kakao2010

Etonnant: j'ai trouvé sous l'icone "documents and settings" 226 GO Il est indiqué également: 04/04/2007 18:18 j'ouvre alors ce fichier (ou dossier) et je trouve sous "All users" 219 GO j'ouvre "All users" qui contient: - bureau: 9,81 KO - Menu démarrer: 11,6 MO - Doc partagés: 14 MO - Favoris: vide - Ntuser: 256 KO ce qui ne fait pas 219 GO Où est la différence ?

Scan ---- Scanned: 766368 Detected: 0 Untreated: 0 Start time: 18/11/2009 01:32:22 Duration: 02:35:18 Finish time: 18/11/2009 04:07:40 Detected -------- Status Object ------ ------ Events ------ Time Name Status Reason ---- ---- ------ ------ 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestination.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestination.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar1.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar10.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar10.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar11.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar11.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar2.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar2.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar3.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar3.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar4.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar4.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar5.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar5.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar6.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar6.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar7.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar7.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar8.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar8.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar9.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar9.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eGroupInstantAccess.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eGroupInstantAccess.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor.zip/Documents and Settings/All Users/AVP 2009/1.dat password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor1.zip/Documents and Settings/All Users/AVP 2009/1.dat password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV1.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon10.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon10.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon11.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon11.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon12.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon12.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon13.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon13.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon14.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon14.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon15.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon15.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon16.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon16.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon17.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon17.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon18.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon18.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon19.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon19.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon2.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon2.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon20.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon20.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon21.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon21.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon22.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon22.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon23.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon23.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon24.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon24.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon25.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon25.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon26.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon26.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon27.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon27.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon28.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon28.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon3.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon3.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon4.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon4.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon5.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon5.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon6.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon6.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon7.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon7.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon8.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon8.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon9.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon9.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer1.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep.zip/unins000.exe password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep1.zip/RegSweep.exe password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep10.zip/Uninstall RegSweep.lnk password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep10.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep11.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep11.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep12.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep12.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep13.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep13.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep14.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep14.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep15.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep15.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep16.zip/log_2007_04_09_09_57_06.log password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep16.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep17.zip/log_2007_04_09_09_57_07.log password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep17.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep18.zip/log_2007_04_09_10_21_49.log password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep18.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep19.zip/log_2007_04_09_10_21_50.log password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep19.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep2.zip/Launcher.exe password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep2.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep20.zip/RegSweep Scheduled Scan.job password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep20.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep3.zip/license.txt password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep3.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep4.zip/RegSweep.lnk password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep4.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep5.zip/RegSweep.lnk password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep5.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep6.zip/RegSweep on the Web.lnk password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep6.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep7.zip/2007-03-31_16-20-44.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep7.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep8.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep9.zip/RegSweep.url password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep9.zip/unins000.dat password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep9.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/license.txt password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/readme.txt password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/sporder.dll password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/whagent.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer1.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer2.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer2.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer3.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer3.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer4.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer4.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer5.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer5.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer6.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer6.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer7.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer7.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer8.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer8.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer9.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer9.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx1.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx3.zip/yswqbnh_navps.dat password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx3.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinEzulacc.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinEzulacc.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip/sbRecovery.reg password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip/Documents and Settings/Jean/Application Data/ShoppingReport/cs/Config.xml password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip/sbRecovery.ini password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch.zip/winpfz32.sys password protected 18/11/2009 01:49:29 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch.zip/sbRecovery.ini password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch1.zip/Think-Adz.lnk password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch1.zip/sbRecovery.ini password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch2.zip/Think-Adz.lnk password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch2.zip/sbRecovery.ini password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch3.zip/zxdnt3d.cfg password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch3.zip/sbRecovery.ini password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch4.zip/msnav32.ax password protected 18/11/2009 01:49:30 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch4.zip/sbRecovery.ini password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestination.zip/sbRecovery.reg password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdDestination.zip/sbRecovery.ini password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar.zip/sbRecovery.reg password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar.zip/sbRecovery.ini password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar1.zip/sbRecovery.reg password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar1.zip/sbRecovery.ini password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar10.zip/sbRecovery.reg password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar10.zip/sbRecovery.ini password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar11.zip/sbRecovery.reg password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar11.zip/sbRecovery.ini password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar2.zip/sbRecovery.reg password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar2.zip/sbRecovery.ini password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar3.zip/sbRecovery.reg password protected 18/11/2009 03:00:46 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar3.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar4.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar4.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar5.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar5.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar6.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar6.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar7.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar7.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar8.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar8.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar9.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolToolBar9.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eGroupInstantAccess.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eGroupInstantAccess.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor.zip/Documents and Settings/All Users/AVP 2009/1.dat password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor1.zip/Documents and Settings/All Users/AVP 2009/1.dat password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntivirusDoktor1.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV1.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotTV1.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon10.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon10.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon11.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon11.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon12.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon12.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon13.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon13.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon14.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon14.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon15.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon15.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon16.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon16.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon17.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon17.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon18.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon18.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon19.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon19.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon2.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon2.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon20.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon20.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon21.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon21.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon22.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon22.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon23.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon23.zip/sbRecovery.ini password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon24.zip/sbRecovery.reg password protected 18/11/2009 03:00:47 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon24.