virtumonde/Look2me : Petit probleme de Virus

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

Docky

Message par Docky » 11 sept. 2006 19:12

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 18:58:01 11/09/2006

+ Scan result:



HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\IE Security -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\IE Security\BlockedLocations -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\Process Security -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\Process Security\Policies -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\Process Security\Policies\Allowed -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\Process Security\Policies\Restricted -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\Scan -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\System Security -> Adware.SpySheriff : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-839522115-1879871171-500\Software\SpySheriff\Updates -> Adware.SpySheriff : Cleaned with backup (quarantined).
C:\cqrkkvp.exe -> Dropper.Small.apz : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Cookies\administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00105.dll -> Trojan.Sinowal.aq : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00106.dll -> Trojan.Sinowal.aq : Cleaned with backup (quarantined).


::Report end




Docky

Message par Docky » 11 sept. 2006 19:16

Script clean par Malekal_morte - https://www.malekal.com

Microsoft Windows XP [version 5.1.2600]
Script execute en mode sans echec

*** Suppression de fichiers sur C:
C:\nergy.exe FOUND

*** Suppression des fichiers dans C:\WINDOWS\
C:\WINDOWS\browserxtras\ FOUND
C:\WINDOWS\unvise32qt.exe FOUND

*** Suppression des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\?????_netapi.exe FOUND
C:\WINDOWS\system32\dr3.exe FOUND
C:\WINDOWS\system32\eltcelcius.exe FOUND
C:\WINDOWS\system32\javaapplets.exe FOUND
C:\WINDOWS\system32\javanet.exe FOUND
C:\WINDOWS\system32\jconsole.exe FOUND
C:\WINDOWS\system32\loadss.exe FOUND
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
C:\WINDOWS\system32\stonedrv.exe FOUND
C:\WINDOWS\system32\wnsapisv.exe FOUND
C:\WINDOWS\system32\wkssvc.exe FOUND
C:\WINDOWS\system32\wrapper.exe FOUND
C:\WINDOWS\system32\mcrh.tmp FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.2" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.3" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.4" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.5" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.6" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.7" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.8" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.9" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.10" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.11" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.12" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.13" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.14" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.15" FOUND


*** Suppression des clefs du registre effectuee..

Malekal_morte
Site Admin
Site Admin
Messages : 96468
Inscription : 10 sept. 2005 13:57
Contact :

Message par Malekal_morte » 11 sept. 2006 19:21

Copie/colle un nouveau rapport HijackThis stp.

et :


- Télécharge DiagHelp.zip sur ton bureau
- Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
- Un nouveau dossier chercher va être créé DiagHelp
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
- Une fenêtre va s'ouvrir, choisis l'option 1
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas

Sécuriser son ordinateur (version courte)

Tutoriels Logiciels - Tutoriel Windows - Windows 10

Stop publicités - popups intempestives
supprimer-trojan.com : guide de suppression de malwares

Partagez malekal.com : n'hésitez pas à partager sur Facebook et GooglePlus les articles qui vous plaisent.

Docky

Message par Docky » 17 sept. 2006 09:17

Désolé pour mon temps de réaction tres faible, mais j'avais bcp de taff... voici mon nouveau log HiJacksThis, puis je continue la procédure :)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/a ... _en_dl.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/stat ... nerADP.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\SYSTEM32\VundoFixSVC.exe

Docky

Message par Docky » 17 sept. 2006 09:28

Voici le résultat du dernier log :
C:\WINDOWS\System32\VundoFixSVC.exe -->03/10/2006 17:42:59
C:\WINDOWS\System32\direct.txt -->03/10/2006 15:10:07
C:\WINDOWS\System32\wpa.dbl -->17/09/2006 08:47:29
C:\WINDOWS\System32\hkllm.ini -->03/09/2006 10:17:32
C:\WINDOWS\System32\hkllm.bak1 -->02/09/2006 23:59:41
C:\WINDOWS\System32\mllkh.dll -->02/09/2006 23:59:35
C:\WINDOWS\System32\fcyax.dll -->02/09/2006 23:08:41
C:\WINDOWS\System32\inistone.ini -->02/09/2006 23:01:19
C:\WINDOWS\System32\hghkj.ini -->02/09/2006 22:58:21
C:\WINDOWS\System32\hghkj.bak1 -->02/09/2006 22:58:18
C:\WINDOWS\System32\jkhgh.dll -->02/09/2006 22:58:09
C:\WINDOWS\System32\9217106.dll -->02/09/2006 19:10:06
C:\WINDOWS\System32\install.exe -->29/08/2006 22:36:58
C:\WINDOWS\System32\yayxy.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\yabyv.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\xxyyx.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\xxwxw.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\wvwvs.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\wvutt.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\wvusp.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\vtutt.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\vtsqq.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\ursrr.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\tussr.dll -->29/08/2006 22:36:13
C:\WINDOWS\System32\ssqop.dll -->29/08/2006 22:36:13

C:\WINDOWS\0.log -->17/09/2006 08:48:02
C:\WINDOWS\wiadebug.log -->17/09/2006 08:47:56
C:\WINDOWS\wiaservc.log -->17/09/2006 08:47:54
C:\WINDOWS\bootstat.dat -->17/09/2006 08:47:26
C:\WINDOWS\SchedLgU.Txt -->16/09/2006 22:16:06
C:\WINDOWS\setupapi.log -->16/09/2006 19:07:48
C:\WINDOWS\win.ini -->15/09/2006 21:39:59
C:\WINDOWS\system.ini -->15/09/2006 21:39:59
C:\WINDOWS\setupact.log -->11/09/2006 18:09:36
C:\WINDOWS\ntbtlog.txt -->11/09/2006 18:04:05
C:\WINDOWS\pxinstall_log.txt -->11/09/2006 15:58:58
C:\WINDOWS\em06y.ini -->04/09/2006 06:57:24
C:\WINDOWS\OEWABLog.txt -->02/09/2006 19:12:29
C:\WINDOWS\wmsetup.log -->02/09/2006 19:11:28
C:\WINDOWS\WindowsUpdate.log -->30/08/2006 07:27:55

C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |14/01/2005 11:29:38
C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |10/02/2005 09:27:09
C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |12/12/2005 11:55:14
C:\WINDOWS\gotouninstall.exe |19/02/2006 15:26:14
C:\WINDOWS\nmclsp.exe |21/02/2005 20:33:52
C:\WINDOWS\off-road-uninst.exe |26/03/2006 16:03:35
C:\WINDOWS\pysoft_uninstaller.exe |28/11/2004 14:01:49
C:\WINDOWS\scenic news.exe |28/11/2004 14:41:28
C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20
C:\WINDOWS\daemon.dll |22/08/2004 17:04:56
C:\WINDOWS\hcextoutput.dll |28/03/2005 11:50:22
C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46
C:\WINDOWS\system32\append.exe |02/10/2001 20:17:16
C:\WINDOWS\system32\aswBoot.exe |15/03/2005 12:20:51
C:\WINDOWS\system32\debug.exe |02/10/2001 20:17:28
C:\WINDOWS\system32\DivXsm.exe |12/06/2006 21:22:06
C:\WINDOWS\system32\dosx.exe |02/10/2001 20:17:30
C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34
C:\WINDOWS\system32\edlin.exe |02/10/2001 20:17:54
C:\WINDOWS\system32\eshopperuninstall.exe |20/12/2005 18:23:20
C:\WINDOWS\system32\exe2bin.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\fastopen.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\grwinsthlp.exe |28/11/2004 15:25:42
C:\WINDOWS\system32\install.exe |04/09/2006 11:19:44
C:\WINDOWS\system32\livingsrbndl.exe |20/12/2005 18:23:10
C:\WINDOWS\system32\mem.exe |02/10/2001 20:18:16
C:\WINDOWS\system32\mscdexnt.exe |02/10/2001 20:18:24
C:\WINDOWS\system32\msdos.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\nlsfunc.exe |02/10/2001 20:18:36
C:\WINDOWS\system32\Ntrights.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\nw16.exe |02/10/2001 20:18:42
C:\WINDOWS\system32\OnlyScreenSaverCfg.exe |11/09/2002 16:40:54
C:\WINDOWS\system32\pv.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\redir.exe |02/10/2001 20:18:58
C:\WINDOWS\system32\Scenic News.exe |26/11/2004 17:09:09
C:\WINDOWS\system32\scenicid.exe |28/11/2004 14:41:26
C:\WINDOWS\system32\scenicwu.exe |15/08/2004 21:30:52
C:\WINDOWS\system32\setver.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\share.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\strings.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\UnCasino4FRN.exe |22/12/2005 11:00:27
C:\WINDOWS\system32\UnCasinoV5_FRA.exe |22/12/2005 11:10:13
C:\WINDOWS\system32\UnInstall Frosty the Snowman WS2.exe |28/11/2004 14:22:51
C:\WINDOWS\system32\vwipxspx.exe |02/10/2001 20:19:24
C:\WINDOWS\system32\zglophone.exe |20/11/2004 23:36:32
C:\WINDOWS\system32\zip.exe |04/09/2006 14:32:08
C:\WINDOWS\system32\9217106.dll |02/09/2006 19:10:06
C:\WINDOWS\system32\amstream.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\awtrs.dll |02/09/2006 21:14:52
C:\WINDOWS\system32\awvsr.dll |03/09/2006 21:34:29
C:\WINDOWS\system32\awvvu.dll |02/09/2006 23:49:41
C:\WINDOWS\system32\byvtu.dll |03/09/2006 11:38:31
C:\WINDOWS\system32\CNCS232.DLL |14/09/2004 17:52:03
C:\WINDOWS\system32\compatUI.dll |02/10/2001 20:17:24
C:\WINDOWS\system32\ddcyw.dll |04/09/2006 13:19:33
C:\WINDOWS\system32\DivXWMPExtType.dll |19/04/2006 02:04:53
C:\WINDOWS\system32\dtctrace.dll |13/03/2006 18:13:03
C:\WINDOWS\system32\efccy.dll |03/09/2006 10:59:56
C:\WINDOWS\system32\efeec.dll |04/09/2006 06:50:53
C:\WINDOWS\system32\fcyax.dll |02/09/2006 23:08:37
C:\WINDOWS\system32\fcyxu.dll |04/09/2006 06:52:06
C:\WINDOWS\system32\fcyxx.dll |03/09/2006 10:56:36
C:\WINDOWS\system32\gebbb.dll |03/09/2006 16:51:34
C:\WINDOWS\system32\gebxx.dll |04/09/2006 06:57:18
C:\WINDOWS\system32\geeed.dll |02/09/2006 19:08:56
C:\WINDOWS\system32\geeef.dll |03/09/2006 14:36:06
C:\WINDOWS\system32\hgdde.dll |02/09/2006 23:33:50
C:\WINDOWS\system32\hggge.dll |04/09/2006 07:23:28
C:\WINDOWS\system32\hpotscl.dll |09/03/2003 06:31:04
C:\WINDOWS\system32\indounin.dll |27/01/1999 14:39:06
C:\WINDOWS\system32\ir32_32.dll |02/10/2001 20:18:08
C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 08:56:08
C:\WINDOWS\system32\jkhgh.dll |02/09/2006 22:58:07
C:\WINDOWS\system32\jkkkh.dll |03/09/2006 12:30:33
C:\WINDOWS\system32\ljhfc.dll |03/09/2006 10:57:08
C:\WINDOWS\system32\ljhff.dll |02/09/2006 23:03:28
C:\WINDOWS\system32\ljjgg.dll |02/09/2006 23:43:53
C:\WINDOWS\system32\ljjkh.dll |03/09/2006 14:29:37
C:\WINDOWS\system32\mciqtz32.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\mljgg.dll |03/09/2006 11:33:20
C:\WINDOWS\system32\mljih.dll |02/09/2006 23:00:37
C:\WINDOWS\system32\mllkh.dll |02/09/2006 23:59:33
C:\WINDOWS\system32\msdmo.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\msencode.dll |30/08/2002 19:24:06
C:\WINDOWS\system32\nnnol.dll |02/09/2006 23:30:57
C:\WINDOWS\system32\nnnop.dll |04/09/2006 12:27:16
C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16
C:\WINDOWS\system32\pmnkk.dll |03/09/2006 10:28:35
C:\WINDOWS\system32\pmnlj.dll |03/09/2006 10:24:07
C:\WINDOWS\system32\pmnoo.dll |03/09/2006 11:48:48
C:\WINDOWS\system32\psisdecd.dll |01/12/2005 18:16:16
C:\WINDOWS\system32\qedwipes.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\qomll.dll |03/09/2006 11:29:12
C:\WINDOWS\system32\qt-dx331.dll |25/05/2006 00:47:11
C:\WINDOWS\system32\rqolj.dll |02/09/2006 23:40:50
C:\WINDOWS\system32\rqomn.dll |03/09/2006 10:20:47
C:\WINDOWS\system32\rqono.dll |03/09/2006 14:20:29
C:\WINDOWS\system32\rqopn.dll |03/09/2006 11:44:52
C:\WINDOWS\system32\scriptpw.dll |02/10/2001 20:19:04
C:\WINDOWS\system32\ssqop.dll |03/09/2006 11:52:53
C:\WINDOWS\system32\tsd32.dll |02/10/2001 20:19:18
C:\WINDOWS\system32\tussr.dll |02/09/2006 23:37:04
C:\WINDOWS\system32\ursrr.dll |03/09/2006 14:25:19
C:\WINDOWS\system32\vtsqq.dll |02/09/2006 23:03:29
C:\WINDOWS\system32\vtutt.dll |02/09/2006 23:52:41
C:\WINDOWS\system32\win87em.dll |02/10/2001 20:19:28
C:\WINDOWS\system32\wvusp.dll |03/09/2006 12:24:34
C:\WINDOWS\system32\wvutt.dll |03/09/2006 10:52:19
C:\WINDOWS\system32\wvwvs.dll |02/09/2006 23:24:45
C:\WINDOWS\system32\xxwxw.dll |04/09/2006 11:19:52
C:\WINDOWS\system32\xxyyx.dll |02/09/2006 23:27:56
C:\WINDOWS\system32\yabyv.dll |02/09/2006 23:55:17
C:\WINDOWS\system32\yayxy.dll |02/09/2006 23:46:52
C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |14/01/2005 11:29:38
C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |10/02/2005 09:27:09
C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |12/12/2005 11:55:14
C:\WINDOWS\gotouninstall.exe |19/02/2006 15:26:14
C:\WINDOWS\nmclsp.exe |21/02/2005 20:33:52
C:\WINDOWS\off-road-uninst.exe |26/03/2006 16:03:35
C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20
C:\WINDOWS\hcextoutput.dll |28/03/2005 11:50:22
C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46
C:\WINDOWS\system32\append.exe |02/10/2001 20:17:16
C:\WINDOWS\system32\debug.exe |02/10/2001 20:17:28
C:\WINDOWS\system32\DivXsm.exe |12/06/2006 21:22:06
C:\WINDOWS\system32\dosx.exe |02/10/2001 20:17:30
C:\WINDOWS\system32\edlin.exe |02/10/2001 20:17:54
C:\WINDOWS\system32\eshopperuninstall.exe |20/12/2005 18:23:20
C:\WINDOWS\system32\exe2bin.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\fastopen.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\grwinsthlp.exe |28/11/2004 15:25:42
C:\WINDOWS\system32\install.exe |04/09/2006 11:19:44
C:\WINDOWS\system32\mem.exe |02/10/2001 20:18:16
C:\WINDOWS\system32\mscdexnt.exe |02/10/2001 20:18:24
C:\WINDOWS\system32\msdos.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\nlsfunc.exe |02/10/2001 20:18:36
C:\WINDOWS\system32\Ntrights.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\nw16.exe |02/10/2001 20:18:42
C:\WINDOWS\system32\OnlyScreenSaverCfg.exe |11/09/2002 16:40:54
C:\WINDOWS\system32\pv.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\redir.exe |02/10/2001 20:18:58
C:\WINDOWS\system32\scenicid.exe |28/11/2004 14:41:26
C:\WINDOWS\system32\setver.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\share.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\strings.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\UnInstall Frosty the Snowman WS2.exe |28/11/2004 14:22:51
C:\WINDOWS\system32\vwipxspx.exe |02/10/2001 20:19:24
C:\WINDOWS\system32\zglophone.exe |20/11/2004 23:36:32
C:\WINDOWS\system32\zip.exe |04/09/2006 14:32:08
C:\WINDOWS\system32\amstream.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\awtrs.dll |02/09/2006 21:14:52
C:\WINDOWS\system32\awvsr.dll |03/09/2006 21:34:29
C:\WINDOWS\system32\awvvu.dll |02/09/2006 23:49:41
C:\WINDOWS\system32\byvtu.dll |03/09/2006 11:38:31
C:\WINDOWS\system32\CNCS232.DLL |14/09/2004 17:52:03
C:\WINDOWS\system32\CNCS32.DLL |29/05/2002 01:55:23
C:\WINDOWS\system32\ddcyw.dll |04/09/2006 13:19:33
C:\WINDOWS\system32\DivXWMPExtType.dll |19/04/2006 02:04:53
C:\WINDOWS\system32\efccy.dll |03/09/2006 10:59:56
C:\WINDOWS\system32\efeec.dll |04/09/2006 06:50:53
C:\WINDOWS\system32\fcyax.dll |02/09/2006 23:08:37
C:\WINDOWS\system32\fcyxu.dll |04/09/2006 06:52:06
C:\WINDOWS\system32\fcyxx.dll |03/09/2006 10:56:36
C:\WINDOWS\system32\gebbb.dll |03/09/2006 16:51:34
C:\WINDOWS\system32\gebxx.dll |04/09/2006 06:57:18
C:\WINDOWS\system32\geeed.dll |02/09/2006 19:08:56
C:\WINDOWS\system32\geeef.dll |03/09/2006 14:36:06
C:\WINDOWS\system32\hgdde.dll |02/09/2006 23:33:50
C:\WINDOWS\system32\hggge.dll |04/09/2006 07:23:28
C:\WINDOWS\system32\indounin.dll |27/01/1999 14:39:06
C:\WINDOWS\system32\ir32_32.dll |02/10/2001 20:18:08
C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 08:56:08
C:\WINDOWS\system32\jkhgh.dll |02/09/2006 22:58:07
C:\WINDOWS\system32\jkkkh.dll |03/09/2006 12:30:33
C:\WINDOWS\system32\ljhfc.dll |03/09/2006 10:57:08
C:\WINDOWS\system32\ljhff.dll |02/09/2006 23:03:28
C:\WINDOWS\system32\ljjgg.dll |02/09/2006 23:43:53
C:\WINDOWS\system32\ljjkh.dll |03/09/2006 14:29:37
C:\WINDOWS\system32\mciqtz32.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\mljgg.dll |03/09/2006 11:33:20
C:\WINDOWS\system32\mljih.dll |02/09/2006 23:00:37
C:\WINDOWS\system32\mllkh.dll |02/09/2006 23:59:33
C:\WINDOWS\system32\msdmo.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\msencode.dll |30/08/2002 19:24:06
C:\WINDOWS\system32\nnnol.dll |02/09/2006 23:30:57
C:\WINDOWS\system32\nnnop.dll |04/09/2006 12:27:16
C:\WINDOWS\system32\pmnkk.dll |03/09/2006 10:28:35
C:\WINDOWS\system32\pmnlj.dll |03/09/2006 10:24:07
C:\WINDOWS\system32\pmnoo.dll |03/09/2006 11:48:48
C:\WINDOWS\system32\psisdecd.dll |01/12/2005 18:16:16
C:\WINDOWS\system32\qedwipes.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\qomll.dll |03/09/2006 11:29:12
C:\WINDOWS\system32\qt-dx331.dll |25/05/2006 00:47:11
C:\WINDOWS\system32\rqolj.dll |02/09/2006 23:40:50
C:\WINDOWS\system32\rqomn.dll |03/09/2006 10:20:47
C:\WINDOWS\system32\rqono.dll |03/09/2006 14:20:29
C:\WINDOWS\system32\rqopn.dll |03/09/2006 11:44:52
C:\WINDOWS\system32\ssqop.dll |03/09/2006 11:52:53
C:\WINDOWS\system32\tsd32.dll |02/10/2001 20:19:18
C:\WINDOWS\system32\tussr.dll |02/09/2006 23:37:04
C:\WINDOWS\system32\ursrr.dll |03/09/2006 14:25:19
C:\WINDOWS\system32\vtsqq.dll |02/09/2006 23:03:29
C:\WINDOWS\system32\vtutt.dll |02/09/2006 23:52:41
C:\WINDOWS\system32\win87em.dll |02/10/2001 20:19:28
C:\WINDOWS\system32\wvusp.dll |03/09/2006 12:24:34
C:\WINDOWS\system32\wvutt.dll |03/09/2006 10:52:19
C:\WINDOWS\system32\wvwvs.dll |02/09/2006 23:24:45
C:\WINDOWS\system32\xxwxw.dll |04/09/2006 11:19:52
C:\WINDOWS\system32\xxyyx.dll |02/09/2006 23:27:56
C:\WINDOWS\system32\yabyv.dll |02/09/2006 23:55:17
C:\WINDOWS\system32\yayxy.dll |02/09/2006 23:46:52

Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\WINDOWS\system32

02/10/2001 20:17 4 096 csrss.exe
1 fichier(s) 4 096 octets
0 Rép(s) 61 596 028 928 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\WINDOWS\Downloaded Program Files

16/09/2006 19:07 <REP> .
16/09/2006 19:07 <REP> ..
18/04/2006 16:04 159 040 AdSignerADP.dll
13/04/2006 10:11 747 AdSignerADP.inf
18/04/2006 16:04 273 728 AdVerifierADP.dll
09/08/2005 14:43 193 ampx.inf
06/10/2004 01:00 2 390 catalog.dat
11/04/2006 12:21 <REP> CONFLICT.16
11/04/2006 12:21 <REP> CONFLICT.17
11/04/2006 12:21 <REP> CONFLICT.18
11/04/2006 12:21 <REP> CONFLICT.19
11/04/2006 12:21 <REP> CONFLICT.20
11/04/2006 12:21 <REP> CONFLICT.21
11/04/2006 12:21 <REP> CONFLICT.22
21/12/2005 15:22 65 desktop.ini
02/03/2006 15:40 1 271 erma.inf
21/07/2004 13:35 73 728 ghdlctl.dll
21/07/2004 13:34 227 ghdlctl.inf
12/09/2005 08:46 403 048 imloader.exe
15/09/2004 10:20 740 jinstall-1_5_0.inf
04/03/2005 05:52 752 jinstall-1_5_0_02.inf
10/11/2005 14:05 876 jinstall-1_5_0_06.inf
08/08/2006 11:45 576 kavwebscan.inf
08/09/2003 14:38 674 msSecAdv.inf
11/08/2004 19:20 6 854 navapi.vxd
11/08/2004 19:20 208 896 navapi32.dll
06/10/2004 01:00 119 976 naveng32.dll
06/10/2004 01:00 672 936 navex32a.dll
17/01/2005 18:09 227 opuc.inf
17/05/2004 16:26 35 584 ProductIDGatherer.dll
25/05/2004 11:05 2 735 ProductIDGatherer.INF
22/09/2004 16:59 110 592 PURen-us.dll
15/10/2004 08:59 110 592 PURfr-xx.dll
09/10/2003 11:32 144 QTPlugin.inf
04/01/2004 12:12 9 140 950 QuickTimeInstallCache.qdat
06/10/2004 01:00 84 832 scrauth.dat
22/06/2006 11:41 5 032 swflash.inf
06/10/2004 01:00 8 137 symaveng.cat
06/10/2004 01:00 900 symaveng.inf
06/10/2004 01:00 6 507 tcdefs.dat
06/10/2004 01:00 264 727 tcscan7.dat
06/10/2004 01:00 60 020 tcscan8.dat
06/10/2004 01:00 190 146 tcscan9.dat
06/10/2004 01:00 453 tinf.dat
06/10/2004 01:00 148 tinfidx.dat
06/10/2004 01:00 1 957 tinfl.dat
06/10/2004 01:00 37 470 tscan1.dat
06/10/2004 01:00 1 179 tscan1hd.dat
06/10/2004 01:00 5 382 v.grd
06/10/2004 01:00 2 227 v.sig
06/10/2004 01:00 106 244 virscan.inf
06/10/2004 01:00 889 363 virscan1.dat
06/10/2004 01:00 527 511 virscan2.dat
06/10/2004 01:00 144 380 virscan3.dat
06/10/2004 01:00 316 532 virscan4.dat
06/10/2004 01:00 70 712 virscan5.dat
06/10/2004 01:00 379 148 virscan6.dat
06/10/2004 01:00 1 384 267 virscan7.dat
06/10/2004 01:00 1 170 741 virscan8.dat
06/10/2004 01:00 1 634 601 virscan9.dat
06/10/2004 01:00 32 virscant.dat
09/10/2004 15:01 2 072 vscanmsx.dat
30/06/2003 22:41 1 689 WMV9VCM.inf
27/06/2003 18:51 209 489 ycomp5_1_6_0.dll
07/11/2004 15:29 173 168 yinsthelper.dll
06/10/2004 01:00 224 zdone.dat
15/06/2004 09:52 221 184 zylomloader.dll
58 fichier(s) 19 228 015 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.16

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.17

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.18

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.19

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.20

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.21

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.22

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Total des fichiers listés :
58 fichier(s) 19 228 015 octets
23 Rép(s) 61 596 024 832 octets libres

Liste des programmes installes

Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.5 - Français
Analyseur et SDK XML Microsoft
Archiveur WinRAR
AutoUpdate
AVG Free Edition
Azureus
CDex extraction audio
CM 03-04
CM 03-04
Correctif pour le Lecteur Windows Media [Voir wm828026 pour plus d'informations]
Correctif Windows XP - Article Base de Connaissances 834707
Correctif Windows XP - KB823559
Correctif Windows XP - KB824146
Correctif Windows XP - KB825119
Correctif Windows XP - KB828028
Correctif Windows XP - KB828035
Correctif Windows XP - KB828741
Correctif Windows XP - KB833987
Correctif Windows XP - KB835732
Correctif Windows XP - KB837001
Correctif Windows XP - KB839643
Correctif Windows XP - KB839645
Correctif Windows XP - KB840315
Correctif Windows XP - KB840374
Correctif Windows XP - KB840987
Correctif Windows XP - KB841356
Correctif Windows XP - KB841533
Correctif Windows XP - KB841873
Correctif Windows XP - KB842773
Correctif Windows XP - KB873376
Correctif Windows XP - KB883357
DAEMON Tools
Disque de souvenirs HP
DivX
DivX Converter
DivX Player
DivX Web Player
EasyCleaner
eMule
ewido anti-spyware 4.0
Extension Système de Microsoft Money
Football Manager 2006
HijackThis 1.99.1
hp psc 1200 series
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 6
Jeu de Tarot
Kaspersky Online Scanner
Lecteur Windows Media 10
Logitech Desktop Messenger
Logitech QuickCam
Macromedia Shockwave Player
Messenger Plus! 3
Messenger Plus! Live
Microsoft Data Access Components KB870669
Microsoft Internet Explorer 6 SP1
Microsoft Money
Microsoft Office XP Professional avec FrontPage
mIRC
MSRedist
Nero - Burning Rom
Outlook Express Q823353
Package du correctif Windows XP [voir Q329115 pour plus de détails]
PCSudoku
Photo et imagerie HP 2.0 - All-in-One
Photo et imagerie HP 2.0 - All-in-One Pilote
Photo et imagerie HP 2.0 - hp psc 1200 series
Picasa 2
ppStream 1.0.0.98
Programme de gestion Camera de Logitech®
QuickTime
Scenic News
SierraAddressBook 3.0
SierraHome Print Artist 2002
Simple Sudoku 4.0
Spybot - Search & Destroy 1.4
Symantec Network Drivers Update
Synacast Plug-in 1.1.0.7
Tvants 1.0
TvAnts 1.0.0.57 Fr
Ulead Photo Explorer 8.0 SE Basic
WebFldrs XP
Winamp (remove only)
Windows Genuine Advantage Notifications (KB905474)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows XP Application Compatibility Update[Q319580]
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB824105
Windows XP Hotfix (SP1) [See Q309521 for more information]
Windows XP Hotfix (SP1) [See Q311889 for more information]
Windows XP Hotfix (SP1) [See Q311967 for more information]
Windows XP Hotfix (SP1) [See Q313450 for more information]
Windows XP Hotfix (SP1) [See Q314862 for more information]
Windows XP Hotfix (SP1) [See Q315000 for more information]
Windows XP Hotfix (SP1) [See Q315403 for more information]
Windows XP Hotfix (SP1) [See Q317277 for more information]
Windows XP Hotfix (SP1) [See Q318138 for more information]
Windows XP Hotfix (SP1) [See Q323172 for more information]
Windows XP Hotfix (SP1) [See Q324096 for more information]
Windows XP Hotfix (SP1) [See Q324380 for more information]
Windows XP Hotfix (SP1) [See Q326830 for more information]
Windows XP Hotfix (SP1) [See Q328940 for more information]
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q328310
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q811493
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP1) Q819696
Yahoo! Anti-Spy
Yahoo! Toolbar
Yahoo! Toolbar avec bloqueur de fenêtres pop-up



Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\Program Files

16/09/2006 11:09 <REP> .
16/09/2006 11:09 <REP> ..
25/01/2004 09:46 <REP> ACD Systems
28/01/2006 21:58 <REP> Adobe
01/01/2004 19:23 <REP> Ahead
02/04/2004 22:26 <REP> Aide mémoire
18/04/2006 15:27 <REP> Alcohol Soft
04/09/2006 12:37 <REP> Alwil Software
08/03/2006 10:30 <REP> Antipub
15/01/2006 15:07 <REP> Anuman Interactive
03/04/2004 11:23 <REP> ATnotes
25/08/2006 20:13 <REP> Azureus
26/08/2006 01:20 <REP> BitComet
21/08/2006 12:01 <REP> BitTorrent
28/03/2004 18:56 <REP> Cambridge
08/04/2006 14:01 <REP> Capturino V1.3
08/04/2006 11:34 <REP> CDex_150
24/05/2006 11:38 <REP> Championship Manager 99-00
30/01/2006 12:17 <REP> chello
05/09/2006 22:36 <REP> Common
09/04/2006 19:02 <REP> Common files
14/12/2003 19:51 <REP> ComPlus Applications
23/01/2005 15:18 <REP> ComunX
13/04/2006 10:49 <REP> D-Tools
13/03/2004 11:36 <REP> directx
28/06/2006 15:39 <REP> DivX
01/01/2006 18:41 <REP> DV 3500
31/05/2005 11:18 <REP> eChanblard
25/12/2003 10:28 <REP> Eidos
27/08/2006 03:06 <REP> eMule
11/09/2006 18:59 <REP> ewido anti-malware
11/09/2006 18:08 <REP> ewido anti-spyware 4.0
16/09/2006 19:07 <REP> Fichiers communs
15/09/2006 16:19 <REP> FreshGames
21/02/2006 17:22 <REP> GOTO Software
02/01/2005 10:14 <REP> Grisoft
28/02/2004 10:16 <REP> Hewlett-Packard
25/04/2006 16:26 <REP> Internet Explorer
30/11/2005 19:55 <REP> Jabiru
25/04/2006 16:21 <REP> Java
11/04/2006 10:12 <REP> Kazaa
05/03/2006 13:18 <REP> KraiSoft
18/08/2006 12:07 <REP> Lavasoft
14/01/2005 11:32 <REP> Logitech
24/04/2006 11:24 <REP> Maxtor
23/09/2005 13:51 <REP> Mes Jeux Installés
20/12/2003 17:53 <REP> Messenger
31/07/2006 19:09 <REP> Messenger Plus! Live
09/04/2006 19:03 <REP> MessengerPlus! 3
04/04/2006 16:33 <REP> Micro Application
14/12/2003 19:55 <REP> microsoft frontpage
07/03/2004 11:47 <REP> Microsoft Games
02/05/2006 11:18 <REP> Microsoft Money
20/12/2003 18:27 <REP> Microsoft Money 2002 fr
10/01/2004 14:14 <REP> Microsoft Office
16/12/2003 10:25 <REP> Microsoft Référence
10/01/2004 14:14 <REP> Microsoft Visual Studio
17/09/2006 09:03 <REP> mIRC
14/12/2003 19:53 <REP> Movie Maker
08/04/2006 11:30 <REP> mp3splt-gtk
31/03/2006 15:54 <REP> MSN
14/12/2003 19:51 <REP> MSN Gaming Zone
15/09/2006 21:12 <REP> MSN Messenger
02/01/2005 09:00 <REP> MSXML 4.0
20/02/2005 16:54 <REP> Neoact
10/05/2004 20:18 <REP> NetMeeting
11/04/2006 09:25 <REP> Norton Internet Security
11/04/2006 14:19 <REP> Oberon Media
26/03/2005 15:45 <REP> OfficeUpdate11
21/02/2005 20:33 <REP> OpiStat
02/09/2006 19:11 <REP> Outlook Express
22/02/2006 11:15 <REP> Picasa2
11/04/2006 17:33 <REP> ppStream
04/09/2006 15:42 <REP> PrintView
21/12/2005 13:29 <REP> QuickTime
01/03/2006 19:58 <REP> Rainbow Web
23/03/2005 20:58 <REP> Real
27/02/2006 17:37 <REP> ReflexiveArcade
31/12/2005 12:48 <REP> RegCleaner
01/03/2005 17:00 <REP> SCi Games
14/12/2003 19:53 <REP> Services en ligne
23/09/2005 14:40 <REP> Shareaza
08/01/2006 21:39 <REP> Sherwood Media
27/11/2005 12:29 <REP> Simple Sudoku
18/04/2006 13:45 <REP> Sports Interactive
24/04/2006 20:24 <REP> Spybot - Search & Destroy
10/04/2006 11:40 <REP> Spyware Doctor
11/04/2006 09:19 <REP> Symantec
11/04/2006 09:19 <REP> SymNetDrv
11/04/2006 11:06 <REP> ToniArts
31/03/2006 13:09 <REP> Trellian
03/03/2006 12:56 <REP> Triogical2
28/02/2004 13:37 <REP> TryMedia
12/09/2006 21:15 <REP> tvants
16/03/2006 08:47 <REP> Virtual Ball Fighters
15/09/2006 21:38 <REP> Visualware Security Suite
19/01/2004 11:40 <REP> wildjack
03/10/2006 14:47 <REP> Winamp
28/03/2005 12:07 <REP> Windows Media Player
14/12/2003 19:51 <REP> Windows NT
07/03/2005 17:46 <REP> WinRAR
14/12/2003 19:55 <REP> xerox
30/08/2006 19:42 <REP> Yahoo!
0 fichier(s) 0 octets
103 Rép(s) 61 595 729 920 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\Program Files\fichiers communs

16/09/2006 19:07 <REP> .
16/09/2006 19:07 <REP> ..
16/01/2006 13:09 <REP> Adobe
10/01/2004 14:14 <REP> Designer
28/02/2004 10:05 <REP> Hewlett-Packard
25/12/2003 10:27 <REP> InstallShield
31/03/2006 17:47 <REP> Java
14/01/2005 11:30 <REP> Logitech
04/10/2004 16:44 <REP> Macrovision Shared
25/06/2006 20:52 <REP> Microsoft Shared
14/12/2003 19:52 <REP> MSSoap
16/09/2006 19:07 <REP> Nullsoft
10/08/2005 18:20 <REP> Oberon Media
01/01/2002 01:15 <REP> ODBC
28/03/2005 11:06 <REP> Real
02/09/2006 19:11 <REP> Services
23/02/2006 14:56 <REP> Sierra On-Line
14/01/2006 11:54 <REP> Softwin
01/01/2002 01:15 <REP> SpeechEngines
11/04/2006 11:33 <REP> Symantec Shared
02/04/2006 21:12 <REP> Synacast
21/12/2005 15:23 <REP> System
0 fichier(s) 0 octets
22 Rép(s) 61 595 725 824 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\Program Files\common files

09/04/2006 19:02 <REP> .
09/04/2006 19:02 <REP> ..
04/09/2006 11:14 <REP> Companion Wizard
25/04/2006 20:08 <REP> Scanner
02/08/2004 08:22 <REP> System
0 fichier(s) 0 octets
5 Rép(s) 61 595 725 824 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\

24/05/2001 13:59 162 304 UNWISE.EXE
1 fichier(s) 162 304 octets
0 Rép(s) 61 595 725 824 octets libres
c:\Documents and Settings\Administrateur\Bureau\ewido-setup_4.0.0.172a.exe
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem3252_symnet$20consumer_5.2.0_english\Message.exe
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem3252_symnet$20consumer_5.2.0_english\setup.exe
c:\Documents and Settings\MICHAUD C\x.exe
c:\Documents and Settings\MICHAUD C\.housecall\getMac.exe
c:\Documents and Settings\MICHAUD C\.housecall\patch.exe
c:\Documents and Settings\MICHAUD C\.housecall\tsc.exe
c:\Documents and Settings\MICHAUD C\.housecall6.6\getMac.exe
c:\Documents and Settings\MICHAUD C\.housecall6.6\patch.exe
c:\Documents and Settings\MICHAUD C\.housecall6.6\tsc.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\ARPPRODUCTICON.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\editor_EC0AB585B2794A778BB564C403E43EE7.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\exe_final_49CFD5D905564037B7D6E13ED4BEA4C5.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\fm2006_final_exe_49CFD5D905564037B7D6E13ED4BEA4C5.exe
c:\Documents and Settings\MICHAUD C\Application Data\ppStream\update.exe
c:\Documents and Settings\MICHAUD C\Bureau\combofix.exe
c:\Documents and Settings\MICHAUD C\Bureau\fm.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix.exe
c:\Documents and Settings\MICHAUD C\Bureau\Look2Me-Destroyer.exe
c:\Documents and Settings\MICHAUD C\Bureau\winamp524_full_bundle_emusic-7plus.exe
c:\Documents and Settings\MICHAUD C\Bureau\clean\clean\pskill.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\FilesInfoCmd.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\Fport.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\grep.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\LFiles.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\LISTDLLS.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\pslist.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\streams.exe
c:\Documents and Settings\MICHAUD C\Bureau\KillBox\KillBox.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\Ntrights.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\pv.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\restart.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\strings.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\zip.exe
c:\Documents and Settings\MICHAUD C\Bureau\Photos\w9x_622.exe
c:\Documents and Settings\MICHAUD C\Local Settings\Application Data\Shareaza\Incomplete\YFAVLMWD3QNQHLLY3M7ICAK53ZT5Z7JO Feeding_Frenzy_2.3_crack.exe
c:\Documents and Settings\MICHAUD C\Local Settings\Temp\ycomp_6.3.4.0_ypsr_1.14_fr_setup_.exe
c:\Documents and Settings\MICHAUD C\Local Settings\Temporary Internet Files\Content.IE5\C1A7G9I7\cubisgold2-setup[1].exe
c:\Documents and Settings\MICHAUD C\Local Settings\Temporary Internet Files\Content.IE5\C1A7G9I7\ypsr_prog_01.14.01_fr_setup_[1].exe
c:\Documents and Settings\MICHAUD C\Local Settings\Temporary Internet Files\Content.IE5\FTK88JRJ\TvantsSetup[1].exe
c:\Documents and Settings\MICHAUD C\Local Settings\Temporary Internet Files\Content.IE5\O1QFCBEH\SudokuManiaSetup-dm[1].exe
c:\Documents and Settings\MICHAUD C\Local Settings\Temporary Internet Files\Content.IE5\VM6FBN69\ewido-setup_4.0.0.172c[1].exe
c:\Documents and Settings\MICHAUD C\Mes documents\noel chrismas.exe
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem3252_symnet$20consumer_5.2.0_english\SymStore.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomLoader\zylom\Zuma\Zuma.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVG5}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVGB}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVH0}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVJ7}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKV}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{0004LVIV-J73B-KKMS-6OG1-5VTHJTSI0VVQ}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{000HQ7FF-AD7A-3FG4-QNSB-2186AUNB4VVQ}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\MICHAUD C\Application Data\ppStream\1.0.0.1038\powerplayer.dll
c:\Documents and Settings\MICHAUD C\Application Data\ppStream\1.0.0.1038\psnetwork.dll


Malekal_morte
Site Admin
Site Admin
Messages : 96468
Inscription : 10 sept. 2005 13:57
Contact :

Message par Malekal_morte » 17 sept. 2006 11:05

Double-clic sur combofix.
S'il te pose une question, réponds yes

colle le rapport ici.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas

Sécuriser son ordinateur (version courte)

Tutoriels Logiciels - Tutoriel Windows - Windows 10

Stop publicités - popups intempestives
supprimer-trojan.com : guide de suppression de malwares

Partagez malekal.com : n'hésitez pas à partager sur Facebook et GooglePlus les articles qui vous plaisent.

Docky

Message par Docky » 17 sept. 2006 11:14

Voilà :

MICHAUD C - 06-09-17 11:02:14,48
ComboFix 06.09.11B - Running from: C:\Documents and Settings\MICHAUD C\Bureau

Microsoft Windows XP [version 5.1.2600]

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Documents and Settings\MICHAUD C\Application Data\SSTEM~1
C:\QooBox\Purity\Documents and Settings\MICHAUD C\Application Data\SSTEM~1\s?stem
C:\QooBox\Purity\WINDOWS\STEM32~1


((((((((((((((((((((((((((((((( Files Created from 2006-08-17 to 2006-09-17 ))))))))))))))))))))))))))))))))))


2006-09-04 16:07 16,384 --a------ C:\WINDOWS\system32\restart.exe
2006-09-04 16:07 11,254 --a------ C:\WINDOWS\system32\locate.com
2006-09-04 14:32 82,188 --a------ C:\WINDOWS\system32\zip.exe
2006-09-04 13:19 40,973 --a------ C:\WINDOWS\system32\ddcyw.dll
2006-09-04 12:27 40,973 --a------ C:\WINDOWS\system32\nnnop.dll
2006-09-04 11:19 40,973 --a------ C:\WINDOWS\system32\xxwxw.dll
2006-09-04 11:19 138,862 --a------ C:\WINDOWS\system32\install.exe
2006-09-04 07:23 40,973 --a------ C:\WINDOWS\system32\hggge.dll
2006-09-04 06:57 40,973 --a------ C:\WINDOWS\system32\gebxx.dll
2006-09-04 06:52 40,973 --a------ C:\WINDOWS\system32\fcyxu.dll
2006-09-04 06:50 40,973 --a------ C:\WINDOWS\system32\efeec.dll
2006-09-03 21:34 40,973 --a------ C:\WINDOWS\system32\awvsr.dll
2006-09-03 16:51 40,973 --a------ C:\WINDOWS\system32\gebbb.dll
2006-09-03 14:36 40,973 --a------ C:\WINDOWS\system32\geeef.dll
2006-09-03 14:29 40,973 --a------ C:\WINDOWS\system32\ljjkh.dll
2006-09-03 14:25 40,973 --a------ C:\WINDOWS\system32\ursrr.dll
2006-09-03 14:20 40,973 --a------ C:\WINDOWS\system32\rqono.dll
2006-09-03 12:30 40,973 --a------ C:\WINDOWS\system32\jkkkh.dll
2006-09-03 12:24 40,973 --a------ C:\WINDOWS\system32\wvusp.dll
2006-09-03 11:52 40,973 --a------ C:\WINDOWS\system32\ssqop.dll
2006-09-03 11:48 40,973 --a------ C:\WINDOWS\system32\pmnoo.dll
2006-09-03 11:44 40,973 --a------ C:\WINDOWS\system32\rqopn.dll
2006-09-03 11:38 40,973 --a------ C:\WINDOWS\system32\byvtu.dll
2006-09-03 11:33 40,973 --a------ C:\WINDOWS\system32\mljgg.dll
2006-09-03 11:29 40,973 --a------ C:\WINDOWS\system32\qomll.dll
2006-09-03 10:59 40,973 --a------ C:\WINDOWS\system32\efccy.dll
2006-09-03 10:57 40,973 --a------ C:\WINDOWS\system32\ljhfc.dll
2006-09-03 10:56 40,973 --a------ C:\WINDOWS\system32\fcyxx.dll
2006-09-03 10:52 40,973 --a------ C:\WINDOWS\system32\wvutt.dll
2006-09-03 10:28 40,973 --a------ C:\WINDOWS\system32\pmnkk.dll
2006-09-03 10:24 40,973 --a------ C:\WINDOWS\system32\pmnlj.dll
2006-09-03 10:20 40,973 --a------ C:\WINDOWS\system32\rqomn.dll
2006-09-02 23:59 692,276 ---hs---- C:\WINDOWS\system32\mllkh.dll
2006-09-02 23:59 448,220 ---hs---- C:\WINDOWS\system32\hkllm.bak1
2006-09-02 23:55 40,973 --a------ C:\WINDOWS\system32\yabyv.dll
2006-09-02 23:52 40,973 --a------ C:\WINDOWS\system32\vtutt.dll
2006-09-02 23:49 40,973 --a------ C:\WINDOWS\system32\awvvu.dll
2006-09-02 23:46 40,973 --a------ C:\WINDOWS\system32\yayxy.dll
2006-09-02 23:43 40,973 --a------ C:\WINDOWS\system32\ljjgg.dll
2006-09-02 23:40 40,973 --a------ C:\WINDOWS\system32\rqolj.dll
2006-09-02 23:37 40,973 --a------ C:\WINDOWS\system32\tussr.dll
2006-09-02 23:33 40,973 --a------ C:\WINDOWS\system32\hgdde.dll
2006-09-02 23:30 40,973 --a------ C:\WINDOWS\system32\nnnol.dll
2006-09-02 23:27 40,973 --a------ C:\WINDOWS\system32\xxyyx.dll
2006-09-02 23:24 40,973 --a------ C:\WINDOWS\system32\wvwvs.dll
2006-09-02 23:08 692,276 ---hs---- C:\WINDOWS\system32\fcyax.dll
2006-09-02 23:03 40,973 --a------ C:\WINDOWS\system32\vtsqq.dll
2006-09-02 23:03 40,973 --a------ C:\WINDOWS\system32\ljhff.dll
2006-09-02 23:00 40,973 --a------ C:\WINDOWS\system32\mljih.dll
2006-09-02 22:58 692,276 ---hs---- C:\WINDOWS\system32\jkhgh.dll
2006-09-02 22:58 448,220 ---hs---- C:\WINDOWS\system32\hghkj.bak1
2006-09-02 21:14 40,973 --a------ C:\WINDOWS\system32\awtrs.dll
2006-09-02 19:10 106,496 --a------ C:\WINDOWS\system32\9217106.dll
2006-09-02 19:08 40,973 --a------ C:\WINDOWS\system32\geeed.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-17 09:03 -------- d-------- C:\Program Files\mIRC
2006-09-16 20:57 -------- d-------- C:\Documents and Settings\MICHAUD C\Application Data\Simple Sudoku
2006-09-16 19:07 -------- d-------- C:\Program Files\Fichiers communs\Nullsoft
2006-09-16 19:07 -------- d-------- C:\Program Files\Fichiers communs
2006-09-15 21:38 -------- d-------- C:\Program Files\Visualware Security Suite
2006-09-15 21:12 -------- d-------- C:\Program Files\MSN Messenger
2006-09-15 16:19 -------- d-------- C:\Program Files\FreshGames
2006-09-12 21:15 -------- d-------- C:\Program Files\tvants
2006-09-11 18:59 -------- d-------- C:\Program Files\ewido anti-malware
2006-09-11 18:08 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-05 22:36 -------- d-------- C:\Program Files\Common
2006-09-04 15:42 -------- d-------- C:\Program Files\PrintView
2006-09-04 12:37 -------- d-------- C:\Program Files\Alwil Software
2006-09-04 09:43 76560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2006-09-02 19:11 -------- d-------- C:\Program Files\Outlook Express
2006-09-02 19:11 -------- d-------- C:\Program Files\Fichiers communs\Services
2006-08-30 19:42 -------- d-------- C:\Program Files\Yahoo!
2006-08-27 03:06 -------- d-------- C:\Program Files\eMule
2006-08-26 01:20 -------- d-------- C:\Program Files\BitComet
2006-08-26 00:10 -------- d-------- C:\Documents and Settings\MICHAUD C\Application Data\Azureus
2006-08-25 20:13 -------- d-------- C:\Program Files\Azureus
2006-08-21 12:01 -------- d-------- C:\Program Files\BitTorrent
2006-08-21 11:57 -------- d-------- C:\Documents and Settings\MICHAUD C\Application Data\BitTorrent
2006-08-18 12:07 -------- d-------- C:\Program Files\Lavasoft
2006-08-18 12:07 -------- d-------- C:\Documents and Settings\MICHAUD C\Application Data\Lavasoft
2006-08-10 18:47 11648 --a------ C:\WINDOWS\system32\drivers\pxscrmbl.sys
2006-08-08 09:11 777472 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-08-08 09:11 27904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-07-31 19:09 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000004

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
"Ms Java for Windows NT"="MS32.exe"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
"Ms Java for Windows NT"="MS32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{79DF81E3-60C0-4043-A574-30DF1E322F9B}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=hex:b5,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=hex:b5,00,00,00

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\GStartup.lnk"
"backup"="C:\\WINDOWS\\pss\\GStartup.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\FICHIE~1\\GMT\\GMT.exe /startup"
"item"="GStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 1000 series.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\hp psc 1000 series.lnk"
"backup"="C:\\WINDOWS\\pss\\hp psc 1000 series.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpohmr08.exe "
"item"="hp psc 1000 series"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\hpoddt01.exe.lnk"
"backup"="C:\\WINDOWS\\pss\\hpoddt01.exe.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe "
"item"="hpoddt01.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Lancement rapide d'Adobe Reader.lnk"
"backup"="C:\\WINDOWS\\pss\\Lancement rapide d'Adobe Reader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Lancement rapide d'Adobe Reader"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Logitech Desktop Messenger.lnk"
"backup"="C:\\WINDOWS\\pss\\Logitech Desktop Messenger.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Logitech\\DESKTO~1\\8876480\\Program\\LDMConf.exe /start"
"item"="Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~4\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\MyWebSearch Email Plugin.lnk"
"backup"="C:\\WINDOWS\\pss\\MyWebSearch Email Plugin.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\MyWebSearch\\bar\\1.bin\\MWSOEMON.EXE "
"item"="MyWebSearch Email Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^MICHAUD C^Menu Démarrer^Programmes^Démarrage^Aide mémoire.lnk]
"path"="C:\\Documents and Settings\\MICHAUD C\\Menu Démarrer\\Programmes\\Démarrage\\Aide mémoire.lnk"
"backup"="C:\\WINDOWS\\pss\\Aide mémoire.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\AIDEMM~1\\TrayIcon.exe "
"item"="Aide mémoire"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^MICHAUD C^Menu Démarrer^Programmes^Démarrage^Yahoo! Widget Engine.lnk]
"path"="C:\\Documents and Settings\\MICHAUD C\\Menu Démarrer\\Programmes\\Démarrage\\Yahoo! Widget Engine.lnk"
"backup"="C:\\WINDOWS\\pss\\Yahoo! Widget Engine.lnkStartup"
"location"="Startup"
"command"="C:\\Program Files\\Yahoo!\\Yahoo! Widget Engine\\YahooWidgetEngine.exe "
"item"="Yahoo! Widget Engine"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\AltnetPointsManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Points Manager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Altnet\\Points Manager\\Points Manager.exe -s "
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BoontyBox]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BoontyBox"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Boonty\\BoontyBox\\BoontyBox.exe\" /boot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\castmealdaleinter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="baitcamp"
"hkey"="HKLM"
"command"="C:\\Documents and Settings\\All Users\\Application Data\\Tons vga cast meal\\baitcamp.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ccApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ChelloBackground]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ChelloMessenger"
"hkey"="HKLM"
"command"="C:\\Program Files\\chello\\ChelloMessenger.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ChelloDesktop]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ChelloDesktop"
"hkey"="HKLM"
"command"="C:\\Program Files\\chello\\ChelloDesktop.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ClamWin]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ClamTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ClamWin\\bin\\ClamTray.exe\" --logon"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CTFMON.EXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\System32\\ctfmon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\cvvgyiwj]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dmfcua"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\defender]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dfndrff_15"
"hkey"="HKLM"
"command"="C:\\\\dfndrff_15.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\KAZAA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="kazaa"
"hkey"="HKLM"
"command"="C:\\Program Files\\Kazaa\\kazaa.exe /SYSTRAY"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\keyboard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="kybrdff_15"
"hkey"="HKLM"
"command"="C:\\\\kybrdff_15.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\LDM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogitechDesktopMessenger"
"hkey"="HKCU"
"command"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\LogitechVideoRepair]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ISStart"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\LogitechVideoTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogiTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MoneyStartUp10.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Activation"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Money\\System\\Activation.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Ms Java for Windows NT]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MS32"
"hkey"="HKLM"
"command"="MS32.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Ms Java Update For Windows NT/XP]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msijavaupdt32"
"hkey"="HKLM"
"command"="msijavaupdt32.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MsgCenterExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealOneMessageCenter"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\RealOneMessageCenter.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MyWebSearch Email Plugin]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mwsoemon"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\neb]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="neb"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\nergg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nergg"
"hkey"="HKLM"
"command"="rundll32.exe C:\\WINDOWS\\System32\\nergg.dll,start"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NeroCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\newname]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwnmff_15"
"hkey"="HKLM"
"command"="C:\\\\nwnmff_15.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\P2P Networking]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="P2P Networking"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\P2P Networking\\P2P Networking.exe /AUTOSTART"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Picasa Media Detector]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PicasaMediaDetector"
"hkey"="HKLM"
"command"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PVModule]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="pvmodule"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\PRINTV~1\\pvmodule.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RegsSect]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="tick seek"
"hkey"="HKCU"
"command"="C:\\DOCUME~1\\MICHAU~1\\APPLIC~1\\ADMINT~1\\tick seek.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Scenic News]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Scenic News"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\Scenic News.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\shell]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ibm00065"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\ibm00065.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SoundMan]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SOUNDMAN"
"hkey"="HKLM"
"command"="SOUNDMAN.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\stonedrv]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="stonedrv"
"hkey"="HKLM"
"command"="c:\\windows\\system32\\stonedrv.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Symantec NetDriver Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SNDMon"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\URLLSTCK.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UrlLstCk"
"hkey"="HKLM"
"command"="C:\\Program Files\\Norton Internet Security\\UrlLstCk.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\WinampAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winampa"
"hkey"="HKLM"
"command"="C:\\Program Files\\Winamp\\winampa.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ypager"
"hkey"="HKCU"
"command"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services]
"Boonty Games"=dword:00000003
"ccSetMgr"=dword:00000002
"ccPwdSvc"=dword:00000003
"ccEvtMgr"=dword:00000002
"BITS"=dword:00000002


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AF28E3A39187958B.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1106656784.job

Completion time: 17/09/2006 11:05:34.98
ComboFix.txt
ComboFix2.txt

Malekal_morte
Site Admin
Site Admin
Messages : 96468
Inscription : 10 sept. 2005 13:57
Contact :

Message par Malekal_morte » 17 sept. 2006 11:23

sélectionne entièrement la liste ci-dessous :
C:\WINDOWS\system32\ddcyw.dll
C:\WINDOWS\system32\nnnop.dll
C:\WINDOWS\system32\xxwxw.dll
C:\WINDOWS\system32\install.exe
C:\WINDOWS\system32\hggge.dll
C:\WINDOWS\system32\gebxx.dll
C:\WINDOWS\system32\fcyxu.dll
C:\WINDOWS\system32\efeec.dll
C:\WINDOWS\system32\awvsr.dll
C:\WINDOWS\system32\gebbb.dll
C:\WINDOWS\system32\geeef.dll
C:\WINDOWS\system32\ljjkh.dll
C:\WINDOWS\system32\ursrr.dll
C:\WINDOWS\system32\rqono.dll
C:\WINDOWS\system32\jkkkh.dll
C:\WINDOWS\system32\wvusp.dll
C:\WINDOWS\system32\ssqop.dll
C:\WINDOWS\system32\pmnoo.dll
C:\WINDOWS\system32\rqopn.dll
C:\WINDOWS\system32\byvtu.dll
C:\WINDOWS\system32\mljgg.dll
C:\WINDOWS\system32\qomll.dll
C:\WINDOWS\system32\efccy.dll
C:\WINDOWS\system32\ljhfc.dll
C:\WINDOWS\system32\fcyxx.dll
C:\WINDOWS\system32\wvutt.dll
C:\WINDOWS\system32\pmnkk.dll
C:\WINDOWS\system32\pmnlj.dll
C:\WINDOWS\system32\rqomn.dll
C:\WINDOWS\system32\mllkh.dll
C:\WINDOWS\system32\hkllm.bak1
C:\WINDOWS\system32\yabyv.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\awvvu.dll
C:\WINDOWS\system32\yayxy.dll
C:\WINDOWS\system32\ljjgg.dll
C:\WINDOWS\system32\rqolj.dll
C:\WINDOWS\system32\tussr.dll
C:\WINDOWS\system32\hgdde.dll
C:\WINDOWS\system32\nnnol.dll
C:\WINDOWS\system32\xxyyx.dll
C:\WINDOWS\system32\wvwvs.dll
C:\WINDOWS\system32\fcyax.dll
C:\WINDOWS\system32\vtsqq.dll
C:\WINDOWS\system32\ljhff.dll
C:\WINDOWS\system32\mljih.dll
C:\WINDOWS\system32\jkhgh.dll
C:\WINDOWS\system32\hghkj.bak1
C:\WINDOWS\system32\awtrs.dll
C:\WINDOWS\system32\9217106.dll
C:\WINDOWS\system32\geeed.dll
---> et tu fais clic droit / copier

Ouvres killbox
- Sélectionne "delete on reboot"
- Clique sur le menu "File" -> "Past from clip board"
- Clique sur la croix rouge et et blanche
- Répond yes et laisse redémarrer ton pc.
N'hésite pas à consulter l'Aide killbox


Relance DiagHelp et colle le rapport ici.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas

Sécuriser son ordinateur (version courte)

Tutoriels Logiciels - Tutoriel Windows - Windows 10

Stop publicités - popups intempestives
supprimer-trojan.com : guide de suppression de malwares

Partagez malekal.com : n'hésitez pas à partager sur Facebook et GooglePlus les articles qui vous plaisent.

Docky

Message par Docky » 17 sept. 2006 12:03

Voilà :

C:\WINDOWS\System32\VundoFixSVC.exe -->03/10/2006 17:42:59
C:\WINDOWS\System32\direct.txt -->03/10/2006 15:10:07
C:\WINDOWS\System32\wpa.dbl -->17/09/2006 08:47:29
C:\WINDOWS\System32\hkllm.ini -->03/09/2006 10:17:32
C:\WINDOWS\System32\inistone.ini -->02/09/2006 23:01:19
C:\WINDOWS\System32\hghkj.ini -->02/09/2006 22:58:21
C:\WINDOWS\System32\sirenacm.dll -->29/07/2006 19:32:50
C:\WINDOWS\System32\spupdsvc.inf -->18/07/2006 11:01:16
C:\WINDOWS\System32\FNTCACHE.DAT -->12/07/2006 21:54:16
C:\WINDOWS\System32\nc-wga.sfv -->11/07/2006 12:07:16
C:\WINDOWS\System32\nc-wga.rar -->11/07/2006 12:06:26
C:\WINDOWS\System32\nc.nfo -->11/07/2006 12:06:06
C:\WINDOWS\System32\MRT.exe -->07/07/2006 03:21:46
C:\WINDOWS\System32\WgaLogon.dll.bak -->19/06/2006 16:20:42
C:\WINDOWS\System32\WgaTray.exe.bak -->19/06/2006 16:19:26
C:\WINDOWS\System32\divx_xx07.dll -->15/06/2006 23:55:03
C:\WINDOWS\System32\divx_xx11.dll -->15/06/2006 23:55:02
C:\WINDOWS\System32\divx_xx0c.dll -->15/06/2006 23:55:02
C:\WINDOWS\System32\DivX.dll -->15/06/2006 23:55:02
C:\WINDOWS\System32\DivXCodecUpdateChecker.exe -->14/06/2006 19:49:07
C:\WINDOWS\System32\divxdec.ax -->13/06/2006 23:36:22
C:\WINDOWS\System32\dsm_ja.qm -->12/06/2006 21:22:06
C:\WINDOWS\System32\dsm_fr.qm -->12/06/2006 21:22:06
C:\WINDOWS\System32\dsm_de.qm -->12/06/2006 21:22:06
C:\WINDOWS\System32\divxsm.tlb -->12/06/2006 21:22:06

C:\WINDOWS\0.log -->17/09/2006 11:47:14
C:\WINDOWS\wiadebug.log -->17/09/2006 11:47:10
C:\WINDOWS\wiaservc.log -->17/09/2006 11:47:08
C:\WINDOWS\bootstat.dat -->17/09/2006 11:46:40
C:\WINDOWS\SchedLgU.Txt -->17/09/2006 11:45:49
C:\WINDOWS\setupapi.log -->16/09/2006 19:07:48
C:\WINDOWS\win.ini -->15/09/2006 21:39:59
C:\WINDOWS\system.ini -->15/09/2006 21:39:59
C:\WINDOWS\setupact.log -->11/09/2006 18:09:36
C:\WINDOWS\ntbtlog.txt -->11/09/2006 18:04:05
C:\WINDOWS\pxinstall_log.txt -->11/09/2006 15:58:58
C:\WINDOWS\em06y.ini -->04/09/2006 06:57:24
C:\WINDOWS\OEWABLog.txt -->02/09/2006 19:12:29
C:\WINDOWS\wmsetup.log -->02/09/2006 19:11:28
C:\WINDOWS\WindowsUpdate.log -->30/08/2006 07:27:55

C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |14/01/2005 11:29:38
C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |10/02/2005 09:27:09
C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |12/12/2005 11:55:14
C:\WINDOWS\gotouninstall.exe |19/02/2006 15:26:14
C:\WINDOWS\nmclsp.exe |21/02/2005 20:33:52
C:\WINDOWS\off-road-uninst.exe |26/03/2006 16:03:35
C:\WINDOWS\pysoft_uninstaller.exe |28/11/2004 14:01:49
C:\WINDOWS\scenic news.exe |28/11/2004 14:41:28
C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20
C:\WINDOWS\daemon.dll |22/08/2004 17:04:56
C:\WINDOWS\hcextoutput.dll |28/03/2005 11:50:22
C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46
C:\WINDOWS\system32\append.exe |02/10/2001 20:17:16
C:\WINDOWS\system32\aswBoot.exe |15/03/2005 12:20:51
C:\WINDOWS\system32\debug.exe |02/10/2001 20:17:28
C:\WINDOWS\system32\DivXsm.exe |12/06/2006 21:22:06
C:\WINDOWS\system32\dosx.exe |02/10/2001 20:17:30
C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34
C:\WINDOWS\system32\edlin.exe |02/10/2001 20:17:54
C:\WINDOWS\system32\eshopperuninstall.exe |20/12/2005 18:23:20
C:\WINDOWS\system32\exe2bin.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\fastopen.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\grwinsthlp.exe |28/11/2004 15:25:42
C:\WINDOWS\system32\livingsrbndl.exe |20/12/2005 18:23:10
C:\WINDOWS\system32\mem.exe |02/10/2001 20:18:16
C:\WINDOWS\system32\mscdexnt.exe |02/10/2001 20:18:24
C:\WINDOWS\system32\msdos.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\nlsfunc.exe |02/10/2001 20:18:36
C:\WINDOWS\system32\Ntrights.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\nw16.exe |02/10/2001 20:18:42
C:\WINDOWS\system32\OnlyScreenSaverCfg.exe |11/09/2002 16:40:54
C:\WINDOWS\system32\pv.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\redir.exe |02/10/2001 20:18:58
C:\WINDOWS\system32\Scenic News.exe |26/11/2004 17:09:09
C:\WINDOWS\system32\scenicid.exe |28/11/2004 14:41:26
C:\WINDOWS\system32\scenicwu.exe |15/08/2004 21:30:52
C:\WINDOWS\system32\setver.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\share.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\strings.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\UnCasino4FRN.exe |22/12/2005 11:00:27
C:\WINDOWS\system32\UnCasinoV5_FRA.exe |22/12/2005 11:10:13
C:\WINDOWS\system32\UnInstall Frosty the Snowman WS2.exe |28/11/2004 14:22:51
C:\WINDOWS\system32\vwipxspx.exe |02/10/2001 20:19:24
C:\WINDOWS\system32\zglophone.exe |20/11/2004 23:36:32
C:\WINDOWS\system32\zip.exe |04/09/2006 14:32:08
C:\WINDOWS\system32\amstream.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\CNCS232.DLL |14/09/2004 17:52:03
C:\WINDOWS\system32\compatUI.dll |02/10/2001 20:17:24
C:\WINDOWS\system32\DivXWMPExtType.dll |19/04/2006 02:04:53
C:\WINDOWS\system32\dtctrace.dll |13/03/2006 18:13:03
C:\WINDOWS\system32\hpotscl.dll |09/03/2003 06:31:04
C:\WINDOWS\system32\indounin.dll |27/01/1999 14:39:06
C:\WINDOWS\system32\ir32_32.dll |02/10/2001 20:18:08
C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 08:56:08
C:\WINDOWS\system32\mciqtz32.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\msdmo.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\msencode.dll |30/08/2002 19:24:06
C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16
C:\WINDOWS\system32\psisdecd.dll |01/12/2005 18:16:16
C:\WINDOWS\system32\qedwipes.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\qt-dx331.dll |25/05/2006 00:47:11
C:\WINDOWS\system32\scriptpw.dll |02/10/2001 20:19:04
C:\WINDOWS\system32\tsd32.dll |02/10/2001 20:19:18
C:\WINDOWS\system32\win87em.dll |02/10/2001 20:19:28
C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |14/01/2005 11:29:38
C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |10/02/2005 09:27:09
C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |12/12/2005 11:55:14
C:\WINDOWS\gotouninstall.exe |19/02/2006 15:26:14
C:\WINDOWS\nmclsp.exe |21/02/2005 20:33:52
C:\WINDOWS\off-road-uninst.exe |26/03/2006 16:03:35
C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20
C:\WINDOWS\hcextoutput.dll |28/03/2005 11:50:22
C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46
C:\WINDOWS\system32\append.exe |02/10/2001 20:17:16
C:\WINDOWS\system32\debug.exe |02/10/2001 20:17:28
C:\WINDOWS\system32\DivXsm.exe |12/06/2006 21:22:06
C:\WINDOWS\system32\dosx.exe |02/10/2001 20:17:30
C:\WINDOWS\system32\edlin.exe |02/10/2001 20:17:54
C:\WINDOWS\system32\eshopperuninstall.exe |20/12/2005 18:23:20
C:\WINDOWS\system32\exe2bin.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\fastopen.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\grwinsthlp.exe |28/11/2004 15:25:42
C:\WINDOWS\system32\mem.exe |02/10/2001 20:18:16
C:\WINDOWS\system32\mscdexnt.exe |02/10/2001 20:18:24
C:\WINDOWS\system32\msdos.exe |02/10/2001 20:17:56
C:\WINDOWS\system32\nlsfunc.exe |02/10/2001 20:18:36
C:\WINDOWS\system32\Ntrights.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\nw16.exe |02/10/2001 20:18:42
C:\WINDOWS\system32\OnlyScreenSaverCfg.exe |11/09/2002 16:40:54
C:\WINDOWS\system32\pv.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\redir.exe |02/10/2001 20:18:58
C:\WINDOWS\system32\scenicid.exe |28/11/2004 14:41:26
C:\WINDOWS\system32\setver.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\share.exe |02/10/2001 20:19:04
C:\WINDOWS\system32\strings.exe |03/10/2006 14:50:41
C:\WINDOWS\system32\UnInstall Frosty the Snowman WS2.exe |28/11/2004 14:22:51
C:\WINDOWS\system32\vwipxspx.exe |02/10/2001 20:19:24
C:\WINDOWS\system32\zglophone.exe |20/11/2004 23:36:32
C:\WINDOWS\system32\zip.exe |04/09/2006 14:32:08
C:\WINDOWS\system32\amstream.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\CNCS232.DLL |14/09/2004 17:52:03
C:\WINDOWS\system32\CNCS32.DLL |29/05/2002 01:55:23
C:\WINDOWS\system32\DivXWMPExtType.dll |19/04/2006 02:04:53
C:\WINDOWS\system32\indounin.dll |27/01/1999 14:39:06
C:\WINDOWS\system32\ir32_32.dll |02/10/2001 20:18:08
C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 08:56:08
C:\WINDOWS\system32\mciqtz32.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\msdmo.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\msencode.dll |30/08/2002 19:24:06
C:\WINDOWS\system32\psisdecd.dll |01/12/2005 18:16:16
C:\WINDOWS\system32\qedwipes.dll |01/12/2005 18:16:14
C:\WINDOWS\system32\qt-dx331.dll |25/05/2006 00:47:11
C:\WINDOWS\system32\tsd32.dll |02/10/2001 20:19:18
C:\WINDOWS\system32\win87em.dll |02/10/2001 20:19:28

Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\WINDOWS\system32

02/10/2001 20:17 4 096 csrss.exe
1 fichier(s) 4 096 octets
0 Rép(s) 61 757 624 320 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\WINDOWS\Downloaded Program Files

16/09/2006 19:07 <REP> .
16/09/2006 19:07 <REP> ..
18/04/2006 16:04 159 040 AdSignerADP.dll
13/04/2006 10:11 747 AdSignerADP.inf
18/04/2006 16:04 273 728 AdVerifierADP.dll
09/08/2005 14:43 193 ampx.inf
06/10/2004 01:00 2 390 catalog.dat
11/04/2006 12:21 <REP> CONFLICT.16
11/04/2006 12:21 <REP> CONFLICT.17
11/04/2006 12:21 <REP> CONFLICT.18
11/04/2006 12:21 <REP> CONFLICT.19
11/04/2006 12:21 <REP> CONFLICT.20
11/04/2006 12:21 <REP> CONFLICT.21
11/04/2006 12:21 <REP> CONFLICT.22
21/12/2005 15:22 65 desktop.ini
02/03/2006 15:40 1 271 erma.inf
21/07/2004 13:35 73 728 ghdlctl.dll
21/07/2004 13:34 227 ghdlctl.inf
12/09/2005 08:46 403 048 imloader.exe
15/09/2004 10:20 740 jinstall-1_5_0.inf
04/03/2005 05:52 752 jinstall-1_5_0_02.inf
10/11/2005 14:05 876 jinstall-1_5_0_06.inf
08/08/2006 11:45 576 kavwebscan.inf
08/09/2003 14:38 674 msSecAdv.inf
11/08/2004 19:20 6 854 navapi.vxd
11/08/2004 19:20 208 896 navapi32.dll
06/10/2004 01:00 119 976 naveng32.dll
06/10/2004 01:00 672 936 navex32a.dll
17/01/2005 18:09 227 opuc.inf
17/05/2004 16:26 35 584 ProductIDGatherer.dll
25/05/2004 11:05 2 735 ProductIDGatherer.INF
22/09/2004 16:59 110 592 PURen-us.dll
15/10/2004 08:59 110 592 PURfr-xx.dll
09/10/2003 11:32 144 QTPlugin.inf
04/01/2004 12:12 9 140 950 QuickTimeInstallCache.qdat
06/10/2004 01:00 84 832 scrauth.dat
22/06/2006 11:41 5 032 swflash.inf
06/10/2004 01:00 8 137 symaveng.cat
06/10/2004 01:00 900 symaveng.inf
06/10/2004 01:00 6 507 tcdefs.dat
06/10/2004 01:00 264 727 tcscan7.dat
06/10/2004 01:00 60 020 tcscan8.dat
06/10/2004 01:00 190 146 tcscan9.dat
06/10/2004 01:00 453 tinf.dat
06/10/2004 01:00 148 tinfidx.dat
06/10/2004 01:00 1 957 tinfl.dat
06/10/2004 01:00 37 470 tscan1.dat
06/10/2004 01:00 1 179 tscan1hd.dat
06/10/2004 01:00 5 382 v.grd
06/10/2004 01:00 2 227 v.sig
06/10/2004 01:00 106 244 virscan.inf
06/10/2004 01:00 889 363 virscan1.dat
06/10/2004 01:00 527 511 virscan2.dat
06/10/2004 01:00 144 380 virscan3.dat
06/10/2004 01:00 316 532 virscan4.dat
06/10/2004 01:00 70 712 virscan5.dat
06/10/2004 01:00 379 148 virscan6.dat
06/10/2004 01:00 1 384 267 virscan7.dat
06/10/2004 01:00 1 170 741 virscan8.dat
06/10/2004 01:00 1 634 601 virscan9.dat
06/10/2004 01:00 32 virscant.dat
09/10/2004 15:01 2 072 vscanmsx.dat
30/06/2003 22:41 1 689 WMV9VCM.inf
27/06/2003 18:51 209 489 ycomp5_1_6_0.dll
07/11/2004 15:29 173 168 yinsthelper.dll
06/10/2004 01:00 224 zdone.dat
15/06/2004 09:52 221 184 zylomloader.dll
58 fichier(s) 19 228 015 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.16

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.17

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.18

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.19

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.20

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.21

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.22

11/04/2006 12:21 <REP> .
11/04/2006 12:21 <REP> ..
0 fichier(s) 0 octets

Total des fichiers listés :
58 fichier(s) 19 228 015 octets
23 Rép(s) 61 757 620 224 octets libres

Liste des programmes installes

Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.5 - Français
Analyseur et SDK XML Microsoft
Archiveur WinRAR
AutoUpdate
AVG Free Edition
Azureus
CDex extraction audio
CM 03-04
CM 03-04
Correctif pour le Lecteur Windows Media [Voir wm828026 pour plus d'informations]
Correctif Windows XP - Article Base de Connaissances 834707
Correctif Windows XP - KB823559
Correctif Windows XP - KB824146
Correctif Windows XP - KB825119
Correctif Windows XP - KB828028
Correctif Windows XP - KB828035
Correctif Windows XP - KB828741
Correctif Windows XP - KB833987
Correctif Windows XP - KB835732
Correctif Windows XP - KB837001
Correctif Windows XP - KB839643
Correctif Windows XP - KB839645
Correctif Windows XP - KB840315
Correctif Windows XP - KB840374
Correctif Windows XP - KB840987
Correctif Windows XP - KB841356
Correctif Windows XP - KB841533
Correctif Windows XP - KB841873
Correctif Windows XP - KB842773
Correctif Windows XP - KB873376
Correctif Windows XP - KB883357
DAEMON Tools
Disque de souvenirs HP
DivX
DivX Converter
DivX Player
DivX Web Player
EasyCleaner
eMule
ewido anti-spyware 4.0
Extension Système de Microsoft Money
Football Manager 2006
HijackThis 1.99.1
hp psc 1200 series
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 6
Jeu de Tarot
Kaspersky Online Scanner
Lecteur Windows Media 10
Logitech Desktop Messenger
Logitech QuickCam
Macromedia Shockwave Player
Messenger Plus! 3
Messenger Plus! Live
Microsoft Data Access Components KB870669
Microsoft Internet Explorer 6 SP1
Microsoft Money
Microsoft Office XP Professional avec FrontPage
mIRC
MSRedist
Nero - Burning Rom
Outlook Express Q823353
Package du correctif Windows XP [voir Q329115 pour plus de détails]
PCSudoku
Photo et imagerie HP 2.0 - All-in-One
Photo et imagerie HP 2.0 - All-in-One Pilote
Photo et imagerie HP 2.0 - hp psc 1200 series
Picasa 2
ppStream 1.0.0.98
Programme de gestion Camera de Logitech®
QuickTime
Scenic News
SierraAddressBook 3.0
SierraHome Print Artist 2002
Simple Sudoku 4.0
Spybot - Search & Destroy 1.4
Symantec Network Drivers Update
Synacast Plug-in 1.1.0.7
Tvants 1.0
TvAnts 1.0.0.57 Fr
Ulead Photo Explorer 8.0 SE Basic
WebFldrs XP
Winamp (remove only)
Windows Genuine Advantage Notifications (KB905474)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows XP Application Compatibility Update[Q319580]
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB824105
Windows XP Hotfix (SP1) [See Q309521 for more information]
Windows XP Hotfix (SP1) [See Q311889 for more information]
Windows XP Hotfix (SP1) [See Q311967 for more information]
Windows XP Hotfix (SP1) [See Q313450 for more information]
Windows XP Hotfix (SP1) [See Q314862 for more information]
Windows XP Hotfix (SP1) [See Q315000 for more information]
Windows XP Hotfix (SP1) [See Q315403 for more information]
Windows XP Hotfix (SP1) [See Q317277 for more information]
Windows XP Hotfix (SP1) [See Q318138 for more information]
Windows XP Hotfix (SP1) [See Q323172 for more information]
Windows XP Hotfix (SP1) [See Q324096 for more information]
Windows XP Hotfix (SP1) [See Q324380 for more information]
Windows XP Hotfix (SP1) [See Q326830 for more information]
Windows XP Hotfix (SP1) [See Q328940 for more information]
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q328310
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q811493
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP1) Q819696
Yahoo! Anti-Spy
Yahoo! Toolbar
Yahoo! Toolbar avec bloqueur de fenêtres pop-up



Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\Program Files

16/09/2006 11:09 <REP> .
16/09/2006 11:09 <REP> ..
25/01/2004 09:46 <REP> ACD Systems
28/01/2006 21:58 <REP> Adobe
01/01/2004 19:23 <REP> Ahead
02/04/2004 22:26 <REP> Aide mémoire
18/04/2006 15:27 <REP> Alcohol Soft
04/09/2006 12:37 <REP> Alwil Software
08/03/2006 10:30 <REP> Antipub
15/01/2006 15:07 <REP> Anuman Interactive
03/04/2004 11:23 <REP> ATnotes
25/08/2006 20:13 <REP> Azureus
26/08/2006 01:20 <REP> BitComet
21/08/2006 12:01 <REP> BitTorrent
28/03/2004 18:56 <REP> Cambridge
08/04/2006 14:01 <REP> Capturino V1.3
08/04/2006 11:34 <REP> CDex_150
24/05/2006 11:38 <REP> Championship Manager 99-00
30/01/2006 12:17 <REP> chello
05/09/2006 22:36 <REP> Common
09/04/2006 19:02 <REP> Common files
14/12/2003 19:51 <REP> ComPlus Applications
23/01/2005 15:18 <REP> ComunX
13/04/2006 10:49 <REP> D-Tools
13/03/2004 11:36 <REP> directx
28/06/2006 15:39 <REP> DivX
01/01/2006 18:41 <REP> DV 3500
31/05/2005 11:18 <REP> eChanblard
25/12/2003 10:28 <REP> Eidos
27/08/2006 03:06 <REP> eMule
11/09/2006 18:59 <REP> ewido anti-malware
11/09/2006 18:08 <REP> ewido anti-spyware 4.0
16/09/2006 19:07 <REP> Fichiers communs
15/09/2006 16:19 <REP> FreshGames
21/02/2006 17:22 <REP> GOTO Software
02/01/2005 10:14 <REP> Grisoft
28/02/2004 10:16 <REP> Hewlett-Packard
25/04/2006 16:26 <REP> Internet Explorer
30/11/2005 19:55 <REP> Jabiru
25/04/2006 16:21 <REP> Java
11/04/2006 10:12 <REP> Kazaa
05/03/2006 13:18 <REP> KraiSoft
18/08/2006 12:07 <REP> Lavasoft
14/01/2005 11:32 <REP> Logitech
24/04/2006 11:24 <REP> Maxtor
23/09/2005 13:51 <REP> Mes Jeux Installés
20/12/2003 17:53 <REP> Messenger
31/07/2006 19:09 <REP> Messenger Plus! Live
09/04/2006 19:03 <REP> MessengerPlus! 3
04/04/2006 16:33 <REP> Micro Application
14/12/2003 19:55 <REP> microsoft frontpage
07/03/2004 11:47 <REP> Microsoft Games
02/05/2006 11:18 <REP> Microsoft Money
20/12/2003 18:27 <REP> Microsoft Money 2002 fr
10/01/2004 14:14 <REP> Microsoft Office
16/12/2003 10:25 <REP> Microsoft Référence
10/01/2004 14:14 <REP> Microsoft Visual Studio
17/09/2006 11:48 <REP> mIRC
14/12/2003 19:53 <REP> Movie Maker
08/04/2006 11:30 <REP> mp3splt-gtk
31/03/2006 15:54 <REP> MSN
14/12/2003 19:51 <REP> MSN Gaming Zone
15/09/2006 21:12 <REP> MSN Messenger
02/01/2005 09:00 <REP> MSXML 4.0
20/02/2005 16:54 <REP> Neoact
10/05/2004 20:18 <REP> NetMeeting
11/04/2006 09:25 <REP> Norton Internet Security
11/04/2006 14:19 <REP> Oberon Media
26/03/2005 15:45 <REP> OfficeUpdate11
21/02/2005 20:33 <REP> OpiStat
02/09/2006 19:11 <REP> Outlook Express
22/02/2006 11:15 <REP> Picasa2
11/04/2006 17:33 <REP> ppStream
04/09/2006 15:42 <REP> PrintView
21/12/2005 13:29 <REP> QuickTime
01/03/2006 19:58 <REP> Rainbow Web
23/03/2005 20:58 <REP> Real
27/02/2006 17:37 <REP> ReflexiveArcade
31/12/2005 12:48 <REP> RegCleaner
01/03/2005 17:00 <REP> SCi Games
14/12/2003 19:53 <REP> Services en ligne
23/09/2005 14:40 <REP> Shareaza
08/01/2006 21:39 <REP> Sherwood Media
27/11/2005 12:29 <REP> Simple Sudoku
18/04/2006 13:45 <REP> Sports Interactive
24/04/2006 20:24 <REP> Spybot - Search & Destroy
10/04/2006 11:40 <REP> Spyware Doctor
11/04/2006 09:19 <REP> Symantec
11/04/2006 09:19 <REP> SymNetDrv
11/04/2006 11:06 <REP> ToniArts
31/03/2006 13:09 <REP> Trellian
03/03/2006 12:56 <REP> Triogical2
28/02/2004 13:37 <REP> TryMedia
12/09/2006 21:15 <REP> tvants
16/03/2006 08:47 <REP> Virtual Ball Fighters
15/09/2006 21:38 <REP> Visualware Security Suite
19/01/2004 11:40 <REP> wildjack
03/10/2006 14:47 <REP> Winamp
28/03/2005 12:07 <REP> Windows Media Player
14/12/2003 19:51 <REP> Windows NT
07/03/2005 17:46 <REP> WinRAR
14/12/2003 19:55 <REP> xerox
30/08/2006 19:42 <REP> Yahoo!
0 fichier(s) 0 octets
103 Rép(s) 61 757 612 032 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\Program Files\fichiers communs

16/09/2006 19:07 <REP> .
16/09/2006 19:07 <REP> ..
16/01/2006 13:09 <REP> Adobe
10/01/2004 14:14 <REP> Designer
28/02/2004 10:05 <REP> Hewlett-Packard
25/12/2003 10:27 <REP> InstallShield
31/03/2006 17:47 <REP> Java
14/01/2005 11:30 <REP> Logitech
04/10/2004 16:44 <REP> Macrovision Shared
25/06/2006 20:52 <REP> Microsoft Shared
14/12/2003 19:52 <REP> MSSoap
16/09/2006 19:07 <REP> Nullsoft
10/08/2005 18:20 <REP> Oberon Media
01/01/2002 01:15 <REP> ODBC
28/03/2005 11:06 <REP> Real
02/09/2006 19:11 <REP> Services
23/02/2006 14:56 <REP> Sierra On-Line
14/01/2006 11:54 <REP> Softwin
01/01/2002 01:15 <REP> SpeechEngines
11/04/2006 11:33 <REP> Symantec Shared
02/04/2006 21:12 <REP> Synacast
21/12/2005 15:23 <REP> System
0 fichier(s) 0 octets
22 Rép(s) 61 757 612 032 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\Program Files\common files

09/04/2006 19:02 <REP> .
09/04/2006 19:02 <REP> ..
04/09/2006 11:14 <REP> Companion Wizard
25/04/2006 20:08 <REP> Scanner
02/08/2004 08:22 <REP> System
0 fichier(s) 0 octets
5 Rép(s) 61 757 607 936 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 2CA9-1316

Répertoire de C:\

24/05/2001 13:59 162 304 UNWISE.EXE
1 fichier(s) 162 304 octets
0 Rép(s) 61 757 607 936 octets libres
c:\Documents and Settings\Administrateur\Bureau\ewido-setup_4.0.0.172a.exe
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem3252_symnet$20consumer_5.2.0_english\Message.exe
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem3252_symnet$20consumer_5.2.0_english\setup.exe
c:\Documents and Settings\MICHAUD C\x.exe
c:\Documents and Settings\MICHAUD C\.housecall\getMac.exe
c:\Documents and Settings\MICHAUD C\.housecall\patch.exe
c:\Documents and Settings\MICHAUD C\.housecall\tsc.exe
c:\Documents and Settings\MICHAUD C\.housecall6.6\getMac.exe
c:\Documents and Settings\MICHAUD C\.housecall6.6\patch.exe
c:\Documents and Settings\MICHAUD C\.housecall6.6\tsc.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\ARPPRODUCTICON.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\editor_EC0AB585B2794A778BB564C403E43EE7.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\exe_final_49CFD5D905564037B7D6E13ED4BEA4C5.exe
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\Installer\{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}\fm2006_final_exe_49CFD5D905564037B7D6E13ED4BEA4C5.exe
c:\Documents and Settings\MICHAUD C\Application Data\ppStream\update.exe
c:\Documents and Settings\MICHAUD C\Bureau\combofix.exe
c:\Documents and Settings\MICHAUD C\Bureau\fm.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix.exe
c:\Documents and Settings\MICHAUD C\Bureau\Look2Me-Destroyer.exe
c:\Documents and Settings\MICHAUD C\Bureau\winamp524_full_bundle_emusic-7plus.exe
c:\Documents and Settings\MICHAUD C\Bureau\clean\clean\pskill.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\FilesInfoCmd.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\Fport.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\grep.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\LFiles.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\LISTDLLS.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\pslist.exe
c:\Documents and Settings\MICHAUD C\Bureau\diaghelp\streams.exe
c:\Documents and Settings\MICHAUD C\Bureau\KillBox\KillBox.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\Ntrights.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\pv.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\restart.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\strings.exe
c:\Documents and Settings\MICHAUD C\Bureau\l2mfix\zip.exe
c:\Documents and Settings\MICHAUD C\Bureau\Photos\w9x_622.exe
c:\Documents and Settings\MICHAUD C\Local Settings\Application Data\Shareaza\Incomplete\YFAVLMWD3QNQHLLY3M7ICAK53ZT5Z7JO Feeding_Frenzy_2.3_crack.exe
c:\Documents and Settings\MICHAUD C\Mes documents\noel chrismas.exe
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem3252_symnet$20consumer_5.2.0_english\SymStore.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll
c:\Documents and Settings\All Users\Application Data\Zylom\ZylomLoader\zylom\Zuma\Zuma.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVG5}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVGB}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVH0}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVJ7}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKV}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{0004LVIV-J73B-KKMS-6OG1-5VTHJTSI0VVQ}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Identities\{000HQ7FF-AD7A-3FG4-QNSB-2186AUNB4VVQ}\xmlparse.dll
c:\Documents and Settings\MICHAUD C\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\MICHAUD C\Application Data\ppStream\1.0.0.1038\powerplayer.dll
c:\Documents and Settings\MICHAUD C\Application Data\ppStream\1.0.0.1038\psnetwork.dll

Malekal_morte
Site Admin
Site Admin
Messages : 96468
Inscription : 10 sept. 2005 13:57
Contact :

Message par Malekal_morte » 17 sept. 2006 12:05

Supprime ce fichier : C:\WINDOWS\System32\hkllm.ini

- Télécharge et Installe CounterSpy : https://www.malekal.com/tutorial_CounterSpy.html
- Une fois installé et l'assistant de configuration executé, démarre CounterSpy afin d'effectuer une mise à jour.
- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci
- Clic sur le bouton "Scan Now" à gauche et laisse le scan se faire.
- A l'issu du scan, tous les éléments trouvés seront positionnés sur Quarantine
- Clic sur le bouton en bas à gauche Take Action pour envoyer tous les éléments détectés en quarantaine.
- Redémarre l'ordinateur


Ensuite, c'est OK :)


Essaye de rapporter ton infection sur le site que je te donne ci-dessous, ce serait super cool ;)

Ton infection : Look2me, virtumonde

- Nettoye ton ordinateur avec CCleaner : https://www.malekal.com/tutorial_CCleaner.html
- Désactive puis réactive la restauration du système :
- Mode d'emploi Windows XP

Tu peux ensuite désinstaller tous les programmes que l'on a utilisé.

je t'invite à jeter un coup d'oeil à ces liens dans la mesure du possible, essaye de rapporter ton infection :

Comment se protéger des virus : - Tout ceci est résume sur cette page : Sécuriser son ordinateur et connaître les menaces

Rapporte ton infection pour faire condamner les auteurs sur Malware-Complaints. Pour faire entendre notre voix, nous devons être le plus nombreux possibles, alors rapport ton infection :
- Voir les règles de Malware-Complaints
- Enregistre sur le forum à partir du bouton register en haut :
Si tu as plus de 13 ans, choisir : I Agree to these terms and am over or exactly 13 years of age
Si tu as moins, clic sur : I Agree to these terms and am under 13 years of age

Après t'être enregistré, tu as sous forme de liste les types d'infection (Look2Me, Smitfraud, SpywareQuake etc..) : http://www.malwarecomplaints.info/viewf ... da8cee41a4

Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas quelle infection tu as eu, créé un message dans le sujet "Autres infections" conforme au règle du forum (age, ville, département etc..) : http://www.malwarecomplaints.info/viewforum.php?f=10

Pour poster un message, clics sur le bouton "post reply" et remplir les informations.

Si tu as des questions ou des problèmes, n'hésites pas à me demander ici ou à contacter un des modérateurs du forum : Kimberly, AgnesD ou ipl_001.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas

Sécuriser son ordinateur (version courte)

Tutoriels Logiciels - Tutoriel Windows - Windows 10

Stop publicités - popups intempestives
supprimer-trojan.com : guide de suppression de malwares

Partagez malekal.com : n'hésitez pas à partager sur Facebook et GooglePlus les articles qui vous plaisent.


Verrouillé

Revenir vers « VIRUS : Supprimer/Desinfecter (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »