcon\UberIcon Manager.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Ati2evxx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Windows\system32\lsass.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe C:\Windows\system32\SearchIndexer.exe ---\\ Pages de recherche de Mozilla Firefox (M1) M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\talkback@mozilla.org ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=explorer.exe ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\system32\ieframe.dll R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [uberIcon] C:\Program Files\UberIcon\UberIcon Manager.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe O4 - HKLM\..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - Global Startup: Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Toolbars\INTERN~1\favicon.ico O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{AD37EF2C-3F6F-4814-8CF6-5703F940CD3F}: NameServer = 41.221.20.4 66.28.0.61 O17 - HKLM\System\CS1\Services\Tcpip\..\{AD37EF2C-3F6F-4814-8CF6-5703F940CD3F}: NameServer = 41.221.20.4 66.28.0.61 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: avgrsstx.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {E31004D1-A431-41B8-826F-E902F9D95C81} - %SystemRoot%\System32\DreamScene.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} - C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file) O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\Windows\System32\Adobe\Director\SwDir.dll O40 - ASIC: Adobe Shockwave Director 11.0 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file) O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file) O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file) O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file) O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file) O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file) O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file) O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file) O40 - ASIC: YahooYMailTo Class - {A17E30C4-A9BA-11D4-8673-60DB54C10000} - C:\PROGRA~1\Yahoo!\Common\ymmapi.dll O40 - ASIC: YMailAttach Class - {AA218328-0EA8-4D70-8972-E987A9190FF4} - C:\PROGRA~1\Yahoo!\Common\ymmapi.dll O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file) O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file) O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash9f.ocx O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Messenger Class - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - (not file) O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: Modem Soft Agere Systems (AgereSoftModem) - C:\WINDOWS\system32\DRIVERS\AGRSM.sys O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys O41 - Driver: (no object) (atikmdag) - C:\WINDOWS\system32\DRIVERS\atikmdag.sys O41 - Driver: AVG AVI Loader Driver x86 (AvgLdx86) - C:\Windows\System32\Drivers\avgldx86.sys O41 - Driver: AVG On-access Scanner Minifilter Driver x86 (AvgMfx86) - C:\Windows\System32\Drivers\avgmfx86.sys O41 - Driver: AVG8 Network Redirector (AvgTdiX) - C:\Windows\System32\Drivers\avgtdix.sys O41 - Driver: Pilote pour Batterie à méthode de contrôle ACPI Microsoft (CmBatt) - C:\WINDOWS\system32\DRIVERS\CmBatt.sys O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys O41 - Driver: Intel® PRO/1000 NDIS 6 Adapter Driver (E1G60) - C:\WINDOWS\system32\DRIVERS\E1G60I32.sys O41 - Driver: FssFltr (fssfltr) - C:\WINDOWS\system32\DRIVERS\fssfltr.sys O41 - Driver: Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio (HdAudAddService) - C:\WINDOWS\system32\drivers\HdAudio.sys O41 - Driver: IP Traffic Filter Driver (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys O41 - Driver: IP in IP Tunnel Driver (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys O41 - Driver: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - C:\WINDOWS\system32\DRIVERS\lltdio.sys O41 - Driver: Service Pilote de fonction de classe Moniteur Microsoft (monitor) - C:\WINDOWS\system32\DRIVERS\monitor.sys O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys O41 - Driver: NativeWiFi Filter (NativeWifiP) - C:\WINDOWS\system32\DRIVERS\nwifi.sys O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys O41 - Driver: NDIS Usermode I/O Protocol (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits (NETw4v32) - C:\WINDOWS\system32\DRIVERS\NETw4v32.sys O41 - Driver: IPX Traffic Filter Driver (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys O41 - Driver: IPX Traffic Forwarder Driver (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys O41 - Driver: Miniport réseau étendu WAN (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: Miniport réseau étendu WAN (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys O41 - Driver: Link-Layer Topology Discovery Responder (rspndr) - C:\WINDOWS\system32\DRIVERS\rspndr.sys O41 - Driver: Pilote Realtek 8169 NT (RTL8169) - C:\WINDOWS\system32\DRIVERS\Rtlh86.sys O41 - Driver: (no object) (sdbus) - C:\WINDOWS\system32\DRIVERS\sdbus.sys O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys O41 - Driver: Microsoft IPv6 Protocol Driver (Tcpip6) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: TOSHIBA tos_sps32 Service (tos_sps32) - C:\WINDOWS\system32\DRIVERS\tos_sps32.sys O41 - Driver: Pilote de carte miniport Microsoft IPv6 Tunnel (tunnel) - C:\WINDOWS\system32\DRIVERS\tunnel.sys O41 - Driver: TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver (TVALZ) - C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS O41 - Driver: Périphérique vidéo USB (WDM) (usbvideo) - C:\WINDOWS\System32\Drivers\usbvideo.sys O41 - Driver: (no object) (UVCFTR) - C:\WINDOWS\system32\DRIVERS\UVCFTR_S.SYS O41 - Driver: (no object) (vga) - C:\WINDOWS\system32\DRIVERS\vgapnp.sys O41 - Driver: Remote Access IP ARP Driver (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys O41 - Driver: (no object) (WUDFRd) - C:\WINDOWS\system32\DRIVERS\WUDFRd.sys ---\\ Logiciels installés (O42) O42 - Logiciel: AFPL Ghostscript 8.14 O42 - Logiciel: AFPL Ghostscript Fonts O42 - Logiciel: AVG Free 8.0 O42 - Logiciel: ActiveState ActiveTcl 8.4.9.0 O42 - Logiciel: Adobe Acrobat 6.0 Professional - English, Français, Deutsch O42 - Logiciel: Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 8.1.2 - Français O42 - Logiciel: Adobe Shockwave Player 11 O42 - Logiciel: Archiveur WinRAR O42 - Logiciel: Assistant de connexion Windows Live O42 - Logiciel: Broadcom High Definition Video Decoder 2.6.40.1 O42 - Logiciel: CCleaner (remove only) O42 - Logiciel: Camera Assistant Software for Toshiba O42 - Logiciel: Catalyst Control Center - Branding O42 - Logiciel: EVEREST Home Edition v2.20 O42 - Logiciel: Galerie de photos Windows Live O42 - Logiciel: Installation Windows Live O42 - Logiciel: Java 6 Update 6 O42 - Logiciel: Java SE Runtime Environment 6 Update 1 O42 - Logiciel: Jette7 version 1.0 O42 - Logiciel: Junk Mail filter update O42 - Logiciel: K-Lite Codec Pack 3.9.0 Full O42 - Logiciel: MSVCRT O42 - Logiciel: MSXML 4.0 SP2 (KB936181) O42 - Logiciel: MSXML 4.0 SP2 (KB941833) O42 - Logiciel: MSXML 4.0 SP2 (KB954430) O42 - Logiciel: Messenger Live Connector O42 - Logiciel: MiKTeX O42 - Logiciel: Microsoft Choice Guard O42 - Logiciel: Microsoft Office Live Add-in 1.3 O42 - Logiciel: Microsoft Office PowerPoint 2003 Template Pack 1 O42 - Logiciel: Microsoft Office Professional Edition 2003 O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] O42 - Logiciel: Microsoft Search Enhancement Pack O42 - Logiciel: Microsoft Silverlight O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable O42 - Logiciel: Mozilla Firefox (2.0.0.20) O42 - Logiciel: NOD32 FiX O42 - Logiciel: Nero 7 Lite 7.9.6.0 O42 - Logiciel: OpenOffice.org Installer 1.0 O42 - Logiciel: Outil de téléchargement Windows Live O42 - Logiciel: RealPlayer O42 - Logiciel: Roxio Easy Media Creator 7 Basic Edition O42 - Logiciel: Skype™ 3.8 O42 - Logiciel: TOSHIBA HD DVD PLAYER O42 - Logiciel: TeXnicCenter Version 1 Beta 7.01 (Greengrass) O42 - Logiciel: VideoLAN VLC media player 0.8.6f O42 - Logiciel: Windows Live Call O42 - Logiciel: Windows Live Communications Platform O42 - Logiciel: Windows Live Contrôle parental O42 - Logiciel: Windows Live FolderShare O42 - Logiciel: Windows Live Mail O42 - Logiciel: Windows Live Messenger O42 - Logiciel: Windows Live Movie Maker O42 - Logiciel: Windows Live Toolbar O42 - Logiciel: Windows Live Writer O42 - Logiciel: Yahoo! Extras O42 - Logiciel: Yahoo! Install Manager O42 - Logiciel: Yahoo! Internet Mail O42 - Logiciel: Yahoo! Messenger O42 - Logiciel: Yahoo! ¤u¨ã¦C ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Aware O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\ATI O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\AusLogics Disk Defrag O43 - CFD:Common File Directory ----D- C:\Program Files\AVG O43 - CFD:Common File Directory ----D- C:\Program Files\Broadcom O43 - CFD:Common File Directory ----D- C:\Program Files\Camera Assistant Software for Toshiba O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\Cener Development O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files O43 - CFD:Common File Directory ----D- C:\Program Files\Compare It! O43 - CFD:Common File Directory ----D- C:\Program Files\Everest O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\FoxitReader O43 - CFD:Common File Directory ----D- C:\Program Files\Graphviz2.18 O43 - CFD:Common File Directory ----D- C:\Program Files\IE Privacy Keeper O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Jette7 O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys O43 - CFD:Common File Directory ----D- C:\Program Files\Maxthon2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Nero O43 - CFD:Common File Directory ----D- C:\Program Files\Nod32 O43 - CFD:Common File Directory ----D- C:\Program Files\Occtpt O43 - CFD:Common File Directory ----D- C:\Program Files\Paint.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\Roxio O43 - CFD:Common File Directory ----D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Sun O43 - CFD:Common File Directory ----D- C:\Program Files\TeXnicCenter O43 - CFD:Common File Directory ----D- C:\Program Files\TOSHIBA O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro O43 - CFD:Common File Directory ----D- C:\Program Files\UberIcon O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Roxio Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Toshiba Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:Last File Created 02/10/2009 - 15:37:56 ---A- C:\Windows\System32\PerfStringBackup.INI O44 - LFC:Last File Created 02/10/2009 - 15:37:57 ---A- C:\Windows\System32\perfc009.dat O44 - LFC:Last File Created 02/10/2009 - 15:37:57 ---A- C:\Windows\System32\perfc00C.dat O44 - LFC:Last File Created 02/10/2009 - 15:37:57 ---A- C:\Windows\System32\perfh009.dat O44 - LFC:Last File Created 02/10/2009 - 15:37:57 ---A- C:\Windows\System32\perfh00C.dat O44 - LFC:Last File Created 04/10/2009 - 18:58:31 ---A- C:\Windows\System32\FNTCACHE.DAT O44 - LFC:Last File Created 06/10/2009 - 03:00:42 ---A- C:\Windows\ocsetup_install_NetFx3.etl O44 - LFC:Last File Created 09/10/2009 - 01:07:59 ---A- C:\Windows\setupact.log O44 - LFC:Last File Created 09/10/2009 - 01:07:59 ---A- C:\Windows\setuperr.log O44 - LFC:Last File Created 11/10/2009 - 18:25:24 ---A- C:\Windows\cdplayer.ini O44 - LFC:Last File Created 19/09/2009 - 16:24:48 ---A- C:\Windows\DirectX.log O44 - LFC:Last File Created 19/10/2009 - 18:21:50 ---A- C:\Windows\PFRO.log O44 - LFC:Last File Created 19/10/2009 - 18:23:10 -S-A- C:\Windows\bootstat.dat O44 - LFC:Last File Created 19/10/2009 - 18:35:23 ---A- C:\Windows\WindowsUpdate.log ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{204fd08b-0cf4-11de-bfdc-806e6f6e6963}\Shell\AutoRun\command - sm.exe O51 - MPSK:{204fd08b-0cf4-11de-bfdc-806e6f6e6963}\Shell\open\command - sm.exe O51 - MPSK:{6b4e8b4a-3e24-11dd-a8d7-001b38aab2b4}\Shell\AutoRun\command - wscript.exe .\.vbs O51 - MPSK:{6b4e8b4a-3e24-11dd-a8d7-001b38aab2b4}\Shell\open\command - wscript.exe .\.vbs O51 - MPSK:{6b7f9050-0a23-11de-b2e9-001b38aab2b4}\Shell\AutoRun\command - E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\player32.exe O51 - MPSK:{6b7f9050-0a23-11de-b2e9-001b38aab2b4}\Shell\open\command - E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\player32.exe O51 - MPSK:{6b7f9053-0a23-11de-b2e9-001b38aab2b4}\Shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\ml_rhinatiol.pdf O51 - MPSK:{a005baa8-6ad8-11dd-b1d6-0013e8dcd295}\Shell\AutoRun\command - wscript.exe .\.vbs O51 - MPSK:{a005baa8-6ad8-11dd-b1d6-0013e8dcd295}\Shell\open\command - wscript.exe .\.vbs ---\\ Trojan Driver Search Data (TDSD) (O52) O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv" O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm" O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll" O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv" O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll" O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.DIVX"="divx.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.XVID"="xvidvfw.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.YV12"="yv12vfw.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.ac3acm"="ac3acm.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.lameacm"="lameACM.acm" O52 - TDSD:HKLM\...\Drivers32\"VIDC.FFDS"="ff_vfw.dll" O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="WDM Video For Windows Capture Driver (Win32)" O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec" O52 - TDSD:HKLM\...\drivers.desc\"divx.dll"="DivX 6.8.2" O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2-dev" O52 - TDSD:HKLM\...\drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" O52 - TDSD:HKLM\...\drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow video encoder" ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:System Drivers List - C:\Windows\system32\drivers\1394bus.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\acpi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adp94xx.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adpahci.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adpu160m.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adpu320.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\afd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\AGP440.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\AGRSM.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\aliide.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\AMDAGP.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\amdide.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\amdk7.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\amdk8.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\arc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\arcsas.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ASACPI.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\asyncmac.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\atapi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ataport.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\atikmdag.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\avgldx86.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\avgmfx86.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\avgtdix.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\battc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bdasup.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\beep.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bowser.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrFiltLo.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrFiltUp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bridge.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrSerId.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrSerWdm.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrUsbMdm.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrUsbSer.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bthmodem.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cdfs.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cdr4_xp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cdralw2k.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cdrom.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Cdudf_xp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\circlass.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Classpnp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\CmBatt.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cmdide.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\compbatt.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\crashdmp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\crcdisk.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\crusoe.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\csc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dfsc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\disk.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Diskdump.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\djsvs.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\drmk.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\drmkaud.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Dumpata.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dumpfve.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\DVDVRRdr_xp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dvd_2k.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dxapi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dxg.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dxgkrnl.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\E1G60I32.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ecache.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\elxstor.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fastfat.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fdc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fileinfo.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\filetrace.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\flpydisk.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fltMgr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fssfltr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fs_rec.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fvevol.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\FWPKCLNT.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\GAGP30KX.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hdaudbus.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\HdAudio.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidbth.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidclass.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidir.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidparse.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidusb.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\HpCISSs.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\http.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\i2omgmt.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\i2omp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\i8042prt.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iaStor.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iaStorV.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iirsp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\intelide.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\intelppm.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ipfltdrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\IPMIDrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ipnat.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\irda.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\irenum.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\isapnp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iteatapi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iteraid.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\kbdclass.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\kbdhid.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ks.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ksecdd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lltdio.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lsi_fc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lsi_sas.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lsi_scsi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\luafv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mcd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\megasas.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mmc_2k.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\modem.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\monitor.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mouclass.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mouhid.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mountmgr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mpio.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mpsdrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Mraid35x.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxdav.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxsmb.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxsmb10.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxsmb20.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msahci.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msdsm.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msfs.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msisadrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msiscsi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mskssrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mspclock.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mspqm.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msrpc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mssmbios.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mstee.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mup.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndis.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndistapi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndisuio.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndiswan.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndproxy.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\netbios.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\netbt.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\netio.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\NETw4v32.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nfrd960.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\npfs.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nsiproxy.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ntfs.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ntrigdigi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\null.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nvraid.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nvstor.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\NV_AGP.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nwifi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ohci1394.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pacer.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\parport.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\partmgr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\parvdm.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pci.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pciide.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pciidex.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pcmcia.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\PEAuth.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\portcls.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\processr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Pwd_2k.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ql2300.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ql40xx.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\qwavedrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rasacd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rasl2tp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\raspppoe.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\raspptp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rdbss.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RDPCDD.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rdpdr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RDPENCDD.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rdpwd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rmcast.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RNDISMP.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rootmdm.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\royal.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rspndr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Rtlh86.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RTSTOR.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sbp2port.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\scsiport.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sdbus.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\secdrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\serenum.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\serial.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sermouse.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sffdisk.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sffp_mmc.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sffp_sd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sfloppy.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\SISAGP.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sisraid2.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sisraid4.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\smb.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\smclib.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\spldr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\spsys.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\srv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\srv2.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\srvnet.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Storport.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\stream.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\swenum.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\symc8xx.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sym_hi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sym_u3.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tape.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tcpip.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tcpipreg.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdpipe.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdtcp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdx.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\termdd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tos_sps32.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tssecsrv.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\TUNMP.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tunnel.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\TVALZ_O.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\UAGP35.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Udfreadr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\udfs.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ULIAGPKX.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\uliahci.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ulsata.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ulsata2.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\umbus.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\umpass.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usb8023.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\USBCAMD.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\USBCAMD2.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbccgp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbcir.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbehci.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbhub.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbohci.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbport.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbprint.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\USBSTOR.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbuhci.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbvideo.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\UVCFTR_S.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\vga.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\vgapnp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\VIAAGP.SYS O58 - SDL:System Drivers List - C:\Windows\system32\drivers\viac7.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\viaide.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\videoprt.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\volmgr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\volmgrx.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\volsnap.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\vsmraid.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wacompen.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wanarp.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\watchdog.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wd.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Wdf01000.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WdfLdr.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wmiacpi.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wmilib.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ws2ifsl.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WUDFPf.sys O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WUDFRd.sys ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.24 O63 - Logiciel: RSIT ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - Ancilliary Function Driver for Winsock (AFD) - LEGACY_AFD O64 - Services: CurCS - AMON (AMON) - LEGACY_AMON O64 - Services: CurCS - AVG AVI Loader Driver x86 (AvgLdx86) - LEGACY_AVGLDX86 O64 - Services: CurCS - AVG On-access Scanner Minifilter Driver x86 (AvgMfx86) - LEGACY_AVGMFX86 O64 - Services: CurCS - AVG8 Network Redirector (AvgTdiX) - LEGACY_AVGTDIX O64 - Services: CurCS - Beep (Beep) - LEGACY_BEEP O64 - Services: CurCS - Bowser (bowser) - LEGACY_BOWSER O64 - Services: CurCS - CD/DVD File System Reader (cdfs) - LEGACY_CDFS O64 - Services: CurCS - cdudf_xp (cdudf_xp) - LEGACY_CDUDF_XP O64 - Services: CurCS - Common Log (CLFS) (CLFS) - LEGACY_CLFS O64 - Services: CurCS - Crcdisk Filter Driver (crcdisk) - LEGACY_CRCDISK O64 - Services: CurCS - Offline Files Driver (CSC) - LEGACY_CSC O64 - Services: CurCS - Dfs Client Driver (DfsC) - LEGACY_DFSC O64 - Services: CurCS - DVDVRRdr_xp (DVDVRRdr_xp) - LEGACY_DVDVRRDR_XP O64 - Services: CurCS - dvd_2K (dvd_2K) - LEGACY_DVD_2K O64 - Services: CurCS - LDDM Graphics Subsystem (DXGKrnl) - LEGACY_DXGKRNL O64 - Services: CurCS - FAT12/16/32 File System Driver (fastfat) - LEGACY_FASTFAT O64 - Services: CurCS - File Information FS MiniFilter (FileInfo) - LEGACY_FILEINFO O64 - Services: CurCS - FltMgr (FltMgr) - LEGACY_FLTMGR O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_FS_REC O64 - Services: CurCS - BitLocker Drive Encryption Filter Driver (fvevol) - LEGACY_FVEVOL O64 - Services: CurCS - HTTP (HTTP) - LEGACY_HTTP O64 - Services: CurCS - intelide (intelide) - LEGACY_INTELIDE O64 - Services: CurCS - KSecDD (KSecDD) - LEGACY_KSECDD O64 - Services: CurCS - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - LEGACY_LLTDIO O64 - Services: CurCS - UAC File Virtualization (luafv) - LEGACY_LUAFV O64 - Services: CurCS - Mount Point Manager (MountMgr) - LEGACY_MOUNTMGR O64 - Services: CurCS - @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - LEGACY_MPSDRV O64 - Services: CurCS - WebDav Client Redirector Driver (MRxDAV) - LEGACY_MRXDAV O64 - Services: CurCS - SMB MiniRedirector Wrapper and Engine (mrxsmb) - LEGACY_MRXSMB O64 - Services: CurCS - SMB 1.x MiniRedirector (mrxsmb10) - LEGACY_MRXSMB10 O64 - Services: CurCS - SMB 2.0 MiniRedirector (mrxsmb20) - LEGACY_MRXSMB20 O64 - Services: CurCS - Msfs (Msfs) - LEGACY_MSFS O64 - Services: CurCS - ISA/EISA Class Driver (msisadrv) - LEGACY_MSISADRV O64 - Services: CurCS - Mup (Mup) - LEGACY_MUP O64 - Services: CurCS - NativeWiFi Filter (NativeWifiP) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - NDIS System Driver (NDIS) - LEGACY_NDIS O64 - Services: CurCS - NDIS Usermode I/O Protocol (Ndisuio) - LEGACY_NDISUIO O64 - Services: CurCS - NDProxy (NDProxy) - LEGACY_NDPROXY O64 - Services: CurCS - NetBIOS Interface (NetBIOS) - LEGACY_NETBIOS O64 - Services: CurCS - NETBT (netbt) - LEGACY_NETBT O64 - Services: CurCS - nod32drv (nod32drv) - LEGACY_NOD32DRV O64 - Services: CurCS - Npfs (Npfs) - LEGACY_NPFS O64 - Services: CurCS - NSI proxy service (nsiproxy) - LEGACY_NSIPROXY O64 - Services: CurCS - Ntfs (Ntfs) - LEGACY_NTFS O64 - Services: CurCS - Null (Null) - LEGACY_NULL O64 - Services: CurCS - PEAUTH (PEAUTH) - LEGACY_PEAUTH O64 - Services: CurCS - @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - LEGACY_PSCHED O64 - Services: CurCS - Remote Access Auto Connection Driver (RasAcd) - LEGACY_RASACD O64 - Services: CurCS - Redirected Buffering Sub Sysytem (rdbss) - LEGACY_RDBSS O64 - Services: CurCS - RDPCDD (RDPCDD) - LEGACY_RDPCDD O64 - Services: CurCS - RDP Encoder Mirror Driver (RDPENCDD) - LEGACY_RDPENCDD O64 - Services: CurCS - Link-Layer Topology Discovery Responder (rspndr) - LEGACY_RSPNDR O64 - Services: CurCS - Security Driver (secdrv) - LEGACY_SECDRV O64 - Services: CurCS - @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - LEGACY_SMB O64 - Services: CurCS - Security Processor Loader Driver (spldr) - LEGACY_SPLDR O64 - Services: CurCS - srv (srv) - LEGACY_SRV O64 - Services: CurCS - srv2 (srv2) - LEGACY_SRV2 O64 - Services: CurCS - srvnet (srvnet) - LEGACY_SRVNET O64 - Services: CurCS - @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - LEGACY_TCPIP O64 - Services: CurCS - TCP/IP Registry Compatibility (tcpipreg) - LEGACY_TCPIPREG O64 - Services: CurCS - @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - LEGACY_TDX O64 - Services: CurCS - UDFReadr (UDFReadr) - LEGACY_UDFREADR O64 - Services: CurCS - udfs (udfs) - LEGACY_UDFS O64 - Services: CurCS - VgaSave (VgaSave) - LEGACY_VGASAVE O64 - Services: CurCS - Dynamic Volume Manager (volmgrx) - LEGACY_VOLMGRX O64 - Services: CurCS - Volumes de stockage (volsnap) - LEGACY_VOLSNAP O64 - Services: CurCS - Remote Access IPv6 ARP Driver (Wanarpv6) - LEGACY_WANARPV6 O64 - Services: CurCS - Kernel Mode Driver Frameworks service (Wdf01000) - LEGACY_WDF01000 O64 - Services: CurCS - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) - LEGACY_WS2IFSL O64 - Services: CS002 - Ancilliary Function Driver for Winsock (AFD) - LEGACY_AFD O64 - Services: CS002 - AMON (AMON) - LEGACY_AMON O64 - Services: CS002 - AVG AVI Loader Driver x86 (AvgLdx86) - LEGACY_AVGLDX86 O64 - Services: CS002 - AVG On-access Scanner Minifilter Driver x86 (AvgMfx86) - LEGACY_AVGMFX86 O64 - Services: CS002 - AVG8 Network Redirector (AvgTdiX) - LEGACY_AVGTDIX O64 - Services: CS002 - Beep (Beep) - LEGACY_BEEP O64 - Services: CS002 - Bowser (bowser) - LEGACY_BOWSER O64 - Services: CS002 - CD/DVD File System Reader (cdfs) - LEGACY_CDFS O64 - Services: CS002 - cdudf_xp (cdudf_xp) - LEGACY_CDUDF_XP O64 - Services: CS002 - Common Log (CLFS) (CLFS) - LEGACY_CLFS O64 - Services: CS002 - Crcdisk Filter Driver (crcdisk) - LEGACY_CRCDISK O64 - Services: CS002 - Offline Files Driver (CSC) - LEGACY_CSC O64 - Services: CS002 - Dfs Client Driver (DfsC) - LEGACY_DFSC O64 - Services: CS002 - DVDVRRdr_xp (DVDVRRdr_xp) - LEGACY_DVDVRRDR_XP O64 - Services: CS002 - dvd_2K (dvd_2K) - LEGACY_DVD_2K O64 - Services: CS002 - LDDM Graphics Subsystem (DXGKrnl) - LEGACY_DXGKRNL O64 - Services: CS002 - FAT12/16/32 File System Driver (fastfat) - LEGACY_FASTFAT O64 - Services: CS002 - File Information FS MiniFilter (FileInfo) - LEGACY_FILEINFO O64 - Services: CS002 - FltMgr (FltMgr) - LEGACY_FLTMGR O64 - Services: CS002 - Fs_Rec (Fs_Rec) - LEGACY_FS_REC O64 - Services: CS002 - BitLocker Drive Encryption Filter Driver (fvevol) - LEGACY_FVEVOL O64 - Services: CS002 - HTTP (HTTP) - LEGACY_HTTP O64 - Services: CS002 - intelide (intelide) - LEGACY_INTELIDE O64 - Services: CS002 - KSecDD (KSecDD) - LEGACY_KSECDD O64 - Services: CS002 - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - LEGACY_LLTDIO O64 - Services: CS002 - UAC File Virtualization (luafv) - LEGACY_LUAFV O64 - Services: CS002 - Mount Point Manager (MountMgr) - LEGACY_MOUNTMGR O64 - Services: CS002 - @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - LEGACY_MPSDRV O64 - Services: CS002 - WebDav Client Redirector Driver (MRxDAV) - LEGACY_MRXDAV O64 - Services: CS002 - SMB MiniRedirector Wrapper and Engine (mrxsmb) - LEGACY_MRXSMB O64 - Services: CS002 - SMB 1.x MiniRedirector (mrxsmb10) - LEGACY_MRXSMB10 O64 - Services: CS002 - SMB 2.0 MiniRedirector (mrxsmb20) - LEGACY_MRXSMB20 O64 - Services: CS002 - Msfs (Msfs) - LEGACY_MSFS O64 - Services: CS002 - ISA/EISA Class Driver (msisadrv) - LEGACY_MSISADRV O64 - Services: CS002 - Mup (Mup) - LEGACY_MUP O64 - Services: CS002 - NativeWiFi Filter (NativeWifiP) - LEGACY_NATIVEWIFIP O64 - Services: CS002 - NDIS System Driver (NDIS) - LEGACY_NDIS O64 - Services: CS002 - NDIS Usermode I/O Protocol (Ndisuio) - LEGACY_NDISUIO O64 - Services: CS002 - NDProxy (NDProxy) - LEGACY_NDPROXY O64 - Services: CS002 - NetBIOS Interface (NetBIOS) - LEGACY_NETBIOS O64 - Services: CS002 - NETBT (netbt) - LEGACY_NETBT O64 - Services: CS002 - nod32drv (nod32drv) - LEGACY_NOD32DRV O64 - Services: CS002 - Npfs (Npfs) - LEGACY_NPFS O64 - Services: CS002 - NSI proxy service (nsiproxy) - LEGACY_NSIPROXY O64 - Services: CS002 - Ntfs (Ntfs) - LEGACY_NTFS O64 - Services: CS002 - Null (Null) - LEGACY_NULL O64 - Services: CS002 - PEAUTH (PEAUTH) - LEGACY_PEAUTH O64 - Services: CS002 - @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - LEGACY_PSCHED O64 - Services: CS002 - Remote Access Auto Connection Driver (RasAcd) - LEGACY_RASACD O64 - Services: CS002 - Redirected Buffering Sub Sysytem (rdbss) - LEGACY_RDBSS O64 - Services: CS002 - RDPCDD (RDPCDD) - LEGACY_RDPCDD O64 - Services: CS002 - RDP Encoder Mirror Driver (RDPENCDD) - LEGACY_RDPENCDD O64 - Services: CS002 - Link-Layer Topology Discovery Responder (rspndr) - LEGACY_RSPNDR O64 - Services: CS002 - Security Driver (secdrv) - LEGACY_SECDRV O64 - Services: CS002 - @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - LEGACY_SMB O64 - Services: CS002 - Security Processor Loader Driver (spldr) - LEGACY_SPLDR O64 - Services: CS002 - srv (srv) - LEGACY_SRV O64 - Services: CS002 - srv2 (srv2) - LEGACY_SRV2 O64 - Services: CS002 - srvnet (srvnet) - LEGACY_SRVNET O64 - Services: CS002 - @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - LEGACY_TCPIP O64 - Services: CS002 - TCP/IP Registry Compatibility (tcpipreg) - LEGACY_TCPIPREG O64 - Services: CS002 - @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - LEGACY_TDX O64 - Services: CS002 - UDFReadr (UDFReadr) - LEGACY_UDFREADR O64 - Services: CS002 - udfs (udfs) - LEGACY_UDFS O64 - Services: CS002 - VgaSave (VgaSave) - LEGACY_VGASAVE O64 - Services: CS002 - Dynamic Volume Manager (volmgrx) - LEGACY_VOLMGRX O64 - Services: CS002 - Volumes de stockage (volsnap) - LEGACY_VOLSNAP O64 - Services: CS002 - Remote Access IPv6 ARP Driver (Wanarpv6) - LEGACY_WANARPV6 O64 - Services: CS002 - Kernel Mode Driver Frameworks service (Wdf01000) - LEGACY_WDF01000 O64 - Services: CS002 - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) - LEGACY_WS2IFSL End of the scan: 933 lines
  5. lili80
    Rebonjour ; J'ai essayé d'exécuter rsit.exe, mais ça ne marche pas, quand je lance l'execution, je clique sur "continue", il m'affiche une barre de progression qui reste bloquée sur running HijackThis, et me signale que l'application ne répond pas. Que faire ?
  6. lili80
    Bonjour ; J'ai constaté depuis quelques jours que ma connexion Internet est devenue extrêmement lente, je soupçone une infection sur mon pc. que puis je faire ? Pour informations, j'ai une connexion ADSL en filaire. D'après mon provider, le problème n'est pas à leur niveau et que c'est sur machine. Et merci d'avance.
  7. lili80

    friture lors de l'enregistrement

    lili80 a répondu à un(e) sujet de lili80 dans Hardware

    salut ; J'ai vérifié dans le panneau de configuration son, il y a beaucoup d'options et franchement, je ne sais pas quel paramètre je dois changer, j'ai peur d'aggraver. je ne me souviens pas avoir trouvé de pilote pour le micro-casque.
  8. lili80
    Salut ; je vais faire ça, Je tenais à te dire que je suis infiniment reconnaissante envers toi Thanos, tu as sauvé mon pc. Je tâcherai de suivre tes conseils afin de ne pas retomber dans le piège. Encore une fois merci. Bonne continuation.
  9. lili80
    je viens de scanner ma clé et il n'a détecté qu'une seule infection, c'est le fichier zippé qoobox, que j'ai laissé. voici le rapport : Logfile of random's system information tool (written by random/random) Run by Administrateur at 2008-09-28 13:27:13 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 19 GB (75%) free of 26 GB Total RAM: 759 MB (16% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:28:49, on 28/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\MAKTray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\MAKHKEY.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\svchost.exe E:\utilitaires\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MAKTray] MAKTray.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 7060 bytes Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-09-30 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-09-30 126976] "Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360] "MAKTray"=C:\WINDOWS\MAKTray.exe [2004-08-27 287232] "SetRefresh"=C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "LayoutM"=C:\WINDOWS\KLayMgr.exe [2004-08-16 45056] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864] "Yahoo! Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-24 68856] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Funshion Online\Funshion\Funshion.exe"="C:\Program Files\Funshion Online\Funshion\Funshion.exe:*:Disabled:Funshion" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1ae-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1af-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1b0-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1b1-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5788d7d3-822d-11dd-9d15-000ffe2d9223}] shell\AutoRun\command - xk2n.bat shell\explore\command - xk2n.bat shell\open\command - xk2n.bat List of files/folders created in the last three months 2008-09-28 09:12:54 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier 2008-09-28 09:12:45 ----A---- C:\WINDOWS\zllsputility_loc040c.dll 2008-09-28 09:12:45 ----A---- C:\WINDOWS\system32\imslsp_install_loc040c.dll 2008-09-28 09:12:45 ----A---- C:\WINDOWS\system32\imsinstall_loc040c.dll 2008-09-28 09:12:41 ----A---- C:\WINDOWS\zllsputility.exe 2008-09-28 09:12:40 ----A---- C:\WINDOWS\system32\SpOrder.dll 2008-09-28 09:12:21 ----A---- C:\WINDOWS\system32\zpeng24.dll 2008-09-27 13:25:19 ----A---- C:\WINDOWS\IE4 Error Log.txt 2008-09-24 14:35:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\AdobeUM 2008-09-24 11:09:56 ----A---- C:\WINDOWS\ODBC.INI 2008-09-24 11:09:49 ----A---- C:\WINDOWS\system32\mdimon.dll 2008-09-24 11:08:06 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2008-09-24 11:08:02 ----D---- C:\Program Files\Microsoft Works 2008-09-24 11:07:54 ----D---- C:\Program Files\Microsoft Visual Studio 2008-09-24 11:07:40 ----D---- C:\WINDOWS\SHELLNEW 2008-09-24 11:07:34 ----D---- C:\Program Files\Microsoft.NET 2008-09-22 14:42:14 ----D---- C:\Mes téléchargements 2008-09-22 14:41:10 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-09-22 14:41:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-09-22 14:40:10 ----D---- C:\Program Files\Adobe 2008-09-22 14:32:23 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc 2008-09-22 14:31:58 ----D---- C:\Program Files\VideoLAN 2008-09-22 13:00:51 ----D---- C:\Program Files\PowerQuest 2008-09-21 09:20:38 ----A---- C:\WINDOWS\system32\vsutil_loc040c.dll 2008-09-21 09:20:35 ----A---- C:\WINDOWS\system32\vsregexp.dll 2008-09-21 09:20:35 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll 2008-09-21 09:20:34 ----A---- C:\WINDOWS\system32\zlcommdb.dll 2008-09-21 09:20:34 ----A---- C:\WINDOWS\system32\zlcomm.dll 2008-09-21 09:20:31 ----A---- C:\WINDOWS\system32\vswmi.dll 2008-09-21 09:20:30 ----D---- C:\WINDOWS\system32\ZoneLabs 2008-09-21 09:20:30 ----D---- C:\Program Files\Zone Labs 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vsxml.dll 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vspubapi.dll 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vsmonapi.dll 2008-09-21 09:19:49 ----D---- C:\WINDOWS\Internet Logs 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsutil.dll 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsinit.dll 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsdata.dll 2008-09-21 09:18:41 ----D---- C:\Program Files\Avira 2008-09-21 09:18:41 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2008-09-21 09:01:59 ----D---- C:\WINDOWS\system32\appmgmt 2008-09-20 11:38:01 ----D---- C:\rsit 2008-09-17 14:58:29 ----SHD---- C:\RECYCLER 2008-09-17 14:58:06 ----D---- C:\ComboFix 2008-09-17 11:28:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\InterVideo 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaws.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaw.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\java.exe 2008-09-17 09:08:32 ----D---- C:\WINDOWS\Sun 2008-09-17 09:08:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sun 2008-09-16 15:01:10 ----D---- C:\WINDOWS\temp 2008-09-16 15:01:09 ----A---- C:\ComboFix.txt 2008-09-15 15:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-09-15 15:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-09-15 15:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-09-15 15:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-09-15 15:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-09-15 15:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-09-15 15:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-09-15 15:32:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-09-15 15:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-09-15 15:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-09-15 15:32:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-09-15 15:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-09-15 15:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2008-09-15 15:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-09-15 15:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2008-09-15 09:02:58 ----D---- C:\WINDOWS\system32\CatRoot_bak 2008-09-15 08:58:18 ----D---- C:\WINDOWS\system32\PreInstall 2008-09-15 08:58:17 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-09-15 08:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2008-09-15 08:58:16 ----HD---- C:\WINDOWS\$hf_mig$ 2008-09-14 08:11:33 ----D---- C:\WINDOWS\erdnt 2008-07-14 13:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-07-09 12:18:36 ----A---- C:\WINDOWS\system32\funshion.ini 2008-07-03 11:42:35 ----N---- C:\WINDOWS\system32\xpsp3res.dll List of drivers R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-11-16 190592] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-15 612416] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-05 46720] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-18 96256] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2004-02-04 51584] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271] S4 adpu320;adpu320; C:\WINDOWS\system32\system32\DRIVERS\adpu320.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\system32\DRIVERS\intelide.sys [] S4 Symmpi;Symmpi; C:\WINDOWS\system32\system32\DRIVERS\symmpi.sys [] List of services R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2002-09-10 138168] S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\Shared\hpqwmi.exe [2004-07-27 98304] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF----------------- j'ai aussi fait fusionner le fichier avec la base de registres. j'ai oublié de préciser un petit problème, lorsque j'accèdais à ma clé usb par double clique, il m'affichait la liste de choix des programmes à utiliser pour l'ouverture, je viens de tester, c'est réglé
  10. lili80
    Salut ; j'ai désactivé puis réactivé la restauration et lancé RSIT, dont voici le rapport : Logfile of random's system information tool (written by random/random) Run by Administrateur at 2008-09-28 13:27:13 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 19 GB (75%) free of 26 GB Total RAM: 759 MB (16% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:28:49, on 28/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\MAKTray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\MAKHKEY.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\svchost.exe E:\utilitaires\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MAKTray] MAKTray.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 7060 bytes Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-09-30 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-09-30 126976] "Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360] "MAKTray"=C:\WINDOWS\MAKTray.exe [2004-08-27 287232] "SetRefresh"=C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "LayoutM"=C:\WINDOWS\KLayMgr.exe [2004-08-16 45056] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864] "Yahoo! Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-24 68856] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Funshion Online\Funshion\Funshion.exe"="C:\Program Files\Funshion Online\Funshion\Funshion.exe:*:Disabled:Funshion" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1ae-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1af-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1b0-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1b1-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - svcsys.exe shell\open\command - svcsys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5788d7d3-822d-11dd-9d15-000ffe2d9223}] shell\AutoRun\command - xk2n.bat shell\explore\command - xk2n.bat shell\open\command - xk2n.bat List of files/folders created in the last three months 2008-09-28 09:12:54 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier 2008-09-28 09:12:45 ----A---- C:\WINDOWS\zllsputility_loc040c.dll 2008-09-28 09:12:45 ----A---- C:\WINDOWS\system32\imslsp_install_loc040c.dll 2008-09-28 09:12:45 ----A---- C:\WINDOWS\system32\imsinstall_loc040c.dll 2008-09-28 09:12:41 ----A---- C:\WINDOWS\zllsputility.exe 2008-09-28 09:12:40 ----A---- C:\WINDOWS\system32\SpOrder.dll 2008-09-28 09:12:21 ----A---- C:\WINDOWS\system32\zpeng24.dll 2008-09-27 13:25:19 ----A---- C:\WINDOWS\IE4 Error Log.txt 2008-09-24 14:35:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\AdobeUM 2008-09-24 11:09:56 ----A---- C:\WINDOWS\ODBC.INI 2008-09-24 11:09:49 ----A---- C:\WINDOWS\system32\mdimon.dll 2008-09-24 11:08:06 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2008-09-24 11:08:02 ----D---- C:\Program Files\Microsoft Works 2008-09-24 11:07:54 ----D---- C:\Program Files\Microsoft Visual Studio 2008-09-24 11:07:40 ----D---- C:\WINDOWS\SHELLNEW 2008-09-24 11:07:34 ----D---- C:\Program Files\Microsoft.NET 2008-09-22 14:42:14 ----D---- C:\Mes téléchargements 2008-09-22 14:41:10 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-09-22 14:41:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-09-22 14:40:10 ----D---- C:\Program Files\Adobe 2008-09-22 14:32:23 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc 2008-09-22 14:31:58 ----D---- C:\Program Files\VideoLAN 2008-09-22 13:00:51 ----D---- C:\Program Files\PowerQuest 2008-09-21 09:20:38 ----A---- C:\WINDOWS\system32\vsutil_loc040c.dll 2008-09-21 09:20:35 ----A---- C:\WINDOWS\system32\vsregexp.dll 2008-09-21 09:20:35 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll 2008-09-21 09:20:34 ----A---- C:\WINDOWS\system32\zlcommdb.dll 2008-09-21 09:20:34 ----A---- C:\WINDOWS\system32\zlcomm.dll 2008-09-21 09:20:31 ----A---- C:\WINDOWS\system32\vswmi.dll 2008-09-21 09:20:30 ----D---- C:\WINDOWS\system32\ZoneLabs 2008-09-21 09:20:30 ----D---- C:\Program Files\Zone Labs 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vsxml.dll 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vspubapi.dll 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vsmonapi.dll 2008-09-21 09:19:49 ----D---- C:\WINDOWS\Internet Logs 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsutil.dll 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsinit.dll 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsdata.dll 2008-09-21 09:18:41 ----D---- C:\Program Files\Avira 2008-09-21 09:18:41 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2008-09-21 09:01:59 ----D---- C:\WINDOWS\system32\appmgmt 2008-09-20 11:38:01 ----D---- C:\rsit 2008-09-17 14:58:29 ----SHD---- C:\RECYCLER 2008-09-17 14:58:06 ----D---- C:\ComboFix 2008-09-17 11:28:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\InterVideo 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaws.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaw.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\java.exe 2008-09-17 09:08:32 ----D---- C:\WINDOWS\Sun 2008-09-17 09:08:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sun 2008-09-16 15:01:10 ----D---- C:\WINDOWS\temp 2008-09-16 15:01:09 ----A---- C:\ComboFix.txt 2008-09-15 15:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-09-15 15:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-09-15 15:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-09-15 15:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-09-15 15:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-09-15 15:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-09-15 15:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-09-15 15:32:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-09-15 15:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-09-15 15:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-09-15 15:32:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-09-15 15:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-09-15 15:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2008-09-15 15:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-09-15 15:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2008-09-15 09:02:58 ----D---- C:\WINDOWS\system32\CatRoot_bak 2008-09-15 08:58:18 ----D---- C:\WINDOWS\system32\PreInstall 2008-09-15 08:58:17 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-09-15 08:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2008-09-15 08:58:16 ----HD---- C:\WINDOWS\$hf_mig$ 2008-09-14 08:11:33 ----D---- C:\WINDOWS\erdnt 2008-07-14 13:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-07-09 12:18:36 ----A---- C:\WINDOWS\system32\funshion.ini 2008-07-03 11:42:35 ----N---- C:\WINDOWS\system32\xpsp3res.dll List of drivers R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-11-16 190592] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-15 612416] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-05 46720] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-18 96256] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2004-02-04 51584] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271] S4 adpu320;adpu320; C:\WINDOWS\system32\system32\DRIVERS\adpu320.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\system32\DRIVERS\intelide.sys [] S4 Symmpi;Symmpi; C:\WINDOWS\system32\system32\DRIVERS\symmpi.sys [] List of services R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2002-09-10 138168] S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\Shared\hpqwmi.exe [2004-07-27 98304] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF----------------- Mon pc fonctionne normalement, rien de suspect, parfois, j'ai des alertes antivir (lors de l'accès à des clés usb). Merci.
  11. lili80
    Bonjour ; J'ai installé la version que tu m'as proposé et ça marche. Merci bcp pour ton aide précieuse.
  12. lili80
    Salut ; Et bien, je ne me souviens pas trop mais je pense que je l'ai téléchargé à partir 01net. je vais le faire tt de suite, ça risque de prendre du temps. Merci. Au fait, joyeux anniversaire.
  13. lili80
    Bonjour ; J'ai un problème lors de l'utilisation de mon microphone sur mon laptop, il s'agit d'un casque avec micro intégré. En fait, le microphone marche bien puisque je l'ai testé sur un autre pc. par contre sur le portable, lorsque j'enregistre ma voix ou que j'utilise skype, il y a des fritures importantes, donc impossible de l'utiliser. Que faire ? Merci.
  14. lili80
    Bonjour ; je me suis rendue compte que mon dernier message n'est pas bien passé, donc, je réitère : Je me suis procurée une autre version d'office et j'ai réussi à l'installer (je n'y comprends rien), mais le problème est réglé. Pour zone alarm, le verrouillage Internet n'est pas activé, le fichier log d'aujourd'hui n'est pas encore créé, par contre, j'ai trouvé celui du 24/09, son contenu est comme suit : ZoneAlarm Logging Client v6.5.737.000 Windows XP-5.1.2600-Service Pack 2-SMP type,date,time,source,destination,transport (Security) type,date,time,virus name,file name,mode,e-mail id (Anti-Virus) type,date,time,source,destination,action,service (IM Security) type,date,time,source,destination,program,action (Malicious Code Protection) type,date,time,action,product,file,event,subevent,class,data,data,... (OSFirewall) type,date,time,name,type,mode (Anti-Spyware) FWOUT,2008/09/24,08:56:20 +2:00 GMT,10.0.1.9:1669,142.162.86.226:56252,UDP FWOUT,2008/09/24,08:56:22 +2:00 GMT,10.0.1.9:1669,84.242.184.84:35385,UDP FWOUT,2008/09/24,08:56:22 +2:00 GMT,10.0.1.9:1669,67.184.131.163:44371,UDP FWOUT,2008/09/24,08:56:22 +2:00 GMT,10.0.1.9:1669,80.116.141.94:50993,UDP FWOUT,2008/09/24,08:56:22 +2:00 GMT,10.0.1.9:1669,82.65.163.96:29264,UDP FWOUT,2008/09/24,08:56:26 +2:00 GMT,10.0.1.9:1669,78.61.48.243:27120,UDP FWOUT,2008/09/24,08:56:28 +2:00 GMT,10.0.1.9:1669,98.193.98.107:57726,UDP FWOUT,2008/09/24,08:56:28 +2:00 GMT,10.0.1.9:1669,71.68.51.204:28634,UDP FWOUT,2008/09/24,08:56:28 +2:00 GMT,10.0.1.9:1669,24.215.32.67:39913,UDP FWOUT,2008/09/24,08:56:28 +2:00 GMT,10.0.1.9:1669,77.241.34.178:43499,UDP FWOUT,2008/09/24,08:56:30 +2:00 GMT,10.0.1.9:1035,129.6.15.28:37,TCP (flags:S) FWOUT,2008/09/24,08:56:32 +2:00 GMT,10.0.1.9:1669,209.6.240.5:40287,UDP PE,2008/09/24,08:56:32 +2:00 GMT,Skype Extras Manager,C:\Program Files\Skype\Plugin Manager\skypePM.exe,193.194.64.11:53,N/A FWOUT,2008/09/24,08:56:34 +2:00 GMT,10.0.1.9:1669,151.9.35.8:24137,UDP FWOUT,2008/09/24,08:56:34 +2:00 GMT,10.0.1.9:1669,78.54.65.139:21098,UDP FWOUT,2008/09/24,08:56:34 +2:00 GMT,10.0.1.9:1669,93.81.169.246:13873,UDP FWOUT,2008/09/24,08:56:34 +2:00 GMT,10.0.1.9:1669,69.146.184.131:63718,UDP FWOUT,2008/09/24,08:56:38 +2:00 GMT,10.0.1.9:1669,81.84.102.234:62380,UDP FWOUT,2008/09/24,08:56:40 +2:00 GMT,10.0.1.9:1669,71.201.89.115:23614,UDP FWOUT,2008/09/24,08:56:40 +2:00 GMT,10.0.1.9:1669,72.131.31.124:8155,UDP FWOUT,2008/09/24,08:56:40 +2:00 GMT,10.0.1.9:1669,71.207.212.56:15974,UDP FWOUT,2008/09/24,08:56:40 +2:00 GMT,10.0.1.9:1669,24.251.40.6:26546,UDP FWOUT,2008/09/24,08:56:44 +2:00 GMT,10.0.1.9:1669,94.209.237.16:21804,UDP FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1038,142.162.86.226:56252,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1039,98.193.98.107:57726,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1040,82.65.163.96:29264,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1041,67.184.131.163:44371,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1042,77.241.34.178:43499,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1043,84.242.184.84:35385,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1044,142.162.86.226:443,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1045,98.193.98.107:443,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1046,82.65.163.96:443,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1047,67.184.131.163:443,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1048,77.241.34.178:443,TCP (flags:S) FWOUT,2008/09/24,08:56:50 +2:00 GMT,10.0.1.9:1049,84.242.184.84:443,TCP (flags:S) FWOUT,2008/09/24,08:56:52 +2:00 GMT,10.0.1.9:1051,78.54.65.139:21098,TCP (flags:S) FWOUT,2008/09/24,08:56:52 +2:00 GMT,10.0.1.9:1052,142.162.86.226:80,TCP (flags:S) FWOUT,2008/09/24,08:56:52 +2:00 GMT,10.0.1.9:1053,98.193.98.107:80,TCP (flags:S) FWOUT,2008/09/24,08:56:52 +2:00 GMT,10.0.1.9:1054,82.65.163.96:80,TCP (flags:S) FWOUT,2008/09/24,08:56:52 +2:00 GMT,10.0.1.9:1055,67.184.131.163:80,TCP (flags:S) FWOUT,2008/09/24,08:56:52 +2:00 GMT,10.0.1.9:1056,77.241.34.178:80,TCP (flags:S) FWOUT,2008/09/24,08:56:52 +2:00 GMT,10.0.1.9:1057,84.242.184.84:80,TCP (flags:S) FWOUT,2008/09/24,08:56:54 +2:00 GMT,10.0.1.9:1058,78.54.65.139:443,TCP (flags:S) FWOUT,2008/09/24,08:56:56 +2:00 GMT,10.0.1.9:1059,78.54.65.139:80,TCP (flags:S) FWOUT,2008/09/24,08:57:02 +2:00 GMT,10.0.1.9:1065,213.248.111.57:80,TCP (flags:S) FWOUT,2008/09/24,08:57:12 +2:00 GMT,10.0.1.9:1084,204.9.163.158:80,TCP (flags:S) FWOUT,2008/09/24,08:57:14 +2:00 GMT,10.0.1.9:1085,78.61.48.243:27120,TCP (flags:S) FWOUT,2008/09/24,08:57:14 +2:00 GMT,10.0.1.9:1087,209.6.240.5:40287,TCP (flags:S) FWOUT,2008/09/24,08:57:14 +2:00 GMT,10.0.1.9:1088,71.68.51.204:28634,TCP (flags:S) FWOUT,2008/09/24,08:57:14 +2:00 GMT,10.0.1.9:1089,24.215.32.67:39913,TCP (flags:S) FWOUT,2008/09/24,08:57:16 +2:00 GMT,10.0.1.9:1093,78.61.48.243:443,TCP (flags:S) FWOUT,2008/09/24,08:57:16 +2:00 GMT,10.0.1.9:1095,209.6.240.5:443,TCP (flags:S) FWOUT,2008/09/24,08:57:16 +2:00 GMT,10.0.1.9:1096,71.68.51.204:443,TCP (flags:S) FWOUT,2008/09/24,08:57:16 +2:00 GMT,10.0.1.9:1097,24.215.32.67:443,TCP (flags:S) FWOUT,2008/09/24,08:57:16 +2:00 GMT,10.0.1.9:1101,80.116.141.94:50993,TCP (flags:S) FWOUT,2008/09/24,08:57:16 +2:00 GMT,10.0.1.9:1103,78.61.48.243:80,TCP (flags:S) FWOUT,2008/09/24,08:57:18 +2:00 GMT,10.0.1.9:1105,209.6.240.5:80,TCP (flags:S) FWOUT,2008/09/24,08:57:18 +2:00 GMT,10.0.1.9:1106,71.68.51.204:80,TCP (flags:S) FWOUT,2008/09/24,08:57:18 +2:00 GMT,10.0.1.9:1107,24.215.32.67:80,TCP (flags:S) FWOUT,2008/09/24,08:57:18 +2:00 GMT,10.0.1.9:1111,80.116.141.94:443,TCP (flags:S) FWOUT,2008/09/24,08:57:20 +2:00 GMT,10.0.1.9:1113,80.116.141.94:80,TCP (flags:S) FWOUT,2008/09/24,08:57:22 +2:00 GMT,10.0.1.9:1115,213.248.111.73:80,TCP (flags:S) FWOUT,2008/09/24,08:57:34 +2:00 GMT,10.0.1.9:1117,89.137.217.243:28941,TCP (flags:S) FWOUT,2008/09/24,08:57:34 +2:00 GMT,10.0.1.9:1119,89.137.217.243:443,TCP (flags:S) FWOUT,2008/09/24,08:57:36 +2:00 GMT,10.0.1.9:1121,89.137.217.243:80,TCP (flags:S) FWOUT,2008/09/24,08:57:38 +2:00 GMT,10.0.1.9:1123,94.209.237.16:21804,TCP (flags:S) FWOUT,2008/09/24,08:57:40 +2:00 GMT,10.0.1.9:1125,69.146.184.131:63718,TCP (flags:S) FWOUT,2008/09/24,08:57:40 +2:00 GMT,10.0.1.9:1126,72.131.31.124:8155,TCP (flags:S) FWOUT,2008/09/24,08:57:40 +2:00 GMT,10.0.1.9:1129,94.209.237.16:443,TCP (flags:S) FWOUT,2008/09/24,08:57:40 +2:00 GMT,10.0.1.9:1131,24.251.40.6:26546,TCP (flags:S) FWOUT,2008/09/24,08:57:40 +2:00 GMT,10.0.1.9:1133,69.146.184.131:443,TCP (flags:S) FWOUT,2008/09/24,08:57:40 +2:00 GMT,10.0.1.9:1134,72.131.31.124:443,TCP (flags:S) FWOUT,2008/09/24,08:57:42 +2:00 GMT,10.0.1.9:1137,71.201.89.115:23614,TCP (flags:S) FWOUT,2008/09/24,08:57:42 +2:00 GMT,10.0.1.9:1139,94.209.237.16:80,TCP (flags:S) FWOUT,2008/09/24,08:57:42 +2:00 GMT,10.0.1.9:1141,24.251.40.6:443,TCP (flags:S) FWOUT,2008/09/24,08:57:42 +2:00 GMT,10.0.1.9:1143,69.146.184.131:80,TCP (flags:S) FWOUT,2008/09/24,08:57:42 +2:00 GMT,10.0.1.9:1144,72.131.31.124:80,TCP (flags:S) FWOUT,2008/09/24,08:57:42 +2:00 GMT,10.0.1.9:1147,71.201.89.115:443,TCP (flags:S) FWOUT,2008/09/24,08:57:44 +2:00 GMT,10.0.1.9:1149,24.251.40.6:80,TCP (flags:S) FWOUT,2008/09/24,08:57:44 +2:00 GMT,10.0.1.9:1151,93.81.169.246:13873,TCP (flags:S) FWOUT,2008/09/24,08:57:44 +2:00 GMT,10.0.1.9:1153,71.201.89.115:80,TCP (flags:S) FWOUT,2008/09/24,08:57:46 +2:00 GMT,10.0.1.9:1155,93.81.169.246:443,TCP (flags:S) FWOUT,2008/09/24,08:57:46 +2:00 GMT,10.0.1.9:1157,213.248.111.57:80,TCP (flags:S) FWOUT,2008/09/24,08:57:48 +2:00 GMT,10.0.1.9:1158,93.81.169.246:80,TCP (flags:S) FWOUT,2008/09/24,08:58:02 +2:00 GMT,10.0.1.9:1160,68.200.30.28:14506,TCP (flags:S) FWOUT,2008/09/24,08:58:04 +2:00 GMT,10.0.1.9:1162,151.9.35.8:24137,TCP (flags:S) FWOUT,2008/09/24,08:58:04 +2:00 GMT,10.0.1.9:1163,81.84.102.234:62380,TCP (flags:S) FWOUT,2008/09/24,08:58:04 +2:00 GMT,10.0.1.9:1166,68.200.30.28:443,TCP (flags:S) FWOUT,2008/09/24,08:58:06 +2:00 GMT,10.0.1.9:1168,82.193.87.68:7765,TCP (flags:S) FWOUT,2008/09/24,08:58:06 +2:00 GMT,10.0.1.9:1170,151.9.35.8:443,TCP (flags:S) FWOUT,2008/09/24,08:58:06 +2:00 GMT,10.0.1.9:1171,81.84.102.234:443,TCP (flags:S) FWOUT,2008/09/24,08:58:06 +2:00 GMT,10.0.1.9:1174,71.207.212.56:15974,TCP (flags:S) FWOUT,2008/09/24,08:58:06 +2:00 GMT,10.0.1.9:1176,68.200.30.28:80,TCP (flags:S) FWOUT,2008/09/24,08:58:06 +2:00 GMT,10.0.1.9:1178,82.193.87.68:443,TCP (flags:S) FWOUT,2008/09/24,08:58:08 +2:00 GMT,10.0.1.9:1180,151.9.35.8:80,TCP (flags:S) FWOUT,2008/09/24,08:58:08 +2:00 GMT,10.0.1.9:1181,81.84.102.234:80,TCP (flags:S) FWOUT,2008/09/24,08:58:08 +2:00 GMT,10.0.1.9:1184,213.248.111.73:80,TCP (flags:S) FWOUT,2008/09/24,08:58:08 +2:00 GMT,10.0.1.9:1185,71.207.212.56:443,TCP (flags:S) FWOUT,2008/09/24,08:58:08 +2:00 GMT,10.0.1.9:1187,82.193.87.68:80,TCP (flags:S) FWOUT,2008/09/24,08:58:10 +2:00 GMT,10.0.1.9:1189,122.135.55.171:45026,TCP (flags:S) FWOUT,2008/09/24,08:58:10 +2:00 GMT,10.0.1.9:1191,71.207.212.56:80,TCP (flags:S) FWOUT,2008/09/24,08:58:10 +2:00 GMT,10.0.1.9:1193,122.135.55.171:443,TCP (flags:S) FWOUT,2008/09/24,08:58:12 +2:00 GMT,10.0.1.9:1195,122.135.55.171:80,TCP (flags:S) FWOUT,2008/09/24,08:58:14 +2:00 GMT,10.0.1.9:1198,72.14.205.104:80,TCP (flags:S) FWOUT,2008/09/24,08:58:28 +2:00 GMT,10.0.1.9:1200,18.139.7.176:17715,TCP (flags:S) FWOUT,2008/09/24,08:58:28 +2:00 GMT,10.0.1.9:1201,85.221.145.110:12929,TCP (flags:S) FWOUT,2008/09/24,08:58:28 +2:00 GMT,10.0.1.9:1202,84.54.152.41:51218,TCP (flags:S) FWOUT,2008/09/24,08:58:30 +2:00 GMT,10.0.1.9:1206,24.61.85.36:26546,TCP (flags:S) FWOUT,2008/09/24,08:58:30 +2:00 GMT,10.0.1.9:1208,18.139.7.176:443,TCP (flags:S) FWOUT,2008/09/24,08:58:30 +2:00 GMT,10.0.1.9:1209,85.221.145.110:443,TCP (flags:S) FWOUT,2008/09/24,08:58:30 +2:00 GMT,10.0.1.9:1210,84.54.152.41:443,TCP (flags:S) FWOUT,2008/09/24,08:58:30 +2:00 GMT,10.0.1.9:1214,68.116.112.98:17374,TCP (flags:S) FWOUT,2008/09/24,08:58:32 +2:00 GMT,10.0.1.9:1216,24.61.85.36:443,TCP (flags:S) FWOUT,2008/09/24,08:58:32 +2:00 GMT,10.0.1.9:1218,18.139.7.176:80,TCP (flags:S) FWOUT,2008/09/24,08:58:32 +2:00 GMT,10.0.1.9:1219,85.221.145.110:80,TCP (flags:S) FWOUT,2008/09/24,08:58:32 +2:00 GMT,10.0.1.9:1220,84.54.152.41:80,TCP (flags:S) FWOUT,2008/09/24,08:58:32 +2:00 GMT,10.0.1.9:1224,68.116.112.98:443,TCP (flags:S) FWOUT,2008/09/24,08:58:34 +2:00 GMT,10.0.1.9:1226,24.61.85.36:80,TCP (flags:S) FWOUT,2008/09/24,08:58:34 +2:00 GMT,10.0.1.9:1228,72.219.26.118:52612,TCP (flags:S) FWOUT,2008/09/24,08:58:34 +2:00 GMT,10.0.1.9:1230,68.116.112.98:80,TCP (flags:S) FWOUT,2008/09/24,08:58:34 +2:00 GMT,10.0.1.9:1232,72.14.205.147:80,TCP (flags:S) FWOUT,2008/09/24,08:58:36 +2:00 GMT,10.0.1.9:1233,72.219.26.118:443,TCP (flags:S) FWOUT,2008/09/24,08:58:38 +2:00 GMT,10.0.1.9:1235,72.219.26.118:80,TCP (flags:S) FWOUT,2008/09/24,08:58:42 +2:00 GMT,10.0.1.9:1237,213.248.111.73:80,TCP (flags:S) FWOUT,2008/09/24,09:36:20 +2:00 GMT,10.0.1.9:1438,10.0.1.135:2869,TCP (flags:S) FWOUT,2008/09/24,09:36:50 +2:00 GMT,10.0.1.9:1669,41.249.1.148:43637,UDP FWOUT,2008/09/24,09:36:50 +2:00 GMT,10.0.1.9:1669,71.113.163.24:27983,UDP FWOUT,2008/09/24,09:36:50 +2:00 GMT,10.0.1.9:1669,75.136.221.239:62332,UDP FWOUT,2008/09/24,09:36:50 +2:00 GMT,10.0.1.9:1669,213.22.239.210:41173,UDP FWOUT,2008/09/24,09:36:50 +2:00 GMT,10.0.1.9:1669,86.6.60.223:45936,UDP FWOUT,2008/09/24,09:36:54 +2:00 GMT,10.0.1.9:1669,89.0.42.71:42406,UDP FWOUT,2008/09/24,09:36:56 +2:00 GMT,10.0.1.9:1669,65.26.245.180:46969,UDP FWOUT,2008/09/24,09:36:56 +2:00 GMT,10.0.1.9:1669,195.241.233.206:56150,UDP FWOUT,2008/09/24,09:36:56 +2:00 GMT,10.0.1.9:1669,206.255.74.251:29227,UDP FWOUT,2008/09/24,09:36:56 +2:00 GMT,10.0.1.9:1669,71.206.145.68:57236,UDP FWOUT,2008/09/24,09:37:00 +2:00 GMT,10.0.1.9:1669,90.146.80.215:50016,UDP FWOUT,2008/09/24,09:37:00 +2:00 GMT,10.0.1.9:1669,216.121.185.253:16955,UDP FWOUT,2008/09/24,09:37:00 +2:00 GMT,10.0.1.9:1669,90.241.42.178:51459,UDP FWOUT,2008/09/24,09:37:00 +2:00 GMT,10.0.1.9:1669,143.225.201.61:39227,UDP FWOUT,2008/09/24,09:37:00 +2:00 GMT,10.0.1.9:1669,83.29.49.38:25909,UDP FWOUT,2008/09/24,09:37:04 +2:00 GMT,10.0.1.9:1669,82.139.83.220:33598,UDP FWOUT,2008/09/24,09:37:06 +2:00 GMT,10.0.1.9:1669,137.226.142.203:23081,UDP FWOUT,2008/09/24,09:37:06 +2:00 GMT,10.0.1.9:1669,64.118.17.152:52616,UDP FWOUT,2008/09/24,09:37:06 +2:00 GMT,10.0.1.9:1669,84.194.147.129:33673,UDP FWOUT,2008/09/24,09:37:06 +2:00 GMT,10.0.1.9:1669,88.80.108.241:34937,UDP FWOUT,2008/09/24,09:37:10 +2:00 GMT,10.0.1.9:1669,69.183.159.178:27700,UDP FWOUT,2008/09/24,09:37:12 +2:00 GMT,10.0.1.9:1461,204.9.163.158:80,TCP (flags:S) FWOUT,2008/09/24,09:37:14 +2:00 GMT,10.0.1.9:1463,41.249.1.148:443,TCP (flags:S) FWOUT,2008/09/24,09:37:14 +2:00 GMT,10.0.1.9:1464,75.136.221.239:443,TCP (flags:S) FWOUT,2008/09/24,09:37:14 +2:00 GMT,10.0.1.9:1465,71.113.163.24:443,TCP (flags:S) FWOUT,2008/09/24,09:37:14 +2:00 GMT,10.0.1.9:1466,195.241.233.206:443,TCP (flags:S) FWOUT,2008/09/24,09:37:14 +2:00 GMT,10.0.1.9:1467,137.226.142.203:443,TCP (flags:S) FWOUT,2008/09/24,09:37:14 +2:00 GMT,10.0.1.9:1468,71.206.145.68:443,TCP (flags:S) FWOUT,2008/09/24,09:37:16 +2:00 GMT,10.0.1.9:1475,41.249.1.148:43637,TCP (flags:S) FWOUT,2008/09/24,09:37:16 +2:00 GMT,10.0.1.9:1476,75.136.221.239:62332,TCP (flags:S) FWOUT,2008/09/24,09:37:16 +2:00 GMT,10.0.1.9:1477,71.113.163.24:27983,TCP (flags:S) FWOUT,2008/09/24,09:37:16 +2:00 GMT,10.0.1.9:1478,195.241.233.206:56150,TCP (flags:S) FWOUT,2008/09/24,09:37:16 +2:00 GMT,10.0.1.9:1479,137.226.142.203:23081,TCP (flags:S) FWOUT,2008/09/24,09:37:16 +2:00 GMT,10.0.1.9:1480,71.206.145.68:57236,TCP (flags:S) FWOUT,2008/09/24,09:37:18 +2:00 GMT,10.0.1.9:1487,41.249.1.148:80,TCP (flags:S) FWOUT,2008/09/24,09:37:18 +2:00 GMT,10.0.1.9:1488,75.136.221.239:80,TCP (flags:S) FWOUT,2008/09/24,09:37:18 +2:00 GMT,10.0.1.9:1491,71.113.163.24:80,TCP (flags:S) FWOUT,2008/09/24,09:37:18 +2:00 GMT,10.0.1.9:1492,195.241.233.206:80,TCP (flags:S) FWOUT,2008/09/24,09:37:18 +2:00 GMT,10.0.1.9:1493,137.226.142.203:80,TCP (flags:S) FWOUT,2008/09/24,09:37:18 +2:00 GMT,10.0.1.9:1494,71.206.145.68:80,TCP (flags:S) FWOUT,2008/09/24,09:37:32 +2:00 GMT,10.0.1.9:1499,213.22.239.210:443,TCP (flags:S) FWOUT,2008/09/24,09:37:34 +2:00 GMT,10.0.1.9:1501,213.22.239.210:41173,TCP (flags:S) FWOUT,2008/09/24,09:37:36 +2:00 GMT,10.0.1.9:1503,213.22.239.210:80,TCP (flags:S) FWOUT,2008/09/24,09:37:38 +2:00 GMT,10.0.1.9:1505,65.26.245.180:443,TCP (flags:S) FWOUT,2008/09/24,09:37:40 +2:00 GMT,10.0.1.9:1506,89.0.42.71:443,TCP (flags:S) FWOUT,2008/09/24,09:37:40 +2:00 GMT,10.0.1.9:1507,90.146.80.215:443,TCP (flags:S) FWOUT,2008/09/24,09:37:40 +2:00 GMT,10.0.1.9:1508,143.225.201.61:39227,TCP (flags:S) FWOUT,2008/09/24,09:37:40 +2:00 GMT,10.0.1.9:1509,216.121.185.253:16955,TCP (flags:S) FWOUT,2008/09/24,09:37:40 +2:00 GMT,10.0.1.9:1510,82.139.83.220:33598,TCP (flags:S) FWOUT,2008/09/24,09:37:40 +2:00 GMT,10.0.1.9:1511,65.26.245.180:46969,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1512,89.0.42.71:42406,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1513,90.146.80.215:50016,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1514,143.225.201.61:443,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1515,216.121.185.253:443,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1516,82.139.83.220:443,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1517,65.26.245.180:80,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1518,89.0.42.71:80,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1519,90.146.80.215:80,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1520,143.225.201.61:80,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1521,216.121.185.253:80,TCP (flags:S) FWOUT,2008/09/24,09:37:42 +2:00 GMT,10.0.1.9:1522,82.139.83.220:80,TCP (flags:S) FWOUT,2008/09/24,09:37:56 +2:00 GMT,10.0.1.9:1530,90.241.42.178:443,TCP (flags:S) FWOUT,2008/09/24,09:37:58 +2:00 GMT,10.0.1.9:1532,90.241.42.178:51459,TCP (flags:S) FWOUT,2008/09/24,09:38:00 +2:00 GMT,10.0.1.9:1534,90.241.42.178:80,TCP (flags:S) FWOUT,2008/09/24,09:38:02 +2:00 GMT,10.0.1.9:1536,86.6.60.223:443,TCP (flags:S) FWOUT,2008/09/24,09:38:04 +2:00 GMT,10.0.1.9:1538,83.29.49.38:443,TCP (flags:S) FWOUT,2008/09/24,09:38:04 +2:00 GMT,10.0.1.9:1540,86.6.60.223:45936,TCP (flags:S) FWOUT,2008/09/24,09:38:04 +2:00 GMT,10.0.1.9:1542,84.194.147.129:443,TCP (flags:S) FWOUT,2008/09/24,09:38:04 +2:00 GMT,10.0.1.9:1543,213.3.109.101:15253,TCP (flags:S) FWOUT,2008/09/24,09:38:04 +2:00 GMT,10.0.1.9:1544,122.135.55.171:45026,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1545,173.32.30.77:12692,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1550,83.29.49.38:25909,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1552,86.6.60.223:80,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1554,84.194.147.129:33673,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1555,213.3.109.101:443,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1556,122.135.55.171:443,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1557,173.32.30.77:443,TCP (flags:S) FWOUT,2008/09/24,09:38:06 +2:00 GMT,10.0.1.9:1562,66.163.181.172:80,TCP (flags:S) FWOUT,2008/09/24,09:38:08 +2:00 GMT,10.0.1.9:1564,83.29.49.38:80,TCP (flags:S) FWOUT,2008/09/24,09:38:08 +2:00 GMT,10.0.1.9:1566,84.194.147.129:80,TCP (flags:S) FWOUT,2008/09/24,09:38:08 +2:00 GMT,10.0.1.9:1567,213.3.109.101:80,TCP (flags:S) FWOUT,2008/09/24,09:38:08 +2:00 GMT,10.0.1.9:1568,122.135.55.171:80,TCP (flags:S) FWOUT,2008/09/24,09:38:08 +2:00 GMT,10.0.1.9:1569,173.32.30.77:80,TCP (flags:S) FWOUT,2008/09/24,09:38:28 +2:00 GMT,10.0.1.9:1574,66.163.181.183:80,TCP (flags:S) FWOUT,2008/09/24,09:38:28 +2:00 GMT,10.0.1.9:1575,206.255.74.251:443,TCP (flags:S) FWOUT,2008/09/24,09:38:28 +2:00 GMT,10.0.1.9:1576,68.200.30.28:14506,TCP (flags:S) FWOUT,2008/09/24,09:38:30 +2:00 GMT,10.0.1.9:1579,64.118.17.152:443,TCP (flags:S) FWOUT,2008/09/24,09:38:30 +2:00 GMT,10.0.1.9:1581,206.255.74.251:29227,TCP (flags:S) FWOUT,2008/09/24,09:38:30 +2:00 GMT,10.0.1.9:1582,68.200.30.28:443,TCP (flags:S) FWOUT,2008/09/24,09:38:30 +2:00 GMT,10.0.1.9:1585,69.183.159.178:443,TCP (flags:S) FWOUT,2008/09/24,09:38:30 +2:00 GMT,10.0.1.9:1586,88.80.108.241:34937,TCP (flags:S) FWOUT,2008/09/24,09:38:30 +2:00 GMT,10.0.1.9:1587,92.254.169.249:10911,TCP (flags:S) FWOUT,2008/09/24,09:38:30 +2:00 GMT,10.0.1.9:1591,64.118.17.152:52616,TCP (flags:S) FWOUT,2008/09/24,09:38:32 +2:00 GMT,10.0.1.9:1593,206.255.74.251:80,TCP (flags:S) FWOUT,2008/09/24,09:38:32 +2:00 GMT,10.0.1.9:1594,68.200.30.28:80,TCP (flags:S) FWOUT,2008/09/24,09:38:32 +2:00 GMT,10.0.1.9:1597,69.183.159.178:27700,TCP (flags:S) FWOUT,2008/09/24,09:38:32 +2:00 GMT,10.0.1.9:1598,88.80.108.241:443,TCP (flags:S) FWOUT,2008/09/24,09:38:32 +2:00 GMT,10.0.1.9:1599,92.254.169.249:443,TCP (flags:S) FWOUT,2008/09/24,09:38:32 +2:00 GMT,10.0.1.9:1603,64.118.17.152:80,TCP (flags:S) FWOUT,2008/09/24,09:38:34 +2:00 GMT,10.0.1.9:1605,69.183.159.178:80,TCP (flags:S) FWOUT,2008/09/24,09:38:34 +2:00 GMT,10.0.1.9:1606,88.80.108.241:80,TCP (flags:S) FWOUT,2008/09/24,09:38:34 +2:00 GMT,10.0.1.9:1607,92.254.169.249:80,TCP (flags:S) FWOUT,2008/09/24,09:38:48 +2:00 GMT,10.0.1.9:1611,66.163.181.183:5050,TCP (flags:S) FWOUT,2008/09/24,09:38:52 +2:00 GMT,10.0.1.9:1612,64.34.69.69:443,TCP (flags:S) FWOUT,2008/09/24,09:38:52 +2:00 GMT,10.0.1.9:1613,70.80.111.77:40275,TCP (flags:S) FWOUT,2008/09/24,09:38:54 +2:00 GMT,10.0.1.9:1616,64.34.69.69:20659,TCP (flags:S) FWOUT,2008/09/24,09:38:54 +2:00 GMT,10.0.1.9:1617,70.80.111.77:443,TCP (flags:S) FWOUT,2008/09/24,09:38:54 +2:00 GMT,10.0.1.9:1620,91.67.31.57:443,TCP (flags:S) FWOUT,2008/09/24,09:38:54 +2:00 GMT,10.0.1.9:1621,72.222.238.123:36059,TCP (flags:S) FWOUT,2008/09/24,09:38:54 +2:00 GMT,10.0.1.9:1622,82.65.133.73:54457,TCP (flags:S) FWOUT,2008/09/24,09:38:56 +2:00 GMT,10.0.1.9:1626,18.139.7.176:443,TCP (flags:S) FWOUT,2008/09/24,09:38:56 +2:00 GMT,10.0.1.9:1628,64.34.69.69:80,TCP (flags:S) FWOUT,2008/09/24,09:38:56 +2:00 GMT,10.0.1.9:1629,70.80.111.77:80,TCP (flags:S) FWOUT,2008/09/24,09:38:56 +2:00 GMT,10.0.1.9:1632,91.67.31.57:18718,TCP (flags:S) FWOUT,2008/09/24,09:38:56 +2:00 GMT,10.0.1.9:1633,72.222.238.123:443,TCP (flags:S) FWOUT,2008/09/24,09:38:56 +2:00 GMT,10.0.1.9:1634,82.65.133.73:443,TCP (flags:S) FWOUT,2008/09/24,09:38:58 +2:00 GMT,10.0.1.9:1638,18.139.7.176:17715,TCP (flags:S) FWOUT,2008/09/24,09:38:58 +2:00 GMT,10.0.1.9:1640,91.67.31.57:80,TCP (flags:S) FWOUT,2008/09/24,09:38:58 +2:00 GMT,10.0.1.9:1641,72.222.238.123:80,TCP (flags:S) FWOUT,2008/09/24,09:38:58 +2:00 GMT,10.0.1.9:1642,82.65.133.73:80,TCP (flags:S) FWOUT,2008/09/24,09:38:58 +2:00 GMT,10.0.1.9:1646,18.139.7.176:80,TCP (flags:S) FWOUT,2008/09/24,09:39:10 +2:00 GMT,10.0.1.9:1648,66.163.181.183:23,TCP (flags:S) FWOUT,2008/09/24,09:39:16 +2:00 GMT,10.0.1.9:1649,65.185.11.96:443,TCP (flags:S) FWOUT,2008/09/24,09:39:16 +2:00 GMT,10.0.1.9:1650,78.90.12.211:50096,TCP (flags:S) FWOUT,2008/09/24,09:39:18 +2:00 GMT,10.0.1.9:1653,65.185.11.96:18771,TCP (flags:S) FWOUT,2008/09/24,09:39:18 +2:00 GMT,10.0.1.9:1654,78.90.12.211:443,TCP (flags:S) FWOUT,2008/09/24,09:39:18 +2:00 GMT,10.0.1.9:1657,85.221.145.110:443,TCP (flags:S) FWOUT,2008/09/24,09:39:18 +2:00 GMT,10.0.1.9:1658,212.233.242.164:9238,TCP (flags:S) FWOUT,2008/09/24,09:39:20 +2:00 GMT,10.0.1.9:1661,24.224.75.158:443,TCP (flags:S) FWOUT,2008/09/24,09:39:20 +2:00 GMT,10.0.1.9:1662,99.251.112.175:33862,TCP (flags:S) FWOUT,2008/09/24,09:39:20 +2:00 GMT,10.0.1.9:1665,65.185.11.96:80,TCP (flags:S) FWOUT,2008/09/24,09:39:20 +2:00 GMT,10.0.1.9:1666,78.90.12.211:80,TCP (flags:S) FWOUT,2008/09/24,09:39:20 +2:00 GMT,10.0.1.9:1670,85.221.145.110:12929,TCP (flags:S) FWOUT,2008/09/24,09:39:20 +2:00 GMT,10.0.1.9:1671,212.233.242.164:443,TCP (flags:S) FWOUT,2008/09/24,09:39:22 +2:00 GMT,10.0.1.9:1674,24.224.75.158:63398,TCP (flags:S) FWOUT,2008/09/24,09:39:22 +2:00 GMT,10.0.1.9:1675,99.251.112.175:443,TCP (flags:S) FWOUT,2008/09/24,09:39:22 +2:00 GMT,10.0.1.9:1678,85.221.145.110:80,TCP (flags:S) FWOUT,2008/09/24,09:39:22 +2:00 GMT,10.0.1.9:1679,212.233.242.164:80,TCP (flags:S) FWOUT,2008/09/24,09:39:24 +2:00 GMT,10.0.1.9:1682,24.224.75.158:80,TCP (flags:S) FWOUT,2008/09/24,09:39:24 +2:00 GMT,10.0.1.9:1683,99.251.112.175:80,TCP (flags:S) FWOUT,2008/09/24,09:39:32 +2:00 GMT,10.0.1.9:1686,66.163.181.183:25,TCP (flags:S) FWOUT,2008/09/24,09:39:42 +2:00 GMT,10.0.1.9:1687,82.193.87.68:443,TCP (flags:S) FWOUT,2008/09/24,09:39:42 +2:00 GMT,10.0.1.9:1688,79.114.39.144:50354,TCP (flags:S) FWOUT,2008/09/24,09:39:44 +2:00 GMT,10.0.1.9:1690,89.253.191.28:443,TCP (flags:S) FWOUT,2008/09/24,09:39:44 +2:00 GMT,10.0.1.9:1691,90.224.174.231:26248,TCP (flags:S) FWOUT,2008/09/24,09:39:44 +2:00 GMT,10.0.1.9:1692,82.193.87.68:7765,TCP (flags:S) FWOUT,2008/09/24,09:39:44 +2:00 GMT,10.0.1.9:1693,79.114.39.144:443,TCP (flags:S) FWOUT,2008/09/24,09:39:44 +2:00 GMT,10.0.1.9:1694,89.253.191.28:9291,TCP (flags:S) FWOUT,2008/09/24,09:39:44 +2:00 GMT,10.0.1.9:1695,90.224.174.231:443,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1696,24.201.102.147:443,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1697,87.19.93.114:7615,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1698,82.193.87.68:80,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1699,79.114.39.144:80,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1700,89.253.191.28:80,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1701,90.224.174.231:80,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1702,24.201.102.147:32568,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1703,87.19.93.114:443,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1704,91.121.188.81:80,TCP (flags:S) FWOUT,2008/09/24,09:39:46 +2:00 GMT,10.0.1.9:1705,91.121.188.81:80,TCP (flags:S) FWOUT,2008/09/24,09:39:48 +2:00 GMT,10.0.1.9:1706,24.201.102.147:80,TCP (flags:S) FWOUT,2008/09/24,09:39:48 +2:00 GMT,10.0.1.9:1707,87.19.93.114:80,TCP (flags:S) FWOUT,2008/09/24,09:39:52 +2:00 GMT,10.0.1.9:1708,66.163.181.183:119,TCP (flags:S) FWOUT,2008/09/24,09:40:14 +2:00 GMT,10.0.1.9:1714,66.163.181.183:20,TCP (flags:S) FWIN,2008/09/24,09:41:52 +2:00 GMT,10.0.1.135:1900,10.0.1.9:1030,UDP FWOUT,2008/09/24,09:41:56 +2:00 GMT,10.0.1.9:1669,41.249.1.148:43637,UDP FWOUT,2008/09/24,09:41:58 +2:00 GMT,10.0.1.9:1669,71.206.145.68:57236,UDP FWOUT,2008/09/24,09:41:58 +2:00 GMT,10.0.1.9:1669,89.0.42.71:42406,UDP FWOUT,2008/09/24,09:41:58 +2:00 GMT,10.0.1.9:1669,213.22.239.210:41173,UDP FWOUT,2008/09/24,09:41:58 +2:00 GMT,10.0.1.9:1669,137.226.142.203:23081,UDP FWOUT,2008/09/24,09:42:02 +2:00 GMT,10.0.1.9:1669,82.54.105.108:14775,UDP FWOUT,2008/09/24,09:42:02 +2:00 GMT,10.0.1.9:1669,24.107.239.53:39782,UDP FWOUT,2008/09/24,09:42:02 +2:00 GMT,10.0.1.9:1669,65.26.245.180:46969,UDP FWOUT,2008/09/24,09:42:04 +2:00 GMT,10.0.1.9:1669,90.146.80.215:50016,UDP FWOUT,2008/09/24,09:42:04 +2:00 GMT,10.0.1.9:1669,195.241.233.206:56150,UDP FWOUT,2008/09/24,09:42:06 +2:00 GMT,10.0.1.9:1036,129.6.15.29:37,TCP (flags:S) FWOUT,2008/09/24,09:42:08 +2:00 GMT,10.0.1.9:1669,86.6.60.223:45936,UDP FWOUT,2008/09/24,09:42:08 +2:00 GMT,10.0.1.9:1669,71.113.163.24:27983,UDP FWOUT,2008/09/24,09:42:08 +2:00 GMT,10.0.1.9:1669,216.121.185.253:16955,UDP FWOUT,2008/09/24,09:42:10 +2:00 GMT,10.0.1.9:1669,213.3.109.101:15253,UDP FWOUT,2008/09/24,09:42:10 +2:00 GMT,10.0.1.9:1669,90.241.42.178:51459,UDP FWOUT,2008/09/24,09:42:14 +2:00 GMT,10.0.1.9:1669,83.29.49.38:25909,UDP FWOUT,2008/09/24,09:42:14 +2:00 GMT,10.0.1.9:1669,143.225.201.61:39227,UDP FWOUT,2008/09/24,09:42:14 +2:00 GMT,10.0.1.9:1669,84.194.147.129:33673,UDP FWOUT,2008/09/24,09:42:16 +2:00 GMT,10.0.1.9:1669,92.254.169.249:10911,UDP FWOUT,2008/09/24,09:42:16 +2:00 GMT,10.0.1.9:1669,64.118.17.152:52616,UDP FWOUT,2008/09/24,09:42:20 +2:00 GMT,10.0.1.9:1669,70.80.111.77:40275,UDP FWOUT,2008/09/24,09:42:20 +2:00 GMT,10.0.1.9:1669,91.67.31.57:18718,UDP FWOUT,2008/09/24,09:42:20 +2:00 GMT,10.0.1.9:1669,82.139.83.220:33598,UDP FWOUT,2008/09/24,09:42:26 +2:00 GMT,10.0.1.9:1048,41.249.1.148:43637,TCP (flags:S) FWOUT,2008/09/24,09:42:26 +2:00 GMT,10.0.1.9:1049,71.113.163.24:27983,TCP (flags:S) FWOUT,2008/09/24,09:42:26 +2:00 GMT,10.0.1.9:1050,89.0.42.71:42406,TCP (flags:S) FWOUT,2008/09/24,09:42:26 +2:00 GMT,10.0.1.9:1051,82.54.105.108:14775,TCP (flags:S) FWOUT,2008/09/24,09:42:26 +2:00 GMT,10.0.1.9:1052,213.22.239.210:41173,TCP (flags:S) FWOUT,2008/09/24,09:42:26 +2:00 GMT,10.0.1.9:1053,86.6.60.223:45936,TCP (flags:S) FWOUT,2008/09/24,09:42:28 +2:00 GMT,10.0.1.9:1066,41.249.1.148:443,TCP (flags:S) FWOUT,2008/09/24,09:42:28 +2:00 GMT,10.0.1.9:1067,71.113.163.24:443,TCP (flags:S) FWOUT,2008/09/24,09:42:28 +2:00 GMT,10.0.1.9:1068,89.0.42.71:443,TCP (flags:S) FWOUT,2008/09/24,09:42:28 +2:00 GMT,10.0.1.9:1069,82.54.105.108:443,TCP (flags:S) FWOUT,2008/09/24,09:42:28 +2:00 GMT,10.0.1.9:1070,213.22.239.210:443,TCP (flags:S) FWOUT,2008/09/24,09:42:28 +2:00 GMT,10.0.1.9:1071,86.6.60.223:443,TCP (flags:S) FWOUT,2008/09/24,09:42:28 +2:00 GMT,10.0.1.9:1079,137.226.142.203:23081,TCP (flags:S) FWOUT,2008/09/24,09:42:30 +2:00 GMT,10.0.1.9:1081,41.249.1.148:80,TCP (flags:S) FWOUT,2008/09/24,09:42:30 +2:00 GMT,10.0.1.9:1082,71.113.163.24:80,TCP (flags:S) FWOUT,2008/09/24,09:42:30 +2:00 GMT,10.0.1.9:1083,89.0.42.71:80,TCP (flags:S) FWOUT,2008/09/24,09:42:30 +2:00 GMT,10.0.1.9:1084,82.54.105.108:80,TCP (flags:S) FWOUT,2008/09/24,09:42:30 +2:00 GMT,10.0.1.9:1085,213.22.239.210:80,TCP (flags:S) FWOUT,2008/09/24,09:42:30 +2:00 GMT,10.0.1.9:1086,86.6.60.223:80,TCP (flags:S) FWOUT,2008/09/24,09:42:30 +2:00 GMT,10.0.1.9:1093,137.226.142.203:443,TCP (flags:S) FWOUT,2008/09/24,09:42:32 +2:00 GMT,10.0.1.9:1095,137.226.142.203:80,TCP (flags:S) FWOUT,2008/09/24,09:42:34 +2:00 GMT,10.0.1.9:1098,204.9.163.158:80,TCP (flags:S) FWOUT,2008/09/24,09:42:38 +2:00 GMT,10.0.1.9:1099,207.46.21.29:80,TCP (flags:S) FWOUT,2008/09/24,09:42:52 +2:00 GMT,10.0.1.9:1100,90.241.42.178:51459,TCP (flags:S) FWOUT,2008/09/24,09:42:52 +2:00 GMT,10.0.1.9:1102,71.206.145.68:57236,TCP (flags:S) FWOUT,2008/09/24,09:42:52 +2:00 GMT,10.0.1.9:1103,90.146.80.215:50016,TCP (flags:S) FWOUT,2008/09/24,09:42:52 +2:00 GMT,10.0.1.9:1104,82.139.83.220:33598,TCP (flags:S) FWOUT,2008/09/24,09:42:52 +2:00 GMT,10.0.1.9:1108,90.241.42.178:443,TCP (flags:S) FWOUT,2008/09/24,09:42:54 +2:00 GMT,10.0.1.9:1110,83.29.49.38:25909,TCP (flags:S) FWOUT,2008/09/24,09:42:54 +2:00 GMT,10.0.1.9:1112,71.206.145.68:443,TCP (flags:S) FWOUT,2008/09/24,09:42:54 +2:00 GMT,10.0.1.9:1113,90.146.80.215:443,TCP (flags:S) FWOUT,2008/09/24,09:42:54 +2:00 GMT,10.0.1.9:1114,82.139.83.220:443,TCP (flags:S) FWOUT,2008/09/24,09:42:54 +2:00 GMT,10.0.1.9:1118,90.241.42.178:80,TCP (flags:S) FWOUT,2008/09/24,09:42:54 +2:00 GMT,10.0.1.9:1120,83.29.49.38:443,TCP (flags:S) FWOUT,2008/09/24,09:42:56 +2:00 GMT,10.0.1.9:1122,195.241.233.206:56150,TCP (flags:S) FWOUT,2008/09/24,09:42:56 +2:00 GMT,10.0.1.9:1124,71.206.145.68:80,TCP (flags:S) FWOUT,2008/09/24,09:42:56 +2:00 GMT,10.0.1.9:1125,90.146.80.215:80,TCP (flags:S) FWOUT,2008/09/24,09:42:56 +2:00 GMT,10.0.1.9:1126,82.139.83.220:80,TCP (flags:S) FWOUT,2008/09/24,09:42:56 +2:00 GMT,10.0.1.9:1130,83.29.49.38:80,TCP (flags:S) FWOUT,2008/09/24,09:42:56 +2:00 GMT,10.0.1.9:1132,195.241.233.206:443,TCP (flags:S) FWOUT,2008/09/24,09:42:58 +2:00 GMT,10.0.1.9:1135,195.241.233.206:80,TCP (flags:S) PE,2008/09/24,09:43:00 +2:00 GMT,Skype Extras Manager,C:\Program Files\Skype\Plugin Manager\skypePM.exe,207.46.21.29:53,N/A FWOUT,2008/09/24,09:43:00 +2:00 GMT,10.0.1.9:1137,206.255.74.251:29227,TCP (flags:S) FWOUT,2008/09/24,09:43:02 +2:00 GMT,10.0.1.9:1139,206.255.74.251:443,TCP (flags:S) FWOUT,2008/09/24,09:43:04 +2:00 GMT,10.0.1.9:1141,206.255.74.251:80,TCP (flags:S) FWOUT,2008/09/24,09:43:04 +2:00 GMT,10.0.1.9:1143,207.46.21.29:80,TCP (flags:S) FWOUT,2008/09/24,09:43:16 +2:00 GMT,10.0.1.9:1145,72.14.205.103:80,TCP (flags:S) FWOUT,2008/09/24,09:43:16 +2:00 GMT,10.0.1.9:1146,216.121.185.253:16955,TCP (flags:S) FWOUT,2008/09/24,09:43:18 +2:00 GMT,10.0.1.9:1148,143.225.201.61:39227,TCP (flags:S) FWOUT,2008/09/24,09:43:18 +2:00 GMT,10.0.1.9:1149,69.183.159.178:27700,TCP (flags:S) FWOUT,2008/09/24,09:43:18 +2:00 GMT,10.0.1.9:1152,216.121.185.253:443,TCP (flags:S) FWOUT,2008/09/24,09:43:20 +2:00 GMT,10.0.1.9:1154,143.225.201.61:443,TCP (flags:S) FWOUT,2008/09/24,09:43:20 +2:00 GMT,10.0.1.9:1155,69.183.159.178:443,TCP (flags:S) FWOUT,2008/09/24,09:43:20 +2:00 GMT,10.0.1.9:1158,65.26.245.180:46969,TCP (flags:S) FWOUT,2008/09/24,09:43:20 +2:00 GMT,10.0.1.9:1160,216.121.185.253:80,TCP (flags:S) FWOUT,2008/09/24,09:43:20 +2:00 GMT,10.0.1.9:1162,143.225.201.61:80,TCP (flags:S) FWOUT,2008/09/24,09:43:20 +2:00 GMT,10.0.1.9:1163,69.183.159.178:80,TCP (flags:S) FWOUT,2008/09/24,09:43:22 +2:00 GMT,10.0.1.9:1166,65.26.245.180:443,TCP (flags:S) FWOUT,2008/09/24,09:43:22 +2:00 GMT,10.0.1.9:1168,65.26.245.180:80,TCP (flags:S) FWOUT,2008/09/24,09:43:24 +2:00 GMT,10.0.1.9:1170,24.107.239.53:39782,TCP (flags:S) FWOUT,2008/09/24,09:43:26 +2:00 GMT,10.0.1.9:1172,64.118.17.152:52616,TCP (flags:S) FWOUT,2008/09/24,09:43:26 +2:00 GMT,10.0.1.9:1174,24.107.239.53:443,TCP (flags:S) FWOUT,2008/09/24,09:43:28 +2:00 GMT,10.0.1.9:1176,64.118.17.152:443,TCP (flags:S) FWOUT,2008/09/24,09:43:28 +2:00 GMT,10.0.1.9:1178,24.107.239.53:80,TCP (flags:S) FWOUT,2008/09/24,09:43:30 +2:00 GMT,10.0.1.9:1180,64.118.17.152:80,TCP (flags:S) FWOUT,2008/09/24,09:43:30 +2:00 GMT,10.0.1.9:1182,207.46.21.29:80,TCP (flags:S) FWOUT,2008/09/24,09:43:36 +2:00 GMT,10.0.1.9:1183,72.14.205.104:80,TCP (flags:S) FWOUT,2008/09/24,09:43:42 +2:00 GMT,10.0.1.9:1184,70.80.111.77:40275,TCP (flags:S) FWOUT,2008/09/24,09:43:42 +2:00 GMT,10.0.1.9:1185,213.3.109.101:15253,TCP (flags:S) FWOUT,2008/09/24,09:43:44 +2:00 GMT,10.0.1.9:1188,70.80.111.77:443,TCP (flags:S) FWOUT,2008/09/24,09:43:44 +2:00 GMT,10.0.1.9:1189,213.3.109.101:443,TCP (flags:S) FWOUT,2008/09/24,09:43:44 +2:00 GMT,10.0.1.9:1192,91.67.31.57:18718,TCP (flags:S) FWOUT,2008/09/24,09:43:46 +2:00 GMT,10.0.1.9:1194,70.80.111.77:80,TCP (flags:S) FWOUT,2008/09/24,09:43:46 +2:00 GMT,10.0.1.9:1195,213.3.109.101:80,TCP (flags:S) FWOUT,2008/09/24,09:43:46 +2:00 GMT,10.0.1.9:1199,91.67.31.57:443,TCP (flags:S) FWOUT,2008/09/24,09:43:48 +2:00 GMT,10.0.1.9:1201,91.67.31.57:80,TCP (flags:S) FWOUT,2008/09/24,09:43:50 +2:00 GMT,10.0.1.9:1203,84.194.147.129:33673,TCP (flags:S) FWOUT,2008/09/24,09:43:50 +2:00 GMT,10.0.1.9:1205,122.135.55.171:45026,TCP (flags:S) FWOUT,2008/09/24,09:43:52 +2:00 GMT,10.0.1.9:1207,84.194.147.129:443,TCP (flags:S) FWOUT,2008/09/24,09:43:52 +2:00 GMT,10.0.1.9:1209,138.23.41.16:7273,TCP (flags:S) FWOUT,2008/09/24,09:43:52 +2:00 GMT,10.0.1.9:1211,122.135.55.171:443,TCP (flags:S) FWOUT,2008/09/24,09:43:52 +2:00 GMT,10.0.1.9:1213,84.194.147.129:80,TCP (flags:S) FWOUT,2008/09/24,09:43:54 +2:00 GMT,10.0.1.9:1214,138.23.41.16:443,TCP (flags:S) FWOUT,2008/09/24,09:43:54 +2:00 GMT,10.0.1.9:1215,122.135.55.171:80,TCP (flags:S) FWOUT,2008/09/24,09:43:54 +2:00 GMT,10.0.1.9:1216,138.23.41.16:80,TCP (flags:S) FWOUT,2008/09/24,09:43:56 +2:00 GMT,10.0.1.9:1217,66.163.181.181:80,TCP (flags:S) FWOUT,2008/09/24,09:43:58 +2:00 GMT,10.0.1.9:1218,72.14.205.147:80,TCP (flags:S) FWOUT,2008/09/24,11:57:34 +2:00 GMT,10.0.1.9:2696,204.9.163.158:80,TCP (flags:S) FWOUT,2008/09/24,11:58:28 +2:00 GMT,10.0.1.9:1669,24.215.32.67:39913,UDP FWOUT,2008/09/24,11:58:28 +2:00 GMT,10.0.1.9:1669,201.78.152.98:17643,UDP FWOUT,2008/09/24,11:58:28 +2:00 GMT,10.0.1.9:1669,89.138.188.60:58565,UDP FWOUT,2008/09/24,11:58:28 +2:00 GMT,10.0.1.9:1669,67.186.108.254:48762,UDP FWOUT,2008/09/24,11:58:28 +2:00 GMT,10.0.1.9:1669,67.242.4.137:39930,UDP FWOUT,2008/09/24,11:58:28 +2:00 GMT,10.0.1.9:1669,70.66.130.122:54341,UDP FWOUT,2008/09/24,11:58:28 +2:00 GMT,10.0.1.9:1669,61.229.116.17:56883,UDP FWOUT,2008/09/24,11:58:32 +2:00 GMT,10.0.1.9:2706,10.0.2.178:25913,TCP (flags:S) FWOUT,2008/09/24,11:58:32 +2:00 GMT,10.0.1.9:1669,82.33.112.41:37863,UDP FWOUT,2008/09/24,11:58:32 +2:00 GMT,10.0.1.9:1669,165.246.49.57:33840,UDP FWOUT,2008/09/24,11:58:32 +2:00 GMT,10.0.1.9:1669,218.102.182.155:28119,UDP FWOUT,2008/09/24,11:58:34 +2:00 GMT,10.0.1.9:2711,10.0.2.178:25913,TCP (flags:S) FWOUT,2008/09/24,11:58:34 +2:00 GMT,10.0.1.9:2713,69.76.220.103:443,TCP (flags:S) FWOUT,2008/09/24,11:58:34 +2:00 GMT,10.0.1.9:2714,69.77.156.60:443,TCP (flags:S) FWOUT,2008/09/24,11:58:38 +2:00 GMT,10.0.1.9:1669,24.117.219.153:47399,UDP FWOUT,2008/09/24,11:58:38 +2:00 GMT,10.0.1.9:1669,140.247.120.125:36925,UDP FWOUT,2008/09/24,11:58:38 +2:00 GMT,10.0.1.9:1669,61.231.66.79:24064,UDP FWOUT,2008/09/24,11:58:38 +2:00 GMT,10.0.1.9:1669,60.236.98.131:29048,UDP FWOUT,2008/09/24,11:58:38 +2:00 GMT,10.0.1.9:1669,24.99.160.103:36700,UDP FWOUT,2008/09/24,11:58:38 +2:00 GMT,10.0.1.9:1669,216.15.36.94:17977,UDP FWOUT,2008/09/24,11:58:48 +2:00 GMT,10.0.1.9:1669,149.171.94.159:59042,UDP FWOUT,2008/09/24,11:58:48 +2:00 GMT,10.0.1.9:1669,131.114.94.236:57265,UDP FWOUT,2008/09/24,11:58:48 +2:00 GMT,10.0.1.9:1669,72.139.1.137:27011,UDP FWOUT,2008/09/24,11:58:48 +2:00 GMT,10.0.1.9:1669,62.21.40.218:60213,UDP FWOUT,2008/09/24,11:58:48 +2:00 GMT,10.0.1.9:1669,24.251.41.233:25679,UDP FWOUT,2008/09/24,11:58:48 +2:00 GMT,10.0.1.9:1669,58.181.18.87:22011,UDP FWIN,2008/09/24,11:58:54 +2:00 GMT,10.0.2.178:3018,10.0.1.9:1669,TCP (flags:S) FWOUT,2008/09/24,11:58:56 +2:00 GMT,10.0.1.9:2730,69.66.219.62:443,TCP (flags:S) FWOUT,2008/09/24,11:58:58 +2:00 GMT,10.0.1.9:2732,79.31.235.243:443,TCP (flags:S) FWOUT,2008/09/24,11:59:00 +2:00 GMT,10.0.1.9:2734,216.67.49.131:443,TCP (flags:S) FWOUT,2008/09/24,11:59:00 +2:00 GMT,10.0.1.9:2736,216.67.49.131:51929,TCP (flags:S) FWOUT,2008/09/24,11:59:00 +2:00 GMT,10.0.1.9:2737,216.67.49.131:51929,TCP (flags:S) FWOUT,2008/09/24,11:59:00 +2:00 GMT,10.0.1.9:2738,216.67.49.131:80,TCP (flags:S) FWOUT,2008/09/24,11:59:06 +2:00 GMT,10.0.1.9:2739,64.233.167.102:80,TCP (flags:S) FWOUT,2008/09/24,11:59:06 +2:00 GMT,10.0.1.9:2740,64.233.167.102:80,TCP (flags:S) FWOUT,2008/09/24,11:59:06 +2:00 GMT,10.0.1.9:2741,78.114.119.140:443,TCP (flags:S) FWOUT,2008/09/24,11:59:06 +2:00 GMT,10.0.1.9:2743,72.14.205.99:80,TCP (flags:S) FWOUT,2008/09/24,11:59:06 +2:00 GMT,10.0.1.9:2744,78.114.119.140:27688,TCP (flags:S) FWOUT,2008/09/24,11:59:06 +2:00 GMT,10.0.1.9:2745,78.114.119.140:27688,TCP (flags:S) FWOUT,2008/09/24,11:59:06 +2:00 GMT,10.0.1.9:2746,78.114.119.140:80,TCP (flags:S) FWOUT,2008/09/24,11:59:12 +2:00 GMT,10.0.1.9:1669,75.139.168.20:12211,UDP FWOUT,2008/09/24,11:59:12 +2:00 GMT,10.0.1.9:2750,122.116.225.116:443,TCP (flags:S) FWOUT,2008/09/24,11:59:12 +2:00 GMT,10.0.1.9:1669,80.108.207.164:14400,UDP FWOUT,2008/09/24,11:59:12 +2:00 GMT,10.0.1.9:1669,24.201.209.189:31111,UDP FWOUT,2008/09/24,11:59:12 +2:00 GMT,10.0.1.9:1669,70.190.80.190:12207,UDP FWOUT,2008/09/24,11:59:12 +2:00 GMT,10.0.1.9:1669,128.253.172.83:25365,UDP FWOUT,2008/09/24,11:59:14 +2:00 GMT,10.0.1.9:2752,122.116.225.116:47470,TCP (flags:S) FWOUT,2008/09/24,11:59:14 +2:00 GMT,10.0.1.9:2753,122.116.225.116:47470,TCP (flags:S) FWOUT,2008/09/24,11:59:14 +2:00 GMT,10.0.1.9:2754,122.116.225.116:80,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2756,122.123.134.222:443,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2757,75.139.168.20:443,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2758,69.132.169.148:443,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2759,24.201.209.189:443,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2760,63.92.158.216:443,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2765,122.123.134.222:8300,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2766,122.123.134.222:8300,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2767,122.123.134.222:80,TCP (flags:S) FWOUT,2008/09/24,11:59:18 +2:00 GMT,10.0.1.9:2771,122.121.233.15:443,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2773,75.139.168.20:12211,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2774,69.132.169.148:55868,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2775,24.201.209.189:31111,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2776,63.92.158.216:1715,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2777,122.121.233.15:53791,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2778,122.121.233.15:53791,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2779,122.121.233.15:80,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2780,75.139.168.20:80,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2781,69.132.169.148:80,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2782,24.201.209.189:80,TCP (flags:S) FWOUT,2008/09/24,11:59:22 +2:00 GMT,10.0.1.9:2783,63.92.158.216:80,TCP (flags:S) FWOUT,2008/09/24,11:59:24 +2:00 GMT,10.0.1.9:2793,122.16.152.109:443,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2795,69.73.31.209:443,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2797,122.16.152.109:31716,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2798,122.16.152.109:31716,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2799,122.16.152.109:80,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2800,69.73.31.209:65457,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2801,69.73.31.209:65457,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2802,69.73.31.209:80,TCP (flags:S) FWOUT,2008/09/24,11:59:26 +2:00 GMT,10.0.1.9:2803,72.14.205.103:80,TCP (flags:S) FWOUT,2008/09/24,11:59:30 +2:00 GMT,10.0.1.9:2807,77.125.139.87:443,TCP (flags:S) Merci.
  15. lili80
    Je me suis procurée une autre version d'office et j'ai réussi à l'installer (je n'y comprends rien), mais le problème est réglé. Pour zone alarm, le verrouillage Internet
  16. lili80
    Salut ; Franchement, il vient de se passer quelque chose de bizarre, après avoir posté le message j'ai voulu tester le cd, je l'ai inséré, et après un long moment, il l'a détecté, j'ai lancé l'installation et ça a marché, mais l'installation était lente, très lente, je crois même que ça s'est bloqué, j'ai voulu relancer mais il ne le détecte plus, j'ai testé le cd sur une autre machine et il le détecte. peut être que mon lecteur est lent donc, il a du mal avec certains cd installables, il est en train de faire un bruit bizarre comme une disquette défectueuse. Au fait, je n'arrive tjrs pas à configurer zone alarm, c'est très bizarre, j'ai lu le tutoreil, autorisé tous les programmes y compris svhost mais il me bloque tout accès à Internet. Merci.
  17. lili80
    Bonjour ; Mon lecteur cd n'est pas endommagé, il marche avec tous les cds, sauf celui de office et un autre cd interactif (qui a bloqué sur l'installation), en plus il me génère la même erreur quand je lance certains installables que j'avais sur le disque. j'ai exécuté la commande et ça n'a rien donné, mon lecteur ne détecte pas le cd et j'ai toujours la même erreur.
  18. lili80
    salut ; et bien, mon lecteur ne détecte pas le cd, il donne l'impression de le lire mais en fait pas du tout et il bloque. J'ai contourné le problème de lecture en donnant le cd à un collègue qui a copié le contenu du cd, l'a zipé et me l'as envoyé par Internet je vais reconfigurer zone alarm et je vais essayer l'astuce de l'installation sur ma machine demain. Merci.
  19. lili80
    Bonjour ; voici le rapport de antivir suite au scan du disque externe : Avira AntiVir Personal Report file date: lundi 22 septembre 2008 10:27 Scanning for 1627335 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: Administrateur Computer name: ML Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 07:43:03 ANTIVIR3.VDF : 7.0.6.189 223744 Bytes 21/09/2008 07:43:06 Engineversion : 8.1.1.34 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.76 319867 Bytes 21/09/2008 07:43:53 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.1.2 438644 Bytes 21/09/2008 07:43:48 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.25 196986 Bytes 21/09/2008 07:43:39 AEHEUR.DLL : 8.1.0.59 1438071 Bytes 21/09/2008 07:43:36 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.36 315764 Bytes 21/09/2008 07:43:11 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.11 172406 Bytes 21/09/2008 07:43:09 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 21/09/2008 07:43:07 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: ShlExt Configuration file...............: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\a16b2bb4.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: F:, Process scan.....................: off Scan registry....................: off Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: lundi 22 septembre 2008 10:27 Starting the file scan: Begin scan in 'F:\' <HAMANINA-02> F:\svcsys.exe [DETECTION] Is the TR/Agent.Delf.JP Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256326.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256327.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256328.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256329.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256330.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256331.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256332.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256333.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256334.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256335.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256336.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256337.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256338.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256339.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256340.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256341.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256342.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256343.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256344.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256345.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256346.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256347.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256350.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256351.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256352.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256353.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256354.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256355.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256356.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256357.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256358.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256359.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256360.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256361.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256362.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256363.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256364.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256365.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256366.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256367.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256368.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256369.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256370.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256371.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256372.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256373.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256374.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256375.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256376.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256377.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256378.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256379.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256380.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256381.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256382.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256383.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256384.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256385.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256386.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256387.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256388.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256389.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256390.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256391.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256392.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256393.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256394.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256395.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256396.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256397.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256398.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256399.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256400.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256401.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256402.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256403.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256404.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256405.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256406.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256407.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256408.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256409.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256410.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256411.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256412.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256413.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256414.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256415.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256416.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256417.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256418.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256419.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256420.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256421.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256422.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256423.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256424.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256425.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256426.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256427.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256428.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256429.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256430.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256431.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256432.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256433.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256434.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256435.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256436.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256437.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256438.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256439.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256440.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256441.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256442.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256443.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256444.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256445.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256446.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256447.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256448.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256449.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256450.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256451.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256452.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256453.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256454.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256455.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256456.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256457.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256458.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256459.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{B19D4588-16A5-4E5F-85A7-47AC1317BA60}\RP674\A0256460.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP12\A0007222.exe [DETECTION] Is the TR/Agent.Delf.JP Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\version2\tester1\Project1.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\version2\tester0\Project1.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\test\Project1.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\prog\odac7.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\prog\Diapo\Diapo.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\prog\delphifr_INITIATION-TREEVIEW\Project1.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\prog\3si\Project1.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\travail\travail HMA\cd\LTSSystem.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\hmaproject\hmaprojet.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\hmaproject\Project1.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\doc_nawel\EXAMs\+OCP-1Z0-007.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\doc_nawel\EXAMs\Cert-1Z0-007-Demo.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\doc_nawel\EXAMs\Cert-1Z0-031-Demo.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\doc_nawel\EXAMs\Cert-1Z0-032-Demo.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\doc_nawel\EXAMs\Cert-1Z0-033-Demo.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\data\doc_nawel\EXAMs\O1Z0-007.exe [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! F:\copie2\chansons\idir\Winamp\WINAMP.EXE [DETECTION] Is the TR/Dldr.Agent.dfq Trojan [NOTE] The file was deleted! End of the scan: lundi 22 septembre 2008 10:48 Used time: 20:46 Minute(s) The scan has been done completely. 2374 Scanning directories 199652 Files were scanned 152 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 152 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 0 Files cannot be scanned 199500 Files not concerned 1341 Archives were scanned 0 Warnings 152 Notes j'ai aussi nettoyé avec ATF Cleaner. j'ai un petit souci avec zone alarm, je le désactive parcequ'il me bloque complètement ma connexion, j'ai beau définir mes logiciels sûrs ou alors autoriser l'accès, il bloque tout, j'avoue, je n'y comprends rien. Dernier souci et pas des moindres, je crois bien que l'infection n'a pas endommagé mes fichiers mais qu'elle bloque tout simplement leur exécution, j'ai voulu réinstaller l'office : 1- je n'arrive pas à accéder à mon cd. 2- même quand j'ai contourné le problème de lecture du CD, j'ai envoyé le contenu du CD zipé à travers le réseau, je lance l'installation normalement et puis il me génère la même fameuse erreur : le programme d'installation de microsoft office ne peut pas continuer parceque la source d'installation a été endommagée. Que faire ?
  20. lili80
    Bonjour ; Effectivement, je parle bien des fichiers installables qui se trouvent dans le dossier utilitaires. Pour les cracks, je ne me rendais pas compte que ça pouvait être dangereux, merci pour l'info. Par contre, je n'utilise aucun logiciel de P2P, donc, de ce côté-ci, je suis tranquille. je vais suivre la procédure de désinfection du disque amovible, pour zone alarm, je l'ai volontairement désactivé en attendant que j'arrive à le configurer, il bloque mon logiciel de messagerie. Merci.
  21. lili80
    Bonjour ; j'ai effectué les manips que tu m'as décrites, installé antivir et zone alarme Voilà, le rapport d'antivir : Avira AntiVir Personal Report file date: dimanche 21 septembre 2008 10:59 Scanning for 1627335 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: ML Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 07:43:03 ANTIVIR3.VDF : 7.0.6.189 223744 Bytes 21/09/2008 07:43:06 Engineversion : 8.1.1.34 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.76 319867 Bytes 21/09/2008 07:43:53 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.1.2 438644 Bytes 21/09/2008 07:43:48 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.25 196986 Bytes 21/09/2008 07:43:39 AEHEUR.DLL : 8.1.0.59 1438071 Bytes 21/09/2008 07:43:36 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.36 315764 Bytes 21/09/2008 07:43:11 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.11 172406 Bytes 21/09/2008 07:43:09 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 21/09/2008 07:43:07 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: dimanche 21 septembre 2008 10:59 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'notepad.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'YAHOOM~1.EXE' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'skypePM.exe' - '1' Module(s) have been scanned Scan process 'msmsgs.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'MAKHkey.exe' - '1' Module(s) have been scanned Scan process 'Skype.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'MAKTray.exe' - '1' Module(s) have been scanned Scan process 'SMTray.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'igfxtray.exe' - '1' Module(s) have been scanned Scan process 'SMAgent.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 36 processes with 36 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '53' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\0001AED8\0001C280 [DETECTION] Is the TR/Downloader.Gen Trojan [NOTE] The file was moved to '49060d32.qua'! C:\00025DC6\00026884 [DETECTION] Is the TR/Downloader.Gen Trojan [NOTE] The file was moved to '49060d35.qua'! C:\00061FBF\0006207B [DETECTION] Is the TR/Downloader.Gen Trojan [NOTE] The file was moved to '49060d38.qua'! C:\Documents and Settings\Administrateur\Bureau\utilitaires\power ISO\PowerISO.rar [0] Archive type: RAR --> Gツnツrateur de clツ.exe [DETECTION] Contains HEUR/Crypted suspicious code [NOTE] The file was moved to '494d0ecb.qua'! C:\RECYCLER\S-1-5-21-3413565453-3716412183-2663267578-500\Dc1.zip [0] Archive type: ZIP --> QooBox/Quarantine/C/00050D94/00052998.vir [DETECTION] Is the TR/Downloader.Gen Trojan --> QooBox/Quarantine/C/DOCUME~1/ADMINI~1/LOCALS~1/Temp/WowInitcode.dll.vir [DETECTION] Is the TR/PSW.42564.6 Trojan --> QooBox/Quarantine/C/Documents and Settings/All Users/Application Data/Microsoft/Dr Watson/cpush.exe.vir [DETECTION] Contains recognition pattern of the DR/BHO.cwl.5 dropper --> QooBox/Quarantine/C/Documents and Settings/All Users/Application Data/Microsoft/Media Player/obj/wmpobj.sys.vir [DETECTION] Is the TR/Rootkit.Gen Trojan --> QooBox/Quarantine/C/Documents and Settings/All Users/Application Data/Microsoft/OFFICE/USERDATA/jjrV8ldSDq.dll.vir [DETECTION] Is the TR/BHO.Gen Trojan --> QooBox/Quarantine/C/Documents and Settings/All Users/Application Data/Microsoft/OFFICE/USERDATA/Kq8M7jCEW1.dll.vir [DETECTION] Is the TR/BHO.Gen Trojan --> QooBox/Quarantine/C/Documents and Settings/All Users/Application Data/Microsoft/OFFICE/USERDATA/webbrowser_2198.dll.vir [DETECTION] Is the TR/BHO.Gen Trojan --> QooBox/Quarantine/C/Program Files/Microsoft Office/SYSTEM/apcdli.sys.vir [DETECTION] Is the TR/Rootkit.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system/zyndld32080913.dll.vir [DETECTION] Is the TR/ATRAPS.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system/zyndld32080913jt.dll.vir [DETECTION] Is the TR/ATRAPS.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system/zyndle080913.exe.vir [DETECTION] Is the TR/Dropper.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/adsntzt.dll.vir [DETECTION] Is the TR/Onlinegames.tbod Trojan --> QooBox/Quarantine/C/WINDOWS/system32/aotoppt.dll.vir [DETECTION] Is the TR/Hijacker.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/avicapwm.dll.vir [DETECTION] Is the TR/PSW.Lmir.UMM Trojan --> QooBox/Quarantine/C/WINDOWS/system32/axbyqp.exe.vir [1] Archive type: RSRC --> Object [DETECTION] Contains recognition pattern of the RKIT/Agent.AITE root kit --> QooBox/Quarantine/C/WINDOWS/system32/biroas.dll.vir [DETECTION] Is the TR/Spy.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/biroask.exe.vir [DETECTION] Is the TR/PSW.Online.Osh.2 Trojan --> QooBox/Quarantine/C/WINDOWS/system32/bootvidgj.dll.vir [DETECTION] Is the TR/Onlinegames.tboj Trojan --> QooBox/Quarantine/C/WINDOWS/system32/bzpcax.tmp.vir [DETECTION] Is the TR/Rootkit.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/catower.dll.vir [DETECTION] Is the TR/Hijacker.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/certmgrkd.dll.vir [DETECTION] Is the TR/Onlinegames.tbof Trojan --> QooBox/Quarantine/C/WINDOWS/system32/cliconfgzx.dll.vir [DETECTION] Is the TR/Onlinegames.tboe Trojan --> QooBox/Quarantine/C/WINDOWS/system32/comuidsg.dll.vir [DETECTION] Is the TR/Onlinegames.tbok Trojan --> QooBox/Quarantine/C/WINDOWS/system32/dbeaf7d.sys.vir [DETECTION] Is the TR/Onlinegames.tdeh Trojan --> QooBox/Quarantine/C/WINDOWS/system32/DBEAF7DC.dll.vir [DETECTION] Is the TR/Spy.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/dispexcb.dll.vir [DETECTION] Is the TR/Onlinegames.tbof Trojan --> QooBox/Quarantine/C/WINDOWS/system32/dpvvoxmh.dll.vir [DETECTION] Is the TR/Onlinegames.tbor Trojan --> QooBox/Quarantine/C/WINDOWS/system32/drivers/BFDDOS.sys.vir [DETECTION] Contains recognition pattern of the RKIT/Agent.AITE root kit --> QooBox/Quarantine/C/WINDOWS/system32/drivers/HBKernel32.sys.vir [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.rnq.2 back-door program --> QooBox/Quarantine/C/WINDOWS/system32/drivers/svchost.exe.vir [DETECTION] Is the TR/Spy.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/eskisl.dll.vir [DETECTION] Is the TR/Hijacker.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/explore.exe.vir [DETECTION] Is the TR/PSW.OnlineGames.ZPL Trojan --> QooBox/Quarantine/C/WINDOWS/system32/HBmhly.dll.vir [DETECTION] Is the TR/PSW.19456.47 Trojan --> QooBox/Quarantine/C/WINDOWS/system32/imgutilhx2.dll.vir [DETECTION] Is the TR/Onlinegames.tbod Trojan --> QooBox/Quarantine/C/WINDOWS/system32/johandy.dll.vir [DETECTION] Is the TR/Hijacker.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/jolndyo.dll.vir [DETECTION] Is the TR/PSW.OnlineGames.ZKH.188 Trojan --> QooBox/Quarantine/C/WINDOWS/system32/kildh3l.dll.vir [DETECTION] Is the TR/ATRAPS.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/lensch.dll.vir [DETECTION] Is the TR/PSW.Online.bin Trojan --> QooBox/Quarantine/C/WINDOWS/system32/lweurqhx.dll.vir [DETECTION] Is the TR/Onlinegames.tbod Trojan --> QooBox/Quarantine/C/WINDOWS/system32/mcromv.dll.vir [DETECTION] Is the TR/Onlinegames.tcvv.7 Trojan --> QooBox/Quarantine/C/WINDOWS/system32/mduaey.dll.vir [DETECTION] Is the TR/Hijacker.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/nwapi32dj.dll.vir [DETECTION] Is the TR/Onlinegames.tbog Trojan --> QooBox/Quarantine/C/WINDOWS/system32/pqaxbo.tmp.vir [DETECTION] Is the TR/Rootkit.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/qabop.tmp.vir [DETECTION] Is the TR/Rootkit.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/qaxboq.tmp.vir [DETECTION] Is the TR/Rootkit.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/qcabyo.tmp.vir [DETECTION] Is the TR/Rootkit.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/ringtte.dll.vir [DETECTION] Is the TR/PSW.OnL.BJ.24576 Trojan --> QooBox/Quarantine/C/WINDOWS/system32/scrruncqsj.dll.vir [DETECTION] Is the TR/Spy.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/slbiopfs2.dll.vir [DETECTION] Is the TR/Onlinegames.tbod Trojan --> QooBox/Quarantine/C/WINDOWS/system32/sslsocket.dll.vir [DETECTION] Is the TR/BHO.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/System.exe.vir [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.rnq.1 back-door program --> QooBox/Quarantine/C/WINDOWS/system32/tscfgwmijxsj.dll.vir [DETECTION] Is the TR/Onlinegames.tboi Trojan --> QooBox/Quarantine/C/WINDOWS/system32/twainyy.dll.vir [DETECTION] Is the TR/Spy.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/vmdetdhc.exe.vir [DETECTION] Is the TR/Spy.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/wllame.dll.vir [DETECTION] Is the TR/PSW.OnLineGa.aqq Trojan --> QooBox/Quarantine/C/WINDOWS/system32/wrm32.dll.vir [DETECTION] Is the TR/Spy.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/wtsapi32yt2.dll.vir [DETECTION] Is the TR/Fakealert.afa Trojan --> QooBox/Quarantine/C/WINDOWS/system32/xboqpx.exe.vir [DETECTION] Is the TR/Dropper.Gen Trojan --> QooBox/Quarantine/C/WINDOWS/system32/xolehlpjh.dll.vir [DETECTION] Is the TR/Onlinegames.tboc Trojan [NOTE] The file was moved to '49070fd9.qua'! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10\A0006907.dll [DETECTION] Is the TR/PSW.OnLin.aklo.2 Trojan [NOTE] The file was moved to '49060fba.qua'! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10\A0006908.exe [DETECTION] Is the TR/PSW.OnL.BJ.24576 Trojan [NOTE] The file was moved to '49060fbc.qua'! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10\A0006909.com [DETECTION] Is the TR/Dldr.Small.zfq Trojan [NOTE] The file was moved to '49060fbe.qua'! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10\A0006910.exe [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49060fbf.qua'! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10\A0006911.exe [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49060fc1.qua'! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP12\A0007167.exe [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '49060fcc.qua'! C:\WINDOWS\system32\HBSOUL.dll [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.rog.5 back-door program [NOTE] The file was moved to '4929109e.qua'! C:\WINDOWS\system32\qaxboq.exe [DETECTION] Contains recognition pattern of the DR/Cinmus.snp dropper [NOTE] The file was moved to '494e10ce.qua'! End of the scan: dimanche 21 septembre 2008 11:14 Used time: 15:16 Minute(s) The scan has been done completely. 3009 Scanning directories 202685 Files were scanned 70 viruses and/or unwanted programs were found 1 Files were classified as suspicious: 0 files were deleted 0 files were repaired 13 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 202612 Files not concerned 6901 Archives were scanned 2 Warnings 13 Notes Et le rapport RSIT : Logfile of random's system information tool (written by random/random) Run by Administrateur at 2008-09-21 10:58:52 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 69 GB (90%) free of 76 GB Total RAM: 759 MB (59% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:59:01, on 21/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\MAKTray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\MAKHKEY.EXE C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Documents and Settings\Administrateur\Bureau\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MAKTray] MAKTray.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 5949 bytes Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-09-30 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-09-30 126976] "Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360] "MAKTray"=C:\WINDOWS\MAKTray.exe [2004-08-27 287232] "SetRefresh"=C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "LayoutM"=C:\WINDOWS\KLayMgr.exe [2004-08-16 45056] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "Zone Labs Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2006-08-23 968696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864] "Yahoo! Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2002-09-10 171448] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Funshion Online\Funshion\Funshion.exe"="C:\Program Files\Funshion Online\Funshion\Funshion.exe:*:Disabled:Funshion" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" List of files/folders created in the last three months 2008-09-21 09:20:38 ----A---- C:\WINDOWS\system32\vsutil_loc040c.dll 2008-09-21 09:20:35 ----A---- C:\WINDOWS\system32\vsregexp.dll 2008-09-21 09:20:35 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll 2008-09-21 09:20:34 ----A---- C:\WINDOWS\system32\zlcommdb.dll 2008-09-21 09:20:34 ----A---- C:\WINDOWS\system32\zlcomm.dll 2008-09-21 09:20:31 ----A---- C:\WINDOWS\system32\vswmi.dll 2008-09-21 09:20:30 ----D---- C:\WINDOWS\system32\ZoneLabs 2008-09-21 09:20:30 ----D---- C:\Program Files\Zone Labs 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vsxml.dll 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vspubapi.dll 2008-09-21 09:20:30 ----A---- C:\WINDOWS\system32\vsmonapi.dll 2008-09-21 09:19:49 ----D---- C:\WINDOWS\Internet Logs 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsutil.dll 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsinit.dll 2008-09-21 09:19:49 ----A---- C:\WINDOWS\system32\vsdata.dll 2008-09-21 09:18:41 ----D---- C:\Program Files\Avira 2008-09-21 09:18:41 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2008-09-21 09:01:59 ----D---- C:\WINDOWS\system32\appmgmt 2008-09-20 11:38:01 ----D---- C:\rsit 2008-09-17 14:58:29 ----SHD---- C:\RECYCLER 2008-09-17 14:58:06 ----D---- C:\ComboFix 2008-09-17 11:28:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\InterVideo 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaws.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaw.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\java.exe 2008-09-17 09:08:32 ----D---- C:\WINDOWS\Sun 2008-09-17 09:08:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sun 2008-09-16 15:01:10 ----D---- C:\WINDOWS\temp 2008-09-16 15:01:09 ----A---- C:\ComboFix.txt 2008-09-15 15:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-09-15 15:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-09-15 15:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-09-15 15:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-09-15 15:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-09-15 15:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-09-15 15:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-09-15 15:32:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-09-15 15:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-09-15 15:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-09-15 15:32:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-09-15 15:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-09-15 15:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2008-09-15 15:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-09-15 15:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2008-09-15 09:02:58 ----D---- C:\WINDOWS\system32\CatRoot_bak 2008-09-15 08:58:18 ----D---- C:\WINDOWS\system32\PreInstall 2008-09-15 08:58:17 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-09-15 08:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2008-09-15 08:58:16 ----HD---- C:\WINDOWS\$hf_mig$ 2008-09-14 08:11:33 ----D---- C:\WINDOWS\erdnt 2008-07-14 13:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-07-09 12:18:36 ----A---- C:\WINDOWS\system32\funshion.ini 2008-07-03 11:42:35 ----N---- C:\WINDOWS\system32\xpsp3res.dll List of drivers R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2006-08-23 392824] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-11-16 190592] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-15 612416] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-05 46720] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-18 96256] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2004-02-04 51584] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S4 adpu320;adpu320; C:\WINDOWS\system32\system32\DRIVERS\adpu320.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\system32\DRIVERS\intelide.sys [] S4 Symmpi;Symmpi; C:\WINDOWS\system32\system32\DRIVERS\symmpi.sys [] List of services R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2006-08-23 75768] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2002-09-10 138168] S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\Shared\hpqwmi.exe [2004-07-27 98304] -----------------EOF----------------- J'ai tenté d'exécuter mes fichiers exe qui ont été infectés puis désinfectés, mais j'ai toujours la même erreur : the setup files are corrupted, please obtain a nex copy of the program, est ce que ça veut dire qu'ils sont irrécupérables ? Je me demandais également quelles précautions dois je prendre, quand je récupèrerai mes données que j'ai transféré sur disque amovible après l'infection, mes fichiers doivent être infectés, est ce un scan antivir suffirait ?
  22. lili80
    Les rapport de RSIT sont comme suit : Logfile of random's system information tool (written by random/random) Run by Administrateur at 2008-09-20 11:38:01 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 69 GB (90%) free of 76 GB Total RAM: 759 MB (14% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38:02, on 20/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\MAKTray.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Funshion Online\Funshion\Funshion.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\MAKHKEY.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zhaodao123.com/?h R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: MiniFlashGetBHO - {C74E94A7-B7BD-4891-9328-455395BCC7AD} - C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MAKTray] MAKTray.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Funshion] C:\Program Files\Funshion Online\Funshion\Funshion.exe /tray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: ʹÓÃÃÔÄã¿ì³µÏÂÔØ - C:\Program Files\FlashGet Network\FlashGet Mini\GetUrl.htm O8 - Extra context menu item: ʹÓÃÃÔÄã¿ì³µÏÂÔظÃÍøÒ³FLV - C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetFlvdetector.htm O8 - Extra context menu item: ʹÓÃÃÔÄã¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\FlashGet Network\FlashGet Mini\GetAllUrl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 6306 bytes Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-12 1437696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C74E94A7-B7BD-4891-9328-455395BCC7AD}] MiniFlashGetBHO - C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2002-09-10 2436160] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-09-30 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-09-30 126976] "Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360] "MAKTray"=C:\WINDOWS\MAKTray.exe [2004-08-27 287232] "SetRefresh"=C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "LayoutM"=C:\WINDOWS\KLayMgr.exe [2004-08-16 45056] "AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2002-09-09 358447] "Funshion"=C:\Program Files\Funshion Online\Funshion\Funshion.exe [2008-08-22 2695168] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864] "Yahoo! Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2002-09-10 171448] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe" "C:\Program Files\Funshion Online\Funshion\Funshion.exe"="C:\Program Files\Funshion Online\Funshion\Funshion.exe:*:Disabled:Funshion" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" List of files/folders created in the last three months 2008-09-20 11:38:01 ----D---- C:\rsit 2008-09-17 14:58:29 ----SHD---- C:\RECYCLER 2008-09-17 14:58:06 ----D---- C:\ComboFix 2008-09-17 11:28:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\InterVideo 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaws.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\javaw.exe 2008-09-17 09:14:49 ----A---- C:\WINDOWS\system32\java.exe 2008-09-17 09:08:32 ----D---- C:\WINDOWS\Sun 2008-09-17 09:08:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sun 2008-09-16 15:01:10 ----D---- C:\WINDOWS\temp 2008-09-16 15:01:09 ----A---- C:\ComboFix.txt 2008-09-15 15:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-09-15 15:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-09-15 15:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-09-15 15:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-09-15 15:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-09-15 15:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-09-15 15:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-09-15 15:32:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-09-15 15:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-09-15 15:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-09-15 15:32:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-09-15 15:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-09-15 15:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2008-09-15 15:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-09-15 15:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2008-09-15 09:02:58 ----D---- C:\WINDOWS\system32\CatRoot_bak 2008-09-15 08:58:18 ----D---- C:\WINDOWS\system32\PreInstall 2008-09-15 08:58:17 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-09-15 08:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2008-09-15 08:58:16 ----HD---- C:\WINDOWS\$hf_mig$ 2008-09-14 08:11:33 ----D---- C:\WINDOWS\erdnt 2008-07-14 13:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-07-09 12:18:36 ----A---- C:\WINDOWS\system32\funshion.ini 2008-07-03 11:42:35 ----N---- C:\WINDOWS\system32\xpsp3res.dll List of drivers R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\system32\System32\Drivers\avg7rsw.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-11-16 190592] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-15 612416] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 Avg7Core;AVG7 Kernel; C:\WINDOWS\system32\System32\Drivers\avg7core.sys [] S1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\system32\System32\Drivers\avg7rsxp.sys [] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-05 46720] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-18 96256] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2004-02-04 51584] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S4 adpu320;adpu320; C:\WINDOWS\system32\system32\DRIVERS\adpu320.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\system32\DRIVERS\intelide.sys [] S4 Symmpi;Symmpi; C:\WINDOWS\system32\system32\DRIVERS\symmpi.sys [] List of services R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2002-09-09 330291] R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2002-09-09 39987] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2002-09-10 138168] S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\Shared\hpqwmi.exe [2004-07-27 98304] -----------------EOF----------------- info.txt logfile of random's system information tool 2008-09-20 11:38:02 Uninstall list -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe ÃÔÄã¿ì³µ(FlashGetMini)-1.2°æ-->C:\Program Files\FlashGet Network\FlashGet Mini\uninst.exe Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Broadcom Management Programs-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1036 Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Funshion Movie on Demand-->C:\Program Files\Funshion Online\Funshion\Uninstall.exe Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall HP Help and Support-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\SETUP.EXE" -l0x40c HP ProtectTools Security Manager 1.00 C2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\SETUP.exe" -l0x40c hpquninst HP Smart Card Security for ProtectTools 5.00 D4-->C:\Program Files\Hewlett-Packard\HP Smart Card Security for ProtectTools\ahpunset.exe -{0515803B-5068-4599-8666-963E143C7381} Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Keyboard Layout Management Application-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79770F05-E3B8-4DAA-BEDB-9EBF29EAF527}\SETUP.EXE" -l0x9 MAK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{269F596B-E679-40DD-866A-DF7182A483BF}\Setup.exe" -l0x40c Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Software Setup-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\COMPAQ\Software Setup\Uninst.isu" -c"C:\Program Files\COMPAQ\Software Setup\CPQUNST.DLL" SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.EXE" Système anti-virus AVG 7.1-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL Yahoo! Extras-->C:\PROGRA~1\Yahoo!\Common\unyext.exe Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE Security center information AV: Système anti-virus AVG 7.1.405 (disabled) (outdated) Environment variables "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0403 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- Ce qui m'inquiète c'est que j'ai toujours une fenêtre publicitaire en chinois (je pense) qui s'affiche et ma page par défaut est une page en chinois aussi.
  23. lili80
    Bonjour ; J'ai fait le scan avec Dr.Web CureIT, tous les fichier ont été supprimés ou désinfectés sauf un que j'ai mis en quarantaine. Voilà le rapport Dr.Web CureIT : eee.bat;C:\;BackDoor.Beizhu.1307;Supprimé.; not.exe;C:\;Trojan.DownLoad.4390;Supprimé.; ntuser.com;C:\Documents and Settings\Administrateur;Trojan.DownLoad.3726;Supprimé.; AdbeRdr705_fra_full.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; colormania_colormania_2.4_anglais_13969.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; dap8.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; DivXInstaller.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; everestultimate350.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; httrack-3.40-2.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; klcodec375f.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; msgr8fr.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; oratoolsadd.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; PDFCreator-0_9_5_setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; RealPlayer10-5GOLD_fr.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; SkypeSetup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; small-miktex-2.4.1705.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; TXCSetup_1Beta6_21.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; VirtualTreeviewSetup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; vlc-0.8.5-win32.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; Wimpy FLV Player.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; yRead1Full.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires;Win32.HLLW.Wace;Désinfecté.; setupfre.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\avast\avast;Win32.HLLW.Wace;Désinfecté.; install.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7;Win32.HLLW.Wace;Désinfecté.; patch.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7;Win32.HLLW.Wace;Désinfecté.; IBUNINST.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5;Win32.HLLW.Wace;Désinfecté.; SETUP.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5;Win32.HLLW.Wace;Désinfecté.; RS40ENG.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\ADOBE;Win32.HLLW.Wace;Désinfecté.; GBAK.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; GFIX.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; GPRE.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; GSEC.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; IBConsole.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; iblicense.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; IBREPL.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; IBReplServer.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; IBReplSrvcInstall.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; IBRplManager.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; IBScheduler.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; INSTREG.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; ISQL.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN;Win32.HLLW.Wace;Désinfecté.; 401comupd.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\Microsoft;Win32.HLLW.Wace;Désinfecté.; IBXBCB463Upd.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX;Win32.HLLW.Wace;Désinfecté.; IBXDP463Upd.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX;Win32.HLLW.Wace;Désinfecté.; IBXDP601aUpd.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX;Win32.HLLW.Wace;Désinfecté.; IBXDP602Upd.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX;Win32.HLLW.Wace;Désinfecté.; interserver.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\InterClient\bin;Win32.HLLW.Wace;Désinfecté.; isconfig.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\InterClient\bin;Win32.HLLW.Wace;Désinfecté.; SETUP.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\ODBC;Win32.HLLW.Wace;Désinfecté.; _ISDEL.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\ODBC;Win32.HLLW.Wace;Désinfecté.; GBAK.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; GFIX.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; GPRE.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; GSEC.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; GSTAT.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBConsole.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBGUARD.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; iblicense.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBLOCKPR.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBREPL.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBReplServer.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBReplSrvcInstall.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBRplManager.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBScheduler.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; IBSERVER.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; INSTREG.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; INSTSVC.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; ISQL.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN;Win32.HLLW.Wace;Désinfecté.; 401comupd.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\Microsoft;Win32.HLLW.Wace;Désinfecté.; jre1-2-2.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras;Win32.HLLW.Wace;Désinfecté.; 50comupd.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\Comctl;Win32.HLLW.Wace;Désinfecté.; Setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\visibroker45;Win32.HLLW.Wace;Désinfecté.; vbver.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\visibroker45;Win32.HLLW.Wace;Désinfecté.; _ISDel.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\visibroker45;Win32.HLLW.Wace;Désinfecté.; instmsia.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install;Win32.HLLW.Wace;Désinfecté.; instmsiw.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install;Win32.HLLW.Wace;Désinfecté.; setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install;Win32.HLLW.Wace;Désinfecté.; bdeadmin.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\Common\Borland Shared\BDE;Win32.HLLW.Wace;Désinfecté.; datapump.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\Common\Borland Shared\BDE;Win32.HLLW.Wace;Désinfecté.; DBD32.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\Common\Borland Shared\Database Desktop;Win32.HLLW.Wace;Désinfecté.; BORdbg70.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; brc32.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; brcc32.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; CABARC.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; convert.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; D7Reg.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; D7RegClean.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; dbexplor.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; DCC32.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; etm70.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; grep.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; imagedit.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; make.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; mtsinst.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; oh.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; pce.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; scktsrvr.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; serverinfo.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; sqlmon.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; TDUMP.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; tlibimp.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; tregsvr.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; webappdbg.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; WS32.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; WSDLImp.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; xmlmapper.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin;Win32.HLLW.Wace;Désinfecté.; HCRTF.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Help\Tools;Win32.HLLW.Wace;Désinfecté.; HCW.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Help\Tools;Win32.HLLW.Wace;Désinfecté.; bdemmcfg.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\MergeModules;Win32.HLLW.Wace;Désinfecté.; Rave.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Rave5;Win32.HLLW.Wace;Désinfecté.; RaveServer.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Rave5\Server;Win32.HLLW.Wace;Désinfecté.; RaveServerConfig.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Rave5\Server;Win32.HLLW.Wace;Désinfecté.; instmsia.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ISxpress;Win32.HLLW.Wace;Désinfecté.; instmsiw.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ISxpress;Win32.HLLW.Wace;Désinfecté.; setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ISxpress;Win32.HLLW.Wace;Désinfecté.; MDAC_TYP.EXE;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Mdac;Win32.HLLW.Wace;Désinfecté.; MM620D7Setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ModelMaker;Win32.HLLW.Wace;Désinfecté.; Setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\rdebug;Win32.HLLW.Wace;Désinfecté.; _ISDel.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\rdebug;Win32.HLLW.Wace;Désinfecté.; TeamSource.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\TeamSource;Win32.HLLW.Wace;Désinfecté.; Setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Workshop;Win32.HLLW.Wace;Désinfecté.; _ISDel.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Workshop;Win32.HLLW.Wace;Désinfecté.; Dreamweaver.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004;Win32.HLLW.Wace;Désinfecté.; java.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; javac.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; javaw.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; keytool.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; policytool.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; rmid.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; rmiregistry.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; tnameserv.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin;Win32.HLLW.Wace;Désinfecté.; Extension Manager.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Extension Manager;Win32.HLLW.Wace;Désinfecté.; Replace.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Extension Manager;Win32.HLLW.Wace;Désinfecté.; Fireworks.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Fireworks MX 2004;Win32.HLLW.Wace;Désinfecté.; PowerISO34.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\power ISO;Win32.HLLW.Wace;Désinfecté.; wrar361fr.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\WINRAR;Win32.HLLW.Wace;Désinfecté.; WinZip 10.0 Trial Setup.exe;C:\Documents and Settings\Administrateur\Bureau\utilitaires\WinZip 10 PRO + Keygen;Win32.HLLW.Wace;Désinfecté.; real_vis_yqllyrics.rpv;C:\Program Files\Common Files\Real\visualizations;Adware.Supa.62;; A0006765.bat;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;BackDoor.Beizhu.1307;Supprimé.; A0006766.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Trojan.DownLoad.4390;Supprimé.; A0006767.com;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Trojan.DownLoad.3726;Supprimé.; A0006768.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006769.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006770.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006771.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006772.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006773.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006774.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006775.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006776.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006777.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006778.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006779.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006780.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006783.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006784.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006785.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006786.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006787.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006788.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006789.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006790.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006791.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006792.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006793.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006794.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006795.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006796.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006797.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006798.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006799.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006800.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006801.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006802.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006803.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006804.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006805.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006806.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006807.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006808.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006809.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006810.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006811.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006812.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006813.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006815.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006816.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006817.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006818.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006819.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006820.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006821.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006822.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006823.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006824.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006825.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006826.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006827.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006828.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006829.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006830.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006831.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006832.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006833.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006834.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006835.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006836.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006837.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006838.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006839.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006840.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006841.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006842.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006843.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006844.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006845.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006848.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006849.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006850.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006851.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006852.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006853.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006854.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006855.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006856.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006857.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006858.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006859.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006860.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006861.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006862.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006863.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006864.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006865.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006866.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006867.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006868.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006869.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006870.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006871.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006872.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006873.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006874.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006876.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006877.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006878.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006879.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006880.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006881.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006882.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006883.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006884.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006885.EXE;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006886.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006887.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006888.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006889.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006890.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006891.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006892.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006893.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006894.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006895.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006896.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006897.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006898.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006899.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006900.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006901.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006902.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006903.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006904.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006905.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; A0006906.exe;C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP10;Win32.HLLW.Wace;Désinfecté.; pewire.dll;C:\WINDOWS\system32;Trojan.PWS.Wsgame.7356;Supprimé.; ringttek.exe;C:\WINDOWS\system32;Trojan.PWS.Wsgame.7205;Supprimé.; tree.com;C:\WINDOWS\system32;Trojan.DownLoad.3731;Supprimé.; xybzpc;C:\WINDOWS\system32;Trojan.DownLoad.3727;Supprimé.; xyqrxa.exe;C:\WINDOWS\system32;Trojan.PWS.Gamania.13204;Supprimé.; zqcaby.exe;C:\WINDOWS\system32;Trojan.PWS.Gamania.13204;Supprimé.; WndHook.dll;C:\WINDOWS\system32\Com\1.1.8;Trojan.Click.20211;Supprimé.; max1[1].exe;C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\LPB0ATXP;Trojan.DownLoad.3727;Supprimé.; Merci.
  24. lili80
    j'ai téléchargé MBAM, j'ai tenté de l'exécuter mais il m'affiche, comme pour tous mes éxécutables infectés, le message suivant : the setup files are corrupted, please obtain a new copy of the program, bizarrement, j'ai pu exécuter certains logiciels que j'ai téléchargé après l'infection comme : winrar, skype, yahoo messenger. Que faire ?
  25. lili80
    Bonjour ; j'ai lancé un scan kaspersky de mon pc, il a généré le rapport suivant : -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Wednesday, September 17, 2008 Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Wednesday, September 17, 2008 03:11:45 Records in database: 1243608 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ Scan statistics: Files scanned: 42216 Threat name: 56 Infected objects: 260 Suspicious objects: 0 Duration of the scan: 00:53:22 File name / Threat name / Threats count C:\0001AED8\0001C280 Infected: Trojan-Downloader.Win32.Small.acie 1 C:\00025DC6\00026884 Infected: Trojan-Downloader.Win32.Small.acie 1 C:\00061FBF\0006207B Infected: Trojan-Downloader.Win32.Small.acie 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\AdbeRdr705_fra_full.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\avast\avast\setupfre.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\colormania_colormania_2.4_anglais_13969.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\dap8.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\ADOBE\RS40ENG.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\GBAK.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\GFIX.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\GPRE.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\GSEC.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\IBConsole.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\iblicense.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\IBREPL.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\IBReplServer.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\IBReplSrvcInstall.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\IBRplManager.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\IBScheduler.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\INSTREG.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\BIN\ISQL.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\CLIENT\Microsoft\401comupd.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBUNINST.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX\IBXBCB463Upd.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX\IBXDP463Upd.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX\IBXDP601aUpd.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\IBX\IBXDP602Upd.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\InterClient\bin\interserver.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\InterClient\bin\isconfig.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\ODBC\SETUP.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\ODBC\_ISDEL.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\GBAK.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\GFIX.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\GPRE.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\GSEC.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\GSTAT.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBConsole.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBGUARD.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\iblicense.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBLOCKPR.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBREPL.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBReplServer.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBReplSrvcInstall.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBRplManager.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBScheduler.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\IBSERVER.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\INSTREG.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\INSTSVC.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\BIN\ISQL.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SERVER\Microsoft\401comupd.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ib6.5\SETUP.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\Comctl\50comupd.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\jre1-2-2.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\visibroker45\Setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\visibroker45\vbver.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Info\Extras\visibroker45\_ISDel.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\Common\Borland Shared\BDE\bdeadmin.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\Common\Borland Shared\BDE\datapump.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\Common\Borland Shared\Database Desktop\DBD32.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\instmsia.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\instmsiw.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\BORdbg70.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\brc32.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\brcc32.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\CABARC.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\convert.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\D7Reg.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\D7RegClean.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\dbexplor.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\DCC32.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\etm70.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\grep.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\imagedit.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\make.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\mtsinst.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\oh.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\pce.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\scktsrvr.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\serverinfo.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\sqlmon.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\TDUMP.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\tlibimp.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\tregsvr.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\webappdbg.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\WS32.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\WSDLImp.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Bin\xmlmapper.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Help\Tools\HCRTF.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Help\Tools\HCW.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\MergeModules\bdemmcfg.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Rave5\Rave.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Rave5\Server\RaveServer.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\program files\Borland\Delphi7\Rave5\Server\RaveServerConfig.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Install\setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\install.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ISxpress\instmsia.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ISxpress\instmsiw.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ISxpress\setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Mdac\MDAC_TYP.EXE Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\ModelMaker\MM620D7Setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\patch.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\rdebug\Setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\rdebug\_ISDel.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\TeamSource\TeamSource.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Workshop\Setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Delphi 7\Workshop\_ISDel.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\DivXInstaller.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\everestultimate350.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\httrack-3.40-2.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\klcodec375f.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\java.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\javac.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\javaw.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\keytool.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\policytool.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\rmid.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\rmiregistry.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Dreamweaver MX 2004\JVM\bin\tnameserv.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Extension Manager\Extension Manager.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Extension Manager\Replace.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Macromedia\Fireworks MX 2004\Fireworks.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\msgr8fr.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\oratoolsadd.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\PDFCreator-0_9_5_setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\power ISO\PowerISO34.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\RealPlayer10-5GOLD_fr.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\SkypeSetup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\small-miktex-2.4.1705.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\TXCSetup_1Beta6_21.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\VirtualTreeviewSetup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\vlc-0.8.5-win32.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\Wimpy FLV Player.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\WINRAR\wrar361fr.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\WinZip 10 PRO + Keygen\WinZip 10.0 Trial Setup.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\Bureau\utilitaires\yRead1Full.exe Infected: Trojan-Downloader.Win32.Patched.e 1 C:\Documents and Settings\Administrateur\ntuser.com Infected: Trojan-Downloader.Win32.Small.abst 1 C:\not.exe Infected: Trojan-Downloader.Win32.Delf.ccy 1 C:\QooBox\Quarantine\C\00050D94\00052998.vir Infected: Trojan-Downloader.Win32.Small.acie 1 C:\QooBox\Quarantine\C\0006662F\000667D4.vir Infected: Trojan-Downloader.Win32.Small.acie 1 C:\QooBox\Quarantine\C\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\2198.exe.vir Infected: not-a-virus:AdWare.Win32.Cinmus.sun 1 C:\QooBox\Quarantine\C\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\cpush.exe.vir Infected: not-a-virus:AdWare.Win32.BHO.cwl 1 C:\QooBox\Quarantine\C\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dll.vir Infected: Trojan-GameThief.Win32.WOW.byg 1 C:\QooBox\Quarantine\C\Program Files\Fichiers communs\PushWare\cpush.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.cwl 1 C:\QooBox\Quarantine\C\Program Files\Microsoft Office\SYSTEM\apcdli.sys.vir Infected: not-a-virus:AdWare.Win32.Cinmus.snp 1 C:\QooBox\Quarantine\C\WINDOWS\HtmlPeek.dll.vir Infected: not-a-virus:AdWare.Win32.Agent.fbb 1 C:\QooBox\Quarantine\C\WINDOWS\system\zyndld32080913.dll.vir Infected: Worm.Win32.AutoRun.nhs 1 C:\QooBox\Quarantine\C\WINDOWS\system\zyndld32080913jt.dll.vir Infected: Worm.Win32.AutoRun.nhs 1 C:\QooBox\Quarantine\C\WINDOWS\system\zyndle080913.exe.vir Infected: Worm.Win32.AutoRun.nhh 1 C:\QooBox\Quarantine\C\WINDOWS\system32\adsntzt.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tfuh 1 C:\QooBox\Quarantine\C\WINDOWS\system32\aotoppt.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdrx 1 C:\QooBox\Quarantine\C\WINDOWS\system32\avicapwm.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tbpf 1 C:\QooBox\Quarantine\C\WINDOWS\system32\axbyqp.exe.vir Infected: Backdoor.Win32.Ceckno.bhx 1 C:\QooBox\Quarantine\C\WINDOWS\system32\biroas.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tekq 1 C:\QooBox\Quarantine\C\WINDOWS\system32\biroask.exe.vir Infected: Trojan-GameThief.Win32.OnLineGames.tfco 1 C:\QooBox\Quarantine\C\WINDOWS\system32\bootvidgj.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdar 1 C:\QooBox\Quarantine\C\WINDOWS\system32\bzpcax.tmp.vir Infected: Rootkit.Win32.Small.af 1 C:\QooBox\Quarantine\C\WINDOWS\system32\catower.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tegq 1 C:\QooBox\Quarantine\C\WINDOWS\system32\certmgrkd.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tcyo 1 C:\QooBox\Quarantine\C\WINDOWS\system32\cliconfgzx.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdwl 1 C:\QooBox\Quarantine\C\WINDOWS\system32\comuidsg.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.srsr 1 C:\QooBox\Quarantine\C\WINDOWS\system32\dbeaf7d.sys.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdeh 1 C:\QooBox\Quarantine\C\WINDOWS\system32\DBEAF7DC.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdnj 1 C:\QooBox\Quarantine\C\WINDOWS\system32\dispexcb.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tcwy 1 C:\QooBox\Quarantine\C\WINDOWS\system32\dpvvoxmh.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.teav 1 C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\HBKernel32.sys.vir Infected: Backdoor.Win32.Agent.rnq 1 C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\svchost.exe.vir Infected: Trojan.Win32.KillAV.afv 1 C:\QooBox\Quarantine\C\WINDOWS\system32\eskisl.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tcbb 1 C:\QooBox\Quarantine\C\WINDOWS\system32\explore.exe.vir Infected: Trojan-GameThief.Win32.OnLineGames.suaq 1 C:\QooBox\Quarantine\C\WINDOWS\system32\HBmhly.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tcom 1 C:\QooBox\Quarantine\C\WINDOWS\system32\imgutilhx2.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.telu 1 C:\QooBox\Quarantine\C\WINDOWS\system32\johandy.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.teba 1 C:\QooBox\Quarantine\C\WINDOWS\system32\jolndyo.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.sjgf 1 C:\QooBox\Quarantine\C\WINDOWS\system32\kildh3l.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.arni 1 C:\QooBox\Quarantine\C\WINDOWS\system32\lensch.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tedd 1 C:\QooBox\Quarantine\C\WINDOWS\system32\lweurqhx.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tepo 1 C:\QooBox\Quarantine\C\WINDOWS\system32\mcromv.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tcvv 1 C:\QooBox\Quarantine\C\WINDOWS\system32\mduaey.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tbwk 1 C:\QooBox\Quarantine\C\WINDOWS\system32\nwapi32dj.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdxi 1 C:\QooBox\Quarantine\C\WINDOWS\system32\pqaxbo.tmp.vir Infected: Rootkit.Win32.Small.af 1 C:\QooBox\Quarantine\C\WINDOWS\system32\qabop.tmp.vir Infected: Rootkit.Win32.Small.af 1 C:\QooBox\Quarantine\C\WINDOWS\system32\qaxboq.tmp.vir Infected: Rootkit.Win32.Small.af 1 C:\QooBox\Quarantine\C\WINDOWS\system32\qcabyo.tmp.vir Infected: Rootkit.Win32.Small.af 1 C:\QooBox\Quarantine\C\WINDOWS\system32\ringtte.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.swbf 1 C:\QooBox\Quarantine\C\WINDOWS\system32\scrruncqsj.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.sknp 1 C:\QooBox\Quarantine\C\WINDOWS\system32\slbiopfs2.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tgtw 1 C:\QooBox\Quarantine\C\WINDOWS\system32\System.exe.vir Infected: Backdoor.Win32.Agent.rnq 1 C:\QooBox\Quarantine\C\WINDOWS\system32\tscfgwmijxsj.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tell 1 C:\QooBox\Quarantine\C\WINDOWS\system32\twainyy.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdde 1 C:\QooBox\Quarantine\C\WINDOWS\system32\vmdetdhc.exe.vir Infected: Trojan.Win32.KillAV.aoj 1 C:\QooBox\Quarantine\C\WINDOWS\system32\wllame.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tcse 1 C:\QooBox\Quarantine\C\WINDOWS\system32\wrm32.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdwr 1 C:\QooBox\Quarantine\C\WINDOWS\system32\wtsapi32yt2.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tdux 1 C:\QooBox\Quarantine\C\WINDOWS\system32\xolehlpjh.dll.vir Infected: Trojan-GameThief.Win32.OnLineGames.tftz 1 C:\QooBox.zip Infected: Trojan-Downloader.Win32.Small.acie 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.WOW.byg 1 C:\QooBox.zip Infected: not-a-virus:AdWare.Win32.Cinmus.sun 1 C:\QooBox.zip Infected: not-a-virus:AdWare.Win32.BHO.cwl 2 C:\QooBox.zip Infected: not-a-virus:AdWare.Win32.Cinmus.snp 1 C:\QooBox.zip Infected: not-a-virus:AdWare.Win32.Agent.fbb 1 C:\QooBox.zip Infected: Worm.Win32.AutoRun.nhs 2 C:\QooBox.zip Infected: Worm.Win32.AutoRun.nhh 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tfuh 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdrx 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tbpf 1 C:\QooBox.zip Infected: Backdoor.Win32.Ceckno.bhx 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tekq 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tfco 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdar 1 C:\QooBox.zip Infected: Rootkit.Win32.Small.af 5 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tegq 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tcyo 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdwl 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.srsr 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdeh 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdnj 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tcwy 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.teav 1 C:\QooBox.zip Infected: Backdoor.Win32.Agent.rnq 2 C:\QooBox.zip Infected: Trojan.Win32.KillAV.afv 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tcbb 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.suaq 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tcom 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.telu 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.teba 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.sjgf 1 C:\QooBox.zip Infected: Trojan-PSW.Win32.OnLineGames.arni 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tedd 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tepo 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tcvv 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tbwk 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdxi 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.swbf 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.sknp 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tgtw 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tell 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdde 1 C:\QooBox.zip Infected: Trojan.Win32.KillAV.aoj 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tcse 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdwr 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tdux 1 C:\QooBox.zip Infected: Trojan-GameThief.Win32.OnLineGames.tftz 1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\LPB0ATXP\max1[1].exe Infected: Trojan.Win32.KillAV.afv 1 C:\WINDOWS\system32\HBSOUL.dll Infected: Backdoor.Win32.Agent.rog 1 C:\WINDOWS\system32\pewire.dll Infected: Trojan-GameThief.Win32.OnLineGames.tddv 1 C:\WINDOWS\system32\qaxboq.exe Infected: not-a-virus:AdWare.Win32.Cinmus.snp 2 C:\WINDOWS\system32\reg.exe Infected: Trojan-Downloader.Win32.Small.acie 1 C:\WINDOWS\system32\ringttek.exe Infected: Trojan-GameThief.Win32.OnLineGames.tcac 1 C:\WINDOWS\system32\tree.com Infected: Trojan-Downloader.Win32.Small.zfq 1 C:\WINDOWS\system32\xybzpc Infected: Trojan.Win32.KillAV.afv 1 C:\WINDOWS\system32\xyqrxa.exe Infected: Trojan-GameThief.Win32.WOW.byi 1 C:\WINDOWS\system32\zqcaby.exe Infected: Trojan-GameThief.Win32.WOW.byi 1 The selected area was scanned. NB : au fait, j'ai oublié de signaler que suite à cette infection, mes fichiers exe ont été détériorés, ils sont signalés comme infectés dans le rapport
×
×
  • Créer...