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon25.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon25.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon26.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon26.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon27.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon27.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon28.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon28.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon3.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon3.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon4.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon4.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon5.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon5.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon6.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon6.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon7.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon7.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon8.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon8.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon9.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon9.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer1.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer1.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep.zip/unins000.exe password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep1.zip/RegSweep.exe password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep1.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep10.zip/Uninstall RegSweep.lnk password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep10.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep11.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep11.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep12.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep12.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep13.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep13.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep14.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep14.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep15.zip/sbRecovery.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep15.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep16.zip/log_2007_04_09_09_57_06.log password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep16.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep17.zip/log_2007_04_09_09_57_07.log password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep17.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep18.zip/log_2007_04_09_10_21_49.log password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep18.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep19.zip/log_2007_04_09_10_21_50.log password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep19.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep2.zip/Launcher.exe password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep2.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep20.zip/RegSweep Scheduled Scan.job password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep20.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep3.zip/license.txt password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep3.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep4.zip/RegSweep.lnk password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep4.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep5.zip/RegSweep.lnk password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep5.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep6.zip/RegSweep on the Web.lnk password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep6.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep7.zip/2007-03-31_16-20-44.reg password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep7.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep8.zip/sbRecovery.ini password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep9.zip/RegSweep.url password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep9.zip/unins000.dat password protected 18/11/2009 03:00:48 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\RegSweep9.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/license.txt password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/readme.txt password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/sporder.dll password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/Program Files/webHancer/Programs/whagent.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer1.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer1.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer2.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer2.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer3.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer3.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer4.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer4.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer5.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer5.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer6.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer6.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer7.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer7.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer8.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer8.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer9.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer9.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx1.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx1.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx3.zip/yswqbnh_navps.dat password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx3.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinEzulacc.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinEzulacc.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip/sbRecovery.reg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip/Documents and Settings/Jean/Application Data/ShoppingReport/cs/Config.xml password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch.zip/winpfz32.sys password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch1.zip/Think-Adz.lnk password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch1.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch2.zip/Think-Adz.lnk password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch2.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch3.zip/zxdnt3d.cfg password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch3.zip/sbRecovery.ini password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch4.zip/msnav32.ax password protected 18/11/2009 03:00:49 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch4.zip/sbRecovery.ini password protected Statistics ---------- Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ --------- Settings -------- Parameter Value --------- ----- Security Level Recommended Action Prompt for action when the scan is complete Run mode Manually File types Scan all files Scan only new and changed files No Scan archives All Scan embedded OLE objects All Skip if object is larger than No Skip if scan takes longer than No Parse email formats No Scan password-protected archives No Enable iChecker technology No Enable iSwift technology No Show detected threats on "Detected" tab Yes Rootkits search Yes Deep rootkits search No Use heuristic analyzer Yes Quarantine ---------- Status Object Size Added ------ ------ ---- ----- Backup ------ Status Object Size ------ ------ ----

2ème défragmentation: Volume (C:) Taille du volume = 298 Go Taille de cluster = 4 Ko Espace utilisé = 243 Go Espace libre = 54,60 Go Pourcentage d'espace libre = 18 % Fragmentation du volume Fragmentation totale = 36 % Fragmentation de fichiers = 72 % Fragmentation de l'espace libre = 0 % Fragmentation de fichiers Total de fichiers = 73 239 Taille moyenne de fichier = 5 Mo Total de fichiers fragmentés = 27 Total de fragments en trop = 315 194 Nombre moyen de fragments par fichier = 5,30 Fragmentation du fichier paginé Taille du fichier paginé = 2,00 Go Total de fragments = 1 Fragmentation de dossier Total de dossiers = 8 172 Dossiers fragmentés = 1 Fragments de dossiers en trop = 2 Fragmentation de la table de fichiers principale (MFT) Taille totale de la MFT = 206 Mo Nombre d'enregistrements dans la MFT = 84 957 Pourcentage d'utilisation de la MFT = 40 % Total de fragments dans la MFT = 3 -------------------------------------------------------------------------------- Fragments Taille du fichierFichiers qui ne peuvent pas être défragmentés 2 2 Ko \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data 4 327 3,20 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_11.08_16.30_72c.SRV.log 4 690 3,39 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_10.30_08.35_57c.SRV.log 19 472 3,94 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_09.26_07.40_710.SRV.log 16 682 5,55 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_09.04_09.09_bf8.SRV.log 25 910 5,67 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.508_07.17_09.00_6f4.SRV.log 31 252 5,92 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.508_07.16_09.35_7d4.SRV.log 10 754 6,08 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_08.27_12.40_574.SRV.log 7 967 7,25 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_10.22_23.10_1d0.SRV.log 4 932 7,34 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_09.16_09.08_4e0.SRV.log 12 323 7,40 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_09.17_08.40_4f0.SRV.log 11 526 8,03 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_11.11_03.24_738.SRV.log 17 389 8,71 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_08.28_03.12_720.SRV.log 10 695 10,03 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_11.01_01.05_5f4.SRV.log 64 394 10,46 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_07.26_01.43_790.SRV.log 25 529 11,01 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_10.16_03.28_718.SRV.log 23 667 11,37 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_10.26_08.27_62c.SRV.log 8 644 14,86 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_09.14_22.36_31c.SRV.log 9 331 17,32 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_09.13_01.18_4ec.SRV.log 5 427 20,70 Go \Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.8.521_09.03_02.04_764.SRV.log

Volume (C:) Taille du volume = 298 Go Taille de cluster = 4 Ko Espace utilisé = 243 Go Espace libre = 54,70 Go Pourcentage d'espace libre = 18 % Fragmentation du volume Fragmentation totale = 38 % Fragmentation de fichiers = 76 % Fragmentation de l'espace libre = 0 % Fragmentation de fichiers Total de fichiers = 73 212 Taille moyenne de fichier = 5 Mo Total de fichiers fragmentés = 38 Total de fragments en trop = 376 570 Nombre moyen de fragments par fichier = 6,14 Fragmentation du fichier paginé Taille du fichier paginé = 2,00 Go Total de fragments = 1 Fragmentation de dossier Total de dossiers = 8 172 Dossiers fragmentés = 1 Fragments de dossiers en trop = 2 Fragmentation de la table de fichiers principale (MFT) Taille totale de la MFT = 206 Mo Nombre d'enregistrements dans la MFT = 84 897 Pourcentage d'utilisation de la MFT = 40 % Total de fragments dans la MFT = 3 -------------------------------------------------------------------------------- Fragments Taille du fichierFichiers qui ne peuvent pas être défragmentés Aucun Résultat d'une première défragmentation. Il y a quelque chose d'étrange, all users donne 219 GO mais quand on l'ouvre, il n'y a presque rien sur les icones. J'ai oublié de te dire que le petit cliquetis métallique qu'on entendait lorsque l'ordi se mettait à souffler a disparu. de même le petit personnage dans "recherche" s'est remis a faire des petits bruits qui avaient disparu depuis longtemps.

http://www.senduit.com/3044cd Bonjour J'ai enlevé tellement de fichiers que le problème apparait clairement: l'espace soi-disant occupé devrait être de l'ordre de 50 GO et non pas 290. Celà voudrait-il dire que ce virus est toujours en train d'occuper la différence ? Où alors qu'il existe des fichiers cachés en quantité ? Je vais bien voir maintenant si la destruction continue. Comment retrouver ces GO disparus ?

======= RAPPORT D'AD-REMOVER 1.1.4.6_C | UNIQUEMENT XP/VISTA/7 ======= . Mit à jour par C_XX le 16.11.2009 à 22:21 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 21:05:40, 17/11/2009 | Mode Normal | Option: CLEAN Exécuté de: C:\Program Files\Ad-Remover\ Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600 Nom du PC: FUJITSU | Utilisateur actuel: Jean . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{315108E4-E3AF-460F-B264-F2ACC9E1ACEB} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350} HKLM\software\pdfforge.org HKCU\software\LanConfig HKCU\software\pdfforge.org HKLM\Software\Classes\CLSID\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} HKCU\software\microsoft\internet explorer\searchscopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} . C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml C:\DOCUME~1\Jean\Cookies\jean@ask[1].txt C:\DOCUME~1\Jean\Cookies\jean@partypoker[1].txt C:\DOCUME~1\Jean\Cookies\jean@search.conduit[2].txt C:\DOCUME~1\Jean\Cookies\jean@search.conduit[3].txt C:\DOCUME~1\Jean\Cookies\jean@simyo[2].txt (!) -- Fichiers temporaires supprimés. . ============== Scan additionnel ============== . . * Mozilla FireFox Version 3.0.15 [fr] * . Nom du profil: zbsn1m8c.default (Jean) . (Jean, Invalidprefs.js) Browser.download.lastDir, C:\Documents and Settings\Jean\Mes documents (Jean, Invalidprefs.js) Browser.search.defaultenginename, Yahoo (Jean, Invalidprefs.js) Browser.search.defaulturl, hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-divx&p= (Jean, Invalidprefs.js) Browser.search.selectedEngine, Live Search . (Jean, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Jean\Mes documents (Jean, prefs.js) Browser.search.defaultenginename, Google (Jean, prefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= (Jean, prefs.js) Browser.search.selectedEngine, Google . . * Internet Explorer Version 8.0.6001.18702 * . [HKEY_CURRENT_USER\..\Internet Explorer\Main] . Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Start Page: hxxp://fr.msn.com/ Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome . [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ Search bar: hxxp://search.msn.com/spbasic.htm . [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm . ============== Suspect (Cracks, Serials, ...) ============== . C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe C:\Documents and Settings\Jean\Local Settings\Temp\R‚pertoire temporaire 1 pour Age Of Empire 3(PC_FRENCH)complet+crack+serial(impeccable!)testǸ par PaCmaniak.zip . =================================== . 3549 Octet(s) - C:\Ad-Report-CLEAN[1].log . 79 Fichier(s) - C:\DOCUME~1\Jean\LOCALS~1\Temp 44 Fichier(s) - C:\WINDOWS\Temp . 18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP 6 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE . Fin à: 21:30:28 | 17/11/2009 - CLEAN[1] . ============== E.O.F ============== .

Re, Je t'explique avant de lancer le système. Mon inquiétude vient de ceci, il y a 2 semaines environ j'avais un espace occupé à moitié et le système a commencer à se bouffer tout seul au point que j'ai commencé à sauver des photos, de la musique, des films etc..Le peu que j'y rajoutais était insignifiant mais la mémoire continuait à fondre. Hier j'ai perdu 5 GO par rapport à la veille ce qui n'était jamais arrivé aussi vite, car depuis que ça a commencé c'était environ 1 Go par jour. Le résultat c'est que j'ai enlevé énormément de chose et que ce qui reste en totalisant les icones en tous genres fait à peine un quart de ce qui est annocé sur le camembert 290 GO environ. C'est de la folie: où bien les films que j'ai viré sont restés dans des fichiers cachés (il arrive parfois que des films que je supprime n'arrivent pas dans la corbeille quand je veux la vider. Ou bien encore un virus s'étale et bouffe la place; j'ai lu qque part qu'on parle de torche olympique qui bouffe tout petit à petit. Je continue le traitement.

Logfile of random's system information tool 1.06 (written by random/random) Run by Jean at 2009-11-17 19:49:28 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 19 GB (6%) free of 305 GB Total RAM: 2047 MB (53% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:49:51, on 17/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe C:\Program Files\ITE\TRAYICON\TRAYICON.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files\Plustek\Plustek SmartOffice PS286\DocuAction.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jean\Mes documents\Downloads\RSIT.exe C:\Program Files\trend micro\Jean.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60347 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe O4 - HKLM\..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe O4 - HKLM\..\Run: [Nuance PDF Professional 6-reminder] "C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\PDF Professional 6\Ereg\Ereg.ini" O4 - HKLM\..\Run: [TrayIconPath] C:\Program Files\ITE\TRAYICON\TRAYICON.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [iSUSPM] "C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" -scheduler O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Bluetooth Monitor.lnk = ? O4 - Global Startup: DocAction (Plustek SmartOffice PS286).lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Créer un fichier PDF - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Ouvrir avec Nuance PDF Converter 6.0 - res://C:\Program Files\Nuance\PDF Professional 6\cnvres_fre.dll /100 O8 - Extra context menu item: Ouvrir avec PDF Professional 6 - res://C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c9dfa12158f8ff) (gupdate1c9dfa12158f8ff) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe O24 - Desktop Component 0: (no name) - http://www.pagesjaunes.fr/files/images/FR/logo_pj_fr.gif O24 - Desktop Component 1: (no name) - http://mail.google.com/mail/help/images/logo.gif O24 - Desktop Component 2: (no name) - http://eur.i1.yimg.com/us.yimg.com/i/fr/pim/b/mailma1b.gif -- End of file - 14401 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll [2009-02-06 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-27 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-01-16 806912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9}] ZeonIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26 475136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-27 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}] Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll [2009-08-21 2097152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-27 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-01-16 806912] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - Nuance PDF - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26 475136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-02 7557120] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-27 136600] "LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2007-04-17 63048] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "PDFHook"=C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe [2009-07-27 1275168] "PDF6 Registry Controller"=C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe [2009-07-27 110880] "Nuance PDF Professional 6-reminder"=C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe [2008-11-03 54560] "TrayIconPath"=C:\Program Files\ITE\TRAYICON\TRAYICON.exe [2009-10-30 638976] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2005-11-15 1204224] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336] "ISUSPM"=C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [2008-11-17 210208] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Bluetooth Monitor.lnk - C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe DocAction (Plustek SmartOffice PS286).lnk - C:\Program Files\Plustek\Plustek SmartOffice PS286\DocuAction.exe Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\Jean\Menu Démarrer\Programmes\Démarrage OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe Outil de notification Live Search.lnk - C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-11-11 218376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit] C:\WINDOWS\system32\LMIinit.dll [2008-05-28 87352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger" "D:\Setup\HPZnet01.exe"="D:\Setup\HPZnet01.exe:*:Enabled:Install Consumer Experience Network Plug in" "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0" "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus" "C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\Jean\Local Settings\Temp\Blizzard Launcher Temporary - 0608ec28\Launcher.exe"="C:\Documents and Settings\Jean\Local Settings\Temp\Blizzard Launcher Temporary - 0608ec28\Launcher.exe:*:Enabled:Blizzard Launcher" "C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19e78d38-78ac-11db-a28d-003005b316d7}] shell\Auto\command - winlive.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winlive.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bdab7e2-c50e-11db-a2ac-003005b316d7}] shell\Auto\command - winlive.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winlive.exe ======List of files/folders created in the last 1 months====== 2009-11-17 19:49:28 ----DC---- C:\rsit 2009-11-17 17:19:09 ----DC---- C:\Lop SD 2009-11-17 02:32:51 ----D---- C:\Program Files\Trend Micro 2009-11-15 20:36:03 ----D---- C:\Documents and Settings\Jean\Application Data\Malwarebytes 2009-11-15 20:35:45 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-11-15 20:35:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-11-11 03:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2009-11-10 13:57:46 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint 2009-11-10 13:52:36 ----D---- C:\Program Files\DI Capture 2009-11-10 13:41:37 ----A---- C:\WINDOWS\DICapture.INI 2009-11-02 09:15:05 ----AC---- C:\dirref.ini 2009-11-01 01:00:55 ----N---- C:\WINDOWS\system32\hpofax07.dll 2009-11-01 01:00:53 ----N---- C:\WINDOWS\system32\hpousd07.dll 2009-11-01 01:00:53 ----N---- C:\WINDOWS\system32\hpomem07.dll 2009-11-01 01:00:51 ----N---- C:\WINDOWS\system32\roboex32.dll 2009-11-01 01:00:51 ----N---- C:\WINDOWS\system32\INETWH32.DLL 2009-11-01 01:00:51 ----N---- C:\WINDOWS\system32\HPOtap07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoisn07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoipt07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoipr07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoipm07.exe 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoinw07.exe 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoidr07.dll 2009-11-01 01:00:49 ----D---- C:\Program Files\ReadIRIS 2009-10-30 08:32:34 ----D---- C:\Program Files\My Company Name 2009-10-30 08:07:02 ----A---- C:\WINDOWS\ID.txt 2009-10-30 08:06:26 ----D---- C:\Program Files\ITE 2009-10-22 21:37:34 ----A---- C:\WINDOWS\IE4 Error Log.txt ======List of files/folders modified in the last 1 months====== 2009-11-17 19:49:51 ----D---- C:\Documents and Settings\Jean\Application Data\Skype 2009-11-17 19:43:08 ----RD---- C:\Program Files 2009-11-17 19:42:52 ----D---- C:\Program Files\Bonjour 2009-11-17 19:40:29 ----D---- C:\Program Files\Mozilla Firefox 2009-11-17 19:36:11 ----D---- C:\WINDOWS\Temp 2009-11-17 19:30:22 ----D---- C:\WINDOWS 2009-11-17 18:10:56 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-11-17 17:14:11 ----HD---- C:\WINDOWS\$NtServicePackUninstall$ 2009-11-17 17:14:09 ----HD---- C:\WINDOWS\$NtUninstallKB890859$ 2009-11-17 15:53:16 ----SHD---- C:\WINDOWS\Installer 2009-11-17 15:52:23 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-11-17 12:07:42 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-17 10:18:49 ----D---- C:\Program Files\Messenger 2009-11-17 10:18:28 ----D---- C:\WINDOWS\WinSxS 2009-11-17 02:31:09 ----D---- C:\WINDOWS\network diagnostic 2009-11-17 01:12:13 ----D---- C:\WINDOWS\system32\drivers 2009-11-16 19:53:22 ----D---- C:\Download 2009-11-16 19:49:16 ----D---- C:\Program Files\IrfanView 2009-11-16 19:48:36 ----D---- C:\Program Files\Ad-Remover 2009-11-16 19:44:26 ----D---- C:\WINDOWS\Registration 2009-11-16 19:44:01 ----D---- C:\WINDOWS\ServicePackFiles 2009-11-16 19:43:46 ----D---- C:\WINDOWS\SHELLNEW 2009-11-16 19:43:26 ----D---- C:\WINDOWS\provisioning 2009-11-16 19:43:03 ----D---- C:\WINDOWS\RegisteredPackages 2009-11-16 19:42:08 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-11-16 19:40:39 ----D---- C:\Temp 2009-11-16 19:32:15 ----HD---- C:\Program Files\InstallShield Installation Information 2009-11-16 18:47:25 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-16 15:10:32 ----HD---- C:\WINDOWS\inf 2009-11-16 14:40:21 ----D---- C:\WINDOWS\system32 2009-11-16 13:30:28 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-14 02:26:34 ----D---- C:\WINDOWS\Prefetch 2009-11-13 23:45:01 ----RD---- C:\Program Files\Skype 2009-11-13 23:44:58 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2009-11-11 03:06:23 ----N---- C:\WINDOWS\win.ini 2009-11-11 03:01:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-10 22:42:19 ----HD---- C:\WINDOWS\$hf_mig$ 2009-11-10 14:13:28 ----D---- C:\WINDOWS\system32\NtmsData 2009-11-10 13:53:18 ----D---- C:\WINDOWS\system32\CatRoot 2009-11-10 13:52:31 ----A---- C:\WINDOWS\654U.ini 2009-11-10 13:52:11 ----D---- C:\Program Files\Fichiers communs\iMpacct 2009-11-10 13:51:44 ----D---- C:\Program Files\Fichiers communs\ComScan 2009-11-10 13:27:01 ----RASHC---- C:\boot.ini 2009-11-08 02:50:08 ----D---- C:\WINDOWS\Help 2009-11-06 02:42:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe 2009-11-05 02:55:45 ----A---- C:\WINDOWS\imsins.BAK 2009-11-01 01:00:48 ----D---- C:\Program Files\Hewlett-Packard 2009-10-31 16:25:03 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-10-31 16:19:47 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-10-30 20:12:12 ----D---- C:\Documents and Settings\Jean\Application Data\Nuance 2009-10-30 19:19:41 ----D---- C:\Program Files\Adobe 2009-10-28 18:50:31 ----SD---- C:\Documents and Settings\Jean\Application Data\Microsoft 2009-10-28 02:32:06 ----D---- C:\WINDOWS\system32\Restore 2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-05-26 226832] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-07 12032] R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976] R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] R3 Dot4Scan;Pilote de classe Scanneur pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704] R3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-10-05 51120] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-10-05 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-10-05 21744] R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] R3 LMImirr;LMImirr; C:\WINDOWS\system32\DRIVERS\LMImirr.sys [2007-04-17 10144] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-02 3648864] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056] R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 LVUVC;Logitech QuickCam for Notebooks Pro(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2005-07-28 1054848] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS [] S3 se44bus;Sony Ericsson Device 068 driver (WDM); C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 61536] S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360] S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 97088] S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624] S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS); C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 18704] S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 86432] S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM); C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 90800] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800] S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264] S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352] S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824] S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-14 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-27 152984] R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2008-05-28 116032] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-02 143426] R2 PDFProFiltSrv;PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-07-27 134944] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S2 gupdate1c9dfa12158f8ff;Google Update Service (gupdate1c9dfa12158f8ff); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-28 133104] S2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2007-04-17 63040] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by Jean at 2009-11-17 19:49:28 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 19 GB (6%) free of 305 GB Total RAM: 2047 MB (53% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:49:51, on 17/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe C:\Program Files\ITE\TRAYICON\TRAYICON.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files\Plustek\Plustek SmartOffice PS286\DocuAction.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jean\Mes documents\Downloads\RSIT.exe C:\Program Files\trend micro\Jean.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60347 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe O4 - HKLM\..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe O4 - HKLM\..\Run: [Nuance PDF Professional 6-reminder] "C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\PDF Professional 6\Ereg\Ereg.ini" O4 - HKLM\..\Run: [TrayIconPath] C:\Program Files\ITE\TRAYICON\TRAYICON.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [iSUSPM] "C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" -scheduler O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Bluetooth Monitor.lnk = ? O4 - Global Startup: DocAction (Plustek SmartOffice PS286).lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Créer un fichier PDF - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Ouvrir avec Nuance PDF Converter 6.0 - res://C:\Program Files\Nuance\PDF Professional 6\cnvres_fre.dll /100 O8 - Extra context menu item: Ouvrir avec PDF Professional 6 - res://C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c9dfa12158f8ff) (gupdate1c9dfa12158f8ff) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe O24 - Desktop Component 0: (no name) - http://www.pagesjaunes.fr/files/images/FR/logo_pj_fr.gif O24 - Desktop Component 1: (no name) - http://mail.google.com/mail/help/images/logo.gif O24 - Desktop Component 2: (no name) - http://eur.i1.yimg.com/us.yimg.com/i/fr/pim/b/mailma1b.gif -- End of file - 14401 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll [2009-02-06 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-27 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-01-16 806912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9}] ZeonIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26 475136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-27 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}] Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll [2009-08-21 2097152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-27 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-01-16 806912] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - Nuance PDF - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26 475136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-02 7557120] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-27 136600] "LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2007-04-17 63048] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "PDFHook"=C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe [2009-07-27 1275168] "PDF6 Registry Controller"=C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe [2009-07-27 110880] "Nuance PDF Professional 6-reminder"=C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe [2008-11-03 54560] "TrayIconPath"=C:\Program Files\ITE\TRAYICON\TRAYICON.exe [2009-10-30 638976] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2005-11-15 1204224] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336] "ISUSPM"=C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [2008-11-17 210208] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Bluetooth Monitor.lnk - C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe DocAction (Plustek SmartOffice PS286).lnk - C:\Program Files\Plustek\Plustek SmartOffice PS286\DocuAction.exe Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\Jean\Menu Démarrer\Programmes\Démarrage OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe Outil de notification Live Search.lnk - C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-11-11 218376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit] C:\WINDOWS\system32\LMIinit.dll [2008-05-28 87352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger" "D:\Setup\HPZnet01.exe"="D:\Setup\HPZnet01.exe:*:Enabled:Install Consumer Experience Network Plug in" "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0" "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus" "C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\Jean\Local Settings\Temp\Blizzard Launcher Temporary - 0608ec28\Launcher.exe"="C:\Documents and Settings\Jean\Local Settings\Temp\Blizzard Launcher Temporary - 0608ec28\Launcher.exe:*:Enabled:Blizzard Launcher" "C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Jean\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19e78d38-78ac-11db-a28d-003005b316d7}] shell\Auto\command - winlive.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winlive.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bdab7e2-c50e-11db-a2ac-003005b316d7}] shell\Auto\command - winlive.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winlive.exe ======List of files/folders created in the last 1 months====== 2009-11-17 19:49:28 ----DC---- C:\rsit 2009-11-17 17:19:09 ----DC---- C:\Lop SD 2009-11-17 02:32:51 ----D---- C:\Program Files\Trend Micro 2009-11-15 20:36:03 ----D---- C:\Documents and Settings\Jean\Application Data\Malwarebytes 2009-11-15 20:35:45 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-11-15 20:35:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-11-11 03:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2009-11-10 13:57:46 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint 2009-11-10 13:52:36 ----D---- C:\Program Files\DI Capture 2009-11-10 13:41:37 ----A---- C:\WINDOWS\DICapture.INI 2009-11-02 09:15:05 ----AC---- C:\dirref.ini 2009-11-01 01:00:55 ----N---- C:\WINDOWS\system32\hpofax07.dll 2009-11-01 01:00:53 ----N---- C:\WINDOWS\system32\hpousd07.dll 2009-11-01 01:00:53 ----N---- C:\WINDOWS\system32\hpomem07.dll 2009-11-01 01:00:51 ----N---- C:\WINDOWS\system32\roboex32.dll 2009-11-01 01:00:51 ----N---- C:\WINDOWS\system32\INETWH32.DLL 2009-11-01 01:00:51 ----N---- C:\WINDOWS\system32\HPOtap07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoisn07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoipt07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoipr07.dll 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoipm07.exe 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoinw07.exe 2009-11-01 01:00:49 ----N---- C:\WINDOWS\system32\hpoidr07.dll 2009-11-01 01:00:49 ----D---- C:\Program Files\ReadIRIS 2009-10-30 08:32:34 ----D---- C:\Program Files\My Company Name 2009-10-30 08:07:02 ----A---- C:\WINDOWS\ID.txt 2009-10-30 08:06:26 ----D---- C:\Program Files\ITE 2009-10-22 21:37:34 ----A---- C:\WINDOWS\IE4 Error Log.txt ======List of files/folders modified in the last 1 months====== 2009-11-17 19:49:51 ----D---- C:\Documents and Settings\Jean\Application Data\Skype 2009-11-17 19:43:08 ----RD---- C:\Program Files 2009-11-17 19:42:52 ----D---- C:\Program Files\Bonjour 2009-11-17 19:40:29 ----D---- C:\Program Files\Mozilla Firefox 2009-11-17 19:36:11 ----D---- C:\WINDOWS\Temp 2009-11-17 19:30:22 ----D---- C:\WINDOWS 2009-11-17 18:10:56 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-11-17 17:14:11 ----HD---- C:\WINDOWS\$NtServicePackUninstall$ 2009-11-17 17:14:09 ----HD---- C:\WINDOWS\$NtUninstallKB890859$ 2009-11-17 15:53:16 ----SHD---- C:\WINDOWS\Installer 2009-11-17 15:52:23 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-11-17 12:07:42 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-17 10:18:49 ----D---- C:\Program Files\Messenger 2009-11-17 10:18:28 ----D---- C:\WINDOWS\WinSxS 2009-11-17 02:31:09 ----D---- C:\WINDOWS\network diagnostic 2009-11-17 01:12:13 ----D---- C:\WINDOWS\system32\drivers 2009-11-16 19:53:22 ----D---- C:\Download 2009-11-16 19:49:16 ----D---- C:\Program Files\IrfanView 2009-11-16 19:48:36 ----D---- C:\Program Files\Ad-Remover 2009-11-16 19:44:26 ----D---- C:\WINDOWS\Registration 2009-11-16 19:44:01 ----D---- C:\WINDOWS\ServicePackFiles 2009-11-16 19:43:46 ----D---- C:\WINDOWS\SHELLNEW 2009-11-16 19:43:26 ----D---- C:\WINDOWS\provisioning 2009-11-16 19:43:03 ----D---- C:\WINDOWS\RegisteredPackages 2009-11-16 19:42:08 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-11-16 19:40:39 ----D---- C:\Temp 2009-11-16 19:32:15 ----HD---- C:\Program Files\InstallShield Installation Information 2009-11-16 18:47:25 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-16 15:10:32 ----HD---- C:\WINDOWS\inf 2009-11-16 14:40:21 ----D---- C:\WINDOWS\system32 2009-11-16 13:30:28 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-14 02:26:34 ----D---- C:\WINDOWS\Prefetch 2009-11-13 23:45:01 ----RD---- C:\Program Files\Skype 2009-11-13 23:44:58 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2009-11-11 03:06:23 ----N---- C:\WINDOWS\win.ini 2009-11-11 03:01:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-10 22:42:19 ----HD---- C:\WINDOWS\$hf_mig$ 2009-11-10 14:13:28 ----D---- C:\WINDOWS\system32\NtmsData 2009-11-10 13:53:18 ----D---- C:\WINDOWS\system32\CatRoot 2009-11-10 13:52:31 ----A---- C:\WINDOWS\654U.ini 2009-11-10 13:52:11 ----D---- C:\Program Files\Fichiers communs\iMpacct 2009-11-10 13:51:44 ----D---- C:\Program Files\Fichiers communs\ComScan 2009-11-10 13:27:01 ----RASHC---- C:\boot.ini 2009-11-08 02:50:08 ----D---- C:\WINDOWS\Help 2009-11-06 02:42:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe 2009-11-05 02:55:45 ----A---- C:\WINDOWS\imsins.BAK 2009-11-01 01:00:48 ----D---- C:\Program Files\Hewlett-Packard 2009-10-31 16:25:03 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-10-31 16:19:47 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-10-30 20:12:12 ----D---- C:\Documents and Settings\Jean\Application Data\Nuance 2009-10-30 19:19:41 ----D---- C:\Program Files\Adobe 2009-10-28 18:50:31 ----SD---- C:\Documents and Settings\Jean\Application Data\Microsoft 2009-10-28 02:32:06 ----D---- C:\WINDOWS\system32\Restore 2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-05-26 226832] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-07 12032] R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976] R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] R3 Dot4Scan;Pilote de classe Scanneur pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704] R3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-10-05 51120] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-10-05 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-10-05 21744] R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] R3 LMImirr;LMImirr; C:\WINDOWS\system32\DRIVERS\LMImirr.sys [2007-04-17 10144] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-02 3648864] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056] R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 LVUVC;Logitech QuickCam for Notebooks Pro(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2005-07-28 1054848] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS [] S3 se44bus;Sony Ericsson Device 068 driver (WDM); C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 61536] S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360] S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 97088] S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624] S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS); C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 18704] S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 86432] S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM); C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 90800] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800] S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264] S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352] S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824] S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-14 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-07-21 208616] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-27 152984] R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2008-05-28 116032] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-02 143426] R2 PDFProFiltSrv;PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-07-27 134944] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S2 gupdate1c9dfa12158f8ff;Google Update Service (gupdate1c9dfa12158f8ff); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-28 133104] S2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2007-04-17 63040] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Où peut se cacher crawler toolbar ? J'ai regardé un peu partout, même avec "recherche" ...rien !

il y avait 4 fichiers dans la quarantaine je les ai cliqués un par un pour les restaurer. Le scan est fini voici le rapport Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3187 Windows 5.1.2600 Service Pack 3 17/11/2009 18:00:32 mbam-log-2009-11-17 (18-00-32).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|) Eléments examinés: 211607 Temps écoulé: 41 minute(s), 52 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Fichier Ereg.exe reçu le 2009.11.17 16:51:12 (UTC)Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.41 2009.11.17 - AhnLab-V3 5.0.0.2 2009.11.17 - AntiVir 7.9.1.70 2009.11.17 - Antiy-AVL 2.0.3.7 2009.11.17 - Authentium 5.2.0.5 2009.11.17 - Avast 4.8.1351.0 2009.11.17 - AVG 8.5.0.425 2009.11.17 - BitDefender 7.2 2009.11.17 - CAT-QuickHeal 10.00 2009.11.17 - ClamAV 0.94.1 2009.11.17 - Comodo 2969 2009.11.17 - DrWeb 5.0.0.12182 2009.11.17 - eSafe 7.0.17.0 2009.11.17 - eTrust-Vet 35.1.7124 2009.11.17 - F-Prot 4.5.1.85 2009.11.17 - F-Secure 9.0.15370.0 2009.11.17 - Fortinet 3.120.0.0 2009.11.16 - GData 19 2009.11.17 - Ikarus T3.1.1.74.0 2009.11.17 - Jiangmin 11.0.800 2009.11.17 - K7AntiVirus 7.10.898 2009.11.17 - Kaspersky 7.0.0.125 2009.11.17 - McAfee 5804 2009.11.16 - McAfee+Artemis 5804 2009.11.16 - McAfee-GW-Edition 6.8.5 2009.11.17 - Microsoft 1.5202 2009.11.17 - NOD32 4615 2009.11.17 - Norman 6.03.02 2009.11.17 - nProtect 2009.1.8.0 2009.11.17 - Panda 10.0.2.2 2009.11.16 - PCTools 7.0.3.5 2009.11.17 - Prevx 3.0 2009.11.17 - Rising 22.22.01.08 2009.11.17 - Sophos 4.47.0 2009.11.17 - Sunbelt 3.2.1858.2 2009.11.12 - Symantec 1.4.4.12 2009.11.17 - TheHacker 6.5.0.2.071 2009.11.16 - TrendMicro 9.0.0.1003 2009.11.17 - VBA32 3.12.10.11 2009.11.15 - ViRobot 2009.11.17.2041 2009.11.17 - VirusBuster 5.0.21.0 2009.11.17 - Information additionnelle File size: 54560 bytes MD5...: f66c02521579c6a6d3b5f1fc0a8be3ac SHA1..: 2ede61a9368c48df361d3e7df885b089cd8c6d87 SHA256: 9a77c2c6a73b4ce0edc3f2e3a11fb9e7d90e18941083d8d3bdceacd04e1c3ca9 ssdeep: 768:CkbFbxCh7UIKEVmq9ZzU2zJAk8OclDLff9CFLN3bTr:CkbcUIjmGZztQO6nf<BR>fsFxLH<BR> PEiD..: - PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x4a97<BR>timedatestamp.....: 0x490ecc36 (Mon Nov 03 10:02:30 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x47a4 0x5000 5.69 e3e85caaf4f63bd65e6999c2d7ed85e6<BR>.rdata 0x6000 0x1d1a 0x2000 4.46 000b933e1b2c9a0c32af2bc01eb2dca0<BR>.data 0x8000 0x11a8 0x1000 0.55 f90c456664581da2687446cdcfed86bc<BR>.rsrc 0xa000 0x23b4 0x3000 5.21 f2684fdaad1362c0fc81a7fabfe5c28c<BR><BR>( 7 imports ) <BR>> MFC80U.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCR80.dll: _controlfp_s, __type_info_dtor_internal_method@type_info@@QAEXXZ, _crt_debugger_hook, _invoke_watson, _except_handler4_common, _terminate@@YAXXZ, _decode_pointer, _onexit, _lock, __dllonexit, _unlock, __set_app_type, _encode_pointer, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _configthreadlocale, _initterm_e, _initterm, _wcmdln, exit, _XcptFilter, _exit, _cexit, __wgetmainargs, _amsg_exit, wcsstr, _wcsicmp, __CxxFrameHandler3, memset, wcscpy_s, _wsplitpath_s, wcscat_s, _localtime64_s, _time64, _wcsdup, _waccess, free<BR>> KERNEL32.dll: InterlockedCompareExchange, GetStartupInfoW, SetUnhandledExceptionFilter, QueryPerformanceCounter, GetTickCount, InterlockedExchange, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, IsDebuggerPresent, GetModuleFileNameW, GetPrivateProfileStringW, LoadLibraryW, FreeLibrary, GetEnvironmentVariableW, CloseHandle, CreateProcessW, Sleep, WaitForSingleObject, GetCurrentProcessId, GetCurrentThreadId, GetVersionExW<BR>> USER32.dll: SendMessageW, EnableWindow, GetDlgItem, CopyRect, LoadIconW, GetDlgCtrlID, EndDialog, GetWindowRect, GetDesktopWindow, LoadBitmapW, EndPaint, DrawIcon, GetClientRect, GetSystemMetrics, LoadStringW, IsIconic, SetWindowPos, DialogBoxParamW, EnumWindows, GetWindowTextW, GetWindowLongW, ShowWindow, UpdateWindow, GetForegroundWindow, GetWindowThreadProcessId, AttachThreadInput, SetForegroundWindow, SetActiveWindow, InvalidateRect, PeekMessageW, SetWindowTextW, BeginPaint, TranslateMessage, DispatchMessageW<BR>> GDI32.dll: SetBkMode, GetStockObject, GetObjectW, CreateFontIndirectW, CreateSolidBrush, SetTextColor<BR>> ADVAPI32.dll: RegQueryValueExW, RegCloseKey, RegOpenKeyExW<BR>> SHELL32.dll: SHGetFolderPathW<BR><BR>( 0 exports ) <BR> RDS...: NSRL Reference Data Set<BR>- pdfid.: - trid..: Win64 Executable Generic (80.9%)<BR>Win32 Executable Generic (8.0%)<BR>Win32 Dynamic Link Library (generic) (7.1%)<BR>Generic Win/DOS Executable (1.8%)<BR>DOS Executable Generic (1.8%) sigcheck:<BR>publisher....: Nuance Communications, Inc.<BR>copyright....: Copyright © 1993-2007 Nuance Communications, Inc.<BR>product......: SSEreg<BR>description..: Ereg (Unicode version)<BR>original name: Ereg.exe<BR>internal name: SSEreg<BR>file version.: 5, 2, 0, 2<BR>comments.....: n/a<BR>signers......: Nuance Communications, Inc.<BR>VeriSign Class 3 Code Signing 2004 CA<BR>Class 3 Public Primary Certification Authority<BR>signing date.: 11:02 AM 11/3/2008<BR>verified.....: -<BR> Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.41 2009.11.17 - AhnLab-V3 5.0.0.2 2009.11.17 - AntiVir 7.9.1.70 2009.11.17 - Antiy-AVL 2.0.3.7 2009.11.17 - Authentium 5.2.0.5 2009.11.17 - Avast 4.8.1351.0 2009.11.17 - AVG 8.5.0.425 2009.11.17 - BitDefender 7.2 2009.11.17 - CAT-QuickHeal 10.00 2009.11.17 - ClamAV 0.94.1 2009.11.17 - Comodo 2969 2009.11.17 - DrWeb 5.0.0.12182 2009.11.17 - eSafe 7.0.17.0 2009.11.17 - eTrust-Vet 35.1.7124 2009.11.17 - F-Prot 4.5.1.85 2009.11.17 - F-Secure 9.0.15370.0 2009.11.17 - Fortinet 3.120.0.0 2009.11.16 - GData 19 2009.11.17 - Ikarus T3.1.1.74.0 2009.11.17 - Jiangmin 11.0.800 2009.11.17 - K7AntiVirus 7.10.898 2009.11.17 - Kaspersky 7.0.0.125 2009.11.17 - McAfee 5804 2009.11.16 - McAfee+Artemis 5804 2009.11.16 - McAfee-GW-Edition 6.8.5 2009.11.17 - Microsoft 1.5202 2009.11.17 - NOD32 4615 2009.11.17 - Norman 6.03.02 2009.11.17 - nProtect 2009.1.8.0 2009.11.17 - Panda 10.0.2.2 2009.11.16 - PCTools 7.0.3.5 2009.11.17 - Prevx 3.0 2009.11.17 - Rising 22.22.01.08 2009.11.17 - Sophos 4.47.0 2009.11.17 - Sunbelt 3.2.1858.2 2009.11.12 - Symantec 1.4.4.12 2009.11.17 - TheHacker 6.5.0.2.071 2009.11.16 - TrendMicro 9.0.0.1003 2009.11.17 - VBA32 3.12.10.11 2009.11.15 - ViRobot 2009.11.17.2041 2009.11.17 - VirusBuster 5.0.21.0 2009.11.17 - Information additionnelle File size: 54560 bytes MD5...: f66c02521579c6a6d3b5f1fc0a8be3ac SHA1..: 2ede61a9368c48df361d3e7df885b089cd8c6d87 SHA256: 9a77c2c6a73b4ce0edc3f2e3a11fb9e7d90e18941083d8d3bdceacd04e1c3ca9 ssdeep: 768:CkbFbxCh7UIKEVmq9ZzU2zJAk8OclDLff9CFLN3bTr:CkbcUIjmGZztQO6nf<BR>fsFxLH<BR> PEiD..: - PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x4a97<BR>timedatestamp.....: 0x490ecc36 (Mon Nov 03 10:02:30 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x47a4 0x5000 5.69 e3e85caaf4f63bd65e6999c2d7ed85e6<BR>.rdata 0x6000 0x1d1a 0x2000 4.46 000b933e1b2c9a0c32af2bc01eb2dca0<BR>.data 0x8000 0x11a8 0x1000 0.55 f90c456664581da2687446cdcfed86bc<BR>.rsrc 0xa000 0x23b4 0x3000 5.21 f2684fdaad1362c0fc81a7fabfe5c28c<BR><BR>( 7 imports ) <BR>> MFC80U.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCR80.dll: _controlfp_s, __type_info_dtor_internal_method@type_info@@QAEXXZ, _crt_debugger_hook, _invoke_watson, _except_handler4_common, _terminate@@YAXXZ, _decode_pointer, _onexit, _lock, __dllonexit, _unlock, __set_app_type, _encode_pointer, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _configthreadlocale, _initterm_e, _initterm, _wcmdln, exit, _XcptFilter, _exit, _cexit, __wgetmainargs, _amsg_exit, wcsstr, _wcsicmp, __CxxFrameHandler3, memset, wcscpy_s, _wsplitpath_s, wcscat_s, _localtime64_s, _time64, _wcsdup, _waccess, free<BR>> KERNEL32.dll: InterlockedCompareExchange, GetStartupInfoW, SetUnhandledExceptionFilter, QueryPerformanceCounter, GetTickCount, InterlockedExchange, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, IsDebuggerPresent, GetModuleFileNameW, GetPrivateProfileStringW, LoadLibraryW, FreeLibrary, GetEnvironmentVariableW, CloseHandle, CreateProcessW, Sleep, WaitForSingleObject, GetCurrentProcessId, GetCurrentThreadId, GetVersionExW<BR>> USER32.dll: SendMessageW, EnableWindow, GetDlgItem, CopyRect, LoadIconW, GetDlgCtrlID, EndDialog, GetWindowRect, GetDesktopWindow, LoadBitmapW, EndPaint, DrawIcon, GetClientRect, GetSystemMetrics, LoadStringW, IsIconic, SetWindowPos, DialogBoxParamW, EnumWindows, GetWindowTextW, GetWindowLongW, ShowWindow, UpdateWindow, GetForegroundWindow, GetWindowThreadProcessId, AttachThreadInput, SetForegroundWindow, SetActiveWindow, InvalidateRect, PeekMessageW, SetWindowTextW, BeginPaint, TranslateMessage, DispatchMessageW<BR>> GDI32.dll: SetBkMode, GetStockObject, GetObjectW, CreateFontIndirectW, CreateSolidBrush, SetTextColor<BR>> ADVAPI32.dll: RegQueryValueExW, RegCloseKey, RegOpenKeyExW<BR>> SHELL32.dll: SHGetFolderPathW<BR><BR>( 0 exports ) <BR> RDS...: NSRL Reference Data Set<BR>- pdfid.: - trid..: Win64 Executable Generic (80.9%)<BR>Win32 Executable Generic (8.0%)<BR>Win32 Dynamic Link Library (generic) (7.1%)<BR>Generic Win/DOS Executable (1.8%)<BR>DOS Executable Generic (1.8%) sigcheck:<BR>publisher....: Nuance Communications, Inc.<BR>copyright....: Copyright © 1993-2007 Nuance Communications, Inc.<BR>product......: SSEreg<BR>description..: Ereg (Unicode version)<BR>original name: Ereg.exe<BR>internal name: SSEreg<BR>file version.: 5, 2, 0, 2<BR>comments.....: n/a<BR>signers......: Nuance Communications, Inc.<BR>VeriSign Class 3 Code Signing 2004 CA<BR>Class 3 Public Primary Certification Authority<BR>signing date.: 11:02 AM 11/3/2008<BR>verified.....: -<BR>

Problème avec Lop S§D le premier dit qu'il est out le second se télécharge mais n'ouvre pas

Bonjour, Bien compris mais je préfère demander. Les 4 objets sont bien en qurantaine mais rétablir n'existe pas sur l'écran. Faut-il cliquer sur "restaurer ou "tout restaurer"?

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:40:51, on 17/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe C:\Program Files\ITE\TRAYICON\TRAYICON.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe C:\Program Files\Plustek\Plustek SmartOffice PS286\DocuAction.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Jean\LOCALS~1\Temp\Rar$EX00.828\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60347 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe O4 - HKLM\..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe O4 - HKLM\..\Run: [Nuance PDF Professional 6-reminder] "C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\PDF Professional 6\Ereg\Ereg.ini" O4 - HKLM\..\Run: [TrayIconPath] C:\Program Files\ITE\TRAYICON\TRAYICON.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [iSUSPM] "C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" -scheduler O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Jean\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Bluetooth Monitor.lnk = ? O4 - Global Startup: DocAction (Plustek SmartOffice PS286).lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Créer un fichier PDF - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Ouvrir avec Nuance PDF Converter 6.0 - res://C:\Program Files\Nuance\PDF Professional 6\cnvres_fre.dll /100 O8 - Extra context menu item: Ouvrir avec PDF Professional 6 - res://C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c9dfa12158f8ff) (gupdate1c9dfa12158f8ff) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe O24 - Desktop Component 0: (no name) - http://www.pagesjaunes.fr/files/images/FR/logo_pj_fr.gif O24 - Desktop Component 1: (no name) - http://mail.google.com/mail/help/images/logo.gif O24 - Desktop Component 2: (no name) - http://eur.i1.yimg.com/us.yimg.com/i/fr/pim/b/mailma1b.gif -- End of file - 14773 bytes

Voici les rapports: Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3176 Windows 5.1.2600 Service Pack 3 15/11/2009 21:57:14 mbam-log-2009-11-15 (21-57-14).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 223166 Temps écoulé: 52 minute(s), 14 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 15 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 3 Fichier(s) infecté(s): 15 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\Program Files\Secured_eMule\tbSec0.dll (Adware.Shopper) -> Delete on reboot. C:\Program Files\Multi_Media_France\tbMul1.dll (Adware.Shopper) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7009fcd4-05be-44f4-9583-93fe419ab7b0} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7009fcd4-05be-44f4-9583-93fe419ab7b0} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7009fcd4-05be-44f4-9583-93fe419ab7b0} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{81b7f2df-3427-4704-b441-f74a4de94ce1} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{36a91cec-6c71-4758-b492-397bfc8e96a2} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9c8a568e-4201-478a-8536-526cf371d2e2} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Adssite ToolBar (Adware.Adssite) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7009fcd4-05be-44f4-9583-93fe419ab7b0} (Adware.Shopper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7009fcd4-05be-44f4-9583-93fe419ab7b0} (Adware.Shopper) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Documents and Settings\Sylvain\Application Data\RegSweep (Rogue.RegSweep) -> Quarantined and deleted successfully. C:\Documents and Settings\Sylvain\Application Data\RegSweep\Log (Rogue.RegSweep) -> Quarantined and deleted successfully. C:\Documents and Settings\Sylvain\Application Data\RegSweep\Registry Backups (Rogue.RegSweep) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\Secured_eMule\tbSec0.dll (Adware.Shopper) -> Quarantined and deleted successfully. C:\Program Files\Multi_Media_France\tbMul1.dll (Adware.Shopper) -> Quarantined and deleted successfully. C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\EoRezo\EoAdv.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully. C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\EoRezo\EoEngine.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully. C:\Program Files\Ad-Remover\QUARANTINE\WINDOWS\system32\gzmrot-uninst.exe.vir (Adware.Adssite) -> Quarantined and deleted successfully. C:\Program Files\Ad-Remover\QUARANTINE\WINDOWS\system32\rightonadz-uninst.exe.vir (Adware.AdRotator) -> Quarantined and deleted successfully. C:\Program Files\Ad-Remover\QUARANTINE\WINDOWS\system32\WhoisCL.exe.vir (Trojan.BHO) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{BE0BD62F-F1AC-4CDD-A327-C2E3AAFEA07A}\RP134\A0066748.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully. C:\Documents and Settings\Sylvain\Application Data\RegSweep\Errors.stg (Rogue.RegSweep) -> Quarantined and deleted successfully. C:\Documents and Settings\Sylvain\Application Data\RegSweep\Results.stg (Rogue.RegSweep) -> Quarantined and deleted successfully. C:\Documents and Settings\Sylvain\Application Data\RegSweep\Registry Backups\2007-04-09_09-59-25.reg (Rogue.RegSweep) -> Quarantined and deleted successfully. C:\Documents and Settings\Sylvain\Application Data\urlredir.cfg (Adware.AdRotator) -> Quarantined and deleted successfully. C:\Documents and Settings\Sylvain\Menu Démarrer\Programmes\Démarrage\TA_Start.lnk (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\adssite-remove.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Jean\Local Settings\Application Data\yswqbnh_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3176 Windows 5.1.2600 Service Pack 3 16/11/2009 00:04:06 mbam-log-2009-11-16 (00-04-06).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|I:\|J:\|K:\|M:\|) Eléments examinés: 223794 Temps écoulé: 1 hour(s), 1 minute(s), 28 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3176 Windows 5.1.2600 Service Pack 3 16/11/2009 01:12:22 mbam-log-2009-11-16 (01-12-22).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|) Eléments examinés: 59410 Temps écoulé: 16 minute(s), 10 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3183 Windows 5.1.2600 Service Pack 3 17/11/2009 01:22:02 mbam-log-2009-11-17 (01-22-02).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|) Eléments examinés: 44811 Temps écoulé: 7 minute(s), 46 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3183 Windows 5.1.2600 Service Pack 3 17/11/2009 02:04:36 mbam-log-2009-11-17 (02-04-36).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|) Eléments examinés: 210848 Temps écoulé: 38 minute(s), 3 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll (Virus.Mariofev) -> Quarantined and deleted successfully. C:\WINDOWS\$NtUninstallKB890859$\user32.dll (Virus.Mariofev) -> Quarantined and deleted successfully. C:\WINDOWS\$NtServicePackUninstall$\user32.dll (Virus.Mariofev) -> Quarantined and deleted successfully. C:\WINDOWS\$NtServicePackUninstall$\user32.dll.000 (Virus.Mariofev) -> Quarantined and deleted successfully. Joli comme nom mariofev, j'aurais plutôt dit mafiorev Faut-il autre chose ? Que faire avec kaspersky qui n'a rien vu ni avec ces 4 là, ni avec les 40 trouvés hier

Bonsoir, Mes tentatives n'ont rien donné. La mémoire a diminué de 5 GO aujourd'hui. Merci de me dire ce que vous pensez de ce rapport.obtenu de Avira sans parvenir à utiliser la mise à jour. Avira AntiVir Personal Date de création du fichier de rapport : lundi 16 novembre 2009 15:28 La recherche porte sur 1284893 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : FUJITSU Informations de version : BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00 AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 13:20:54 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 10:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 11:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 10:21:31 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 12:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 20:33:26 ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 07:41:14 ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 14:58:20 Version du moteur : 8.2.0.100 AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 17:36:42 AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 20:01:56 AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 11:44:25 AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 18:24:41 AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 13:06:10 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 20:01:56 AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 15:49:16 AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 20:01:56 AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 13:06:10 AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 14:32:40 AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 14:22:44 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 14:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 08:47:30 AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 11:39:26 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 14:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 15:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 15:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 10:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 15:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 08:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 15:40:59 RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 13:49:32 RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 10:07:05 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : lundi 16 novembre 2009 15:28 La recherche d'objets cachés commence. '74600' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'SkypeNames.exe' - '1' module(s) sont contrôlés Processus de recherche 'wltuser.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqgalry.exe' - '1' module(s) sont contrôlés Processus de recherche 'Mise-a-jour-LiveSearch.exe' - '1' module(s) sont contrôlés Processus de recherche 'KHALMNPR.exe' - '1' module(s) sont contrôlés Processus de recherche 'Notification-LiveSearch.exe' - '1' module(s) sont contrôlés Processus de recherche 'SetPoint.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés Processus de recherche 'DocuAction.exe' - '1' module(s) sont contrôlés Processus de recherche 'BtMon2.exe' - '1' module(s) sont contrôlés Processus de recherche 'ISUSPM.exe' - '1' module(s) sont contrôlés Processus de recherche 'rapimgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'Skype.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'wcescomm.exe' - '1' module(s) sont contrôlés Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'GPIOManager.exe' - '1' module(s) sont contrôlés Processus de recherche 'TRAYICON.exe' - '1' module(s) sont contrôlés Processus de recherche 'LMIGuardian.exe' - '1' module(s) sont contrôlés Processus de recherche 'PdfPro6Hook.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpwuSchd2.exe' - '1' module(s) sont contrôlés Processus de recherche 'avp.exe' - '0' module(s) sont contrôlés Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'LogMeInSystray.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'X10nets.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPZipm12.exe' - '1' module(s) sont contrôlés Processus de recherche 'PDFProFiltSrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'MDM.EXE' - '1' module(s) sont contrôlés Processus de recherche 'GoogleCrashHandler.exe' - '1' module(s) sont contrôlés Processus de recherche 'ramaint.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'avp.exe' - '0' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '60' processus ont été contrôlés avec '60' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD5 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD6 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '73' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx2.zip [RESULTAT] Contient le code suspect GEN/PwdZIP C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip [RESULTAT] Contient le code suspect GEN/PwdZIP C:\Program Files\Ad-Remover\QUARANTINE\WINDOWS\system32\Adssite_sidebar_uninstall.exe.vir [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/AdSpy.Gen C:\System Volume Information\_restore{BE0BD62F-F1AC-4CDD-A327-C2E3AAFEA07A}\RP137\A0067885.dll [RESULTAT] Contient le cheval de Troie TR/Trash.Gen C:\System Volume Information\_restore{BE0BD62F-F1AC-4CDD-A327-C2E3AAFEA07A}\RP137\A0067886.dll [RESULTAT] Contient le cheval de Troie TR/Trash.Gen C:\System Volume Information\_restore{BE0BD62F-F1AC-4CDD-A327-C2E3AAFEA07A}\RP137\A0067890.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen Début de la désinfection : C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinAgentfbx2.zip [RESULTAT] Contient le code suspect GEN/PwdZIP [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b6f6ef7.qua' ! C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip [RESULTAT] Contient le code suspect GEN/PwdZIP [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b6f6eef.qua' ! C:\Program Files\Ad-Remover\QUARANTINE\WINDOWS\system32\Adssite_sidebar_uninstall.exe.vir [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/AdSpy.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b746ef2.qua' ! C:\System Volume Information\_restore{BE0BD62F-F1AC-4CDD-A327-C2E3AAFEA07A}\RP137\A0067885.dll [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b316ebe.qua' ! C:\System Volume Information\_restore{BE0BD62F-F1AC-4CDD-A327-C2E3AAFEA07A}\RP137\A0067886.dll [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4efa733f.qua' ! C:\System Volume Information\_restore{BE0BD62F-F1AC-4CDD-A327-C2E3AAFEA07A}\RP137\A0067890.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4888e447.qua' ! Fin de la recherche : lundi 16 novembre 2009 16:23 Temps nécessaire: 55:00 Minute(s) La recherche a été effectuée intégralement 9070 Les répertoires ont été contrôlés 462978 Des fichiers ont été contrôlés 4 Des virus ou programmes indésirables ont été trouvés 2 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 6 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 1 Impossible de contrôler des fichiers 462971 Fichiers non infectés 1894 Les archives ont été contrôlées 1 Avertissements 7 Consignes 74600 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés